Table of Contents

EU Regulatory Updates

In September 2020, the EU introduced its Digital Finance Package with the objective of making the EU fit for a digital age. This package included:

  • a digital finance strategy;
  • a legislative proposal on digital resilience, known as Digital Operational Resilience Act (DORA);
  • a legislative proposal on cryptoassets, known as Markets in CrytoAssets (MICA) Regulation; and
  • a Regulation on a pilot regime for distributed ledger technology (DLT) market infrastructure (DLT Pilot Regime).


The digital finance strategy sets out four main priorities:

  • removing fragmentation in the Digital Single Market;
  • adapting the EU regulatory framework to facilitate digital innovation;
  • promoting a data-driven finance; and
  • addressing the challenges and risks with digital transformation, including enhancing the digital operational resilience of the financial system.


See below sections for the latest information on DORA, MICA and the DLT Pilot Regime.

Link: Digital finance package (

On 16 May 2023 the Council of the EU announced it had adopted MiCA – an EU-level  regulation which brings crypto-assets, crypto-asset issuers and crypto-asset service providers under one regulatory framework for the first time.

MiCA identifies ‘cryptoassets’ broadly as a digital representation of a value or a right that uses cryptography for security and is in the form of a coin or a token or any other digital medium which may be transferred and stored electronically, using distributed ledger technology or similar technology and captures:

  • asset-referenced tokens (ART);
  • electronic money (‘e-money’) tokens (EMT); and
  • other crypto-assets not covered by existing EU law.


MICA applies 18 months after the date it comes into force – circa January 2025 – and focus is now on the detailed rules which will be drafted by ESMA. ESMA has stated it plans to publish consultations on MiCA guidelines and technical standards in Q3 and Q4 2023 and 2024 and has published a useful timeline here: MiCA_Implementation_timeline.png (1600×900) (

The EU DLT Pilot went live on 23 March 2023, a key milestone in the EU’s Digital Finance Package.

The aim of the DLT Pilot is to develop the trading and settlement environment for tokenised securities in a controlled environment and to enable EU regulators to draw lessons in order to identify possible proposals for a suitable regulatory framework, given the current EU legislation for financial services does not cater for DLT and crypto-assets.

The DLT Pilot Regime applies to market infrastructure, in particular Multilateral Trading Facilities (MTFs) and Central Securities Depositaries (CSDs) to operate DLT financial market infrastructure. Under the pilot regime, there are three categories of DLT market infrastructure: (1) DLT MTFs, (2) DLT settlement systems (DLT SS) and (3) DLT trading and settlement systems (DLT TSS) – a DLT specific type of market infrastructure which combines the two services of trading and settlement. The creation of a DLT TSS is innovative, in particular, given that under the current rules, the combination of these activities is not envisaged. However, the EU authorities recognise the potential benefits of DLT in combining trading and settlement.

Given this is a pilot scheme, there are limits on the instruments which can be traded on DLT market infrastructure and market value thresholds are in place. Broadly speaking, the DLT Pilot is limited to:

  • Shares of an issuer with market capitalisation of less than EUR 500million
  • Bonds with an issue size of less than EUR 1 billion
  • UCITS where market value of assets under management is less than EUR 500million


There are also thresholds in place to manage the scale of assets trading:

  • DLT financial instruments on DLT market infrastructure should not exceed EUR 6 billion at the point of admission / initial recording of a new DLT financial instrument
  • Where the aggregate market value of all DLT financial instruments on a DLT has reached EUR 9 billion, a “transition strategy” must be activated to reduce the aggregate value.


It should be noted that EU national regulators can set lower thresholds than these if they wish.

In terms of benefits, the DLT Pilot allows for some exemptions from the EU’s MiFIR/MiFID II and CSDR regimes to make it easier for market participants to trial DLT when trading and settling tokenised securities. However, if granted any exemptions from certain MiFID II/MiFIR/CSDR requirements, the DLT market infrastructure will have to comply with certain conditions, known as ‘compensatory measures’, to meet the objectives of those requirements.

