FINMA Guidance 2024_06

FINMA Publishes Guidance 06/2024 on Stablecoins

FINMA Publishes Guidance 06/2024 on Stablecoins

02.08.2024|Hans Kuhn

FINMA's publication of Guidance 06/2024 "Stablecoins: Risks and challenges for issuers of stablecoins and banks providing guarantees" (Guidance 06/2024) has caused quite a lot of confusion and raised questions. Here is our initial assessment.

Guidance 06/2024 consolidates FINMA's existing practice and builds on the Stablecoin Guidance of 11 September 2019 and brief explanations in FINMA's 2021 Annual Report. Consolidating this patchwork into a formal guidance is positive, but unfortunately Guidance 06/2024 raises more questions than it provides answers.

The most controversial part of Guidance 06/2024 is the requirement that all stablecoin holders must be identified by the issuer in accordance with applicable AML rules and regulations. This applies not only to the person who purchases the stablecoin from the issuer and a subsequent holder who redeems a stablecoin, but also to all intermediate holders. In order to enforce the identification of all stablecoin holders, FINMA requires that transfers to persons not on the whitelist be restricted by contractual and/or technical means.

The whitelisting obligations were already imposed by FINMA on banks issuing stablecoins (see FINMA Annual Report 2021, p. 19), but Guidance 06/2024 seems to go even further. Banks obligation to identify all stablecoin holders was justified by reputational risks bank would take by issuing freely transferable stablecoins and assuming the related AML/TF risks. FINMA now argues that the relationship between the issuer and each intermediate holder is a "permanent business relationship" ("dauernde Geschäftsbeziehung") as defined by Article 2(d) AMLO-FINMA. This is an interpretation that goes well beyond the ordinary meaning of the law since an intermediate holder by definition does not engage with the issuer in any way. It is therefore fair to assume that FINMA is skating on thin ice from a legal perspective.

From a policy perspective it must be emphasized that no other relevant jurisdiction requires full identification of all intermediate holders and transfer restrictions - not the European Union, Hong Kong, Japan, Singapore, or the United States. Nor does the Financial Action Task Force (FATF), the primary AML standard-setter, mandate such a requirement. This is Swiss gold-plating, pure and simple.

Guidance 06/2024 also reiterates that any stablecoin issuer is subject to banking regulation if redemption takes place at face value. Requiring a full-fledged banking license for the mere issuance of stablecoins is a complete overkill and economically unsustainable, but there is not much that can be done given the current state of the law.

However, stablecoin issuers without a banking license can rely on a guarantee provided by a bank, one of the exceptions to the definition of deposit (Article 5(3)(f) Banking Ordinance). Guidance 06/2024 clarifies in a very helpful manner the conditions that must be met in order for relying on this exception.

Interestingly, FINMA is highlighting very much the risks associated with business models for the guarantee banks and seems to be calling on the legislator to restrict the guarantee exemption. This would be inappropriate. The guarantee exception (as well as other exceptions from the definition of a deposit taking activity in Article 5 Banking Ordinance) is a necessary complement to the extremely expansive definition of bank deposits under Swiss law. This results in activities being subject to the Banking Act that have nothing to do with banking activities as traditionally understood.

It has long been recognized that the legal and regulatory framework for stablecoins in Switzerland is inadequate. It is understood that the Swiss State Secretariat for International Finance (SIF) is preparing amendments as part of the review of the fintech license (Article 1b Banking Act). The authorities should accelerate their work and submit proposals for a Swiss stablecoin regulation as soon as possible. In the course of the legislative process, parliament will also have the opportunity to assess the positions set out in the Guidance 06/2024.

For the time being it must unfortunately be concluded that the legal and regulatory framework in Switzerland makes it de facto impossible to issue a stablecoin in a manner that makes sense from an economic and business perspective. Potential stablecoin issuers would be well advised to start their business in another, more friendly jurisdiction. The European Union, for example, imposes a very strict regulatory regime in the Markets for Crypto-Assets Regultions (MiCA), but issuers benefit from regulatory clarity and from passporting rights in a market with about 250 million customers. And an EU issuer can offer its stablecoin without any restrictions to Swiss customers, including Swiss retail customers, provided the issuer has no substantial presence in Switzerland.

The complete documents can be found here.

