International harmonisation of digital asset law and regulation: a series of meaningful steps, but a long road ahead

The novel and global nature of digital assets has long prompted calls for international coordination as to their legal and regulatory treatment. In recent weeks, we have seen a series of notable developments in this vein. UNIDROIT adopted its principles on the private law treatment of digital assets and launched a joint project with the Hague Conference on Private International Law to build on that work. Meanwhile, on regulatory matters, IOSCO (the global standard setter for securities markets) recommended regulating crypto markets to the same standards as securities markets; the World Economic Forum published its recommendations for a global approach; and the G7 leaders committed to implementing effective regulatory frameworks. Final recommendations from the FSB are also expected in July. Whether and how all this translates into meaningful action at national level, and ultimately increased harmonisation, remains to be seen. In any case, there is likely to be a long road ahead. 

Calls for legal and regulatory harmonisation 

The novel nature of digital assets and their markets has raised fundamental questions as to how they should be treated from a legal and regulatory perspective. There are many complex issues on which there is much room for debate, and over the years we have seen a range of different conclusions, approaches and even taxonomies from law makers and regulators. This can, and does, raise significant challenges. For example, differing approaches can create uncertainty and confusion in the market and barriers to scaling. Given the cross-border nature of the assets and their markets, it can also leave regulatory gaps and opportunities for regulatory arbitrage. Recent failures and turmoil in the crypto markets have prompted renewed calls for regulatory coordination.

UNIDROIT Digital Assets and Private Law Principles

What are the UNIDROIT digital asset principles?

After a number of years of development, UNIDROIT has adopted its digital asset and private law principles. These comprise guidance and best practice for legislators in developing the private law framework for transactions involving digital assets. These principles represent one of a series of initiatives by UNIDROIT to streamline international approaches to the private law treatment of emerging technologies.

To encourage take-up among legislators, the principles are intended to be drafted in a technology, jurisdiction and organisationally neutral way. By design, the principles do not address the regulatory framework that should apply to digital assets, or other ancillary private law matters (such as consumer protection or intellectual property law). 

What do the principles cover? 

The principles apply to “digital assets”, defined to include any “electronic record” that is capable of being subject to “control”. 

“Electronic record” means information which is “(i) stored in an electronic medium; and (ii) capable of being retrieved”. 

Control is a key concept under the principles, as it also forms the basis of other legal consequences (as discussed below). A person is generally considered to have control if they have:

  • the exclusive ability to prevent others from obtaining substantially all of the benefit from the digital asset (i.e. negative control);
  • the ability to obtain substantially all the benefit from the digital asset (i.e. positive control);
  • the exclusive ability to transfer that positive and negative control to another person; and
  • the ability to identify themself as having the powers listed above.

There are also additional nuances included, for example to address a situation where a person has consented to sharing control. 

The commentary suggests there has been much hand ringing as to the question of how the principles apply to forms of information stored digitally which are not digital assets – for example, a password protected Excel or Word file. The conclusion seems to be that while these documents could in theory be capable of being subject to “control”, in practice transfers of these documents are generally unlikely to amount to a transfer of control, as required under the definition of control (but rather the sharing of access to the same information). Nevertheless, the creation of a single regime which encapsulates both digital assets and other forms of digital information is the topic of much debate, with critics highlighting that it is both overinclusive (by extending proprietary status to assets not commonly treated as such in the market) and insufficiently specific (by failing to acknowledge distinguishing characteristics of digital assets as distinct from other electronic information).

We have previously discussed some of the challenges in defining the boundaries of digital assets legislation (see a summary of our responses to the Law Commission’s paper).

What are the key principles UNIDROIT has proposed?

The document sets out 19 principles, categorised into seven chapters, as outlined at a high level below. 

