When it comes to choosing a jurisdiction for a digital securities offering, Malta is among the first on the list. In the course of the past several years, Malta has taken a unique position as the “blockchain island”, fostering technological innovation by introducing advanced blockchain legislation, friendly tax policies and progressive approach to regulation.
This article provides a comprehensive overview of the legal status of digital securities in Malta, based on the months of research and personal communication with Maltese regulator and local lawyers, while we have been structuring our platform for digital securities offering on the island.
Digital securities on Malta are regulated, first and foremost, by traditional legislation on financial instruments and services, the most important of them being the Companies Act and Investment Services Act. These acts incorporate themselves into provision of the EU legislation, namely MiFID II, Prospectus Regulation and others.
Apart from the existing set of laws, Malta has also introduced a specific legislation on innovative blockchain-based financial instruments that defines what should be regulated by the traditional legislation and what falls under the scope of the new ones.
This approach is different from the one adopted by countries with a common law system that don’t require a specific legislation to define the legal status of an innovative object, relying on the existing one instead.
There are three main acts referring to the digital securities particularly:
- Virtual Financial Assets (VFA Act), which defines DLT-based assets and the rules governing them
- Malta Digital Innovation Authority (MDIA), which established MDIA as a governing entity and its role in regulating blockchain companies
- The Innovation Technology Arrangements & Services (ITAS), which introduced the term “innovative technology arrangement”, the procedure and conditions for the licensing
A separate act regarding STOs as a fundraising method is currently under development.
Apart from that, there are several guidelines and strategies. The most relevant of them are the MFSA STO Consultation Paper that outlines the MFSA approach to STO and MFSA Fintech Strategy, which, inter alia, discusses plans to establish regulatory sandbox for fintech ventures.
Below, I am taking a closer look at the most important aspects of the existing legislation.
There are two main regulatory bodies governing digital securities on Malta: The Malta Financial Services Authority (MFSA) and The Malta Digital Innovation Authority (MDIA).
MFSA is the single regulator of financial services in Malta, which regulates both financial services providers and issuers of any types of financial instruments. This has two implications for digital securities issuers:
- They need to work with MFSA-licensed service providers
- Their offering has to be approved by the MFSA
The role of MDIA is to set and enforce rules and standards for technological innovation. In digital securities regard, the regulator reviews and authorizes the technical infrastructure of crypto and security token exchanges and other infrastructural projects to make sure they are reliable and secure.
In order to get an MFSA (prevailing financial authority) license, you do not necessarily need MDIA authorization – in most cases, system audit is enough and MDIA opinion remain voluntary. However, if transaction volumes exceed certain levels, the authorization by the latter becomes mandatory.
Obviously, MDIA has limited bandwidth and cannot check every application for authorization itself, so the regulator attracts third-party MDIA-licensed system auditors to review the technical blueprint of the suggested system. There are currently five of them, including consulting giants KPMG and PwC. Once the audit is done, MDIA makes the final decision to grant the authorization based on the auditor assessment, business model, senior management personalities and qualifying shareholders of the innovative technology company.
The competent authorities are pursuing three priority goals: protecting investors, supporting
Malta’s reputation of the “center for excellence for technological innovation” and promoting healthy competition and choice.
The strong focus on reputation makes Malta different from other blockchain-friendly jurisdictions, such as Estonia. Although Malta does much to promote blockchain-based business by establishing clear legislation, creating regulatory fintech sandbox and so on, getting licenses here is more difficult. To get licensed, a company needs to comply with strict requirements, pass systems audit to ensure the resilience of infrastructure, defend its business model.
One of the necessary requirements to get authorization for any regulated activity on Malta are so-called “fit and proper checks” for all qualifying shareholders (>25% stake) and senior management – another mechanism to prevent fraud, protect investors and good reputation of Malta.
Such measures create an additional credibility for a company licensed on Malta, which in its turn creates incentives for decent companies to establish business activities there.
