Austria: FMA publishes guidance on ICOs and token classification

The guidelines are available on the FMA's FinTech Navigator under https://www.fma.gv.at/en/cross-sectoral-topics/fintech-navigator/initial-coin-offering/ (currently German only) and intend to provide clarification on the FMA's view on "Crypto Assets", the term that the FMA uses for virtual currencies, coins and tokens.

What are ICOs?

The FMA confirms its understanding that ICOs typically

• are transactions that aim at financing companies or projects by employing Distributed Ledger Technology (DLT), aka Blockchain technology through
   
• Crypto Assets such as Bitcoin, Ether or similar/other coins and tokens provided in exchange for a coin or token of the issuer representing a participation in the issuer's capital, a dividend right or which is otherwise linked to the relevant company/project.

This understanding is generally in line with market practice.

Which regulatory requirements need to be considered when launching an ICO in Austria?

Since ICOs can be structured in very different manners, the FMA has confirmed that the regulatory aspects of ICOs need to be assessed on a case-by-case basis. In its guidelines, the FMA has provided a comprehensive overview of potential regulatory areas that need to be analysed before launching an ICO. The overview reads like a who's who of regulatory laws:

• ICOs may trigger licensing requirements under the Austrian Banking Act, e.g. taking deposits, issuing means of payment, underwriting or holding securities for third parties.
   
• Coins or tokens issued in an ICO may qualify as transferable securities within the meaning of European securities legislation such as MiFID2. In such a case, services rendered in relation to an ICO may require a respective investment firm licence.
   
• An offering of tokens that qualify as transferable securities or investments (Veranlagungen; a local Austrian securities law concept) may require a prospectus pursuant to the Austrian Capital Markets Act.
   
• Crypto assets that perform a payment function may fall under the scope of the Payment Services Act implementing PSD2.
   
• An ICO may also fall in the scope of the Alternative Investment Fund Managers Act, in particular if Crypto Assets raised are used for investment for the benefit of their holders in accordance with a predefined investment strategy (in that respect, the FMA has previously also mentioned that raising funds for Bitcoin mining also qualifies as funds raised for investment).
   
• Lastly, the FMA has clarified that services provided in the course of an ICO may also trigger applicable Know-Your-Customer / Anti-Money Laundering requirements, for example, in connection with the provision of wallet services and token exchanges.

Regulatory qualification of coins/tokens

Interestingly, the FMA has followed an approach taken by other regulators (such as FINMA in Switzerland) and offered guidance on the regulatory qualification of crypto coins and tokens. In line with market practice, the FMA distinguishes broadly (and without prejudice) between the following three basic categories of tokens: (i) security / investment token, (i) payment / currency token, and (iii) utility token.

Security tokens confer a right of payment against an issuer, either on a corporate basis (e.g. dividends) or a contractual basis (e.g. repayment of principal/interest under a loan). They are thus very similar to traditional debt or equities. It is irrelevant that the payment is made in fiat currency. Security tokens are subject in particular to the following regulations:

• Issuers need to assess whether a security token triggers prospectus requirements under the Austrian Capital Markets Act.
   
• Exchanges need to assess whether a licence is required to operate a trading platform.
   
• Service providers need to assess whether they are rendering licensed banking/investment services.
   
• Custodians of security tokens (e.g. trustees) need to assess whether a banking licence is required, as taking securities into custody on a commercial basis requires a banking licence.

Payment tokens primarily perform a payment function for a larger group of persons. Issuance of payment tokens may require a banking licence (issuance of means of payment), a licence under the E-Money Act or a licence under the Payment Services Act. The FMA will assess the regulatory implications on the basis of the following questions:

• Who is the issuer of / generates the payment token?
   
• Do third parties accept the payment token for payment of their goods or services?
   
• How large is the network within which the payment token is accepted?
   
• Are pay-outs in fiat currency possible?

Utility tokens are primarily used in connection with certain products or services. If the token can only be used for a very limited range of products or services (e.g. on a single platform) and if it does not confer any other rights, it appears very similar to a voucher and shall not be subject to any regulatory regime. If it can (also) be used for payment, however, the regulatory implications set out for payment tokens must be considered. If the utility token has an investment function – in particular if it confers a right to payment of capital, interest or similar – the regulatory implications for security tokens may be relevant.

Target market concept

As ICOs are typically offered via the internet in a large number of countries, the FMA has clarified when an offer is deemed to be made in Austria. In line with previous regulatory practice, an offer must be targeted at the Austrian market ("target market concept"). In order to assess whether this will be the case, several elements will be taken into account, for example, whether advertising is being placed in Austrian media, whether there is a contact person or a distribution network in Austria, which law the contract is subject to, which language is used or whether there is a general specific reference to Austria. Appropriate technical precautions such as website blockers and clear disclaimers would be required to rebut the presumption that an offer is (also) targeted at the Austrian market.

Change of token

In practice, tokens are often offered with a certain initial classification which changes over time, for instance, to reflect changes of the issuer's business model. In addition to civil law issues, any subsequent changes can also affect the regulatory treatment of a token and impact on the licensing status of any service providers.

In addition, ICOs often take place in different phases. An offer frequently is made to institutional or major investors (pre- or private sale) before launching the actual ICO. While such pre-offers may be exempt from prospectus requirements, the actual ICO triggers a prospectus if the tokens offered classify as securities, as there will often be no prospectus exemptions. After the end of the ICO, changes in the business model are generally irrelevant from a prospectus law point of view, but can result in civil or criminal consequences. As long as the ICO is still open to the public, however, the prospectus must be supplemented (updated) to reflect any major developments. In addition, care must be taken to ensure that an offer to amend contract terms can also trigger a public offer and thus in turn a prospectus obligation.

Licensing requirements always exist as long as a regulated activity is carried out. For example, if a change in the business model results in a utility token (without an investment function) becoming a security token, this may require service providers to update their licensing status, e.g. for a trading platform if regulated investment services are provided.

Our view

All in all, the new guidelines are certainly helpful to practitioners, as they provide clarity in understanding the FMA's approach to ICOs. Still, as ICOs by their nature come in a variety of functionalities or specifications, each ICO should be assessed on a case-by-case basis and discussed with the FMA prior to its launch.