  • Proprietary aspects: UNIDROIT’s primary proposal is that legal regimes should establish that digital assets (as defined) are susceptible to being the subject of proprietary rights. This principle has already been put into action to some extent in several jurisdictions (for example, in Singapore, England and Wales and Hong Kong). 
  • Conflicts of laws: There have been numerous debates as to which law should govern the proprietary aspects of digital assets, particularly those constituted through a cross-border platform and which have no extrinsic existence or issuer. UNIDROIT offers a (partial) solution in the form of a waterfall. This waterfall prioritises the choices of the parties, where specified, but leaves states with considerable discretion in relation to arrangements where there is no governing law specified in relation to the digital assets or system, nor any issuer. This approach is set to be built upon through a joint endeavour launched by UNIDROIT and the Hague Conference on Private International Law. The project will explore, for example, measures to harmonise certain matters currently left to state discretion under the UNIDROIT principles, as well as measures to protect weaker parties. Meanwhile, the Law Commission of England and Wales is due to consult on its approach later this year.  
  • Transfers of digital assets: UNIDROIT steers clear of prescribing the conditions for a valid transfer. It does, however, propose that innocent acquirers of a digital asset who have “control” of that asset (as defined above) and meet certain additional requirements should take the digital asset free of proprietary claims to it. These proposals mirror similar suggestions made by the Law Commission in their recent consultation paper (see a summary of our responses to the Law Commission’s paper).
  • Taking security over digital assets: Under UNIDROIT’s principles, a secured creditor should be able to make a security interest in a digital asset effective against third parties by obtaining “control” of that digital asset (with priority over those that do not have control). Again, this is a point that is discussed at some length in the Law Commission’s consultation paper and our response.
  • Custody: The principles set out the circumstances in which a person should be treated as a custodian of digital assets, and provide that digital assets maintained by a custodian will not form part of its insolvent estate. There are also proposals as to the duties and powers of custodians in respect of digital assets. 
  • Procedural law: UNIDROIT proposes that areas of the law relating to procedural matters (e.g. the enforcement of rights to property) apply equally to digital assets, subject to adaptations as necessary.
  • Effect of insolvency: The principles propose that the proprietary rights of holders of digital assets be effective against third parties and their insolvency representatives on insolvency. 

What’s next? 

Initiatives are already underway in some jurisdictions to establish whether the existing legal regimes can accommodate digital assets and if and how they ought to be amended. In England and Wales, for example, the Law Commission has run a series of extensive consultations on potential areas for law reform, while the UK Jurisdiction Task Force has helped foster legal certainty as to the support provided by the existing legal framework (see our FAQs on the UKJT statement on cryptoassets and smart contracts and digital securities).

IOSCO Consultation on Policy Recommendations for the Regulation of Crypto and Digital Markets

What is IOSCO consulting on?

IOSCO is consulting on 18 policy recommendations to help its members respond to widespread concerns regarding market integrity and investor protection within the crypto markets.

What are the key recommendations?

The overarching recommendation from IOSCO is that regulators should seek to achieve outcomes for investor protection and market integrity with respect to cryptoassets (including stablecoins) that are the same as, or consistent with, those required in traditional financial markets, with a view to addressing level playing field concerns. 

To this end, IOSCO has encouraged regulators to analyse and identify the extent to which cryptoassets are, or behave like, substitutes for regulated financial instruments.

Its other proposed recommendations are designed to help members apply its existing Principles for Securities Regulation to cryptoasset markets. These include recommendations in relation to:

  • effective governance and organisational requirements to address effectively and mitigate conflicts of interest arising through vertical integration
  • system policies and procedures for fair, orderly and timely execution of client orders and accompanying transparency and resilience requirements
  • procedural and delisting standards and disclosure in relation to the listing of cryptoassets and certain primary market activities
  • effective systems to manage manipulative market practices and to prevent leakage of inside information
  • cross-border cooperation between regulators to ensure effective supervision and enforcement
  • addressing custody-related risk and the safeguarding of client monies and assets
  • addressing operational and technological risk
  • retail distribution.

IOSCO seeks to take an outcomes-focused, functional approach. It does not attempt to develop a one-size fits all prescriptive taxonomy. 

What’s next?

The consultation paper closes on 31 July 2023, with IOSCO intending to finalise its recommendations by the end of the year. DeFI is not included in the recommendations and will, instead, be included as part of a consultation report to be published by IOSCO’s Financial Action Task Force later this summer. 

Other developments

The FSB has also been busy developing international standards in this area in recent years. It published its proposed recommendations for the regulation and oversight of cryptoasset activities and global stablecoins in October 2022. Those are expected to be finalised by July 2023.

Meanwhile, the World Economic Forum has published a whitepaper reiterating the need for a global approach to crypto regulation and setting out specific recommendations for international organisations, regulatory authorities and industry. 

The G7 leaders also expressed their commitment to establishing effective regulatory and supervisory frameworks for cryptoasset activities and stablecoin arrangements, in their recent joint statement.

All this activity suggests that a move towards increased international harmonisation is inevitable. That said, there are considerable challenges in coordinating and harmonising approaches in this area, so there is likely to be a long road ahead.