The Legal Aspects of Issuing Cryptocurrency

19 January 2017


Dominating in today’s business media is the matter of cryptocurrencies, “Bitcoin”, “Litecoin”, “Ethereum”, rollercoaster price fluctuations and the constant new issuances of cryptocurrencies all around the world, now becoming a very popular phaenomenon. There were a number of issuances of cryptocurrency through what is called an “Initial Coin Offerings” or “ICO” which managed to raise great amounts of capital without dealing with any of the legal or regulatory constraints applicable to the customary Initial Public Offerings (IPO) of securities or complying with any other capital-raising restrictions.  The popularity of the issue seems to stem from the excitement around the abrupt appreciation in value, caused by the forces of limited supply and increased demand, however there could be substantial underlying merit in being able to raise funds through cryptocurrency without facing the usual regulatory constrains, making cryptocurrencies an extremely appealing fundraising method, both for businesses and investors. The problem, however, is that cryptocurrencies involve a great deal of uncertainty and also impose a great number of risks somewhat attributable to the lack of specific legislation regulating their nature and operation. The present publication is concerned with the current legal aspects that must be taken into account in connection to issuing a cryptocurrency in or from Cyprus.


Legal Nature of Cryptocurrency

Due to the novelty and the lack of legal or regulatory framework in Cyprus or the EU, the most likely scenario is that cryptocurrency is, simply put, a digital token, which carries embedded terms and conditions, giving specific rights and obligations, as a contractual matter, to the issuer, the holder and possibly other stakeholders, as applicable. For instance such terms can provide, inter alia,  that the coin is backed by real assets, such as gold. Perhaps over-simplistically, it can be theoretically viewed as the legally equivalent of a casino chip, but a digital one.


Key Relevant Legislation  

Despite the fact that at the present time, there is no specific legislation regulating the issue and operation of cryptocurrencies, implying that this is a matter of contractual nature, there are some laws that shall be taken into account when issuing and operating cryptocurrencies.

More specifically, the European Securities Markets Authority (ESMA) in its latest statement warns that companies involved with ICO need to examine cautiously whether their activities constitute regulated activities under EU law, and if so, failure to comply with the relevant laws shall constitute a breach. The manner ICOs are structured and the actual terms of a cryptocurrency can determine whether they fall outside the EU regulatory framework or not. For these purposes, ESMA in its latest statement made a summary-reference to the applicable EU laws that shall be taken into account and complied with, by the ICO issuers and advisors.                                     

The first EU legislative instrument that shall be taken into consideration is the Prospectus Directive, whose purpose is to make sure that sufficient information is provided to investors when raising capital in the EU. Where the tokens or coins are classified as “securities” under the Prospectus Directive, there are a number of serious obligations which must be fulfilled in connection to the ICO, most importantly the requirement for a prospectus to be prepared and to be approved by the national regulator, namely CySEC, before such securities can be offered to the public (where an exemption does not apply).  

Another EU legislative instrument that shall be taken into account where the tokens or coins are treated as “financial instruments”, is the latest Markets in Financial Instruments Directive (MIFID II) which aspires to achieve a higher degree of harmonized legislation and investor protection. Specifically, where the tokens are treated as “financial instruments” it is quite likely that the issuer and ICO advisors when placing, advising or facilitating token offering, they are performing a regulated investment service or activity. Financial instruments, according to MIFID II, are the transferable securities, the money-market instruments, the financial contract for differences (CFDs), the derivative instruments for the transfer of credit risk, the swaps and other contract derivatives that can be physically settled or settled in cash as described in  Annex I, Section C of MIFID II.  Whether a cryptocurrency qualifies as a financial instrument is a matter to be determined on a case by case basis, according to the specific terms and conditions of the coin however it shall be noted that, so far, none of the existing popular tokens, such as Bitcoin or Ether just to mention a few, has been qualified or recognized as a financial instrument under MIFID II.

Moreover, the 4th Anti-Money Laundering Directive (AMLD) aiming at hindering money laundering and terrorist financing may also be applicable especially in cases where the ICO issuer is an obliged entity such as credit institutions or a financial institutions. The AMLD imposes the obligation on firms to conduct customer due diligence and put in place proper record-keeping and other compliance procedures, report any suspicious transactions and concurrently collaborate with the competent public authorities when carrying out any investigations.


CySEC guidelines on Cyprus Investment Firms

Taking into consideration all the aforesaid and the apparent eagerness of some Cyprus Investment Firms (CIF) to enter into the cryptocurrency arena, the Cyprus Securities and Exchange Commission (CySEC) has recently issued a statement stipulating the requirements applicable to CIF when offering services relating to virtual currencies and contracts for differences (CDFs) in relation to virtual currencies.

