The WFE responded to the European Commission’s consultation paper on the EU regulatory framework for crypto assets.
The WFE response can be summarised as follows:
- The WFE believes there could be value in adopting a single EU classification which covers both digital assets and crypto assets, as a subcategory. Such a categorisation should, however, be mindful of any forthcoming international classification and have the ability to absorb and adopt it. It should take the form of guidance, to provide clarity, which also enables individual jurisdictions the right level of autonomy to properly and appropriately safeguard and manage the requirements of their local market structure, whilst also enabling regulatory deference in the regulation of digital and crypto assets in third country jurisdictions.
- The WFE supports the creation of a classification of crypto assets at the EU level, noting that providing clarity around classification would help to build consensus and create harmony within the member states of the EU, as well as with other jurisdictions globally. The WFE advises that the definitions be based on the value of the assets represented, and should avoid overly detailed ‘technical’ definitions.
- The WFE continues to highlight the importance of distinguishing between so-called ‘crypto asset exchanges’ and the regulated, secure and lit markets that established exchanges provide.
- With regards to Distributed Ledger Technology (DLT), the WFE argues that, whilst its members are exploring the feasibility of DLT to provide enhanced, safer and more efficient marketplaces - for example, by reducing operating costs and speeding up settlement - policy makers should be mindful of the purpose and functions undertaken by exchanges and CCPs, and that DLT cannot replace the core functions performed by those market infrastructures.
In addition, the WFE responded to the EU Commission’s consultation paper on Digital Operational Resilience Framework for financial services: Making the EU financial sector more secure.
The WFE’s response covers a number of key areas including:
- Information and communications technology (ICT) and security risk management framework based on key common principles: The WFE believes that internationally recognised common principles and standards are key to ensuring that the global markets and firms which engage with the EU, and beyond, are well positioned to understand the requirements that are made of them. The consideration of existing frameworks, such as NIST and ISO, would be key for compliance with any such proposal.
- ICT and security incident reporting: The WFE notes that market infrastructures in the EU are currently subject to strict incident reporting requirements, mandated by the National Competent Authority (NCA) in the jurisdiction they operate. Changing the approach to create a centralised, harmonised reporting structure for the EU might introduce problems due to a potential lack of background information or context and non-familiarity with local markets. The WFE is, however, supportive of a move towards harmonising security testing requirements, given the cross-border nature of the threat and the likelihood of an organisation needing to operate in more than one jurisdiction. The WFE would also support efforts to promote an international standard (i.e. one that is globally applicable and adoptable) for security-testing requirements, based on a principles- and outcomes-based approach.
- Communication between supervisors: Whilst the WFE supports the sharing of information between public authorities, it advocates that this be ad hoc, high-level and thematic, rather than a standing mechanism to exchange detailed reports, incident by incident. It argues that the former would not only be more effective but also would not run against confidentiality requirements (with respect to reporting financial entities).