Draft act on crypto-assets

Scope

The draft defines the organization and execution of supervision of offerors, applicants for cryptocurrencies, issuers of asset-linked tokens (ART) and e-money tokens (EMT), and cryptocurrency service providers (CASP). The act rightly leaves out of scope the exercise of supervision over issuers of cryptoassets other than ARTs and EMTs. This is because there are no requirements for such entities under the MiCA.

Definitions

The draft introduces a number of definitions related to crypto-assets using the conceptual grid developed under the MiCA and ToF in this regard by referring directly to the relevant provisions of the regulations. On the grounds of the Draft, the concepts of distributed registry address, cryptoasset service provider, issuer, cryptoasset, cryptoasset account or distributed registry are introduced, among others.

Statements of intent

The draft, like other sectoral laws, introduces specific provisions on the submission of statements of intent. According to Article 3, declarations of intent made in electronic form contained in documents related to the performance of activities relating to cryptocurrency services or activities relating to public offerings under the MiCA and other activities carried out as part of the activities of entities within the scope regulated by the MiCA shall comply with the requirement of written form, including where that form has been reserved for nullity.

Storage of records by CASP

The draft imposes an obligation on CASPs headquartered in the territory of the Republic of Poland or operating in the territory of the Republic of Poland to store on a durable medium the documentation for a period of 5 years, starting from the first day of the year following the year in which they ceased operating as CASPs the documentation related to their operations. At the same time, it is indicated that this obligation may also be fulfilled by the CASP providing for the storage of these records by a third party providing such services.

Professional secrecy

The draft introduces provisions on professional secrecy in Chapter 2. Professional secrecy covers information concerning the legally protected interests of entities to which cryptocurrency services are provided, obtained by persons who are members of the statutory bodies or who work or cooperate with the CASP or with an entity cooperating with the CASP in connection with official activities undertaken by them under an employment, commission or other legal relationship of a similar nature, as well as information obtained in connection with other activities undertaken in the course of activities under the MiCA, as well as information concerning activities undertaken in the course of carrying out this supervision. The draft indicates in Article 9 that this includes, in particular, such information as:

• data identifying the party to the contract or other legal action;
• the content of the contract or the subject matter of the other legal action;
  data on the financial situation of the party to the contract, including the number and designation of cryptocurrencies held, the designation of the register of items corresponding to rights to cryptocurrencies, and the value of funds in the register and cash accounts for handling transactions.

The legislator, in the explanatory memorandum to the provision introducing CASP’s obligation of professional secrecy, claims that it is: “an ancillary provision to Articles 100, 101 and 129 of the MiCA, which regulate and define professional secrecy and the circle of entities that will be subject to the obligation of professional secrecy.” However, it should be pointed out that these provisions do not impose such an obligation on CASP. The MiCA provisions cited by the Project Proponent are addressed to supervisory authorities.

• Article 100 MiCA – establishes an obligation of professional secrecy and applies to natural and legal persons who work or have worked for the relevant supervisory authorities.
• Article 101 MiCA – applies to the processing of personal data by supervisory authorities.
• Article 129 MiCA – indicates that the obligation of professional secrecy applies to the EBA and all persons who work or have worked for the EBA, as well as to any person entrusted by the EBA with certain tasks, including auditors and experts engaged by the EBA.

The draft, in Article 14, requires CASP to use technical and organizational solutions to ensure the protection of professional secrecy and to develop and implement regulations for the protection of the flow of information constituting professional secrets, while specifying what such regulations should contain.

The regulations also provide for a catalog of situations in which there will be no violation of the obligation of professional secrecy. Of significant practical significance is the exemption provided in Article 13(10) of the Draft for information provided by an entrepreneur or foreign entrepreneur in connection with the conclusion or performance of a contract under which the CASP has contracted such entrepreneur to perform operational functions, provided that the provision of such information is necessary for the conclusion or performance of that contract. The language of the provision suggests that this is an exemption that applies to a so-called sub-insourcer, i.e., a person to whom the CASP insourcer has subcontracted the performance of operational functions performed by the CASP insourcer for the CASP.

Information obligations

According to the Draft, reporting obligations will be imposed on the ART issuer, the EMT issuer, and the CASP regarding information on their financial situation, events that may affect their activities related to the issuance of tokens or the provision of crypto-asset services, and information related to their compliance with the requirements under the MiCA. The scope, form of submission and deadlines for their submission will be specified in a regulation to be issued by the Minister of Finance.

In addition, certain categories of entities, among others, individuals who are offerors, issuers of ARTs or EMTs, persons applying for admission to trading in cryptocurrencies at the request of the FSC will be required to provide written or oral information and explanations without delay.

