From the monumental peak price of bitcoin[i] to the judgment in relation to Tornado Cash sanctions[ii], as well as the growth in the use of crypto and general market enthusiasm[iii], 2024 has been quite the year for various aspects of the Web3[iv] space. Through controversies, growth and milestones, this dynamic ecosystem has continued to evolve. Progress has also been made on the regulatory front with some jurisdictions actively developing and/or implementing frameworks for various aspects of the Web3 ecosystem. Here are five key aspects that were the focus of regulatory developments within the year[v]. 

Stablecoins

Stablecoins remained a key feature of regulatory agendas this year.

In the EU, the MiCA[vi] stablecoin issuer rules, which address e-money tokens[vii] (those linked to the value of a fiat currency), and asset-referenced tokens[viii], (i.e. crypto assets backed by reserve assets comprised of fiat, various commodities and/or several crypto assets) became applicable at the end of June[ix].

In July, FINMA, the Swiss regulator, published guidance on the issuance of stablecoins, drawing attention to risks[x] and challenges associated with stablecoins.

In the United Arab Emirates (UAE), the UAE Central Bank issued the Payment Token Services Regulation[xi] for regulating stablecoin-related services[xii] and recently approved the issuance of the first AED stablecoin[xiii]. The regulatory arm of the ADGM (FSRA) on 5 December 2024 also issued a fiat referenced tokens framework[xiv] (i.e. a stablecoin framework)[xv].

Developments also occurred in Hong Kong with the Stablecoins Bill[xvi] being gazetted on 6 December 2024 and its introduction to the Legislative Council for first reading on 18 December 2024[xvii]. The Bill, among other things, seeks to address risks posed by stablecoins while supporting its benefits[xviii].

In the Caribbean, countries like Bermuda and Bahamas made headway on the regulation of stablecoins.

The Bermuda Monetary Authority (BMA) issued guidance on Digital Asset Business Single Currency Pegged Stablecoins[xix]. The guidance sets out the BMA’s expectations for issuers on key aspects such as governance, risk management, and market integrity.

Bahamas introduced a revised framework for stablecoins with its Digital Assets and Registered Exchanges Act 2024 (DARE 2024). DARE 2024, among other things, establishes comprehensive requirements for the issuance, custody, and management and redemption[xx] of stablecoins.

The above noted frameworks represent a significant milestone, as they align with the call of international standard setters for regulatory frameworks that address potential risks associated with stablecoins, and as a response to the ongoing requests for regulatory clarity. 

Assessing the most appropriate manner to regulate stablecoins requires a balanced approach for regulatory priorities such as consumer protection and financial stability, while supporting the growth of innovation and its underlying complexities/intricacies.

In its April 2024 Report ‘Stablecoins: regulatory responses to their promise of stability’[xxi], the Financial Stability Institute (FSI) commented that fragmentation in approaches to supervision could pose challenges to an integrated financial system. The FSI called for consistency in approaches as well as global implementation to address stablecoins’ risks[xxii], prevent regulatory arbitrage and ensure a level playing field in the digital asset ecosystem, among other things[xxiii].

The need for effective regulation was also noted by the United States Financial Stability Oversight Council (FSOC) in its December 2024 report[xxiv]. FSOC called for the regulation of stablecoins having regard to risks to financial stability, noting that an appropriate prudential framework should among other things address run risk, payment system risks, market integrity, and investor and consumer protections, including for entities that perform services critical to the functioning of stablecoin arrangements.

In the United Kingdom (UK), the much-anticipated plans for the roll out stablecoin regulation in 2024 were postponed to 2025[xxv]. 

It is also noteworthy that the FSB’s ‘G20 Crypto-asset Policy Implementation Roadmap, Status Report’, highlighted its survey conducted in January 2024 on the implementation status for the regulation of crypto asset activity (including stablecoin arrangements). The survey indicated that nearly all FSB members either have plans in place to “develop new or revised frameworks for crypto-assets and stablecoins, or already have those frameworks in place” with a lower share of non-FSB members confirming similar plans. Proposed frameworks cover critical areas including licensing, reserve asset management, redemption rights, capital adequacy, consumer protection, governance and risk management, cyber security and anti-money laundering/countering the financing of terrorism compliance.

Recognition of crypto as property

While a number of court decisions have determined that crypto could be categorized as property. Initiatives are being implemented to clarify this position in legislation. 