Please contact us if you would like to discuss the impact of Guidance 06/24 on your business.

basel II dallee_small

Firewalls against Crypto: Pushback against Implementation of Basel Crypto Standard

Firewalls against Crypto: Pushback against Implementation of Basel Crypto Standard

07.03.2024|Hans Kuhn
The Basel Committee on Bank Supervision (BCBS) has adopted a new standard on the regulatory treatment of crypto-based assets held by banks (the “Basel Crypto Standard”) in December 2022[1]. Member states of the Basel Committee have committed to implement it by 1 January 2025. The Basel Crypto Standard imposes prohibitive capital requirements for most crypto-assets held by banks. Switzerland, one of the founding members of the Basel Committee, has now delayed implementation for at least a year.Switzerland is not only home to a large ecosystem of highly regulated crypto services providers, including two crypto banks. Switzerland’s Financial Market Supervisory Authority (FINMA) was also the first regulator to impose specific capital requirements on crypto assets, imposing a risk weight of 800% and an exposure limit of 4% of total capital. FINMA did this without a specific legal basis, in the form of a letter to the Association of Audit Firms.[2]Punitive Capital RequirementsThe Basel Crypto Standard goes much further. It imposes a 1,250% risk weight on most crypto assets and an exposure limit of 1% (but in no case more than 2%) of a bank's Tier 1 capital. The 1,250% risk weight is the highest known under the Basel Capital Accord. While touted by the Basel Committee as a “conservative treatment”, it translates into capital requirements of 130% to 200% of the book value of crypto-assets, depending on the size of the bank and taking into account capital buffers. The 1,250% risk weight applies not only to cryptocurrencies, but also to most stablecoins. It would also apply to all crypto-assets that use a public blockchain, such as Ethererum, under a proposal put forward by the Basel Committee at the end of 2023.One would assume that the Basel Committee would be able to support such requirements with robust evidence. However, the only paper that discusses the risks that crypto-assets pose to banks is a working paper published in 2019.[3] It has never been updated and has now been refuted in a position paper published by the Swiss Blockchain Federation (SBF).[4] In the BCBS working paper, much emphasis was placed on the market risks arising from the increased volatility of crypto-assets. The SBF position paper points out that while it is true that cryptocurrencies have traditionally shown a high to very high level of volatility, it has decreased significantly since 2020 and is now similar to the volatility of early tech stocks such as Apple, Amazon, Microsoft or Tesla. Cryptocurrencies have no credit or counterparty risk, unlike stablecoins, which are not particularly volatile assets.Unconstitutional and not Technological NeutralThe purpose of the Basel Crypto Standard is therefore not so much to protect banks from the risks of holding crypto-assets on their balance sheets, but rather to create a firewall between the banking system and the crypto industry. Obviously, this approach would contradict the principle of technology-neutral regulation (same business, same risks, same rules) and would also be fundamentally at odds with Switzerland's strategy of creating a clear regulatory framework for the Blockchain industry. Switzerland was indeed one of the first jurisdictions to authorize banks and other financial service providers to specialize in the crypto business.The SBF position paper also points out that the Basel Crypto Standard would be incompatible with the Swiss Federal Constitution[5]. The indiscriminate application of prohibitive capital requirements to different crypto assets with completely different risk profiles violates the principle of legal equality (Art. 8 Federal Constitution). Under the constitutional principle of proportionality (Art. 5 Federal Constitution), the proposed regulation can only be justified if it is suitable and necessary to achieve a public interest and if it is reasonable for those affected. It will be difficult for the authorities to demonstrate capital requirements greatly exceeding the maximal loss risk for a bank to meet this test. The exposure limits for crypto risks constitutes a violation of economic freedom (Art. 27 Federal Constitution) since it would require banks to hold 50 or 100 million of CET1 capital for each million of crypto-assets. Last, but not least, the SBF argues that the statutory basis for bank capital requirements would not support the Basel Crypto Standard requirements, since under Art. 4(2) Banking Act minimum capital requirements may be set only "in accordance with the business activity and the risks".[6]Implementation DelayedThe SBF position paper therefore concludes that an adoption of the Basel Crypto Standard by Switzerland is neither politically/strategically sensible nor legally feasible. Recognizing that holding crypto assets may entail increased risks for banks that may not be fully covered by existing regulation, the SBF supports tailored regulation to address real risks. The Swiss authorities have not yet responded to this proposal, but have announced that they will delay the implementation of the Basel Crypto Standard by at least one year.While the SBF’s analysis focuses on Swiss law, the issue of strategic incompatibility is also on the table in other jurisdictions. For example, the EU Markets in Crypto-Assets Regulation (MiCA) allows credit institutions to provide crypto-asset services by means of a simple notification (Art. 60 MiCA). Imposing capital requirements that effectively prevent credit institutions from entering the crypto business is contrary to the policy underlying MiCA. [1] BCBS, Prudential treatment of cryptoasset exposures (16 December 2022). https://www.bis.org/bcbs/publ/d545.htm [2]  Brief der FINMA an EXPERTSuisse v. 15. Oktober 2018 (unpublished). [3] BSBS, Designing a prudential treatment for crypto-assets (12 December 2019). https://www.bis.org/bcbs/publ/d490.htm [4] Swiss Blockchain Federation, Übernahme des Basler Krypto-Standards durch die Schweiz, Positionspapier (23. Januar 2024). https://blockchainfederation.ch/downloads/ [5]  https://www.fedlex.admin.ch/eli/cc/1999/404/en [6] https://www.fedlex.admin.ch/eli/cc/51/117_121_129/de
FINMA Staking

FINMA Publishes Guidance 08/2023 on Staking

FINMA Publishes Guidance 08/2023 on Staking

20.12.2023|Hans Kuhn

FINMA has published the Guidance 08/2023 on its supervisory practice in the area of staking. In it, FINMA returns to its change in practice announced in summer 2023, according to which staked assets should have been considered public deposits and a banking licence would therefore generally have been required for staking services (see our post). This change in practice was unanimously rejected by the crypto industry. In the Guidance, FINMA now clarifies that staked crypto-based assets generally qualify as custody assets and that staking by unauthorised market participants is still possible.

The Guidance only applies to so-called custodial staking, where the client transfers the crypto-based assets to a service provider. In non-custodial staking, customers retain exclusive control over the withdrawal keys, which is why there is no safekeeping or receipt of assets by third parties; regulatory issues do not arise in this context. A sub-variant of custodial staking are so-called staking chains, in which the custodian passes on the assets to be staked to a third party who operates the validator node and holds the withdrawal keys. Finally, it is also clear that there is no segregability if the custodian operates staking for its own account. In such constellations, a proprietary transaction within the meaning of Art. 1a para. 1 let. b Banking Act must be assumed.

In principle, FINMA recognises that staked assets can be segregated in the case of custodial staking. The legal basis and the requirements that must be met for this differ depending on the case.

Direct Staking

With direct staking, an institution operates the staking itself and also has the power of disposal over the withdrawal keys to redeem the blocked crypto-based assets. FINMA's current assessment is that the crypto-based assets can be segregated under the following conditions in accordance with Art. 16 para. 1bis Banking Act:

  • specific instruction from the client on the type and number of crypto-based assets to be staked;
  • the crypto-based assets placed at a specific validator address and, after unstaking, at a specific withdrawal address can be clearly allocated to the authorised customers;
  • customers must be informed transparently and clearly about all risks (including slashing, lock-up period and risks in connection with the existing legal uncertainties in the event of bankruptcy);
  • Measures to minimise the operational risks resulting from the operation of a validator node (including business continuity management), in particular to avoid slashing and other penalties; and
  • Creation of a Digital Assets Resolution Package (DARP).

Under these conditions, staked assets in the bankruptcy of an institution supervised by FINMA must be segregated as safe custody assets in accordance with Art. 16 para. 1bis Banking Act.

Staking Chains

If an institution delegates the operation of the validator node to a third party (other banks or staking pool operators), Art. 16 para. 1bis Banking Act does not apply, as the institution only has a claim against the third-party provider. This can be treated as a claim held in trust within the meaning of Art. 16 para. 2 Banking Act and thus as a custody account value if the guidelines of the Bankers Association regarding fiduciary investments are complied with. The following conditions must be met in accordance with the Guidance:

  • the counterparty risks are limited by selecting a prudentially supervised institution with a good credit rating;
  • specific due diligence is carried out to ensure that the third-party provider is not operating without authorisation and that the third-party provider holds the relevant withdrawal keys itself;
  • the third-party provider designates the validator addresses (e.g. through an internal register) on which it holds the crypto-based assets of the custodians and informs the custodian of these;
  • the third-party provider has taken all necessary measures to limit the operational risks with regard to the validator node operation (validation errors or offline status), to exclude further penalties against the validator and to ensure business continuity.
  • If providers abroad are involved, they must also be subject to equivalent prudential supervision and offer the same legal certainty as Switzerland with regard to the bankruptcy treatment of crypto-based assets held in custody.

Staking by Unauthorised Market Participants

FINMA also states in the Guidance that market participants without a licence under banking law may continue to offer custodial direct staking on behalf of and for the account of clients, provided that the staked crypto-based assets are held in custody individually. This requires that a separate and assignable blockchain address (at the level of the original custody address, the staking address and the withdrawal address) exists for each client and that the provider itself has the withdrawal keys. Under these conditions, FINMA assumes that staked assets are segregable in accordance with Art. 242a SchKG. Naturally, these market participants are subject to the Anti-Money Laundering Act and must therefore be members of a self-regulatory organisation.