Responsibility for the information document

The draft introduces provisions on civil liability in connection with the information document (whitepaper) in Chapter 4. This issue has also been regulated under the MiCA, where it has been determined that liability for information provided in a whitepaper is incurred:

• in the case of cryptocurrencies other than ART and EMT – the offerors, applicants for admission to trading or operators of the trading platform (Article 15 of the MiCA)
• in the case of ART – issuers of ART (Article 26 MiCA)
• in the case of EMTs – issuers of EMTs (Article 52 MiCA)

The MiCA at the same time indicates in each of the articles cited above that they are without prejudice to any other civil liability under national law.

Under the Draft, the catalog of entities responsible for whitepaper information is expanded from the catalog of entities specified under the MiCA. In Article 18, the Project Proponent decided that the entity preparing or participating in the preparation of the information in the whitepaper is also liable for the information provided in the whitepaper, to the extent that it prepared or participated in the preparation of the information.

Surveillance of the crypto-asset market

PFSA as the competent supervisory authority

Chapter 5 of the draft regulates oversight of the cryptocurrency market, designating the FSC as the competent supervisory authority under the MiCA. Based on the introduced regulations, the PFSA will have the ability to inspect the activities of ART issuers, EMT issuers, offerors, applicants for admission to trading and CASPs to determine the compliance of these entities with the provisions of the Draft and the MiCA.

The project also provides for the PFSA, within the scope of its supervision, the authority to impose fines on a supervised entity if it prevents or obstructs the initiation or conduct of inspections. The maximum amount of the penalty will be PLN 20,000,000.

Block the address of the distributed register and accounts and stop transactions

Article 27 of the draft introduces the possibility for the Chairman of the PFSA or his deputy to request the supervised entity to block the address of the distributed registry or crypto-asset account in the distributed registry maintained by the entity, as well as the bank or SKOK account.

The blockade is to consist of temporarily preventing the disposition and use of all or part of the blocked cryptocurrencies, including by the supervised entity, with the exclusion of making settlements in cryptocurrencies resulting from transactions entered into and obligations incurred prior to the receipt of this request, for a period of no more than 96 hours from the time indicated in the request.

Issuance of such a request is possible when, from the information obtained, justifying the suspicion of the commission of a crime defined under the Project, it is apparent that the transaction that has been made or is to be made may be related to the commission of such a crime. If such a request is made, the Chairman of the FSC or his deputy shall file a notice of suspicion of a crime.

The regulations also provide for a situation in which, due to the technology used to store and administer cryptocurrencies, it is not possible to carry out a blockade. The supervised entity is then obliged to take other appropriate measures to prevent the disposition and use of the cryptocurrencies covered by the request.

The prosecutor also has the authority to stop a specific transaction or make a blockade in case of reasonable suspicion of a crime under the project.

Registry of Internet domains and IP addresses

The draft provides for the establishment of a registry of Internet domains and IP addresses of crypto-activists without the required authorization or who are unauthorized to do so under MiCA regulations (the Registry). The Registry shall be public and is to be maintained in an ICT system by the PFSA.

Internet domains or IP addresses of CASPs who violate MiCA regulations will also be able to be entered into the Registry. Such intervention by the supervisory authority may take place if there are no other effective measures leading to the cessation of MiCA violations.

In Article 34, the draft imposes an obligation on telecommunications companies providing Internet access services:

• prevent or restrict, free of charge, access to Internet interfaces using an Internet domain name or IP address listed in the Registry by removing them from telecommunications entrepreneurs’ data communications systems for converting an Internet domain name into an IP address,
• to redirect, free of charge, calls referring to an Internet domain name entered in the Registry to a website maintained by the Commission, containing a message addressed to recipients of the Internet access service, including, in particular, information about the location of the Registry, the entry of the Internet domain name sought in the Registry, the legal basis for entry in the Registry and a warning about the risk of serious damage to the interests of customers or holders of cryptoassets.

In the event that an Internet domain name or IP address is entered in the Registry, hosting providers or domain registrars shall be obliged, at the request of the PFSA, to remove the domain name free of charge and register the name in favor of the PFSA free of charge, or remove or disable the web interface, restrict access to it, or remove the content indicated by the PFSA.

The draft provides for the possibility to object to an entry in the Registry within 2 months of the entry.

The PFSA will delete the domain or IP address from the Registry if the grounds for entry have ceased.