ESMA recommends use of Digital Token Identifier (DTI) in DLT Pilot as a compensatory measure

ESMA recommended that DLT market infrastructure use the ISO 24165 Digital Token Identifier standard (DTI) as a compensatory measure in its report on the DLT Pilot, published on 27 September 2022 (page 54).

ESMA’s DLT Pilot Q&A, (last updated on 2 June 2023) also recommends that trading venues, investment firms and approved publication arrangements (APAs) complement the ISIN by including the DTI when publishing post-trade information under Table 3 of Annex I of RTS 1 (equity and equity-like instruments), and Table 2 of Annex II of RTS 2 (for non-equities).

Next steps:

ESMA is required to develop further guidelines relating to the DLT Pilot, expected in 2025. ESMA is also required to prepare a report in 2026 assessing the DLT Pilot Regime which will assist the EU in its proposals regarding next steps: these steps could range from extending the Pilot for another 3 years, extending the scope of DLT financial instruments under the Pilot, amending the Pilot Regime, terminating it or making it permanent.


The Digital Operational Resilience Act (DORA) aims to consolidate and upgrade Information Communication and Technology (ICT) risk requirements across the EU financial sector as part of the operational risk requirements that have, up to this point, been addressed separately in various EU legal acts. DORA, an EU-wide Regulation, entered into force on 16 January 2023 and applies from 17 January 2025.

DORA directly applies and imposes obligations on:

  • Financial entities which are defined broadly, covering most entities operating in the financial sector; and
  • ICT third-party service providers which have been designated as “critical” by the European Supervisory Authorities (“ESAs” – ESMA, EIOPA and EBA) because of their impact on financial entities.


DORA indirectly applies to ICT third-party service providers through contractual provisions that financial entities will be required to include in service agreements.

An ‘ICT third-party service provider’ means ‘an undertaking providing ICT services’.

ICT services’ means ‘digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services’.

The onus is now on the ESAs to deliver the detailed rules, which underpin DORA, to the European Commission (EC). The ESAs have two main submission deadlines:

  • 17 January 2024 (first batch) and
  • 17 June 2024 (second batch).


In addition, the ESAs also have to deliver ‘technical advice’ to the EC by 30 September 2023 on the criteria for determining whether an ICT third party vendor is ‘critical’. The ESAs consulted on the critical criteria indicators from 26 May 2023 to 23 June 2023.

On 19 June 2023, the ESAs published four consultation papers on the implementation of DORA for the first batch of rules they need to prepare.

The ESAs have prepared a DORA public consultation overview_document.pdf ( which provides a useful summary and are also holding a public hearing webinar on 13 July 2023 – Registration form. The deadline for comments to these four consultations is 11 September 2023.


On 15 June 2023, ESMA published its Data Strategy for the next 5 years – 2023 to 2028. The purpose of this document is to explain “how ESMA data assets will be mobilised to best serve and help deliver on its strategic and thematic objectives”. A key point to note is that ESMA has created a new Data Intelligence and Technology department tasked with translating ESMA’s data vision into reality.

ESMA has set itself the following six data objectives over the next 5 years.

  • Become an enhanced data hub: enhance ESMA’s role as a data hub, focusing on improved data, information accessibility, interoperability and usability, along with data harmonisation and standardisation.
  • Facilitate access to data of public interest: contribute to providing relevant, useful and understandable information to the market in machine-readable form, and facilitate its use, including by retail investors;
  • Data-driven supervision: enable cutting-edge, smart and effective data-driven supervision;
  • Pursue thought leadership and collaboration on data standards, technologies, and reporting innovations.
  • Efficient data policy: promote efficiency, transparency, and cooperation in data policy, and reduce reporting burdens.
  • Systematic data use: systematically use data for evidence-based policy development, supervision and risk assessment.

Factors driving ESMA’s new Data Strategy include its new regulatory work on Digital Finance (e.g., DORA, MiCA, DLT Pilot Regime) and Sustainable Finance (e.g., CSRD, SFDR) and the European Commission Strategy on supervisory data in EU financial services.