Virtual Financial Assets Act: providing classification
VFA Act introduced the legal framework for virtual financial assets and asset offerings in November 2018. The Act defines four types of DLT-assets:
- electronic money – common money, accounted for on DLT
- virtual tokens – units that have value only inside a system, for example, loyalty points
- financial instruments – assets defined by MiFID II regulations which include, inter alia, transferable securities and units in collective investment undertakings
- virtual financial assets – everything that does not fit into any of the above
The beauty of the Act is that when an asset does not fall into conventional forms, it is dealt with on a case-by-case basis. Many jurisdictions don’t adopt such a granular approach, preferring to qualify DLT-based assets broadly as security, utility and payment tokens with the same rules for every group of assets.
While it might seem like a good idea to create a separate category for cryptocurrencies, the problem is that, as we know, they can be very different by their essence: some are native tokens of a blockchain, others are not, some are anonymous, some are not, some are decentralized, and some are not.
VFA Act is mostly focused on procedures regarding the issuance or offering of virtual financial assets. However, it is unclear from the act itself how security tokens should be qualified depending on their nature. Thus MFSA has issued further guidelines and is working on a specific legislation for digital securities, which is going to cover all specific use cases in the industry.
STO Consultation Paper: defining digital securities
STO Consultation Paper divides security token offerings into traditional and non-traditional.
Units, offered during traditional STO, are classified as financial instruments under MiFID. Thus, they are regulated mostly by MiFID and Investment Services Act. At Stobox we call such units “digital securities”, and mostly work with them.
All other exotic types of investment units fall under the definition of non-traditional STOs. The most common example may include a unit that provides a right to a revenue share but does not represent a company’s equity, thus being some sort of a derivative contract. Many of the security token offerings conducted so far have been of such nature, although the regulation they fall under differs depending on the jurisdiction. Most security token offerings conducted so far have been of that nature.
MFSA has not yet issued an opinion on non-traditional STOs.
Prospectus regulation: offering & trading digital securities
The offering of digital securities is regulated mainly by the Prospectus Regulation, which requires issuers to register a Prospectus when making a public offering. However, European legislation courteously offers exemptions under which the offering can be conducted without registering a Prospectus.
The two most widely used include:
1) offering targeted solely on accredited investors (private sale)
2) offering with a total consideration under EUR 5 million in the European Union during a 12 months period.
Nonetheless, if the issuer is seeking to get listed on a trading venue it has to comply with the listing rules and prepare a Prospectus-like Admission Document, thus reducing the benefits of an exempted offer.
However, there are secondary market arrangements that do not fall under the definition of a regulated trading venue and, thus, can introduce less strict admission rules. One of them is bulletin board, which is a market at which participants can place their buying and selling interests, but there is no automated matching. Instead transaction is initiated when another clients agrees with the proposed terms and chooses to become a counterparty of the trade. Although there is no precedent of a kind on Malta yet, UK’s Financial Conduct Authority, which is subject to the same EU legislation, does not consider such arrangement an MTF:
“In our view, any system that merely receives, pools, aggregates and broadcasts indications of interest, bids and offers or prices should not be considered a multilateral system. That means that a bulletin board should not be considered a multilateral system. This is because there is no reaction of one trading interest to another other within these types of facilities.”
For this reason, we at Stobox are building our secondary marketplace in the form of a bulletin board to reduce requirements for companies to be onboarded and have access to liquidity.
Malta has introduced one of the most progressive legislative frameworks for digital securities in the world, which finds balance between investor protection and facilitating innovation. Creating comprehensive legislation from scratch is an non trivial task and takes a lot of time –– it explains why the majority of digital securities offerings to the date took place in other jurisdictions. However, exactly due to the fact that Malta has put so much time and effort into it, Maltese providers and companies can be trusted from both the perspective of long-term regulatory stability and correspondence to prudential standards.