The last year has seen an unprecedented number of institutions turning their attention to onchain opportunities, and there are many financial organizations eager to offer a variety of Web3 products and services to these investors. However, a significant hurdle is the patchwork regulation of crypto-assets at a global scale.
Generally, national regulators aim to protect investors in the crypto markets, maintain stability within both the blockchain industry as well as the broader financial system, and provide legal clarity to operators within the onchain ecosystem. At the same time, they seek to foster the growth of the Web3 industry, support innovation, and promote the adoption of regulated assets.
In this article, we’ll look at the state of stablecoin regulation in two jurisdictions taking differing approaches to the matter: Singapore and the European Union.
Crypto-Asset Definitions and Classifications
One primary challenge for various regulators is appropriately defining and classifying crypto-assets. This is a brand-new asset class and existing frameworks do not always suit digital asset platforms, products, and services.
Many regulators begin by distinguishing stablecoins from other crypto-assets or tokens. This distinction helps allocate regulatory responsibilities within a region or country: typically, banking or monetary authorities oversee stablecoins, while securities or other regulatory bodies handle different types of tokens.
For instance, in Hong Kong, the Monetary Authority oversees stablecoins, whereas the Hong Kong Securities and Futures Commission manages other token types. Conversely, the European Commission involves all relevant regulators—including ESMA, EBA, EIOPA, and the ECB—in crafting the Digital Financial Package. This EU regulatory framework includes the Markets in Crypto-Assets Regulation (MiCA), among other measures.
Similarly, Singapore's Monetary Authority (MAS) – on whose International Technology Advisory Panel sits CertiK co-founder Prof. Ronghui Gu – is crafting a comprehensive regulatory framework for all "digital payment tokens" (DPT).
A subsequent step for regulators is to differentiate stablecoins based on their backing: those backed by a single fiat currency (termed “E-Money Tokens” in the EU's MiCA and “Single-Currency Stablecoins” by the MAS) and those maintaining stable value by referencing multiple fiat currencies, commodities, or one or several crypto-assets (termed “Asset-Referenced Tokens” in the EU's MiCA and “Digital Payment Tokens” by the MAS).
Regulation of Stablecoin Issuers in the EU and Singapore
In the following table, we summarize how stablecoin issuers, specifically those issuing tokens pegged to a single fiat currency, are regulated in Europe and Singapore.
Singapore completed its consultations on the "Proposed Regulatory Measures for Digital Payment Token Services" and the "Proposed Regulatory Approach for Stablecoin" in the second half of 2023. However, the results are yet to be officially incorporated into the Payment Services Act framework.
Similarly, the European Securities and Markets Authority (ESMA) is currently finalizing the third consultation package to support the Markets in Crypto-Assets (MiCA) regulation, with completion expected in the first quarter of 2024.
| Europe | Singapore | |
|---|---|---|
| Regulatory Framework | Digital Finance Package (incl. MiCA, DORA, etc.) | Payment Services Act (incl. Consultations on Digital Payment Token Services and Stablecoin-Related Activities) |
| Regulators | ESMA (European Securities and Markets Authority), EBA (European Banking Authority) under supervision of EU Commission | MAS (Monetary Authority of Singapore) |
| Stablecoin Definitions | E-money token (EMT): stable value by referencing one official currency | Single-currency pegged stablecoins (SCS): pegged to SGD or any G10 currency |
| License / Registration | Issuers must register with ESMA (pending setup) | License required (MPI or SPI) for SCS issuers; lists of licensees available here |
| Issuance by Financial Institutions | Only credit and electronic money institutions can issue EMTs | No specific issuer requirements for banks; banks issuing SCS by tokenizing liabilities must comply with the Banking Act |
| Issuance & Proof of Reserves | General requirements on reserve assets (MiCA ref. to Titles III of Directive 2009/110/EC). For significant EMT, and also non-significant upon authority indications, MiCA Art. 36-38 apply. Independent audit on reserve assets at least every 6 months (MiCA Art. 36). Custody of reserve assets (MiCA Art. 37). Investments of reserve assets (MiCA Art. 38) | Under Proposed Regulatory Approach for Stablecoin (4.13 to 4.16): General requirements on reserve assets (N.B. MAS-regulated SCS can be only pegged by Singapore dollar or Group of Ten (G10) currencies). Monthly attestation on reserve requirements. Independent audit on reserve assets at least every year. |
| Redemption / Withdrawal | Right to redeem at any time, at par value; detailed redemption plans required (MiCA Art. 49,53) | Right to redeem at any time, at par value; details regulated under Proposed Regulatory Approach (4.17, 4.18) |
| Whitepaper / Disclosure | Whitepapers generally not subject to approval by authorities; but content, format, and publishing are subject to certain requirements (MiCA Art. 48, 51, 52) | Under Proposed Regulatory Approach for Stablecoins (4.19): Contents and publishing of whitepaper are subject to requirements, including Notice on Conduct and Notice on Disclosures and Communications |
