Our crypto lawyers have extensive experience in assisting some of Estonia’s most innovative and ambitious FinTech projects. Our assistance in the crypto field is far-ranging: from ensuring the legal compliance of business models to refining the specific contractual conditions in order to maximize the potential of the technology. We aim to keep ahead of the trends and have a broad understanding of the different models used in practice – Hedman started with ICOs, moved to NFTs, and is now advising on DAOs and Markets in Crypto-Assets Regulation (MICA). We have proudly grown to be active community members, participating even in the development of legislation regulating crypto.
Among else, our repertoire includes:
ICOs and STOs
- Advising many innovative projects that have successfully carried out their token offerings (client example);
- Tokenized coins or security offerings to the public are the most recent approach to carrying out crowdfunding, enabling to raise funds worldwide while also gaining loyal early adopters of the technology in the form of token purchasers.
NFT
- Advising with launching an NFT-trading platform and other questions related to trading and offering of NFT-s.
Crypto-asset service licenses
- Providing legal certainty regarding crypto-asset service licenses under MICA;
- Helping many foreign projects without any prior link to Estonia to conveniently establish their operations in Estonia and successfully commence providing their services all over Europe.
Regulatory compliance of blockchain-based business models
- Helping innovative business models to thrive in Estonia thanks to carefully designing the services to fit into the existing legal framework;
- Tokenizing the copyright royalty payments and setting up a blockchain-based system for frictionless and liquid real estate investment platforms;
- Preparing a legal opinion on the nature and legal compliance of the service.
WEB 3.0 and Decentralised Solutions (DAO, DeFi)
- Advising on structuring and compliance of the latest innovative blockchain-based solutions;
- Participating in the establishment and development of the WEB 3.0 systems in Estonia.
In addition, we assist with all other relevant issues, such as:
- Anti-Money Laundering (AML) and Know-Your-Customer (KYC) rules;
- Financial and payment services activity permits;
- Setting up crowdfunding platforms or projects.
Frequently Asked Questions
Do I need a license if I offer a cryptocurrency related service?
Cryptocurrencies are one of the most legislatively fragmented markets in Estonia. Because of that, there is no definitive answer, and many service providers need to acquire one or several licenses, while others can operate on an unregulated market entirely.
According to the analysis of the Financial Supervision Authority of Estonia, determining the licensing obligation starts with deciding whether the coin gives its owner an expectation of income or a voting right (similar to the voting right of a shareholder).
There are three main possibilities if the coin does not give any such right:
- the service is aimed at enabling transfer/storage/exchange/etc of virtual currency (e.g Bitcoin). In this case, you would need either a virtual currency wallet service or a virtual currency exchange service license;
- organisation and offering of financial services, if related to ICO’s is regulated as a virtual currency service;
- the coin is issued without any promise of income, voting right, or any other benefit. In that case, it is possible that such an issue would be considered as a donation and would not be regulated;
- the coin gives a right to use/access a certain service. In most cases, this activity would not be regulated and the standard provisions of the Law of Obligations would apply.
In case the coin does give a promise of future income or a voting right, then it is necessary to consider, whether:
- the coin has the qualities of traditional security. If yes, then a sufficiently large public offering (€1 00 000) would bring about an obligation to issue a prospectus;
- the ICO organizer invests the acquired funds under a certain investment policy. In that case, it is possible that the undertaking would be classified as an investment fund with the consequent obligation of appointing a licensed fund manager;
- the ICO organizer uses the acquired funds to issue loans in its name while promising the coin holder returns on interest. Such activity would potentially qualify as activity of a credit institution and necessitates a license from the Financial Supervision Authority.
How to set up a crypto company with an Estonian license?
You (or rather your company) need to apply for a license with the Estonian Financial Intelligence Unit (FIU). The application fee amounts to 10 000 EUR and the procedure can last up to 2 months (in certain cases up to 4 months). During the procedure, any new service providers are required to provide several AML documents and confirmations.
