Our Comment on the Swiss Blockchain Law

In March, the Federal Council presented a draft for a number of legal adjustments and invited Bitcoin Association Switzerland to take part in the public consultation. The consultation phase ends this month and we have filed an extensive comment, in which we support the position of the Swiss Blockchain Federation and lay out some of our common concerns in more detail. In this blog post, I will summarize the content of the proposed law as well as the comments of both Blockchain Federation and Bitcoin Association.

In its December report, the Federal Council identified three main obstacles for the proliferation of the blockchain and its applications in Switzerland:

  1. The creation and transfer of security tokens lacks a solid legal foundation.
  2. The law is silent on the question if and how clients can get their crypto assets back in case a custodian gets bankrupt.
  3. There is no suitable license for exchanges that want to list security tokens.

Academically, the first change is by far the most interesting as its solution requires adjustments to the Swiss Code of Obligations, which is part of the foundations our whole legal system. Generally, Switzerland's legal system is rooted in basic principles and its laws are much less detailed than those of most other countries. This allows courts and scholars to figure out the details on the fly as new circumstances present themselves. This is one of the secrets of why Swiss companies enjoy a high degree of freedom of innovation. A software engineer would say that the Swiss system is more agile than that of other countries. This agility has already been used in the past when stock markets started to get digital in the 1980ies. And it can be used today to find ways to legally bind shares or other securities to a blockchain-based token. The drawback of this approach is that it does not provide unconditional legal certainty. There is always a small risk that a judge follows a different interpretation of the law, thereby pulling the rug out from under such legal constructs. The Federal Council proposes to eliminate this risk by adding explicit legal foundations for security tokens into the Code of Obligations.

At first sight, enabling security tokens sounds straight-forward. However, there are subtle legal considerations to be made. From a legal and technical point of view, a token must fulfill two key properties. The first is to be resistant to manipulation (including counterfeits / copying) and the second is what Swiss lawyers call publicity. Publicity is the ability of the holder to prove to anyone that he actually holds the token. Just like I can prove to anyone that I own a certified security that is printed on paper by presenting that paper, I can prove to anyone that I am in control of a particular token by signing a publicly verifiable message with the right private key. In both cases, the holder can publicly prove that the security is in his possession. Sometimes people make the mistake of turning this upside down, assuming that the blockchain-based ledger allows the issuer to prove who the holders are. While it is conceivable to build such a blockchain, this is not how today's blockchains work. Today's blockchains assign tokens to addresses, and not to persons. Applications and legal considerations that are based on the assumption that there is a stable one-to-one relationship between addresses and persons will inevitable fail sooner or later. In that regard. tokens are very much like printed securities: the paper allows the owner to prove that he is in possession of the share, but the issuer generally has no means to pinpoint the location of the paper. This any many other subtle reasons make the drafted law an excellent proposal: by exploiting the parallels to printed securities, it was possible to craft a robust extension to the Code of Obligation that rests on proven principles.

With the proposed extension of the Code of Obligations, one can issue everything as a tokenized security that could also be issued as a printed security and transfer the security by handing over the possession over the token. It does not matter how the control over the token is transferred. Just like I can give you printed security by giving you a key to a deposit box in which it resides, I can also give a token to you through indirect means, for example by giving you a paper wallet that contains a private key that controls a smart contract that controls another smart contract that finally has the token. The indirections do not matter. The only thing that matters legally is that you gain the ability to prove that you control the token - directly or indirectly. These considerations also illustrate why white-listing only works for one-time transactions. There is no stable one-to-one relationship between addresses and people. As soon as you allow indirect possession (which is a must for applications like Uniswap), your white-list becomes unenforceable. The right way to identify the holders of a token is through a secondary register.

When issuing registered shares, the company must keep a shareholder registry that identifies all shareholders by name. The alternative of issuing anonymous bearer shares is not recommended as they do not conform to today's standards of accountability. So the question is: how can one issue registered shares on the blockchain without writing personal data onto the blockchain? The answer is simple: just split the registry into two parts, the token registry and the shareholder registry. The token registry resides on the blockchain and is anonymous. And the shareholder registry resides in a database and contains a list of all shareholders and their addresses. This split stems from the paper-based world and is already present in today's Code of Obligations. The token is freely transferrable (just like a piece of paper would be). However, in order to actually enjoy the rights of a shareholder, you must present the paper to the company and demand to be registered, providing your name and address. Until you have done so, the company can for example pay out dividends to the previous owner of your shares and there is nothing you can do about it. That results in having the best of both worlds: you can engage in short-term trading without filing any forms, but there is still a high level of transparency regarding the ownership of the company as long term holders are forced to register themselves.

This brings us to the next topic and the second big proposed change to the existing laws: the handling of tokens under bankruptcy. As outlined in an earlier post, there is an important distinction between possession and ownership. Possession is who control something. Ownership is who it belongs to. If I borrow your car, I gain possession over it, but you retain it ownership. Swiss law uses this distinction to find out who stuff belongs to if someone goes bankrupt. If I go bankrupt while having borrowed your car, you can get your car back. However, the problem is that Swiss law only allows this distinction to be made to tangible items and "controllable forces of nature" (e.g. electricity but not wind). That means it is unclear whether you would be able to get any Bitcoins back if you borrowed me some and I go bankrupt. To fix this, the Federal Council proposes to allow you to get your crypto assets back as long as I kept them on a separate address. This is already a step forward, but unfortunately - as we point out in our comment - not future-proof. For example, if you used lightning network to send me the borrowed Bitcoins, a literal interpretation of the proposed law would not allow you to get them back again as lighting network transactions do not lead to a separation of our two balances that is directly observable on the block chain. Thus, we urge the Federal Council to fix this issue and extend your right to get your tokens back to all cases where you can prove that they are actually yours. There are plenty of other use-cases besides lightning network where this is essential and we really hope that this rather small adaption will be made in the next step of the legislative process, where the Federal Council reviews all comments and revises the proposal.

The third important change is the creation of a new license category "DLT-Trading-System" (whereas DLT stands for Distributed Ledger Technology) in the Financial Markets Infrastructure Law, which would allow license-holders to operate an exchange for security tokens. That law contains roughly 14'000 words and is - as far as I know - a condensed version of the European Union's Directive 2014/65/EU on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (72'000 words, also known as MiFID II) and the Regulation No 648/2012 on OTC derivatives, central counterparties and trade repositories (43'000 words, also known as EMIR). Even though the Swiss Financial Markets Infrastructure Law much more compact and stringent than its EU counterpart, it is still seen as relatively bloated and not very elegant among Swiss legal scholars. As the European laws have been designed with only the large, established exchanges in mind, they do not leave any room for innovation - and neither does the Swiss copy. In order to fix this without touching the regulation of the established exchanges, the Federal Council proposes to establish a new, more light-weight license category. An important and well-chosen characteristic of that proposal is that it provides the Federal Council with a lot of leeway in the actual implementation. That way, once the parliament (hopefully) passes the proposed law, the Federal Council can write a relatively permissive act to regulate the DLT-Trading-System while retaining some agility which allows to adjust the regulation without going through the parliament again.

All in all, this is an excellent proposal with the right priorities. If the law passes (after our small adjustments, of course :) ), it could greatly contribute to globally making Switzerland the first address for the issuance of security tokens.