This year Dubai’s International Financial Centre enacted the Digital Assets Law No. 2 of 2024[xxvi], recognizing digital assets as tangible property[xxvii].

In the UK, the Property (Digital Assets Etc.) Bill was introduced to Parliament in September[xxviii]. The Bill seeks to recognize cryptocurrencies, non-fungible tokens, and carbon credits as personal property under English property law. When enacted, the Bill will provide legal protection to crypto owners and companies against fraud/scams and aid in matters relevant to crypto-related disputes.

Decentralised Autonomous Organisations (DAOs)

This year also saw continued discussion on the regulation of DAOs.

In the UK, the Law Commission published a Scoping Paper on DAOs which discussed inter alia, the features of DAOs, their practical implementation (i.e. are they really fully autonomous or decentralized?), an examination of the spectrum regarding DAO arrangements[xxix] and the legal characterization of a DAO including implications for liabilities etc.- based on its arrangement. The paper concluded that there is no current need to develop a DAO-specific legal entity in the UK given the current lack of consensus of what such an entity would look like and the appropriate parameters for same (particularly having regard to the spectrum in which DAOs operate[xxx]).

Some jurisdictions added or improved frameworks to facilitate the legal recognition of DAOs:

In the Marshal Islands, the 2024 DAO regulations were passed which enhances the DAO Act 2022[xxxi]. The regulations are intended to facilitate the acceleration of the application process, provide more clarity to DAO LLCs and immunity for DAOs from being held accountable for the use of any open-source software they create, as well as introduce improved compliance measures[xxxii].

In the United States, Wyoming’s Decentralized Unincorporated Nonprofit Association Act (DUNA), came into effect in July[xxxiii]. DUNA provides for DAOs to be incorporated as nonprofit associations and addresses key matters such as formation, management and governance. Under DUNA, DAOs are able to have legal existence, contract with third parties, open bank accounts, acquire/transfer property, appear in court, pay taxes, receive limited liability protections, etc. DAOs as nonprofits may even engage in profit-making activities where proceeds are directed back to their purpose.

In October, the Ras Al-Khaimah region of the UAE announced the establishment of the DAO Association Regime[xxxiv], a regulatory framework for DAOs operating within the RAK Digital Assets Oasis free zone. The framework enables DAOs to have legal personality (by way of a legal wrapper), own on-chain and off-chain assets, open bank accounts, enter into contracts and interact with off-chain entities.

Crypto Asset Activities and Markets

A number of jurisdictions introduced or improved regulatory frameworks for crypto asset activities this year.

In Qatar, the Qatar Financial Centre issued the Digital Assets Framework 2024 which establishes the legal and regulatory foundation for digital assets, including the process of tokenization, legal recognition of property rights in tokens and their underlying assets, custody arrangements, transfer, and exchange, as well as the legal recognition of smart contracts. The framework[xxxv] includes Investment Token Rules[xxxvi], Investment Token (Miscellaneous Amendments) Rules[xxxvii] and the Digital Asset Regulations[xxxviii].

In Singapore, the Monetary Authority (MAS) focused on, inter alia, implementing its crypto custody licensing regime. MAS introduced amendments to the Payment Services Act to include custodial services for digital payment tokens[xxxix]. The new framework requires crypto service providers to obtain licenses, ensuring they meet stringent requirements for asset segregation, record-keeping, and operational controls. These measures are designed to enhance the security and stability of the cryptocurrency ecosystem and to impose user protection. Alongside the crypto custody licensing regime, MAS also published guidelines on consumer protection measures for DPT service providers[xl]. These guidelines mandate that service providers implement robust measures to address consumer protection risks, such as providing clear information on risks and ensuring transparency in transactions.

Uruguay also reportedly[xli] introduced a legal framework to recognize and regulate crypto assets[xlii] and to, among other things, empower its Central Bank with regulatory oversight for crypto asset service providers, including the granting of operational licenses.

In Taiwan, regulatory measures sought to tighten requirements for virtual asset service providers (VASPs)[xliii] including introducing a registration regime, anticipated to take effect in 2025[xliv]. The AML related amendments also emphasize consumer protection and market transparency. VASPs are required to implement robust measures to address consumer protection risks, provide clear information on risks, and ensure transparency in transactions.