The documents include, but are not limited to:
- ID documents of managers, direct owners, beneficial owners;
- company managers’ CVs with proof of acquired qualifications;
- confirmations on lack of previous criminal record of managers, direct owners, the beneficial owner;
- information on shareholdings in other companies;
- information on internal and external auditors of the company;
- documentation on the internal AML/KYC procedures of the company;
- information on bank/payment accounts belonging to the company;
- business plan of the company;
- document on IT solutions used to comply with the obligations for provision of service.
To be compliant with the requirements of the law the company must be managed from Estonia. Meaning the majority of the management board must reside in Estonia. Managers of the company must have experience in crypto or adjacent fields and have higher education.
In addition to that, it is necessary to have a registered bank account with a credit institution within the EEC. The company must have a share capital of 100 000 – 250 000 euros, depending on the offered service type.
What is the difference between cryptocurrency wallet, cryptocurrency exchange, transfer and ICO services?
When applying for a license, it is necessary to determine the exact service that you intend on offering.
As per Estonian legislation, there are four types of cryptocurrency services:
- virtual currency wallet service, and
- virtual currency exchange service, and
- virtual currency transfer service, and
- arranging for a public or directed offer or sale or providing a financial service in connection with the issuance of a virtual currency.
The wallet service is defined as “a service in the framework of which keys are generated for customers or customers’ encrypted keys are kept, which can be used for the purpose of keeping, storing and transferring virtual currencies”.
The exchange service has the following definition: “a service with the help of which a person exchanges a virtual currency against a fiat currency or a fiat currency against a virtual currency or a virtual currency against another virtual currency”.
The virtual currency transfer service means a service that allows a transaction to be made at least in part electronically through a virtual currency service provider on behalf of the originator for the purpose of transferring the virtual currency to the recipient’s virtual currency wallet or account, regardless of whether the originator and the recipient are the same person or whether the originator and the recipient use the same service provider.
The last service type concerns the organisation of an ICO as a service to third parties. The international standards issued by FATF (Financial Action Task Force) have clarified that: the sole act of issuing a virtual currency, entirely on its own, is not a covered service under the virtual currency service definition.
However, any persons which conduct the exchange and transfer of the issued virtual currencies as a business for or on behalf of another person would be a covered service, as would the participation in and the provision of financial services related to any ICO associated with the issuance.
The discrete act of creating virtual currency software to issue a virtual currency does not make the creator a virtual currency service provider, unless the creator also performs the covered functions mentioned in the definition as a business for or on behalf of another person.
Are decentralised services regulated?
In the latest round of discussions surrounding a reform of virtual currency regulation, the government made the following statement: Estonian legislation is not able to effectively cover the range of obliged persons in decentralised solutions. The draft does not aim to cover services and technological solutions, nor their creation and development, which are not intended to provide any of the services set out in the RahaPTS.
The amendment must be read in conjunction with the existing criteria for the definition of a service provider:
- the service provider is a person (not a group of persons);
- the provision of the service must take place within the framework of the economic, professional or trade activity of the person.
What are the potential obligations of a virtual currency service provider?
Any of the virtual currency service providers is considered an obligated entity under the AML (anti-money laundering) regulation of Estonia. This means that such an entity has an obligation of establishing and applying its own rules of procedure.
These rules must comply with a comprehensive set of standards set by the Estonian legislation, which is in turn based on the best EU and international practice.
Some of the examples of such obligations include:
- a requirement to identify the personality of the client through a KYC process;
- a requirement to establish a risk assessment for identifying the acceptable and unacceptable AML/terrorist financing risks;
- a requirement to monitor the new and existing client relationships on the subject of their compliance with the risk assessment and rules of procedure;
- a requirement to appoint a compliance officer, who oversees communication with the authorities on the matters of suspicious activity;
- a requirement to gather and store any relevant information pertaining to the relationship with the client;
- an obligation to update the existing rules with any changes to active legislation.