Assessment

After the announcement of a change in practice in the summer of 2023 caused great concern, FINMA's clarification of the legal situation is very welcome. The categorisation of staked assets as public deposits would have been the worst possible solution. Not only would it have been of no benefit to clients, it would also have made it impossible for Swiss institutions to offer staking on competitive terms.

It is regrettable that the supervisory communication unduly emphasises the uncertainties regarding segregation. As the Blockchain Federation, among others, has convincingly explained in its Staking Circular, segregability is also given in the case of custodial staking, provided that the staking service provider has contractually undertaken to maintain the power of disposal over the tokens and that these are permanently available, e.g. by ensuring permanent access to the private keys. FINMA's concerns are all the less justified as it would itself decide on the interpretation of Art. 16 para. 1bis Banking Act as the competent bankruptcy authority in the event of bankruptcy.

The full supervisory communication can be downloaded here. Our partner Dr Hans Kuhn will be happy to answer any questions you may have on the subject of staking.

credit card

Capital Contribution Accounts with Fintechs

Capital Contribution Accounts with Fintechs

04.12.2023|Sebastian Wälti

The EHRA has published a practice note according to which capital contributions pursuant to Art. 633 para. 1 CO can also be deposited with persons pursuant to Art. 1b BankA (so-called "fintechs").

The reason for this clarification is the revision of company law that came into force at the beginning of the year, according to which the wording of Art. 633 para. 1 CO now refers to a bank within the meaning of Art. 1 para. 1 BankA. The EHRA's favourable practice statement confirms that this provision is to be interpreted broadly and that fintechs can (as before) also open so-called capital contribution accounts (KEK).

Lawside (Dr. Hans Kuhn) supported Yapeal AG in its communication with the State Secretariat for International Financial Matters (SIF).

Outlook: According to the communication on the amendment of the Banking Act with regard to the introduction of a public liquidity back-stop (PLB, BBl 2023 2165), the confirmed practice is to be included in the relevant legal provisions (Art. 633 para. 1 and Art. 653e para. 2 CO).

IMG_1035

Thank you for Attending the Opening of Lawside!

Thank you for Attending the Opening of Lawside!

25.08.2023|Sebastian Wälti

We're delighted to announce that the launch event for Lawside Attorneys-at-Law KLG took place on 24 August 2023 in the heart of Zurich Seefeld. Despite the hot weather, the evening was lively and memorable.

We chose the trendy and vibrant Crypto Garage as the venue where we welcomed our esteemed guests. Clients, friends, partners and family joined us and the atmosphere was one of warmth and excitement.

The event featured a delicious array of Lebanese delicacies that delighted our taste buds and those of our guests. Conversation and laughter flowed long into the evening.

This event marks the beginning of Lawside's journey, and we're here to stay. Look forward to more legal insights, impactful partnerships and exciting events that will shape our future together.

Thank you to everyone who attended and supported us. Your encouragement strengthens our commitment to providing exceptional legal services and making a positive difference.

At Lawside, we're not just legal experts - we're your partners in success.

Until next time,
The Lawside Team

People on Two Crossed Escalators, Blurred Motion

Do staking services require a banking license under Swiss law?

Do staking services require a banking license under Swiss law?

People on Two Crossed Escalators, Blurred Motion
11.08.2023|Hans Kuhn

The Swiss Financial Market Supervisory Authority (FINMA) recently expressed the opinion that "staking activities usually require a banking license". This statement, which is causing quite some upheaval in the Crypto Valley, was essentially justified with the slashing risk as well as the lock-up of staked cryptocurrencies typical for staking protocols. FINMA therefore seems to qualify staking as a deposit-taking activity, which requires authorization as a bank. This view is not correct in this generality.

Staking is a process common to Proof-of-Stake (PoS) consensus mechanisms, which include Cardano, Solana, BNB Chain, Avalanche, Polygon, and Polkadot and last, but not least, Ethereum. PoS consensus mechanisms require validators to deposit a certain amount of cryptocurrencies, known as a "stake," with the protocol in order to participate in the network. As payment or remuneration for protocol-compliant behavior, the PoS protocol distributes so-called staking rewards to the validators, usually in the form of the respective cryptocurrency. PoS consensus mechanisms are considered promising for the future because they require significantly fewer energy resources than the proof-of-work (PoW) consensus mechanism, such as the one underlying the Bitcoin protocol.

