[ad_1]
To print this article, all you need is to be registered or login on Mondaq.com.
1 Legal and enforcement framework
1.1 What general regulatory regimes and issues should
blockchain developers consider when building the governance
framework for the operation of blockchain/distributed ledger
technology protocols?
Bermuda has a digital asset sector specific legal and regulatory
regime that governs both the issuance of digital assets and the
carrying on of digital asset business activities in and from
Bermuda. The Digital Asset Issuance Act (DAIA)
requires any person seeking to offer digital assets to the public
by way of a new issuance (Digital Asset Issuance)
to obtain the permission of the Bermuda Monetary Authority
(BMA), Bermuda’s financial sector regulator.
The Digital Asset Business Act (DABA) established
a governing framework (DAB Framework) that
regulates the conduct of digital asset business activities in and
from Bermuda and requires any person seeking to conduct digital
asset business activities in or from Bermuda to obtain a licence
from the BMA.
“Digital Assets” are defined as
anything that exists in binary format and comes with the right to
use it and includes a digital representation of value that (a) is
used as a medium of exchange, unit of account, or store of value
and is (b) not legal tender, whether or not denominated in legal
tender, (c) is intended to represent assets such as debt or equity
in the promoter, (d) is otherwise intended to represent any assets
or rights associated with such assets, or (e) is intended to
provide access to an application or service or product by means of
distributed ledger technology, but does not include (x) a
transaction in which a person grants value as part of an affinity
or rewards program, which value cannot be taken from or exchanged
with the person for legal tender, bank credit or any digital asset;
or (y) a digital representation of value issued by or on behalf of
the publisher and used within an online game, game platform, or
family of games sold by the same publisher or offered on the same
game platform.
“Digital Asset Business Activities“
includes:
- Issuing, selling or redeeming virtual coins, tokens or any form
of digital assets - Operating as a payment service provider business utilising
digital assets which includes the provision of services for the
transfer of funds - Operating as a digital asset exchange
- Carrying on digital asset trust services
- Providing custodial wallet services
- Operating as a digital asset derivative exchange provider,
and - Operating as a digital asset services vendor.
1.2 How do the foregoing considerations differ for public and
private blockchains?
The DABA regulates the provision of Digital Asset Business
Activities to the general public, where the word “public”
is deemed to be anyone other than yourself. Further,
“distributed ledger technology” is defined as a database
system in which (a) information is recorded and consensually shared
and synchronised across a network or multiple nodes, and (b) all
copies of the database are regarded as equally authentic. There is
no express differentiation between a public and a private
blockchain, but the DAB Framework follows a proportionality
principle which allows the BMA to assess compliance with the DAB
Framework in a proportionate manner relative to the nature, scale,
complexity and risk profile of the project.
1.3 What general regulatory issues should users of a blockchain
application consider when using a particular blockchain/distributed
ledger protocol?
The DAB Framework is technology agnostic and is focussed on the
ability of the system to comply with the principles set out in the
DABA Code of Practice and Statement of Principles, together with
ancillary regulations, issued by the BMA. Accordingly any developer
seeking to launch a product or service using a particular
blockchain application or distributed ledger protocol should
consider the security of the system and whether it is secure and
flexible enough for them to meet these standards. For users of the
products or services, the fact a digital asset business in Bermuda
is required to be licensed should give a level of comfort to the
stability of the platform being used.
1.4 Which administrative bodies are responsible for enforcing
the applicable laws and regulations? What powers do they have?
The BMA is responsible for regulating and licencing Digital
Asset Issuances and Digital Asset Business Activities. The BMA has
been granted wide-ranging powers of supervision and enforcement
under the DABA and the DAIA. The BMA has the power to compel
production of information and documents, the power to issue
directions that safeguard the interest of the licensee’s
clients and the power to impose restrictions and conditions on
licenses. The BMA has issued numerous documents, including guidance
notes, codes of conduct, statements of principles and information
bulletins, which set out the basic principles on how a digital
asset business (DAB) is expected to conduct
business.
If a DAB does not comply with the DAB Framework, including any
specific BMA requests or directions, the BMA has the power and
authority to impose fines of up to $10,000,000, depending upon the
severity and type of infraction. In the most extreme cases the BMA
may also revoke a DABA license. The BMA will use its enforcement
powers in a manner consistent with the Statement of Principles and
Guidance on the Exercise of Enforcement Powers.1
1.5 What is the regulators’ general approach to
blockchain?
The BMA welcomes and openly engages with persons seeking to use
blockchain thanks to the sector specific legislation and
regulations in place in Bermuda. The BMA have established a FinTech
Team, comprising individuals chosen for their experience in and
knowledge of both the technology sector (blockchain specifically)
and application of regulation, to oversee the application and
implementation of the DAB Framework.
1.6 Are any industry or trade associations influential in the
blockchain space?
The BDA FinTech Legal & Regulatory Sub-Committee comprises
individual lawyers, licensed to provide Bermuda legal advice, who
are proficient and experienced in advising DABs on the DAB
Framework. The Sub-Committee’s core purpose is to provide
collective legal and regulatory feedback on, and propose amendments
to, the DAB Framework and is actively engaged with both the
Government of Bermuda and the BMA to achieve this. It is also used
to seek clarification and certainty from the BMA on its
interpretation and application of the principles that are the
foundation of the DAB Framework.
NEXT is the Bermuda Digital Assets Industry Forum that is an
autonomous industry advocacy group for Bermuda-based digital asset
companies licensed by the BMA providing a collective voice and
opportunities for collaboration within Bermuda and
globally.2
2 Blockchain market
2.1 Which blockchain applications and protocols have become
most embedded in your jurisdiction?
Bermuda is technology agnostic and supports innovation through
the development of all available technologies, including blockchain
applications and protocols. The DAB Framework that governs and
regulates Digital Asset Issuances and the provision of Digital
Asset Business Activities in and from Bermuda is focussed on
minimising fraud, money laundering and terrorist financing whilst
promoting the highest quality of good corporate governance and risk
management across the digital asset sector. It is the purpose and
objectives of, as well as the individuals and organisations that
develop, maintain and promote, blockchain projects that are
important to the BMA, not necessarily the particular technology
being used.
2.2 What potential new applications/protocols are most actively
being explored?
The exploration of new applications/protocols is conducted by
industry participants themselves and not the regulator. With such a
varied number and type of Digital Asset Business Activities already
licensed in Bermuda, and many more in the pipeline, it is
impossible to identify any specific application/protocol that is
being more actively explored than any other. Bermuda has become an
innovation hub with blockchain and the digital asset sector being
only one aspect of this wider sectoral expansion.
2.3 Which industries within your jurisdiction are making
material investments within the blockchain space?
The Bermuda Government together with the Insurance &
Reinsurance, Banking, Digital Asset Business, Trusts & Private
Wealth Management and Fund and Asset Management sectors are making
material investments within the blockchain space.
The Bermuda Government is developing numerous projects that
involve blockchain, including the introduction of a stimulus token
and related infrastructure, including digital ID, in Bermuda to
facilitate the use of digital assets as an accepted method of
payment across the retail sector and Government Agencies. The
digital asset sector is itself also investing heavily in the
development of existing and new technology, as well as the
introduction of new digital asset products and services to the
private and public sectors. Bermuda has the third largest
reinsurance sector in the world after Lloyds of London and New
York, and with the introduction of a regulatory sandbox regime for
the insurance and reinsurance sector in Bermuda we have seen a
massive investment in innovative insurance products and services,
including numerous insurance projects seeking to use blockchain and
smart contracts to increase capacity and delivery of service in the
sector. Bermuda has also seen an increase in the use of fund and
investment management vehicles that hold and manage portfolios or
baskets of digital assets. The Bermuda Stock Exchange has the
accolade of having been the first recognised stock exchange in the
world to list a digital asset exchange traded fund. The trust and
private wealth sector is also investing in blockchain by the
promotion of trust services and family offices, as well as wealth
management services, to those keen for regulated exposure to
Digital Assets. The banking sector has also adapted to the global
attention received by blockchain projects and the issues that exist
in the banking of the digital asset sector. The Bermuda Government
introduced amendments to the Banks and Deposit Companies Act 1999
which provided for banks to obtain a license from the BMA to
provide banking services to persons operating in the digital asset
sector. To date Jewel Bank is the only institution to have been
issued such a license after massive investment of both time and
money in its infrastructure and compliance framework.