The DTI Foundation, which is the Registration Authority for ISO 24165 Digital Token Identifier standard (DTI), welcomes ESMA’s statement that it has been “a driving force to strengthen the development and consistent application of data standards, as demonstrated by its efforts to foster the use of common identifiers and standards such as the Legal Entity Identifier (LEI) and other ISO standards in reporting regimes under its remit and by other jurisdictions” and that ESMA continues to support EU reporting regimes based on common standards and messaging.


UK Regulatory Updates

In 2021, the FCA and BoE started their multi-year Joint Data Transformation Program with the vision to …”get the data they need to fulfil their mission, at the lowest possible cost to industry‘. The BoE and FCA have set up a multi-year, multi-phased, transformation programme with 3 key reforms in mind:

  • Defining and adopting common data standards that identify and describe data in a consistent way throughout the financial sector. These common standards should be open and accessible for use by all who need them.
  • Modernising reporting instructions to improve how reporting instructions are written, interpreted and implemented. There are a range of steps involved, from setting up better Q&A processes to potentially rewriting instructions as code.
  • Integrating reporting to move to a more streamlined, efficient approach to data collection. This reform includes making data collection more consistent across domains, sectors and jurisdictions, and designing each step in the data collection process with the end-to-end process in mind.


In November/December 2022, EY, commissioned to perform a data standards review on further development and adoption of standards under this programme, asked a series of questions to which the DTI responded,  advocating the use of ISO as a universal template for international financial services standards. The FCA/BoE are hosting a Town Hall event on the afternoon of 13 July 2023 to provide the latest update from this programme – see link below to sign up.

Transforming data collection | Bank of England
Bank of England: Transforming Data Collection (TDC) – Town Hall (

On 1 February 2023 HM Treasury (HMT) published a consultation and call for evidence on its plans to regulate cryptoassets used within financial services, given most cryptoasset activities are not currently subject to broader financial services regulation in the UK. Using the principle of “same risk, same regulatory outcome”, HMT intends to put in place commensurate safeguards where cryptoassets present similar risks to traditional financial instruments.

HMT is pursuing a phased approach to regulating cryptoassets. Phase 1 comprised putting in place an anti-money laundering and counter terrorist finance regime (AML/CFT) for cryptoassets which has been in place since January 2020 and proposals focused on fiat-backed stablecoins and the financial promotion of cryptoassets. This consultation sets out proposals for Phase 2: the UK government’s approach to regulating broader cryptoasset activities, such as the trading of and investment in cryptoassets.

HMT’s proposed policy approach is to bring cryptoasset activities into the UK regulatory perimeter, using the UK’s existing Financial Services and Market’s (2000) Act (FSMA) rather than create a bespoke regime, and the FCA will be given powers to write tailored rules. Proposals are centred around a number of important cryptoasset activities – including exchange activities, custody activities and lending activities.

Whilst a definition of cryptoassets is included in the Financial Services and Markets Bill, drawn broadly so as to capture all current types of cryptoasset, and very similar (although not identical), to that in MICA, HMT’s intention is that that the activities will be regulated, rather than the asset itself. Consequently, HMT plans to create a number of new regulated or designated activities tailored to the cryptoasset market. It is also worth noting that HMT proposes to capture cryptoasset activities provided in or to the UK i.e. activities provided by UK firms to persons based in the UK or overseas (natural and legal), as well as those provided by overseas firms to UK persons (natural or legal).

Etrading Software’s DTI Foundation (DTIF) welcomes the UK Government’s consultation and has responded, highlighting that the DTI ISO standard has been designed for the specific purpose to improve transparency within the cryptoassets market, assisting regulators and market participants manage some of the risks identified in the consultation. The DTI enables regulators to:

  • Understand the impact on market participants and the market in the event a blockchain suffers an operational outage or event through identification of the financial instruments at risk and individual trades at risk;     
  • Detect market abuse through the identification of market activity and irregular suspicious patterns; and
  • Detect AML activities through facilitating the tracking of bridged cryptoassets.