To begin with, CySEC provides that the CIFs shall comply with requirements that are quite akin to those stipulated in the Investment Services and Activities Law transposing MIFID II into Cyprus law (Law). Such requirements encompass, inter alia, securing the protection of customer’s assets, compliance procedures and internal audit procedures, appropriate record keeping, compliance with the best execution principles, capital adequacy and proper communication with the clients.    

 One of the most significant requirements according to CYSEC, is that prior to the provision of such services, CIFs shall caution their clients that there is no specific EU legislative instrument aiming exclusively at the regulation of ICOs issuance and operation. Furthermore, CIFs are under an obligation to explain and warn their customers that marketing in the aforesaid products is not necessarily covered by the MIFID II, since the provision of such services may not always fall in the scope of CIF’s regulated activities under MIFID II.

Additionally, CIFs must warn their clients the risk of loss of  all investment, especially due to the high degree of volatility characterizing cryptocurrencies and any other risks relating to such products and investments by communicating these risks to the clients in a specific warning. CIFs shall also clarify to the interested parties that virtual currencies are not suitable for all investors since if they lack the necessary expertise or knowledge they may risk losing all the invested money.

Moreover, CIFs must warn the investors that marketing in such products does not entail right to protection under the Investors Compensation Fund. Investors must be warned by the CIFs that if a dispute arises between them, investors are not given the right to report the said dispute to the Cyprus Financial Ombudsman.

What is more, CIFs are under the obligation to make sure that all the related risks are recognized, assessed and duly recorded. This can be achieved by the regular conduct of risk assessments. CIFs shall ensure that the risks are properly observed, addressed and eliminated.

Furthermore, CySEC provides that CIF’s are not allowed to use feed providers (such as liquidity providers and virtual currency exchanges) that are not licensed in the country in which they are operating. CySEC provides that CIFs are required to conduct regular due diligence controls to their counterparties and/or feed providers and that their counterparties and feed providers shall agree to such due diligence controls. In addition, CySEC suggests that CIFs should utilize more than one feed provider and verify with other feed providers to make sure that the best execution rules are observed. If only one feed provider is utilized, CIFs shall be in a position to define and record the manner in which their best execution requirements are met.

Most importantly, CIFs are obliged to communicate to the public the method of calculating the bid and seek prices. CySEC provides that the leverage limit for retail customers should be fixed to 5:1 for CDFs trading in relation to virtual currencies.  It must be mentioned that the CIF’s turnover acquired from the offer of such products or services shall not be greater than 15% of the CIF’s overall turnover per quarter.

Last but not least, CySEC clearly states that CIFs are not allowed to exercise “passporting rights” administered by the Law when providing services in EU member states or third countries. CySEC strictly provides that CIFs and their directors are under the obligation to examine each country’s status and shall seek advise from their legal advisors with regard to their obligations relating to the provision of such services. Proper legal consultation in relation to the legal framework applicable in cases of virtual currencies, in the country concerned should be taken prior to the provision of the said service in order to ensure compliance and examine whether any particular authorization is necessary.


Practical Considerations

An important practical consideration on the issuance of cryptocurrency is the fact that, exactly due to the ambiguity and lack of regulation, banks and other credit institution are very reluctant to open accounts and process transactions with businesses associated with cryptocurrency.  This creates substantial issues, especially in connection to purchasing and redeeming such coins. However, practitioners have sought solutions in several European jurisdiction which are willing to facilitate transactions of this nature, such as using payment services providers and electronic money institutions.



In conclusion, it is evident that the introduction of cryptocurrencies in the business world constitutes a novelty that has the potential to change forever the manner investors and investment firms conduct businesses and raise capital.  At this point there is no legal or regulatory framework in Cyprus to specifically govern the issue of cryptocurrencies and thus the legal nature of cryptocurrencies is predominantly of a contractual nature. Despite the lack of specific regulation, the recommended guidelines provided by ESMA on potentially applicable legislation and the CySEC guidelines to CIFs should be duly taken into consideration and must be strictly adhered to, especially considering that cryptocurrencies involve substantial risks for investors with the most severe being losing all the invested capital.  Despite the lack of legal restrictions, at this time, in the issuance of cryptocurrency, due consideration must be given to the practical difficulties, such as obtaining bank accounts for the issuer and other persons involved.

For further information in relation to the legal aspect of issuing cryptocurrency, in or from Cyprus,  and input in available solutions to facilitate cryptocurrency transactions  feel free to contact us.



Varnavas Playbell , Eleni Louca


This publication is for information purposes only and does not contitute advice.