Supervision costs

The provisions of Articles 40 – 44 regulate the fees (surveillance costs) charged to market entities engaged in crypto-related activities. The fees are as follows (equivalent in PLN amount):

• EUR 4500 – granting of ART and CASP permits
• no more than EUR 4,500 – assessing the notification under Article 60(8) of the MiCA, assessing the planned acquisition of an ART issuer under Article 41(4) of the MiCA (the Draft indicates Article 41(3) here) and assessing the planned acquisition of a CASP under Article 83(4) of the MiCA
• EUR 3,000 – approval of whitepaper when offering or applying for admission to trading of ART
• the average value of revenues from the provision of cryptocurrency services in the last three fiscal years preceding the year for which the payment is due, in an amount not greater than 0.5 of this average, but not less than the equivalent of EUR 750 – the annual supervision fee paid by CASP
• EUR 750 – annual supervision fee paid by ART issuers

Supervisory and administrative measures

The most extensive part of the draft are the provisions on supervisory measures and administrative sanctions set forth on the grounds of Articles 45 – 73 of the Draft. Among them can be mentioned:

• the obligation to amend or supplement the content of the information document
• the obligation to change the content of cryptocurrency marketing materials
• order to withhold or prohibit the commencement of a public offering
• ordering the suspension or prohibition of the application for marketing of cryptocurrency
• prohibiting CASP from providing cryptocurrency services for a period of no more than 12 months
• prohibiting CASP shareholNew prohibited acts are also introduced under the Draft, among others.

  making a public offering without publishing a cryptocurrency information document
  providing false information in an information document on ART or EMT
  conducting without authorization activities related to the provision of cryptoasset services
  disclosure of professional secrets
  using terms in one’s company, trade name or advertising indicating that one is a cryptoasset service provider.

  ders from voting where the influence they exert may be detrimental to the sound and prudent management of CASP

The PFSA may impose fines of up to PLN 22 million on supervised entities for violating the obligations stipulated under the Project and MiCA.

Criminal provisions

New prohibited acts are also introduced under the draft, among others.

• making a public offering without publishing a cryptocurrency information document
• providing false information in an information document on ART or EMT
• conducting without authorization activities related to the provision of cryptoasset services
• disclosure of professional secrets
• using terms in one’s company, trade name or advertising indicating that one is a cryptoasset service provider.

Changes in selected regulations in force

The project amends the provisions of existing laws that the project Proponent has deemed necessary to ensure the proper application of the MiCA and the project. The project amends 18 laws, including the AML Act, the Banking Law, the Payment Services Act, the Financial Market Supervision Act, tax laws (the PIT Act and the CIT Act), and the Financial Instruments Trading Act, among others.

AML Act

The proposal of changes on the grounds of the AML Act is a result of both the need to implement the MiCA and the ToF (including the implementation of the AML Directive as amended on the grounds of the ToF). Among the most significant changes introduced on the grounds of the AML Act, it is necessary to mention the modification of Article 2(2)(26), i.e. removing the definition of virtual currency from the Act and replacing it with the definition of crypto-asset, and the amendment of Article 2(1)(12) by replacing the current virtual currency service providers (so-called VASPs) introduced on the grounds of the MiCA with crypto-asset service providers (CASPs).

Changes to unlock the provision of crypto services for certain categories of financial market players after notification

The MiCA stipulates that certain types of financial market entities may provide certain crypto services without obtaining a CASP permit. In order to do so, they must notify the competent supervisory authority at least 40 business days prior to providing these services.

The draft amends several pieces of legislation to allow these entities to provide services upon notification, i.e.

• in the Banking Law – credit institutions
• in the Law on Investment Funds and Management of Alternative Investment Funds – UCITS management companies and alternative investment fund managers
• in the Law on Trading in Financial Instruments – central securities depositories and companies operating a regulated market (there are no analogous provisions for an investment company in the Draft)
• in the Payment Services Act – electronic money institutions

Code of Criminal Procedure

The draft introduces a modification to the Code of Criminal Procedure by amending Article 236b of the Code of Criminal Procedure to include cryptoactives in the catalog of things and objects. In the explanatory memorandum, the proponent points out that the proposed solution will allow cryptocurrencies to be included in the decision on material evidence, provided that cryptocurrencies are retained as evidence in the case.

Transitional and final provisions

Transition period

Of key practical importance are the provisions on the transition period. The proponent – in line with ESMA’s recommendations – shortens the grandfathering period provided for under the MiCA to 12 months. According to Article 105 of the Draft, as currently drafted, during the period from the effective date of the proposed law until the date of CASP authorization or denial of such authorization, but no longer than December 31, 2025. A VASP providing cryptocurrency services with MiCA shall perform virtual currency activities in accordance with the provisions of the AML Law.

The draft also provides for situations in which a VASP can be removed from the register, e.g., in the event of information from the GIIF that it has twice failed to comply with the obligation to provide or make available documents or information upon request to the GIIF during this period.

Entry into force

The Act, as currently drafted, is in principle to take effect on June 30, 2024 (with the exception of, among other things, Article 105(1)(1) of the Draft, i.e. the provision regulating the grandfathering period).

At the same time, the provisions of the Law with regard to the provision of cryptocurrency services are to be applied as of December 30, 2024.

See also

See also:

• Markets in Crypto-assets (MiCA)
• ART and CASP licensing (MiCA)