2.4 Are any initiatives or governmental programmes in place to
incentivise blockchain development in your jurisdiction?
Bermuda has a number of regulatory sandbox regimes that seeks to
promote innovation and investment across all sectors, including
blockchain, digital assets, insurance & reinsurance, banking
and investment business. Bermuda also has a number of incubators
and accelerators to support innovative entrepreneurs from both home
and abroad, including Innofund and Ignite. InnoFund is a Bermuda
initiative which assists entrepreneurs and their companies by
providing the necessary tools, advice, and capital to grow. They
also provide an incubator which provides access to programming and
the services required to further the growth and development of
technology-based start-ups.3 Ignite Bermuda was created
specifically for local innovators with the drive and commitment to
grow and scale their business or organisation. Ignote have teamed
up with Entrepreneurial Spark to bring a truly global accelerator
model to the ambitious entrepreneurs and community leaders of
Bermuda.4
3 Cryptocurrencies
3.1 How are cryptocurrencies and/or virtual currencies defined
and regulated in your jurisdiction?
Bermuda has introduced an all-encompassing definition of
“Digital Asset” that includes cryptocurrencies and
virtual currencies. The full definition is anything that exists in
binary format and comes with the right to use it and includes a
digital representation of value that (a) is used as a medium of
exchange, unit of account, or store of value and is (b) not legal
tender, whether or not denominated in legal tender, (c) is intended
to represent assets such as debt or equity in the promoter, (d) is
otherwise intended to represent any assets or rights associated
with such assets, or (e) is intended to provide access to an
application or service or product by means of distributed ledger
technology, but does not include (x) a transaction in which a
person grants value as part of an affinity or rewards program,
which value cannot be taken from or exchanged with the person for
legal tender, bank credit or any digital asset; or (y) a digital
representation of value issued by or on behalf of the publisher and
used within an online game, game platform, or family of games sold
by the same publisher or offered on the same game platform. The DAB
Framework does not differentiate between a utility token, NFT,
stablecoin, securities token or cryptocurrency from the perspective
of whether something is a Digital Asset, but it does apply
proportionality principles when assessing each type of Digital
Asset as part of an application by a DAB to conduct either a
Digital Asset Issuance or provide Digital Asset Business Activities
to the public.
3.2 What anti-money laundering provisions apply to
cryptocurrencies?
Persons seeking to conduct either a Digital Asset Issuance or
provide Digital Asset Business Activities to the public in or from
Bermuda are required to establish Anti-Money Laundering and
Anti-Terrorist Financing policies and procedures in accordance with
the DABA, the Proceeds of Crime (Anti-Money Laundering and
Anti-Terrorist Financing Supervision and Enforcement) Act 2008, the
Proceeds of Crime Act 1997, and the Anti-Terrorism (Financial and
Other Measures) Act 2004. These policies and procedures must
include customer due diligence, ongoing monitoring, reporting of
suspicious transactions, record-keeping, internal controls, risk
assessment and management, and the monitoring and management of
compliance with, and internal communication of, these policies and
procedures.
3.3 What consumer protection provisions apply to
cryptocurrencies?
Safeguarding client assets by preventing fraud or
misappropriation is a primary concern of the BMA. Consumer
protection provisions are contained in multiple pieces of
legislation and related regulations and codes of conduct. The DABA
prescribes requirements relating to safeguarding client assets,
whilst the Digital Asset Business Code of Practice sets out the
requirement to ensure that client assets are segregated from those
of the DAB. The Digital Asset Custody Code of Conduct builds on
these principles and provides greater clarity over the standards in
relation to the level of care expected by the BMA in relation to
safeguarding client assets. The DABA also contains provisions that
require the establishments of formal customer complaints policies
and procedures.
3.4 How are cryptocurrencies treated from a tax
perspective?
Bermuda does not impose any tax on the issuance, acquisition,
purchase, subscription, sale or maintenance of digital assets or on
transactions involving digital assets.
3.5 What regulatory requirements apply to a cryptocurrency
trader/exchange?
Any person that provides Digital Asset trading or exchange
services (including Digital Asset derivative exchange services) to
the public in or from Bermuda is required to obtain a Digital Asset
Business licence from the BMA in accordance with the requirements
of the DABA.
3.6 How are initial coin offerings and securities token
offerings defined and regulated in your jurisdiction?
A “digital asset issuance” means an offer to the
public to acquire digital assets or to enter into an agreement to
acquire digital assets at a future date, and “offer, or
offering, via a digital asset issuance” shall be construed
accordingly. Subject to certain limitations and exclusions,
any person that seeks to conduct an initial coin offering or
securities token offering that is captured within this definition
is required to obtain the prior permission of the BMA in accordance
with the DAIA. The DAIA specifies what activities amount to a
digital asset issuance, prohibits such activities other than by
authorised undertakings, lays out the criteria a person must meet
before it can become an authorised undertaking, imposes (and
permits the BMA to impose) certain continuing obligations on any
authorised undertaking, and grants to the BMA supervisory and
enforcement powers over the issuers and/or promoters of digital
asset issuances.
4 Smart contracts
4.1 Can a smart contract satisfy the legal requirements of a
legal contract under the laws of your jurisdiction? What will be
considered when making this determination?
The Electronic Transactions Act 1999 (ETA)
provides that information, which includes data, text, images,
sounds, codes, computer programs, software and databases, shall not
be denied legal effect, validity, admissibility or enforceability
solely on the ground that it is (a) in the form of an electronic
record, or (b) not contained in the electronic record purporting to
give rise to such legal effect, but is referred to in that
electronic record. Where information is required by law to be in
writing or is described in any statutory provision as being
written, that requirement or description is met by an electronic
record if the information contained in the electronic record is
accessible and is capable of retention for subsequent reference. In
any legal proceedings, nothing in the rules of evidence shall apply
so as to deny the admissibility of an electronic record in evidence
solely on the ground that it is an electronic record. Information
in the form of an electronic record will be given due evidential
weight and in assessing the evidential weight of an electronic
record, regard shall be had to (a) the reliability of the manner in
which the electronic record was generated, stored or communicated,
(b) the reliability of the manner in which the integrity of the
information was maintained, (c) the manner in which the originator
was identified, and any other relevant factor. Accordingly,
provided the principles of contract law are met and the subject of
the contract does not otherwise offend the laws of Bermuda, a smart
contract should be recognised under Bermuda law, subject to
evidence to the contrary, as a legally binding contract between the
parties to which the smart contract relates.
It should also be noted that in 2020, the Bermuda Government
signed a Memorandum of Understanding (“MoU”) with The
Proof of Trust, a globally patented smart contract validation and
automated dispute resolution technology Company5. This
MoU enables the Bermuda Government to explore, develop applications
and adopt smart contract technology.
4.2 Are there any regulatory or governmental guidelines or
policies within your jurisdiction which provide guidance on
regulating/defining smart contracts?
Whilst the principles and guidelines applicable to the conduct
of Digital Asset Issuances and provision of Digital Asset Business
Activities to the public in and from Bermuda do not expressly
reference smart contracts, they do contain the standards and
requirements that any Digital Asset project must adhere to for the
purposes of compliance with the DAB Framework. DABs must ensure
that any use and involvement of smart contracts in a project will
not adversely affect the DABs ability to comply with the DABA
Framework. Conversely, smart contracts would be a welcome addition
if they can be shown to assist or increase in a DABs ability to
comply. Of importance is the ability to ensure the smart contract
is auditable so that its purpose and terms can be understood and
verified.
4.3 What parts of traditional contract might smart contracts be
able to replace?
The ETA was designed to facilitate electronic transactions on a
technology neutral basis by means of reliable electronic records.
Accordingly, other than the creation, execution or revocation of a
will or testamentary instrument or the conveyance of real property
or the transfer of any interest in real property, provided the
criteria set out under the ETA are met, any transaction or contract
has the ability to be carried out by electronic means in Bermuda.
It is generally accepted that aspects of contracts which require
third party involvement may be replaceable by smart contract.
Escrow arrangements and notification provisions are two obvious
examples. Certain insurance contracts can also be improved upon by
the use of smart contracts where trigger events and pay-outs can be
hardcoded.
