When it comes to choosing a jurisdiction for a digital securities offering, Malta is among the first on the list. In the course of the past several years, Malta has taken a unique position as the “blockchain island”, fostering technological innovation by introducing advanced blockchain legislation, friendly tax policies and progressive approach to regulation.
This article provides a comprehensive overview of the legal status of digital securities in Malta, based on the months of research and personal communication with Maltese regulator and local lawyers, while we have been structuring our platform for digital securities offering on the island.
Digital securities on Malta are regulated, first and foremost, by traditional legislation on financial instruments and services, the most important of them being the Companies Act and Investment Services Act. These acts incorporate themselves into provision of the EU legislation, namely MiFID II, Prospectus Regulation and others.
Apart from the existing set of laws, Malta has also introduced a specific legislation on innovative blockchain-based financial instruments that defines what should be regulated by the traditional legislation and what falls under the scope of the new ones.
This approach is different from the one adopted by countries with a common law system that don’t require a specific legislation to define the legal status of an innovative object, relying on the existing one instead.
There are three main acts referring to the digital securities particularly:
- Virtual Financial Assets (VFA Act), which defines DLT-based assets and the rules governing them
- Malta Digital Innovation Authority (MDIA), which established MDIA as a governing entity and its role in regulating blockchain companies
- The Innovation Technology Arrangements & Services (ITAS), which introduced the term “innovative technology arrangement”, the procedure and conditions for the licensing
A separate act regarding STOs as a fundraising method is currently under development.
Apart from that, there are several guidelines and strategies. The most relevant of them are the MFSA STO Consultation Paper that outlines the MFSA approach to STO and MFSA Fintech Strategy, which, inter alia, discusses plans to establish regulatory sandbox for fintech ventures.
Below, I am taking a closer look at the most important aspects of the existing legislation.
There are two main regulatory bodies governing digital securities on Malta: The Malta Financial Services Authority (MFSA) and The Malta Digital Innovation Authority (MDIA).
MFSA is the single regulator of financial services in Malta, which regulates both financial services providers and issuers of any types of financial instruments. This has two implications for digital securities issuers:
- They need to work with MFSA-licensed service providers
- Their offering has to be approved by the MFSA
The role of MDIA is to set and enforce rules and standards for technological innovation. In digital securities regard, the regulator reviews and authorizes the technical infrastructure of crypto and security token exchanges and other infrastructural projects to make sure they are reliable and secure.
In order to get an MFSA (prevailing financial authority) license, you do not necessarily need MDIA authorization – in most cases, system audit is enough and MDIA opinion remain voluntary. However, if transaction volumes exceed certain levels, the authorization by the latter becomes mandatory.
Obviously, MDIA has limited bandwidth and cannot check every application for authorization itself, so the regulator attracts third-party MDIA-licensed system auditors to review the technical blueprint of the suggested system. There are currently five of them, including consulting giants KPMG and PwC. Once the audit is done, MDIA makes the final decision to grant the authorization based on the auditor assessment, business model, senior management personalities and qualifying shareholders of the innovative technology company.
The competent authorities are pursuing three priority goals: protecting investors, supporting
Malta’s reputation of the “center for excellence for technological innovation” and promoting healthy competition and choice.
The strong focus on reputation makes Malta different from other blockchain-friendly jurisdictions, such as Estonia. Although Malta does much to promote blockchain-based business by establishing clear legislation, creating regulatory fintech sandbox and so on, getting licenses here is more difficult. To get licensed, a company needs to comply with strict requirements, pass systems audit to ensure the resilience of infrastructure, defend its business model.
One of the necessary requirements to get authorization for any regulated activity on Malta are so-called “fit and proper checks” for all qualifying shareholders (>25% stake) and senior management – another mechanism to prevent fraud, protect investors and good reputation of Malta.
Such measures create an additional credibility for a company licensed on Malta, which in its turn creates incentives for decent companies to establish business activities there.