| Prudential / Financial Requirements | Titles II of Directive 2009/110/EC describing general prudential rules, own requirements, safeguards, etc. Referenced in Directive 2007/64/EC, Art. 17 on statutory audit | Under Proposed Regulatory Approach for Stablecoin (4.20, 4.21): Business restrictions: activities introducing additional risk are not allowed. Guidelines on Licensing for Payment Service Providers includes auditing requirements. Notice on Submission of Regulatory Returns and Notice on Submission of Statement of Transactions and Profit/Loss describe indications and forms for periodical financial reporting |
| AML/CFT | Comprehensive AML/CFT framework under Directive (EU) 2015/849 includes provisions relating to customer due diligence (simplified and enhanced); reliance on third parties (for CDD or transaction monitoring); value transfer responsibilities for ordering, beneficiary and intermediary institutions; suspicious transaction reporting; prohibition of disclosure (to customer and other third party of AML/CFT info and activities); data protection, record retention and statistical data; sanctions | All requirements applicable to regulated payment service providers and banks; all requirements applicable to regulated payment service providers and banks, including: customer due diligence requirements (simplified and enhanced), reliance on third parties (for CDD or transaction monitoring); value transfer responsibilities for ordering, beneficiary and intermediary institutions; suspicious transaction reporting |
| General Technology and Cyber Risk Management | Digital Operational Resiliency Act requirements; additional credit and e-money institution frameworks | Comprehensive risk management practices regulated under PS Act Guidelines on Risk Management Practices – Technology Risk; includes ICT risk management, IT project management and security-by-design, SDLC, IT resilience, access control, cryptography, data and infrastructure security, and online financial services. PSN06 Cyber Hygiene regulation touches on administrator accounts, security patches, network perimeter defense, malware protection, and multi-factor authentication (MFA) |
| Marketing / Promotion | Article 53 regulations on marketing content; potential authority notification | Guidelines on Provision of Digital Payment Token Services to the Public [PS-G02] stipulates that promotion in public areas of DPTs and DPT-related products is not allowed (incl. provision of DPT services, e.g. ATMs); promotion can be done on issuer website or social media accounts; must not trivialize the risks of DPTs. The Notice on Disclosures and Communications also requires risk warnings to be displayed to customers |
| Outsourcing | Management of ICT third-party risk under Digital Operational Resiliency Act | Detailed third-party risk management practices; includes guidelines on outsourcing, especially cloud services |
| Fit and Proper Criteria | Criteria mentioned under Directive 2009/110/EC; applicable to authorized institutions | Guidelines on Fit and Proper Criteria provide definitions for honesty, integrity, competence, and financial soundness |
| Fraud Detection and User Transaction Protection | Not explicitly mentioned in MiCA | Guidelines for E-Payments User Protection guards against unauthorized transactions; Notice on Conduct includes provisions for record keeping and receipt issuance |
| Restrictions and Limits | Art. 23 (and 22, and 24(3)) valid for EMT denominated in a currency that is not an official currency of a Member State (MiCA Art. 58). Restriction on issuance if estimated quarterly average number transactions >1 million and average aggregate value of transactions per day associated to its uses as a means of exchange within a single currency area >EUR200M (MiCA Art. 23). Prohibition on granting interests in relation to EMT (MiCA Art. 50) | Not explicitly mentioned |
| Complaints Handling | Not explicitly mentioned in MiCA | Under Proposed Regulatory Approach for Stablecoin (4.26-4.28) processes and requirements to manage users' complaints (and in Response to Consultation Part 2, 3.27) |
Regulatory frameworks in Europe and Singapore share core goals: protecting consumers, ensuring financial stability, and maintaining market integrity. However, certain definitions as well as approaches to enforcement differ.
In Europe, only credit institutions and electronic money institutions are permitted to issue E-Money tokens. Regulators initially assess compliance through whitepapers and subsequently conduct further verifications, potentially through dedicated investigations yet to be specified.
Conversely, in Singapore, the need for a Payment Institution license means regulators verify compliance immediately when an issuer applies for a license to issue MAS-regulated Single-Currency Stablecoins. This difference stems from Singapore's broader eligibility for potential issuers, with reduced requirements for banks holding a banking license, whereas Europe limits issuance to already accredited institutions within existing regulatory frameworks.
As the global regulatory landscape for digital currencies continues to evolve, ongoing collaboration and dialogue among stakeholders are crucial. This ensures regulatory frameworks effectively protect consumers and maintain market and financial integrity while fostering innovation in the stablecoin sector. CertiK will continue to monitor these regulatory frameworks, among others globally, to offer insights and guidance on the evolving oversight of stablecoins and other digital assets.