4.4 What parts of traditional contracts might smart contracts
be unable to replace?
The creation, execution or revocation of a will or testamentary
instrument or the conveyance of real property or the transfer of
any interest in real property are excluded from the ETA.
Due to their self-executing nature, the possible outcomes of a
smart contract are typically limited to being binary. The risks of
an unintended outcome can be high if the smart contract itself
contains errors or has not been properly coded. In addition, common
yet subjective terms (such as ‘good faith’) are incapable
of being incorporated into smart contracts.
4.5 What issues might present themselves in your jurisdiction
with regard to judicial enforcement of smart contracts?
No specific issues have presented themselves before the Courts
in Bermuda. However, if the smart contract has not been coded,
prepared or established with the basic principles of contract law,
the ETA, the DAIA or the DABA in mind, there may be issues
surrounding the validity and enforceability of the underlying
contract. Also, issues that might arise may centre on the way in
which a smart contract might be undone or amended. There may also
be jurisdictional issues, where it is not easy to identify the
location of a particular digital asset.
4.6 What are some practical considerations that parties should
consider when drafting a smart contract?
It is important to consider the ability to audit the smart
contract and the method for evidencing acceptance of its terms. The
ability of anyone to evidence and prove that they are legally
entitled to the rights attached to the smart contract is also
something to be considered.
4.7 How will the foregoing considerations differ when smart
contracts are running on a private versus public blockchain?
The same principles of contract law apply when considering
validity and enforceability.
5 Data and privacy
5.1 What specific challenges or concerns does blockchain
present from a data protection/privacy perspective?
Bermuda has introduced legislation to provide for the protection
of personal and sensitive personal information. Whilst not yet
fully enacted, the Personal Information Protection Act
(PIPA) sets out the standards required of all
organisations in Bermuda that use personal or sensitive personal
information. It also introduced a regulatory and oversight function
administered by the Office of the Privacy Commissioner for
Bermuda.
Given a blockchain’s immutable nature, a particular
challenge that may arise will be in respect of an individual’s
right to have their personal information erased by an organisation
in certain circumstances under PIPA – since an individual could
find their personal data recorded on a blockchain forever.
5.2 What potential advantages can blockchain offer in the data
protection/privacy context?
The area of data protection/privacy that blockchain can likely
have the biggest positive impact in is the recording and retention
of anonymised data. Being able to continuously update and record
important records and statistics (i.e. medical journals, government
statistics) could offer the ability to ensure statistics are
public, easily accessible, auditable and at the same time secure
and un-editable. This has many potential benefits, one of which
being that a person does not need to rely a on a third party to
provide safe keeping of important records.
6 Cybersecurity
6.1 What specific challenges or concerns does blockchain
present from a cybersecurity perspective?
DABs are susceptible to cyber threats or systems failures.
However, these concerns are mitigated as a DAB must have a
comprehensive cyber security programme which is governed by the
Digital Asset Business (Cybersecurity) Rules 2018
(“Cybersecurity Rules”) and the DABA Code of Practice.
The DAB must have a comprehensive security programme that is
proportionate to the nature, scale, complexity, and risk profile of
the business. They must also implement a written cyber security
policy which must address the following:
- Information security;
- Data governance and classification;
- Access controls;
- Business continuity and disaster recovery planning and
resources; - Capacity and performance planning;
- Systems operations and availability concerns;
- Systems and network security;
- Systems and application development and quality assurance;
- Physical security and environmental controls;
- Customer data privacy;
- Vendor and third-party service provider management;
- Monitoring and implementation of changes to core protocols not
directly controlled by the DABs; and - Incident response.
6.2 What potential advantages can blockchain offer in the
cybersecurity context?
Blockchain applications offer the following major advantages in
the cybersecurity context:
- Secure data storage and processing
Blockchain records are immutable and any change recorded on the
blockchain is transparent and non-removable. Therefore, data stored
on a blockchain is protected better than traditional digital or
paper-based records. - Transfer of data in a secure manner:
The blockchain enables fast and secure transactions of data and
finances. Features like smart contracts allow for automatic
execution of agreements between several parties. - Traceability/transparency
All blockchain transactions are digitally signed and time-stamped,
so participants can trace transaction history and track accounts at
a point in time. - User confidentiality
The confidentiality of blockchain network participants is high due
to the public key cryptography that authenticates users. - No single point of failure
Permissionless blockchains are decentralised so the failure or
compromise of a single node will not compromise the operation or
security of the blockchain as a whole.
