Cryptocurrency Regulation in the European Union

Cryptocurrency regulation in the European Union is still in its early stages. While the EU is working on the general guidelines regarding crypto regulation, individual member states have undertaken different regulatory approaches according to their specific legal traditions and practices. This article is focused on the legal documents directly regulating, or otherwise affecting cryptocurrencies in the European Union at the “federal” level – without examining the different approaches undertaken by all 28 member states.

We will start with a brief overview of the organization structure of the Union so you can get a better understanding of its legislative bodies and procedures.

The European Union and its Legislative Institutions

The European Union is a supranational entity constituted of 28 sovereign countries that pool their authority and delegate part of their sovereignty to the Union in order to work together and improve in areas of common interest.

The formation of an ever-closer European Union was a gradual and deliberate democratic process based on the principle of the rule of law. The first step in the “federalization” of Europe was the creation of the European Coal and Steel Community in 1952. The ECSC was, originally, an economic organization of 6 European countries created in an effort to cement peace and eradicate dangerous nationalism in post-WW2 Europe. As the French foreign minister and father of the ECSC Robert Schuman stated: the aim of the ‘union’ is to “make war not only unthinkable but materially impossible.”

Just two years after the formation of the ECSC, on March 25th, 1957, the ‘founding fathers’ signed the Treaty of Rome which brought about the creation of the European Economic Community. Whereas the ECSC was the first ever international organization based on the principle of supranationality, the EEC was something different –  a regional organization of sovereign countries aiming towards greater economic integration.

In 1987, the Single European Act (SEA) which amended the EEC Treaty came into force. The SEA paved the way for the creation of the Single European Market based on the free movement of goods, capital, services, and labor – also known as the “four freedoms.” The Single European Market, in time, led to the creation of the second largest economy in the world with a nominal GDP of over $17.1 trillion.

The European Union was officially established in 1992 with the signing of the Maastricht treaty. The Maastricht treaty (also known as The Treaty on European Union), the Amsterdam treaty, and the Lisbon treaty together constitute the three most significant legal documents of the Union. Briefly, these treaties set to create an Economic and Monetary Union which removed the physical barriers across the single market, created the Schengen Area, and led to the creation of the Euro (1999) as the official currency of the European Union. These documents are the cornerstone of European integration.

Similar to a state, EU’s structure is based on the trias politica or, better known as the “separation of powers” model. The legislative branch is made up of the European Parliament – which represents the EU’s citizens and is directly elected by them, and the European Council – which consists of the heads of EU member states. The executive branch of the EU is represented by the European Commission – a politically independent body made up of 28 Commissioners (one from each EU country) that has the role of defending the interests of the Union as a whole. The Court of Justice represents EU’s independent judiciary branch, ensuring that the EU laws are interpreted and applied the same in every EU country.

Cryptocurrency regulation in the European Union

Let’s start at the beginning.

Defining Cryptocurrencies

Back in 2012, the European Central Bank (ECB) released a report on Virtual Currency Schemes wherein it addressed the ‘issue’ of accelerating proliferation of cryptocurrencies, as well as the effects of this proliferation on the economy and on the reputation of Central Banks in Europe. This study done by the ECB is the very first time an EU institution has acknowledged cryptocurrencies in any formal manner and, simultaneously, it’s the first attempt at their legal categorization and definition.

The VCS report defines virtual currency as “a type of unregulated, digital money, which is issued and usually controlled by its developers, and used and accepted among the members of a specific virtual community.”

Furthermore, the ECB categorizes Bitcoin as a virtual currency scheme with bidirectional flow and defines it as a decentralized virtual currency. It’s important to note that EU officials prefer the term virtual currency over the terms digital currency or cryptocurrency.

In light of the increasing popularity of virtual currencies, on December 12th, 2013, the European Banking Authority (EBA) issued a warning to potential cryptocurrency investors asserting that they “should not use ‘real’ money (to invest) that they cannot afford to lose.” A year later, on July 4th, 2014, EBA issued another warning, this time addressed to the national supervisory authorities advising them to “discourage financial institutions from buying, holding or selling virtual currencies while no regulatory regime is in place.” On May 19th, 2014, Yves Mersch, a member of the executive board of ECB, stated that Bitcoin is so small relative to the traditional payment networks that it could be called a “regional currency of the Internet.”

Analyzing EBA’s FUD-spreading warnings and ECB’s overall undermining attitude towards cryptocurrencies, it becomes apparent that, at the time, no one in the EU had any idea how big the crypto industry was going to become in the following years.

Legal and Economic nature of Virtual Currencies

In 2015 – following the infamous Mt.Gox hack which resulted in the loss of more than $350 million in bitcoins – the ECB issued another amended and upgraded VCS report. Apart from the ‘mandatory’ and rather boring risk analysis part, the report delves deeper into the legal and economic nature of cryptocurrencies.

Virtual currency is also not money or currency from a legal perspective.

– Virtual Currency Schemes – A further analysis

From an economic viewpoint, cryptocurrencies do not fully meet all three functions of money as defined in economic literature: i) medium of exchange; ii) store of value; iii) unit of account. According to the ECB, cryptocurrencies can be granted the function of a medium of exchange or unit of account, but due to their highly volatile nature, the ‘store of value’ function is disputable.

The report goes on to conclude that cryptocurrencies (or VCS, as the ECB likes to call them) are neither currencies nor money from a legal perspective. The term ‘currency’ commonly refers to a specific form of money that is issued by a Central bank and recognized as legal tender within a country. Given that VCS have not been recognized as legal tender and they’re “not widely used to exchange value [as stated in the report]” – they’re not legally money. Instead, in the eyes of the ECB they’re nothing more than “contractual money” or an “agreement between buyer and seller in order to accept a given virtual currency as a means of payment.”

Thus, in 2015, the ECB changed the definition of VCS by disregarding the terms ‘money’ and ‘unregulated’ from the old 2012 definition and proposed a new one: “virtual currency is a digital representation of value, not issued by a central bank, credit institution or e-money institution, which, in some circumstances, can be used as an alternative to money.”

The Fight Against Money Laundering and Terrorist Financing

The first and the most noteworthy call to action regarding cryptocurrency regulation on the supranational level came about on July 5th, 2016, when the European Commission published its proposal to amend the 4th AML Directive. Provoked by the 2015 terrorist attacks in France, the Commission set to revise Europe’s regulatory vulnerabilities in the fight against terrorist financing. In the text of the ‘proposal to amend the 4th AML Directive’, the Commission gathers: “Gaps still exist in the oversight of the many financial means used by terrorists, from cash and trade in cultural artifacts to virtual currencies and anonymous pre-paid cards.“

According to the Commission, the biggest issue is that virtual currencies can be utilized by terrorist organizations to carry out anonymous transactions, allowing them to fund their operations without being discovered by the authorities. The proposed amendment, also known as the 5AML Directive, sets to bring cryptocurrency exchanges and custodian wallet providers under the scope of anti-money laundering regulations. This means that they must register with the AML authority in their jurisdiction, and implement necessary customer due diligence – identify users, monitor transactions, report suspicious activity, etc.

The 5AML Directive defines virtual currency exchanges as “providers engaged in exchange services between virtual currencies and fiat currencies” and custodian wallet providers as “entity that provides services to safeguard private cryptographic keys on behalf of their customers, to hold, store and transfer virtual currencies.” It follows from here that crypto-to-crypto exchanges and wallet providers that don’t hold the private keys of their users – such as Trezor, Jaxx, Mist and Ledger Nano S – are exempt from the Directive.

Furthermore, the 5AML Directive defines virtual currencies as “means a digital representation of value that is not issued or guaranteed by a central bank or a public authority, is not necessarily attached to a legally established currency and does not possess a legal status of currency or money, but is accepted by natural or legal persons as a means of exchange and which can be transferred, stored and traded electronically.”

Given that the European Parliament confirmed the latest text of the Directive on April 26th, 2018 – this legal document introduces the first legally binding definition of virtual currencies in the EU.