The consultation closed on 30 April 2023 and HMT will use responses to inform its proposals.

Link:  Future_financial_services_regulatory_regime_for_cryptoassets_vP.pdf (

On 28 June 2023, the Law Commission issued its Final Report on Digital Assets. The UK Government had asked the Law Commission to make recommendations for reform to ensure that the law is capable of accommodating both crypto-tokens and other digital assets in a way which allows the possibilities of this type of technology to flourish. The Law Commission concluded that common law allows for the recognition of a distinct category of personal property that can better recognise, accommodate and protect the unique features of digital assets including crypto-tokens and cryptoassets and recommends:

  • Legislation to confirm the existence of such a the category that caters for digital assets and to remove any uncertainty.
  • The Government creates a panel of industry experts who can provide guidance on technical and legal issues relating to digital assets.
  • To provide market participants with legal tools that do not yet exist in England and Wales, such as new ways to take security over crypto-tokens and tokenised securities.


The Law Commission consulted on this topic in July 2022 and the DTI provided a short response (Digital-assets-collated-consultation-responses.pdf) highlighting the ISO 24165 Digital Token Identifier standard (DTI) caters for identification of digital assets.

Link: Digital assets – Law Commission

Global Regulatory Updates

The Financial Stability Board (FSB) consulted on its proposed framework for the international regulation of cryptoasset activities from Oct 2022 to December 2022. In the consultation, the FSB described the key issues and challenges it sees in developing a comprehensive and consistent regulatory approach that captures all types of cryptoasset activities that could give rise to financial stability risks. It also set out the FSB’s proposed approach for establishing a comprehensive framework.

The DTI Foundation agrees with the FSB’s recommendations and responded to question 8 of the consultation: “Have the regulatory, supervisory and oversight issues and challenges as relate to financial stability been identified accurately? Are there other issues that warrant consideration at the international level?”, noting that the Digital Token Identifier (DTI) can help with the following recommendations:

  • Recommendation 1: by providing a common international tool to uniquely identify digital assets;
  • Recommendation 3: by facilitating efficient and consistent information sharing between the authorities;
  • Recommendation 6: by providing authorities with access to quality reference data on crypto assets; and
  • Recommendation 8: by providing a link between crypto assets and traditional securities through a link to ISINs and Legal Entity Identifiers (LEIs) to simplify linkage of the different identifiers by market participants and public authorities.


The FSB plans to publish the final report in July 2023.

Link: International Regulation of Crypto-asset Activities: A proposed framework

On 23 May 2023, the International Organization of Securities Commissions (IOSCO) published a consultation paper on 18 ‘principles-based and outcomes-focused’ policy recommendations with supporting guidance for crypto and digital asset markets (‘CDA’). The recommendations cover six key areas:

  1. Conflicts of interest arising from vertical integration of activities and functions,
  2. Market manipulation, insider trading and fraud,
  3. Cross-border risks and regulatory cooperation,
  4. Custody and client asset protection,
  5. Operational and technological risk, and
  6. Retail access, suitability, and distribution.


The purpose of these recommendations is to address concerns related to market integrity and investor protection arising from crypto-asset activities aimed at the activities performed by crypto-asset service providers (CASPs) setting a standard that is consistent with those required in the traditional financial market. The CDA Recommendations are addressed to relevant authorities.

Noting that the International Monetary Fund (IMF) and the Financial Stability Board (FSB) are calling for more regulation of the crypto-asset market, IOSCO’s proposed recommendations look to complement and support the work of the FSB and the sectoral initiatives of other international Standard Setting Bodies.

The consultation closes on 31 July 2023 and IOSCO plans to finalise its recommendations in Q4 2023. IOSCO will publish a further consultation with proposed recommendations on activities, products and services offered in the decentralised finance (‘DeFi’) area later this summer.

Link: CR01/2023 Policy Recommendations for Crypto and Digital Asset Markets (

Disclaimer: The content of this Regulatory Update is for general information only and does not constitute legal or other professional advice.

No Comments

Post A Comment

Talk to us and find out how our solutions can add flexibility to your business.