Virtual Financial Assets Act: providing classification
VFA Act introduced the legal framework for virtual financial assets and asset offerings in November 2018. The Act defines four types of DLT-assets:
- electronic money – common money, accounted for on DLT
- virtual tokens – units that have value only inside a system, for example, loyalty points
- financial instruments – assets defined by MiFID II regulations which include, inter alia, transferable securities and units in collective investment undertakings
- virtual financial assets – everything that does not fit into any of the above
The beauty of the Act is that when an asset does not fall into conventional forms, it is dealt with on a case-by-case basis. Many jurisdictions don’t adopt such a granular approach, preferring to qualify DLT-based assets broadly as security, utility and payment tokens with the same rules for every group of assets.
While it might seem like a good idea to create a separate category for cryptocurrencies, the problem is that, as we know, they can be very different by their essence: some are native tokens of a blockchain, others are not, some are anonymous, some are not, some are decentralized, and some are not.
VFA Act is mostly focused on procedures regarding the issuance or offering of virtual financial assets. However, it is unclear from the act itself how security tokens should be qualified depending on their nature. Thus MFSA has issued further guidelines and is working on a specific legislation for digital securities, which is going to cover all specific use cases in the industry.
STO Consultation Paper: defining digital securities
STO Consultation Paper divides security token offerings into traditional and non-traditional.
Units, offered during traditional STO, are classified as financial instruments under MiFID. Thus, they are regulated mostly by MiFID and Investment Services Act. At Stobox we call such units “digital securities”, and mostly work with them.
All other exotic types of investment units fall under the definition of non-traditional STOs. The most common example may include a unit that provides a right to a revenue share but does not represent a company’s equity, thus being some sort of a derivative contract. Many of the security token offerings conducted so far have been of such nature, although the regulation they fall under differs depending on the jurisdiction. Most security token offerings conducted so far have been of that nature.
MFSA has not yet issued an opinion on non-traditional STOs.
Prospectus regulation: offering & trading digital securities
The offering of digital securities is regulated mainly by the Prospectus Regulation, which requires issuers to register a Prospectus when making a public offering. However, European legislation courteously offers exemptions under which the offering can be conducted without registering a Prospectus.
The two most widely used include:
1) offering targeted solely on accredited investors (private sale)
2) offering with a total consideration under EUR 5 million in the European Union during a 12 months period.
Nonetheless, if the issuer is seeking to get listed on a trading venue it has to comply with the listing rules and prepare a Prospectus-like Admission Document, thus reducing the benefits of an exempted offer.
However, there are secondary market arrangements that do not fall under the definition of a regulated trading venue and, thus, can introduce less strict admission rules. One of them is bulletin board, which is a market at which participants can place their buying and selling interests, but there is no automated matching. Instead transaction is initiated when another clients agrees with the proposed terms and chooses to become a counterparty of the trade. Although there is no precedent of a kind on Malta yet, UK’s Financial Conduct Authority, which is subject to the same EU legislation, does not consider such arrangement an MTF:
“In our view, any system that merely receives, pools, aggregates and broadcasts indications of interest, bids and offers or prices should not be considered a multilateral system. That means that a bulletin board should not be considered a multilateral system. This is because there is no reaction of one trading interest to another other within these types of facilities.”
For this reason, we at Stobox are building our secondary marketplace in the form of a bulletin board to reduce requirements for companies to be onboarded and have access to liquidity.
Malta has introduced one of the most progressive legislative frameworks for digital securities in the world, which finds balance between investor protection and facilitating innovation. Creating comprehensive legislation from scratch is an non trivial task and takes a lot of time –– it explains why the majority of digital securities offerings to the date took place in other jurisdictions. However, exactly due to the fact that Malta has put so much time and effort into it, Maltese providers and companies can be trusted from both the perspective of long-term regulatory stability and correspondence to prudential standards.
Supreme Court Reins in SEC on Disgorgement
While the SEC holds a huge amount of influence and power, they do not operate without oversight, themselves. This was on full display on Monday, as the U.S. Supreme Court issued a new ruling on SEC authority surrounding disgorgement.
Essentially, it was ruled that, while the SEC will retain the ability to seek disgorgement from offending parties, it will be limited to their profits. This means that if a company raises $50M through illegal means, the SEC can only seek to retrieve funds up to the $50M minus any genuine operating costs.
The purpose for this limit is a simple one – disgorgement is permitted as a remedial, rather than punitive, action. If the SEC were to seek funds exceeding what was raised, it would no longer represent a retrieval of funds, but a punishment for their actions.
Furthermore, the ruling indicates that funds, retrieved through these means, are to be used as compensation for victims that have lost money.
For those unfamiliar with disgorgement, it refers to the repayment of funds received/generated by parties which violated existing laws.
In recent years, disgorgement has been a commonly used method of the SEC, as made evident in various cases stemming from the 2017 ICO boom.
For those interested, the entirety of the U.S. Supreme Court’s ruling can be found HERE. While there are various intricacies involved, the court’s decision can be broadly summarized by their statement, as follows.
“The Court holds today that a disgorgement award that does not exceed a wrongdoer’s net profits and is awarded for victims is equitable relief permissible under §78u(d)(5).”
As aforementioned, the SEC has turned to disgorgement on various occasions, as of late. The following articles are a few examples of it being used in crypto based cases.
Based in the United States, the SEC is a government run regulatory body. This outfit is tasked with fostering safe, and transparent, markets surrounding securities. This entails both the creation, and enforcement, of laws surrounding the sector.
SEC Chairman, Jay Clayton, currently oversees operations.
In Other News
While Jay Clayton may still be in charge at the SEC, his time at the helm may soon be coming to a close. We recently touched on a tricky situation, currently evolving, which would see Clayton depart the SEC for a position as an Attorney General in Southern New York.
SEC Chairman Jay Clayton Moving On?
Caught in the Middle
Jay Clayton, Chairman of the SEC, has found himself caught in the middle of a tricky situation. The story goes like this:
On June 19th, U.S. Attorney General, William Barr, announced the Trump administration’s intent to name Jay Clayton the new U.S. Attorney for Southern New York.
This announcement soon became a major point of contention, as Geoffrey Berman (the current U.S. Attorney for Southern New York) had refused to abandon his post. This stance was changed, however, when assured that his departure would not derail current investigations.
Replacing Geoffrey Berman for the interim is Deputy U.S. Attorney, Audrey Strauss.
While pure speculation at this point, many believe that these actions were taken due to ‘burnt bridges’ between Berman and the Trump Administration. More specifically, Berman was/is at the helm of various corruption inquiries into associates of the POTUS.
The situation has seen various senators weigh-in on the situation. Notably, Senator Chuck Schumer believes an immediate investigation should be launched into the situation. Furthermore, he had strong words for Clayton, himself, stating,
“Jay Clayton can allow himself to be used in the brazen Trump-Barr scheme to interfere in investigations by the U.S. Attorney for SDNY, or he can stand up to this corruption, withdraw his name from consideration, and save his own reputation from overnight ruin.”
Back to Roots
If this move were to happen, it would not necessarily mark a return to his roots. Prior to his tenure at the SEC, Jay Clayton was a seasoned corporate lawyer, with decades of experience. What he lacks, however, is experience as a prosecutor – typically a prerequisite for Attorneys Generals.
While his duties stretched far beyond regulating the burgeoning blockchain sector, Clayton developed a complex relationship with the community through his time at the SEC, thus far.
Clayton has many detractors from the crypto community, as he has had a hand in the denial of many Bitcoin ETF applications.
At the end of the day, however, the world of crypto remains rife with scams,y. Despite having massive potential, Clayton has, for the most part, made sound decisions in regulating the growth of crypto base endeavours.
Be Careful what you Wish For
While Clayton may not be pro-crypto, there are many examples throughout his tenure of openness towards these young markets.
Those excited to see his potential exit should be wary, as his successor may very well adopt a strong anti-crypto sentiment – something which could prove to be very harmful for a sector still in its infancy.
A Short Run
If opting to leave his post at the SEC, Clayton will have completed a roughly 3 year stint at its head. So far, no word has been given on a possible successor as the Chairman of SEC.
For decades, the position of Chairman at the SEC has been a revolving door. The last individual to serve longer than 4 years was Arthur Levitt, during the Clinton Administration.
Word of Clayton’s potential replacement comes 1 year after the CFTC saw their very own chairman, J. Christopher Giancarlo, step down. During their time spent at the helm of their respective organizations, both, Clayton and Giancarlo, were vocal on their approach towards blockchain. While Clayton has remained more conservative, to this date, Giancarlo was viewed as more progressive and welcoming to change.
OSC Finds Extensive Evidence of Fraud/Theft by Gerald Cotten and QuadrigaCX
Over a year has passed since the demise of popular Canadian exchange, QuadrigaCX. Despite this length of time, new findings are still being released surrounding the peculiar chain of events that saw $215 million go missing – a total representing the holdings of over 75,000 clients.
While the actions of Gerald Cotten and QuadrigaCX are, without doubt, a blight on the cryptocurrency industry, it is important to remember the old adage ‘do not paint with a broad brush’.
The OSC has, thankfully, recognized this, and taken the time to ensure readers that they are not condemning the sector as a whole, in their report.
“The misconduct we uncovered in relation to Quadriga is limited to Quadriga and should not be understood as applying to the crypto asset platform industry as a whole. Properly conducted, crypto asset trading is a legitimate and important component of our capital markets. We remain committed to working with this industry to foster innovation. Financial innovation has always been critical to the health of our economy and the competitiveness of our capital markets.”
Now we move on to the bad. After a thorough investigation, the OSC has determined that QuadrigaCX operated, essentially, as a Ponzi scheme underneath a ‘layer of modern tech’. This Ponzi scheme is believed to be orchestrated by the late founder of QuadrigaCX, Gerald Cotten.
Furthermore, due to the custody model utilized by the exchange, the OSC believes QuadrigaCX to have been in consistent violation of securities laws.
“…whereby Quadriga retained custody, control and possession of its clients’ crypto assets and only delivered assets to clients following a withdrawal request—meant that clients’ entitlements to the crypto assets held by Quadriga constituted securities or derivatives.”
To this day, many of those affected by the debacle caused by Cotten have remained hopeful that the lost keys to his crypto wallets would be found. This was due to a belief that these wallets contained much of the missing funds. Unfortunately, the OSC has indicated that this is a fallacy. Rather, the vast majority of missing funds were due to Cotten’s illegal trading activity.
“It has been widely speculated that the bulk of investor losses resulted from crypto assets becoming lost or inaccessible as a result of Cotten’s death. In our assessment, this was not the case. The evidence demonstrates that most of the $169 million asset shortfall resulted from Cotten’s fraudulent conduct, which took several forms.”
If that wasn’t bad enough, the OSC concedes that, due to the circumstances (QuadrigaCX bankruptcy, and Cotten’s death), there exists very little room for recourse.
In their report, the OSC notes that roughly $215 million is owed to QuadrigaCX customers. They provide the following breakdown, shedding light on where the money has gone.
- $115 million
- Lost by Gerald Cotten through illegal trades on QuadrigaCX
- $46 million
- Recovered funds, now in the possession of a trustee
- $28 million
- Lost by Gerald Cotten through illegal trades on external exchanges
- $23 million
- Miscellaneous losses yet to be accounted for
- $2 million
- Funds stolen by Gerald Cotten to fund his lifestyle
- $1 million
- Operational losses
Whether through misappropriation, or illegal trades, the late Gerald Cotten is believed to be directly responsible for roughly $145 million lost in client funds.
Words of Warning
Throughout their report, the OSC doesn’t mince words when addressing companies still operating in the blockchain industry – Contact the OSC to see if registration is required under current laws.
They explicitly note, on multiple occasions, that securities laws apply in many instances, even when the traded assets are not securities. The deciding factor comes down to how these assets are handled by exchanges.
“A platform would generally not be subject to securities legislation if the underlying crypto asset being traded is not a security or derivative, and there is immediate delivery of a crypto asset to the client after a transaction…In contrast, if a platform retains possession and control of the crypto assets being traded on the platform, securities law may apply.”
While this distinction may be small, it is an important one. The OSC is imploring Canadian exchanges to reach out and determine where they fall within regulatory guidelines.
“Platform operators should be aware that, depending on their business model, they may have to register with the OSC and they should take appropriate steps to comply with Ontario securities laws…Platforms should review their operations to ensure that they have procedures in place to manage risks to clients and that they are accurately disclosing key information about their operations to clients.”
The Ontario Securities Commission (OSC), is a regulatory body, tasked with ensuring fair and transparent markets. This is done through the creation, and enforcement, of laws surrounding securities in the province of Ontario.
CEO, Grant Vingoe, currently oversees company operations.