The new European digital finance package
The EU Digital Finance Package consists of a series of initiatives that will be implemented by 2024, aimed at encouraging the development of the European Union and a competitive financial sector, intended to reap the benefits of digital finance in terms of innovation and competition, while mitigating its risks.
The package is based on the Digital Finance Strategy for the EU, designed to make the Union embrace the “digital revolution” by enabling European businesses and consumers to take advantage of digital finance. In particular, the Strategy provides for the adaptation of the EU regulatory framework in order to facilitate digital innovation thanks to a series of initiatives.
Behind these initiatives there are three interesting projects, detailed below.
1. MiCA Regulation
The MiCA regulation relates to the crypto-assets market and their taxonomy. Crypto-assets represent one of the most innovative areas of the financial system. The EBA and ESMA stressed that, beyond the EU framework aimed at fighting money laundering and the financing of terrorism, most crypto-assets currently fall outside the scope of EU legislation on financial services and therefore are not subject to the provisions on consumer and investor protection and market integrity. Furthermore, some Member States have recently adopted their own national crypto-asset disciplines, with the consequent risk of generating market fragmentation.
In more recent times, the need to pay specific attention to a particular subset of crypto-assets, the so-called stablecoins, has also emerged. The supposed global stablecoins are part of this scope. They aim to achieve a wide level of adoption among users by leveraging the network effects linked to the companies that design and promote these assets and that have attracted the attention of the public and institutions, both international and European.
The current proposal for regulation pursues four general objectives, which are interrelated.
The first is legal certainty: in order for crypto-asset markets to develop in the EU, a solid legal framework is needed, which clearly defines the regulatory body applicable to crypto-assets currently not governed by the actual legislation on financial services.
The second purpose is to support innovation, while the third objective is to ensure adequate levels of consumer and investor protection, and market integrity.
The fourth aim is to ensure financial stability, especially with reference to the category of stablecoins, which have characteristics that are potentially able to allow a wide level of diffusion and acceptance, with systemic effects that must be monitored.
2. DORA regulation and directive
The DORA regulation, focused on digital operational resilience for the financial sector, contains some amendments to previous directives and the decision to start inter-institutional negotiations.
The DORA rules, if approved at the end of the legislative process, would apply to all financial entities, such as banks, payment service providers, e-money providers, investment firms, crypto, and third-party service providers in the information and communication technologies (ICT) sector.
The broad scope of application aims to achieve greater harmonisation in the sector, and uniform and solid protection. In fact, following the financial crisis of 2008, some measures had been introduced to regulate financial risks aimed at minimum harmonisation and regulations which, by imposing only some basic principles, left a wide space for national approaches. The lack of detailed regulation has led to the proliferation of several divergent national initiatives with limited scope, especially in light of the cross-border effects due to the nature of ICT.
The proposal for a DORA regulation on digital operational resilience for the financial sector would amend the previous regulations no. 1060/2009, no.648/2014 and no. 909/2014 and would establish a coherent incident reporting mechanism. This mechanism would make it possible to reduce administrative burdens for financial entities and strengthen the effectiveness of supervision, aligning the existing provisions of the regulatory sector and other EU regulations.
The approval of the DORA regulation would bring together, for the first time, the rules on risks deriving from ICT in a single piece of legislation.
The risk management framework will be subjected to a periodic resilience test to assess its adequacy, limits and weaknesses, in order to promptly implement corrective measures. The digital operational resilience testing program involves performing a full set of appropriate tests, including vulnerability detection and assessment, open-source analysis, network security assessments, deficiency analysis, physical security exams, questionnaires, exams source code, compatibility testing, scenario-based testing, performance testing, end-to-end testing or penetration testing.
3. Distributed Ledger Technology Pilot Scheme
This package also includes the proposal for a pilot scheme on market infrastructures based on distributed ledger technology (DLT). The pilot DLT scheme aims to test the development of the European infrastructure for trading, clearing and settlement of DLT-based financial instruments. Crypto-assets are one of the main applications of DLT to the financial sector. The distributed ledger, in general terms, is a shared database on a consensual basis through which transactions are validated.
An interim agreement was reached between the Council and the Parliament on the following main issues discussed in the negotiations:
- Definition of the DLT market infrastructure
- Thresholds for admission to trading or registration in a distributed ledger
- Supervision: the competent national authorities will remain responsible for the authorisation, while ESMA will be able to issue an opinion on the application. The opinion would be neither public nor binding, but an explanation would be required where the competent national authorities decide to depart significantly from it
- Consumer protection: DLT operators will have mechanisms to manage customer complaints and related compensation
The pilot scheme will be in place for three years, after which the Commission, based on ESMA's opinion, should report to the Council and Parliament on the costs and benefits of its extension, modification or termination.