6.3 What tools and measures could be implemented to mitigate
cybersecurity risk?
The most effective tool we are aware of that can help to
mitigate cyber security risk (in all blockchains but specifically
in new and therefore more centralised chains) are security audits.
The comprehensive cyber security programme a DAB must have in line
with the Cybersecurity Rules and the DABA Code of Practice is to
set out and include the protocol for audits of their systems.
7 Intellectual property
7.1 What specific challenges or concerns does blockchain
present from an IP perspective?
One challenge for IP is that different protocols can involve IP
in different ways from code to branding. For decentralised
projects, it is not always clear where the ownership of the
relevant IP sits.
7.2 What type of IP protection can blockchain developers
obtain?
IP protection in Bermuda is available through sophisticated IP
legislation for trademarks, patents, copyright, and designs. Any
Bermuda entity looking to register any intellectual property in
Bermuda will also need to consider the potential impact of the
Economic Substance Act 2018 and whether it has to demonstrate
substance in Bermuda.
7.3 What are the best open-source platforms that could be used
to protect developers’ innovations?
We cannot recommend a specific open-sourced platform.
7.4 What potential advantages can blockchain offer in the IP
context?
Blockchain technology is already transforming the way
intellectual property rights are recorded or evidenced. An example
of this is the popularity of NFTs. While they were initially used
to represent digital artwork, their use in other industries (for
example the hospitality and gaming industries) is increasing as a
way of providing digital identifiability and authenticity for
property of all varieties.
8 Trends and predictions
8.1 How do you think the regulatory landscape in your
jurisdiction will evolve in the blockchain space over the next two
years? Are any pending changes currently being considered?
Bermuda has proven itself to have a robust regulatory regime
that has helped protect both the jurisdiction and its licensed
digital asset businesses from recent turmoil in the sector. The
continued open dialogue between the Bermuda government, the BMA and
the industry has allowed solid progress to be made to improve the
DABA and DAIA regimes with a view to the Bermuda regulation
continuing to be fit for the nature, scale, complexity, and risk
profile of business in the blockchain sector. As the world settles
in to understanding the true potential of the underlying technology
and the risks it brings, we expect to see an increased interest in
the DABA and DAIA regimes from credible and legitimate projects
seeking certainty and legitimacy through compliance with the
standards set by Bermuda. There is also likely to be more focus on
consumer protection and, through collaboration with Bermuda’s
insurance and reinsurance sectors, the availability of insurance
for licensed businesses.
8.2 What regulatory changes would you like your jurisdiction to
implement to further advance the blockchain industry?
The DABA and DAIA are solid pieces of legislation that give
certainty to the regulation of digital asset businesses in Bermuda.
Industry groups, the Government and the BMA are constantly looking
at ways in which to improve the regimes and to provide solutions to
new and innovative projects. This cuts across both the legislative
and regulatory infrastructure as well as the implementation of
actual technology in Government and across the island. There are
several projects underway to help advance the blockchain sector and
we expect to see continual improvement throughout the coming
year.
8.3 What is the largest impediment within your jurisdiction to
the adoption of blockchain technology?
There is no one impediment to the adoption of blockchain in
Bermuda. The areas that will need consideration before adoption in
certain areas include land title registration and the issuance and
transfer of securities of Bermuda companies. These are subject to
specific rules and permissions that would require development of a
blockchain protocol and related smart contracts for it to be
workable under these existing rules.
9 Tips and traps
9.1 What are your top tips for effective use of blockchain
technologies in your jurisdiction and what potential sticking
points would you highlight?
The most important factor when considering offering blockchain
technology to the public in or from Bermuda is to understand the
potential impact of the DABA and DAIA. We would always recommend
obtaining product specific advice as a first step to understand the
regulatory implications of the product or services before
undertaking any blockchain related activities.
Footnotes
2. NEXT – Bermuda Digital Assets
Industry Forum
3. InnoFund | Bermuda | Incubator &
Accelerator
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
[ad_2]
Source link
