Distributed ledger technology (DLT) is on the rise. With this in mind, Steven De Lara and Colin Grech, both from Signature Litigation, ask what exactly does DLT do, and where does the law stand in relation to it?

A distributed ledger is a database that can be shared across a network of multiple participants and updated by accessing it from any location - securely and efficiently. DLT has recently come to public prominence because it underpins a range of digital currencies, the best known of which is Bitcoin. Although Bitcoin is the most prominent example, the potential applications of DLT extend far beyond virtual currencies.

Ultimately, DLT could fundamentally change the financial sector, making it ‘more efficient, resilient and reliable’, according to the World Bank, adding in its recent report that it has ‘the potential to transform various other sectors as well, like manufacturing, government financial management systems and clean energy’.

For advocates of DLT, such a prestigious endorsement is welcome news. But there is an additional caveat: ‘Since this technology is still nascent, the World Bank Group doesn’t have general recommendations about its use for international development.’ To understand how DLT can address challenges in the financial sector, the bank explains, requires both research and real-life applications and pilots. It also requires resolving consumer protection issues, financial integrity concerns, speed of transactions, environmental footprint, legal, regulatory and technological issues that arise with the advent of new technology.

It is, therefore, still early days for DLT and a range of wider applications for blockchain technology. In May, the research company Gartner found that only one per cent of chief information officers (CIOs) had yet indicated any kind of blockchain adoption within their organisations, while only eight per cent of CIOs were in the short-term planning or looking at an active experimentation phase.

Perhaps as a result of the uncertainty surrounding applied DLT, there was no surprise at the widespread media coverage on the recent warning given to the Marshall Islands by the International Monetary Fund (IMF) - not to adopt a digital currency called Sovereign as an additional form of legal tender. IMF directors stated that the potential benefits of Sovereign were much smaller than the potential costs of ‘economic, reputational and governance risks’.

From a legal perspective, regulation is the key issue - or rather, the widespread lack of it. In making sure that the law keeps pace with technology, Gibraltar has helped to lead the way in recognising that DLT is not going to disappear any time soon and in realising, at the same time, the necessity for regulation within this embryonic ‘free market’ industry.

On 1 January 2018, the Gibraltar Financial Services Commission (GFSC) became the first regulator to introduce a framework that regulates the use of DLT. By providing a strong degree of regulatory certainty, Gibraltar hopes to deliver a competitive edge and attract firms involved in DLT activities to develop new and innovative fintech businesses. Because DLT is evolving rapidly, the GFSC’s regulatory framework for DLT Providers is intentionally designed to be flexible. Google the term ‘DLT technology regulation’ and most of the top ranked results refer to Gibraltar - a measure of how far it is in front of the pack as a DLT friendly jurisdiction.

But DLT has not yet become the subject of either UK or EU regulation. In April 2017 the FCA published Discussion Paper DP17/3 to start a dialogue on the potential for future development of DLT. The feedback suggested that the FCA’s current rules were flexible enough to accommodate applications of various technologies, including the use of DLT by regulated firms. Last December, the FCA published a statement on DLT which concluded: ‘Many respondents suggested that DLT solutions could deliver regulatory requirements more efficiently than current systems, substantially reducing costs for firms and regulators alike.

It continued: ‘However, some respondents doubted the compatibility of permissionless networks (permissionless networks allow general public visibility of transactions online and are open for broad participation whilst permissioned networks typically feature a ‘gatekeeper’ who controls access) with our regulatory regime. Based on the feedback, and on its own work, overall the FCA is open to all forms of deployment of DLT (including both permissioned and permissionless DLT networks) provided the operational risks are properly identified and mitigated.’ The FCA also noted its commitment to keep the position under review and to maintain an open dialogue with interested parties.

Arguably, EU-wide regulation concerning DLT transactions is what really matters most. The European Securities and Markets Authority (ESMA) published a report on DLT in February relating to securities markets. This examined the need for regulation to facilitate the benefits of DLT and to mitigate against its risks. The report’s findings were similar to those of the FCA. There are no major impediments created by the EU’s current regulatory framework that inhibit the development of DLT, and any regulatory response at this stage would therefore be premature.

However, as a new financial product, whether some blockchain transactions are likely to be caught in the net of MIDFID II (The Markets in Financial Instruments Directive) remains to be determined. Its introduction by the EU, applicable from 3 January 2018, is designed to strengthen investor protection, and reduce the risks of a disorderly market or systemic risk whilst increasing the efficiency of financial markets. Alongside the 50,000 new regulations already added across the G20 since the Lehman crisis happened a decade ago, the MiFID II regulations alone adds a further 1.5m paragraphs.

Gibraltar is a dualist country - a treaty ratified by the government does not alter its laws unless and until it is incorporated into national law by legislation. In common with other governments in the EU, Gibraltar transposed the MIFID II directive into its local legislation through the Financial Services (Markets in Financial Instruments) Act 2018. In practice, this means that if any digital ledger applications and models could be regulated, in Gibraltar they would fall under the authority of the GFSC. The determination hinges on the question of what products are being offered on these platforms and whether they can be categorised as financial instruments under MIFID II, if at all. 

Beyond the new MIFID II regulations, there is a distinct lack of jurisprudence on DLT which makes it a grey area that is particularly fertile for litigation. Some European countries are competing to attract the most promising potential innovators. Cyprus is among them. In August, the Cyprus Securities and Exchange Commission (CSEC) launched a new Innovation Hub using DLT. This means that there will also be potential competition in how regulations are applied.

The CSEC development serves to highlight some of the discrepancies between DLT regulation and MIFID II across different EU jurisdictions: the FCA has declared that DLT could fall under MIFID, but the Cyprus government disagrees with the English position. Meanwhile, other jurisdictions are considering their own DLT regulations, including Malta, France and Austria. 

In determining whether DLT falls under MIFID II, the key considerations include: the scope of the directive and investigating which transactions could be monitored and caught by MIFID II. If either a state or a regulator were to decide that DLT transactions fall under MIFID II, then the potential for litigation will increase drastically as licensees test the scope of the institution’s jurisdiction over their affairs.

As more widespread use of DLT continues to develop, so inevitably will the regulations underpinning it. In the meantime, as jurisdictions begin to compete with different regulations, litigation will become an inevitable bi-product.