Lock-up and Slashing

Depending on the PoS protocol, the cryptocurrencies must be blocked for the entire staking period (so-called lock-up). The lock-up periods vary greatly depending on the protocol. For most protocols, the lockup lasts a few minutes or hours; while the Polkadot blockchain has a lockup period of around 28 days. Validators can lose all or part of their stake if they behave in a way that is contrary to the protocol, e.g., by intentionally validating transactions incorrectly (known as slashing). Again, there are significant differences between protocols. Depending on the protocol, a staker can lose only part or all of the rewards and, in extreme cases, even the staked position.

Staking can be carried out by the owner of the token or coin in question (self-staking). In addition, the owner can also use staking services, whereby two main types are possible: non-custodial staking and custodial staking. In non-custodial staking, the owner keeps the private keys in his own wallet, but uses the services of a staking provider to validate transactions and blocks. The services of the staking provider are usually limited to providing the necessary hardware and software. In custodial staking, the staking provider not only performs the validation of the transactions on the blockchain itself, but also holds the crypto-based assets in custody for the client. The staking provider thus holds the private keys of the owners in its wallet. The client has no way of directly accessing its assets and staking or unstaking them himself, and all interactions with the staking protocol are performed by the staking provider.

A licensing requirement under the Banking Act is out of question both in the case of self-staking as in the case of non-custodial staking. In the case of custodial staking a licensing requirement only comes into consideration if the crypto assets are held in collective custody within the meaning of Art. 16 para. 1bis subpara. b Banking Act exists. Staking from individual custody can therefore in principle be offered without a banking license. However, individual custody is not always a practicable solution because certain protocols provide for a "minimum stake" (e.g. Ethereum to the extent of 32 ETH). Participation in staking programs therefore effectively requires pooling.

FINMA's Position

FINMA seems to justify the licensing requirement for custodial staking of crypto assets held in collective custody with the view that, due to the lock-up period and the slashing risk, those assets cannot qualify as “held at the custody client’s disposition at any time” (“für den Depotkunden jederzeit bereitzuhalten”). If true, this would mean that staking assets would not be subject to segregation in the staking provider’s insolvency but would rather qualify as as deposits from the public (unless an exception under article 5a(2) Banking Ordinance applies, including the exception for institutional investors with a professional treasury). Providing custodial staking services of crypto assets held in collective custody would then not only require a banking license, but also have to be supported with capital at a tune of 800%. Importantly, a fintech license under article 1b Banking Act would not suffice, since fintechs are prohibited to invest deposits or crypto assets or to pay interests (article 1b(1)(b) Banking Act).

In our view, there is nothing that would warrant such a result. Depending on the protocol, the lock-up period for staked assets is only a few minutes or hours, i.e. significantly shorter than, for example, the delivery periods for many cold storage solutions or in the traditional securities business. The slashing risk is also mostly negligible and only materializes in any case only if a staker does not comply in accordance with the rules of the relevant protocol. In the case of custodial staking liability the staking service provider will be responsible for non-compliance, resulting in its liability under agency law. FINMA’s view is by no means warranted by the legislative purpose of the requirement that crypto assets be “held at the custody client’s disposition at any time”. This requirement tries to draw a broad line between the custody and the deposit taking business. Deposit-taking or banking business invariable involves the taking of deposits in order to undertake some form of transformation business -- maturity, lot-size and risk transformation. Staking services have nothing to do with transformation business if provided - as is customary - for the account and at the risk of the customer.

Conclusions

As a result, staking services should be considered to qualify as a deposit-taking activity if, and only if, the service provider is staking crypto assets in its own name and on its own account (proprietary staking). On the other hand, proprietary staking for banks and other state-supervised entities (Art. 5a para. 2 let. b Banking Ordinance) as well as for institutional investors with professional treasury (Art. 5a para. 2 let. c Banking Ordinance) does not qualify as acceptancing deposits from the public and therefore does not require a license as a bank.

The position recently put forward by FINMA seems like an excellent idea if the purpose is to drive the staking business out of Switzerland and leave it to foreign service providers. Whether regulated or not, foreign firms can provide financial services to clients in Switzerland – both retail and institutional – in full compliance with Swiss law as long as they have no permanent presence in Switzerland. Whether this is the best way to live up to FINMA’s statutory mandate, which includes the “protection of creditors [and] investors” and to “contribute to sustaining the reputation, competitiveness and sustainability of Switzerland’s financial centre” (article 4 Financial Market Supervisory Act, FINMAG), seems rather doubtful.

PDF Download