South Korea’s Virtual Asset User Protection Act (VAUPA) came into effect in July. The Act focuses on protecting users’ virtual asset holdings, regulating unfair trading practices, and authorizing financial regulators to supervise, inspect, and sanction virtual asset service providers. VAUPA mandates, inter alia, that cryptocurrency exchanges store at least 80% of user deposits in cold storage and customer fiat funds must be held at a licensed bank that pay customers interest on their deposits[xlv]. Crypto service providers are required to separate customer funds from company assets and need to be insured against liabilities such as hacking. Exchanges are expected to implement real-time monitoring systems to detect and report abnormal transactions, including unusual price movements and trading volumes, etc.

In the Caribbean, the Cayman Islands, Bahamas and Bermuda introduced improvements (or proposed improvements) to their regulatory regimes for crypto asset activities.

In the Cayman Islands, amendments were made to the Virtual Asset Service Providers Act[xlvi] to add clarity to the regulatory regime by, inter alia, introducing new or amended definitions for certain terms used within the Act[xlvii], streamlining the requirements for custody and trading platform services[xlviii] and enhancing the powers of the supervisory authority[xlix]. These changes along with CIMA’s Rule[l] for Virtual Assets Custodians and Trading Platforms, are intended to take effect in early 2025. The Rule contains prescriptive requirements for VASP licensees that align with the requirements in the VASP Act and includes obligations for key areas such as governance, conduct of business, prudential requirements, risk management as well as IT and cybersecurity, etc.

These enhancements are designed to, among other things, provide regulatory clarity and certainty to the sector, promote market integrity and protect consumers/investors, while encouraging responsible innovation.

In the Bahamas[li], the DARE 2024 has expanded the range of regulated digital asset activities that falls within the regulatory remit to include advisory and management services, digital asset derivatives, and staking services (including the introduction of a disclosure regime for staking digital assets belonging to clients or the operation or management of a staking pool as a business)[lii]. DARE 2024 also empowers the Securities Commission to add additional activities as the space evolves. Custody[liii], exchanges and issuance[liv] requirements have also been enhanced including greater protection for client interests, fit and proper standards for digital asset issuers as well as matters around control and security.

In Bermuda, the BMA issued a consultation paper for proposed amendments to the Digital Asset Business Act 2018 and the Digital Asset Business (Prudential Standards) (Annual Return) Rules 2018[lv]. The proposed changes aim to enhance the BMA’s rule-making powers, refine certain definitions within the DBA and amend annual reporting requirements[lvi].

Finally, it is worth noting that the EU’s MiCA provisions on crypto asset services will become fully applicable on 30 December. Crypto asset services include custody and administration of crypto-assets on behalf of clients; operation of a crypto asset trading platform; exchange of crypto-assets for funds or for other crypto-assets; execution of orders or placing of crypto-assets; providing advice on crypto-assets and providing portfolio management on crypto-assets.

DLT related Regulatory Sandboxes

This year also saw the launch of a few regulatory sandboxes, signaling continued regulatory commitments to support innovative growth within the industry.

The Hong Kong Monetary Authority (HKMA) announced its stablecoin issuer sandbox arrangement in March[lvii] with participants for the sandbox identified in July[lviii]. In August, the HKMA also launched another regulatory sandbox, known as Project Ensemble, to enable financial institutions to experiment with the tokenization of real-world assets[lix]. 

In August 2024, the Thailand Securities and Exchange Commission launched a regulatory sandbox intended to “facilitate experiments and the development of innovations supporting the efficient provision of digital asset services in the real-life context”[lx]. The eligible digital asset-related services apply to digital asset exchanges, brokers, dealers, fund managers, advisors, and custodial wallet providers.

In the UK, the Bank of England/Financial Conduct Authority introduced the Digital Securities Sandbox aimed at facilitating the adoption and integration of novel technologies such as DLT for the issuance, trading and settlement of securities[lxi].

These regulatory sandboxes will allow entities to experiment with novel ideas and refine their offerings before bringing them to a broader market; while enabling regulators to gain early insights, assess crucial risks and better understand implications at an early stage.

Conclusion

The year 2024 has, as its predecessor, brought with it progress on the development of regulatory frameworks for various aspects of the Web3 space, in a number of jurisdictions. This year also signaled redemption for certain assets/services within the space that faced issues/downturns in previous years. With the expected continued growth of the sector, regulators and industry participants alike recognize the importance of sensible frameworks that can provide legal certainty, ensure investor protection and maintain market integrity, etc. Such sentiments are becoming more prominent in literature published on these topics and have arguably been reflected within the transforming political and regulatory environment of many jurisdictions.

In the year ahead, we can expect to see further regulatory initiatives. While this is encouraging, it is important that sight is not lost of the need to create harmonised and sensible frameworks that will facilitate sustainability and success of the Web3 ecosystem. This requires commitment of all stakeholders to remain flexible, informed and collaborative.

References

[i] See article, and also for latest updates Bitcoin price history Dec 21, 2024 | Statista

[ii] See as an example explanation by Mayer Brown or Latham&Watkins.

[iii] See for e.g., articles: Nasdaq and Morning Star.

[iv] In this article, reference to Web3 is used in a broad sense- regarding aspects that may touch and concern the Web3 ecosystem. Web3 has been defined as a set of technologies that aim to make the Internet more democratic, secure, private, and transparent. These technologies include blockchain, cryptocurrencies (including stablecoins), decentralized applications, decentralized autonomous organizations, decentralized finance, and non-fungible tokens, etc.

[v] These updates are not an exhaustive list, as there are other regulatory developments that occurred throughout the year.

[vi] Markets in Crypto Assets Regulation: European crypto-assets regulation (MiCA) | EUR-Lex

[vii] MiCA’s EMT rules are set out under Title IV and have applied since 30 June 2024.

[viii] MiCA’s ART rules are set out under Title III and have applied since 30 June 2024.

[ix] For insight into the MiCA implementation, check out Solidus Labs MiCA Masters Seres: https://www.soliduslabs.com/research/mica-masters#Download.

[x] These include risks of money laundering, terrorist financing and the circumvention of sanctions.

[xi] See link. The PTSR among other things does not allow algorithmic tokens to be included and only allows foreign stablecoins to be used to purchase virtual assets, while AED stablecoins could be used to purchase products and services within the UAE.

[xii] The PTSR applies across the UAE except in the Dubai International Financial Centre (the DIFC) and the Abu Dhabi Global Market (the ADGM).

[xiii] See article.

[xiv] The framework provides for robust standards for (fiat-backed) stablecoins including addressing key regulatory priorities such as financial stability and investor protection by way of reserve assets, governance and integrity, transparent disclosure, prudential safeguards, and redemption rights

[xv] FSRA introduces a regulatory framework to support the issuance of Fiat-Referenced Tokens in ADGM. See section 19A of the Conduct of Business Rulebook (COBS) 

[xvi] which is a regulatory regime for issuers of fiat-referenced stablecoins in Hong Kong. See Stablecoin Bill

[xvii] See here

[xviii] The draft aims to enhance the legal framework for virtual asset operations, mitigate potential risks to financial stability posed by fiat-backed stablecoins, and deliver strong security measures for users, etc.

[xix] https://www.bma.bm/document-centre/policy-and-guidance-digital-asset-business

[xx] DARE Act 2024 Information - Securities Commission of The Bahamas. DARE 2024 notably prohibits the issuance of algorithmic stablecoins.

[xxi] https://www.bis.org/fsi/publ/insights57.pdf

[xxii] For example, its use for illicit activities. The FSI referenced Chainalysis’ assessment that stablecoins now account for the majority of illicit crypto transactions in terms of volume, and they have become the instrument of choice for scamming and transactions associated with sanctioned entities. Other risks include redemption risks, risks to consumers, market integrity and financial stability. The FSB notes that stablecoins may also present concerns related to data privacy, cyber-security,

fiscal stability, and macroeconomic stability.

[xxiii] The FSI report notes inter alia, that jurisdictions have varying definitions and categorizations for stablecoins that may pose a risk to financial stability. There are also discrepancies in requirements for the disclosure of reserve assets kept by stablecoin issuers to maintain the crypto's value against its reference currency.

[xxiv] FSOC Annual Report

[xxv] See Bloomberg article. See also keynote address from HM Treasury.

[xxvi] UAE

[xxvii] under English common law principles

[xxviii] UK

[xxix] and a categorization of three broad types: pure DAOs, hybrid arrangements and digital legal entities.

[xxx] The paper notes that not all DAOs operate in the same way and therefore there is no silver-bullet solution for legal recognition.

[xxxi] The Marshall Islands has to date facilitated the incorporation of more than 100 DAOs since the implementation of the DAO Act, 2022.

[xxxii] See https://www.midao.org/blog-posts/midaos-2024-dao-regulation and Marshall Islands Enhances Legislation to Boost DAOs Legal Status, Accelerates Registration and Provides Immunity.

[xxxiii] See Wyoming’s DUNA Law – A Legal Framework for Non-Profit DAOs and Open-Source Blockchain Networks - Hot Topics in International Trade - October 2024 | Braumiller Law Group, PLLC - JDSupra

[xxxiv] a legal framework designed to empower Decentralized Autonomous Organizations to operate securely and legally in the UAE.

[xxxv] The three regulatory instruments noted are complemented with other key legislative/regulatory documents, including the Companies Regulations, Contract Regulations and few other rules and guidelines.

[xxxvi] Investment Token Rules 2024

[xxxvii] Investment Token (Miscellaneous Amendments) Rules 2024

[xxxviii] Digital Asset Regulations 2024 | Rulebook

[xxxix] See https://www.mas.gov.sg/news/media-releases/2024/mas-expands-scope-of-regulated-payment-services

[xl] See Guideline

[xli] https://news.bitcoin.com/uruguay-passes-cryptocurrency-law/

[xlii] This new framework amends the existing legislation regarding money laundering and financing terrorism, bringing virtual assets under the scope of current enforcement agencies. The framework also updates the securities law to introduce decentralized securities, defined as those issued, stored, transferred, and traded electromechanically using distributed ledger technology.

[xliii] See summary example article here

[xliv] Non-compliance could result in severe penalties, including criminal charges and potential imprisonment for up to two years.

[xlv] Press Releases - Financial Services Commission

[xlvi] See Amendment here. 

[xlvii] The amendment introduced new definitions and clarified existing terms used in the Act to ensure a clear understanding of regulatory requirements.

[xlviii] These include improvements on the governance standards (e.g. the need for at least 3 directors which must include one independent director), client asset protection ( through the use of segregation requirements and protections for theft and loss), enhanced investor protections (regarding disclosures, communications, complaints, insurance, etc), and certainty regarding the application of FATF’s travel rule through the requirements for beneficiary and originator information in relation to transfers. The application process has also been clarified as well as fees for regulatory submissions and penalties for failure to adhere to regulatory requirements.

[xlix] including the ability to: impose conditions on based on the nature, risk and scale of business, issue notices of lapse (a where licence or registration lapses), require a registered person to provide audited financial statements, seek court orders to wind up entities whose licence or registration have been revoked/cancelled.

[l] Rule- Obligations for the provision of virtual asset services - Virtual Asset Custodians and Virtual Asset Trading Platforms. See also Statement of Guidance- Guidance for the provision of virtual asset services -Virtual Asset Custodians and Virtual Asset Trading Platforms. These requirements (provided for consultation in 2022) have been refined based on evolving observations and the “increased experience in assessing issues, trends, and business models by the VASP & Fintech Innovation Unit”.

[li] See Janay Symonette’s article which provides a comprehensive summary.

[lii] See Media Release: “The Bahamas Introduces Transformative Digital Asset Legislation: The DARE Act 2024”.

[liii] For example, custodial wallet services provisions have been included to “enhance the protection of client interests by requiring accessibility of digital assets” as well as consumer proception generally.

[liv] only qualified entities can issue tokens within the Bahamas.

[lv] See here

[lvi] These include enhanced powers to allow for rules related to liquidity requirements, capital requirements and wind-down planning; transition of specific ‘civil penalties’ to ‘late fees’ payable for non-compliance; amendments to the Rules to update and clarify the items required in annual reporting and Introduction of a definition of ‘control of assets’ to be applied throughout the Act.

[lvii] https://www.hkma.gov.hk/eng/news-and-media/press-releases/2024/03/20240312-4/

[lviii] https://www.hkma.gov.hk/eng/news-and-media/press-releases/2024/07/20240718-4/

[lix] https://www.hkma.gov.hk/eng/news-and-media/press-releases/2024/08/20240828-3/

[lx] See SEC Media Release

[lxi] https://www.bankofengland.co.uk/financial-stability/digital-securities-sandbox