The prior definition was constructed with a specific purpose in mind, i.e “to cover all the potential uses of virtual currencies.” That being said, the ECB wasn’t fully satisfied with this approach. In the opinion published in late 2016, the ECB pointed out three possible problems with this broad definition:

  • ‘virtual currencies’ do not qualify as currencies from a Union perspective
  • given that virtual currencies are not in fact currencies, it would be more accurate to regard them as a means of exchange, rather than as a means of payment
  • the proposed definition does not take into account that in some circumstances virtual currencies can be used for purposes other than that of a means of payment

Even though the ECB proposed a more specific definition that should explicitly clarify that virtual currencies are neither currency nor money from a legal perspective, the European Parliament and Council didn’t take the above points into account.

Taxation of Cryptocurrencies in the EU

Although it is still too early to proclaim any ‘harmonization of law’ in the EU regarding the tax treatment of crypto-related profits and incomes, some member states decided to adhere to the precedent set by the 2015 preliminary ruling of the European Court of Justice.

In November 2015, at the request of the Swedish Supreme Administrative Court, the European Court of Justice issued a preliminary ruling – providing its interpretation of European Union law regarding the applicability of the European VAT Directive on virtual currency transactions.

The preliminary question was raised in proceedings between the Swedish Tax Authority and Mr. David Hedquist. Before setting up a crypto-to-fiat exchange, Mr. David asked the Swedish Revenue Law Commission whether buying or selling Bitcoin is subject to value-added tax.

The Commission argued that, in general, the transaction is subject to VAT but it falls under the exemption stated in the EU VAT Directive. The VAT Directive provisions that “the supply of goods and services for consideration within the territory of a Member State by a taxable person acting as such is to be subject to VAT. However, Member States must exempt, inter alia, transactions relating to ‘currency, bank notes, and coins used as legal tender.“

After the Swedish tax authority appealed before the Supreme Administrative Court against the decision of the Revenue Law Commission, the Supreme Administrative Court initiated a preliminary ruling before the European Court of Justice.

The Court of Justice held that the activities undertaken by Mr. David are exempt from VAT – concluding that, for tax purposes, Bitcoin should be treated as a currency, not as a commodity. Bitcoin transactions are exempt from VAT under the provision regarding transactions relating to “currency, banknotes and coins used as legal tender” of the Directive 2006/112/EC.

The Implications of the General Data Protection Regulation on Cryptocurrencies in the EU

Image credits:

In an effort to harmonize the data protection laws between EU member states, and counter the newly arising data protection challenges of the Digital Era, in May, 2016, the EU published the new General Data Protection Regulation.

Succeeding the two year acclimation period, the GDPR became directly applicable to all EU member states on May 25th, 2018. The goal of the regulation is to affirm the right to the protection of personal data of all citizens of EU member states. Even though at first glance it may seem that the GDPR has nothing to do with cryptocurrency regulation, the law – especially Article 17 of the GDPR – has far-reaching implications on cryptocurrencies and DLT in general.

The notorious right to erasure, or right be forgotten defined in Article 17 of the regulation stipulates that “data subjects shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay.”

The GDPR defines personal data as “any information relating to an identified or identifiable natural person,” data processing as “any operation or set of operations performed upon personal data, such as collection, recording, storage, use, disclosure by transmission or dissemination, erasure, or destruction,” and data processor as the “subject that processes the personal data on behalf of the data controller.”

Upon closer inspection of Article 17 of the GDPR, it becomes obvious that the regulation was designed for a world where data is centrally stored and processed. In the world of permissionless DLT, the right to be forgotten is profoundly inapplicable. The whole point of blockchains and DLT is that they’re immutable, censorship-resistant and do not rely on central authorities. Therefore, the idea that data controllers “shall have the obligation to erase personal data without undue delay” upon the request of data subjects is redundant. In the world of decentralized blockchains, there are no data controllers and data deletion is technically infeasible.

To make things worse, the Opinion 05/2014 of the Article 29 Data Protection Working Party considers hashing and encryption as methods of pseudonymization, and pseudonymized data is still considered private data under GDPR. Basically, this means that the EU regulators regard public keys published on public blockchains as personal data.

Understandably, the GDPR infuriated the international crypto community. Many blockchain projects had to restrict access to EU citizens, and some had to completely shut down their operations because they couldn’t comply with the regulations. Coin Center, a major DC think tank, went public with their disdain for the law and proposed that DLT should be exempt from it:

“That said, we’re optimistic that our European friends will come to see that their legitimate privacy concerns are best addressed not through law, but through decentralizing technology itself.”

Lastly, it’s important to note that the GDPR has extraterritorial applicability, which means that the regulation is applicable on all data processors that process personal data of EU citizens, regardless of their location around the world.

EU’s Overall Political Attitude Towards Cryptocurrencies

So far, we’ve covered all relevant legal documents regarding cryptocurrency regulation on the supranational level. Now let’s analyze EU’s political attitude towards cryptocurrencies in general.

It’s safe to say that European institutions are closely monitoring the development of blockchain and distributed ledger technology in the Union. The common opinion of the EU is that the development of these technologies have a positive impact in the FinTech sector as well as on the economy in general, and the EU has therefore taken a pro-innovation approach towards the advancement of these technologies. Furthermore, EU authorities are of the opinion that early regulation could hinder the development of DLT which is still in its early stages. That being said, EU institutions are focusing on research and support of blockchain innovation through several different initiatives.

One of the most innovation-propelling initiatives by the EU is the recently launched EU Blockchain Observatory and Forum, which strives to monitor the developments and map key blockchain initiatives in Europe and beyond. The Observatory and Forum has two working groups, each of which has 30 members representing 28 nationalities in total.

  • The Blockchain Policy and Framework Conditions working group will primarily focus on the policy and regulatory requirements needed to create the legal predictability necessary for unhindered blockchain innovation in the Union. The group will also work on technological issues such as scalability interoperability, sustainability, and cybersecurity.
  • The Use Cases and Transition Scenarios working group will work on blockchain solutions for the public sector, focusing on applications for government services, health care, and energy. The group will also explore use cases in the FinTech sector and financial services, and analyze transition scenarios such as legacy systems integration.

So far, the EU has spent over €83 million to blockchain related projects and intends to increase these spending to €340 million in the following two years. Accordingly, in December 2017, the European Innovation Council launched the “Blockchains for Social Good” €5 million Horizon Prize reward which aims to attract various stakeholders in the blockchain industry to this innovative topic. As stated by the EIC, the challenge is “to develop scalable, efficient and high-impact decentralized solutions to social innovation challenges leveraging DLT.”

The EU has also kick-started another “sociotechnical exploration” of emerging and potential applications based on DLT for industrial/non-financial sectors. The goal of the #Blockchain4EU initiative is to:

  • map and analyze existing, emerging or potential blockchain and other DLT applications for industry across specific areas;
  • scan for and explore future scenarios of production, distribution and use;
  • identify and assess prospective regulatory actions and broader policy and funding options at business and manufacturing levels.

Additionally, early in 2017, the European Commision created an internal FinTech Task Force with three clear objectives:

  • make sure that all policy work across the board is informed by and takes account of technological innovation;
  • assess whether existing rules and policies are fit for purpose in the digital age; and
  • identify actions and proposals that could harness the potential opportunities FinTech offers while also addressing the possible risks.

According to the Commission, the FinTech Task Force is currently working on the harmonization of existing regulatory frameworks within EU member states.

To sum it all up, the European Union is working hard towards establishing itself as the global leader of blockchain innovation and the place to be for blockchain and DLT related businesses. Several member states such as Germany, Slovenia, Switzerland and Estonia are competing to attract DLT investors and businesses by creating the most optimal regulatory environment, and building and supporting the native blockchain communities.


Legal regulation will always lag behind technological innovation. Blockchains and DLT are at the forefront of technological development, and the issue of creating the optimal normative environment for unhindered technological advancement is a very complicated one. The European Union has been working on this issue at the theoretical level since 2012 and, with the exception of the GDPR, has been making great progress. That being said, different member states – even different institutions within the Union – have conflicting opinions regarding the direction the Union should take while solving this issue.

It remains to be seen whether the EU as a whole will reach consensus on the issue, and whether the EU will achieve its goal and establish itself as a leader in blockchain innovation on the international crypto scene.

Featured image