The key legal and compliance questions around forms of distributed ledger technology
Blockchain and other forms of distributed ledger technology (DLT) are generating considerable interest both within the financial services industry and in other sectors, such as healthcare. A particular area of focus is in the capital markets community, as FinTech start-ups, market infrastructure providers and global banks evaluate technology and potential use cases.
But there remain many unanswered questions as to: how DLT solutions will evolve to fit into the current regulatory and legal infrastructure of the capital markets; the optimum governance models; and how to balance the technology opportunity against potential risk. The value of transactions involved means that while the potential prize to be delivered by increased market efficiency is considerable, ensuring robust risk management is essential. For the technology to progress towards productivity in 2017, broad industry collaboration, solutions which mitigate risk and emerging regulatory certainty will be critical. DLT is at a point of convergence where the technology, commercial and legal worlds need to evolve to work together to deliver practical solutions.
In October 2016, Hogan Lovells, Innovate Finance and EY published a white paper, Blockchain, DLT and the Capital Markets Journey: Navigating the regulatory and legal landscape, (the “Report”) to help progress the understanding of the key legal and regulatory issues which will need to be addressed if blockchain, or other forms of DLT, are to deliver viable and valuable solutions in the complex, high risk and highly-regulated environment of capital markets. Achieving success in this area will either require developing solutions which conform to the regulatory framework or engaging with policymakers to reshape its contours. Although the report focuses on the UK’s regulatory and legal environment (including, where applicable, by reference to EU law) it acts as a stepping-stone to understanding the analysis to be applied in other markets as the issues and concepts identified in it tend to give rise to similar concerns in other jurisdictions.
As with any FinTech solution, DLT will need to comply with the regulatory and legal framework which applies to the activity it supports. This is a particular challenge for a “distributed” technology which, in most capital markets use cases, would need to operate across national boundaries to be meaningfully useful.
Significant elements of the regulatory landscape in the UK relating to capital markets are defined by EU law, such as the Markets in Financial Instruments Directive (MiFID), European Market Infrastructure Regulation (EMIR), and Central Securities Depositories Regulation (CSDR), none of which were drafted to accommodate DLT. Regulators and policy-makers will need to understand where and how DLT can deliver benefit without introducing additional risk.
The European Securities and Markets Authority (ESMA) recently confirmed it will not rush to regulate but rather monitor how the technology evolves. Its report expresses the view that DLT could bring a number of benefits to financial markets, including more efficient post-trade services, enhanced reporting capabilities and reduced costs but it faces some important challenges “in terms of interoperability, governance and privacy issues and risk creation”. ESMA expects the early applications of DLT to focus on optimising processes using the current market structure. Early opportunities appear most likely to emerge in areas with less dependency on the existing legal framework, reinforcing the importance of understanding where the legal pressure points arise.
Brexit will add another layer of complexity. Much will depend on whether the UK mirrors existing EU law and regulation, as is intended initially under the proposed Great Repeal Bill, or diverges to form an independent regulatory perspective. Brexit may even present opportunities to launch DLT solutions in the UK if it enables legislation to be updated to reflect the emergence of DLT solutions and remove legal technicalities that obstruct implementation. It may be possible that this could be achieved even if the UK chooses to maintain an “equivalent” legal, regulatory and supervisory framework if that commitment is based on “equivalence” of outcomes rather than mirroring the EU legislation. However, given the cross-border nature of the market, UK initiatives alone would not be sufficient. Indeed, if Brexit were to result in a significantly divergent approach to regulating use of DLT in the UK and the EU, it may not be possible to realise potential cross-border efficiencies. However, the UK could be the fulcrum for its emergence on to a wider stage with its regulatory characteristics better understood.
Key themes to be considered when analysing the use of DLT in capital markets include:
Scope for disintermediation of market players: DLT could conceivably be used as a medium for issuing and transferring securities. Settlement and depository functions employed in existing clearing systems would be largely unnecessary in an efficient DLT system - presenting the theoretical possibility of the partial or, in some cases, complete, disintermediation of the market participants currently undertaking these functions. However, as well as commercial context, there are regulatory and policy constraints on this which needs to be evaluated. Regulators will likely support disintermediation by a DLT solution only if it offers similar benefits to the current role of a Central Counterparty Clearing House (CCP) or Central Securities Depositaries (CSDs), without increasing systemic risk.
Certainty and immutability: a key feature of a DLT solution may be that it creates an immutable record. Participants in the capital markets would need certainty on the degree to which data is to be treated as immutable for legal purposes, ie) if it is definitive of the legal position or evidence of it.
Flexibility of smart contracts and redress – the “code is law” proposition (spoiler alert: code is not law…) One focus of the discussion on DLT has been whether the technology can be used to execute financial contracts, particularly through the use of smart contracts. Any contracts need to be written so that they can be understood by regulators and capable of interpretation by the courts. All contracts exist within the matrix of contract law, which needs to be understood in order that the intended benefits are secured.
Regulatory uncertainty and potential compliance benefits: DLT solutions may have the potential to enable the reporting of transactions and positions directly to the regulator via direct access to the shared ledger, which could potentially disintermediate Trade Repositories (TRs) and Approved Reporting Mechanisms (ARMs). DLT solutions could also reduce trade errors, operational risk, and counterparty risk by introducing true straight-through processing and instantaneous execution and settlement. However, use of DLT solutions need to be examined against applicable financial services law to ascertain whether additional compliance measures are necessary.
How does competition law apply to permissioned DLT systems? Competition law will be a relevant factor to consider for DLT consortia when developing and operating a DLT solution.
Transparency and data privacy: There is a distinction between market data transparency (it cannot be opaque) versus private data transparency (needs to be safeguarded). Under EU General Data Protection Regulation (GDPR), DLT solutions that hold personal data should have specific contractual terms in place to govern data processors. Data encryption is not sufficient to excuse obligations for data protection. The right of erasure is a key consideration.
The complex matrix of legal issues suggests a need for recommendations for industry and regulators covering legal, market impact, operational and regulatory matters. Key recommendations in the Report cover two main areas:
Engaging regulators and policy makers is imperative to ensure that regulatory regimes do not create barriers to innovation and that DLT solutions are developed with the necessary risk mitigation in mind. For example, industry and regulatory sandboxes could be a powerful tool to enable participants to develop robust solutions and gain rapid regulatory feedback in a controlled environment.
Industry-level system design decisions
Important design considerations include clear governance structures to ensure the orderly functioning of a DLT system. Legal and operational uncertainties can be further mitigated by express agreements on issues such as smart contract intent and dispute resolution.
As DLT progresses its journey in capital markets, the key to unlocking its potential involves navigating the regulatory and legal landscape, while building on industry collaboration, to deliver interoperability and robust governance structures.