IOSCO Proposes Policy Recommendations for the Regulation of Crypto Markets | JD Supra

Key points

  • Many of IOSCO's recommendations reflect the regulatory regimes for crypto assets in the EU and the UK, but reflect a broader consensus among regulators, including the SEC and CFTC, which are members of IOSCO.
  • The recommendations focus on crypto asset service providers and cover issues such as conflicts of interest, market conduct and the protection of client assets.
  • The proposed listing requirements leave open who should be responsible for disclosures related to crypto assets when the issuer cannot be identified.

In May 2023, the board of the International Organization of Securities Commissions (IOSCO) published its Policy Recommendations for the Crypto Markets and Digital Asset Markets Consultation Reportwhich proposes 18 policies that it plans to finalize by the end of 2023. Responses to the consultation must be submitted by July 31, 2023.

IOSCO is made up of securities and markets regulators from around the world, including the US Commodity Futures Trading Commission and the Securities and Exchange Commission. The purpose of the organization is to establish and maintain global standards for efficient, orderly and fair markets. IOSCO has issued several principles and recommendations that address different aspects of the regulation of financial and securities markets.1

IOSCO's work in developing global standards for the regulation of crypto assets is significant. It indicates a broader supervisory recognition of the need for legislators and policymakers in the crypto space to adhere to a minimum set of regulatory standards intended to protect customers and crypto markets and mitigate the potential for regulatory arbitrage. The IOSCO standards should be read in conjunction with other work done by international standard-setting bodies in the cryptographic field, in particular, the Financial Stability Board, the Financial Action Task Force, and the Basel Committee on Banking Supervision.2

The proposed recommendations are principled and directed at activities undertaken by crypto asset service providers (CASPs) involving all crypto assets, including stablecoins, and seek to promote greater consistency in IOSCO members' approach to the development of their own legal and regulatory frameworks for crypto assets. More generally, this objective supports the IOSCO principle of "same activities, same risks, same regulatory outcomes". The 18 policy recommendations address conflicts of interest, listing and trading, safeguards against abusive market behavior, protection of client assets, and cooperation between regulatory agencies, among other areas.

IOSCO's proposed recommendations are similar to existing or proposed crypto asset regulations in the EU and the UK.3 This is not surprising given that the EU Market Regulation for Crypto Assets (MiCA) builds significantly on existing EU financial services regulatory frameworks, which are aligned with established IOSCO standards.

In summary, the following recommendations have been proposed:

  • regulatory frameworks: Regulators should use existing frameworks or create new ones to achieve the same or consistent regulatory results that are required in traditional financial markets.
  • Conflicts of interest: The report addresses conflicts of interest that can arise, particularly for vertically integrated crypto-asset businesses, such as crypto-asset exchanges that provide more than trading functionality (e.g., brokerage, custody, settlement and participation services), either under the umbrella of a single legal entity or through closely affiliated legal entities. IOSCO recommends that regulators consider whether disclosure is appropriate to mitigate these potential conflicts. That could mean requiring the functions to be broken up into separate legal entities with separate boards and management teams. Effective policies, procedures and controls could be published to address these concerns, which may include monitoring of independence and decoupling of functions. IOSCO also sees regulatory bans on listing CASP and trading the same crypto assets in which it has a "material interest."
  • Market behavior: Regulatory action against market abuse and fraud is recommended to prevent unlawful disclosure of material non-public information, insider trading and market manipulation. Market surveillance requirements should be instituted to detect and report suspicious transactions, whether they are "on-chain" or "off-chain".
  • regulatory cooperation: IOSCO's call for codified cooperation agreements between supervisory authorities is a significant contribution to the global regulation of crypto assets. This would go beyond the existing Multilateral Memorandum of Understanding and the Enhanced Memorandum of Understanding that promote information sharing between jurisdictions.
  • Protection of client assets: Protecting client assets, particularly when they are in custody, is a key recommendation, but there are no specific expectations or thresholds regarding holdings of crypto assets in "hot" or "cold" wallets. The security of assets held in private keys is crucial, especially when a CASP enters insolvency proceedings. If a CASP expressly takes legal or beneficial ownership of an asset (e.g, for loan, reuse or remortgage), the explicit consent of the client must be obtained, since their rights may be reduced to having an unsecured credit against the CASP in the event of insolvency. CASPs should adopt appropriate systems, policies and procedures to mitigate the risk of loss, theft or inaccessibility of customer assets, and these should be sensitive to the risks associated with different types of wallets (e.g., hot, cold or lukewarm).
  • technological resilience: Regulators should consider operational and technological risk and resilience requirements, particularly in decentralized finance (DeFi), just as in traditional finance.
  • listing requirements: Trading platforms should adopt substantive and procedural listing standards for crypto assets and their issuers. Information about crypto assets would include details about their control and ownership, trading history, and protocol for transfers. IOSCO views this as “important, even where there is no clearly identifiable entity issuing a crypto asset,” but does not specify where responsibility for admission documents lies in such circumstances. It is true that there are challenges that legislators must face in determining the proper allocation of responsibility for information related to unissued crypto assets.

IOSCO's proposed recommendations present a welcome step in the development of common standards in crypto asset regulatory regimes around the world. The consultation provides an opportunity to ensure consistent regulations across jurisdictions, moving away from what might otherwise be a fragmented and disjointed landscape of crypto asset regulations.


1 For example, the CPMI-IOSCO Principles for Financial Market Infrastructures and the Principles for Financial Benchmarks.

2 The Financial Stability Board has published two consultation documents on the international regulation and supervision of crypto-asset activities: “Recommendations that promote consistency and comprehensiveness of regulatory, supervisory and supervisory approaches for crypto-asset activities and the market and strengthen international cooperation, coordination and information exchange. ” and “Revised High-Level Recommendations for the Regulation, Supervision and Control of 'Global Stablecoin' Arrangements”. The Financial Action Task Force has published its Red Flag Indicators of Money Laundering and Terrorist Financing in relation to crypto assets. The Basel Committee has also published its second consultation on “Prudential Treatment of Crypto Assets”.

3 See our customer alert for November 23, 2022 “Proposed EU legislation to regulate crypto assets, MiCA, heralds a new era of regulatory scrutiny” and our alert of March 29, 2023, “A Closer Look at the UK's Proposed Crypto Asset Regulatory Regime.”

Download pdf

Leave a Comment


No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *