IOSCO (the International Organization of Securities Commissions)  has recently published a consultation focusing on how platforms which trade crypto-assets are regulated. The global standards setting body considers that promoting innovation must be balanced with appropriate regulatory oversight. For these purposes, IOSCO defines crypto-assets broadly as “a type of private asset that depends primarily on cryptography and DLT or similar technology as part of its perceived or inherent value, and can represent an asset such as a currency, commodity or security, or be a derivative on a commodity.” Crucially though, it does not analyse which crypto-assets constitutes a security, understandably deferring to regulators in their own jurisdictions.

IOSCO considers that if crypto-asset trading platforms (or CTPs) trade a crypto-asset that is a security and it falls within a regulator’s jurisdiction, then standard regulatory principles should apply (i.e., in terms of investor protection, fair, efficient and transparent markets and investor confidence).

More specifically a CTP is “a facility or system that brings together multiple buyers and sellers of crypto-assets for the purpose of completing transactions or trades.” IOSCO explains that, although they are like traditional trading venues, they can also perform roles more usually undertaken by intermediaries, custodians, transfer agents and clearing houses – and this fact can increase the potential risks. An analysis of CTP operational models by regulators is therefore important.

Some of the risks and issues of trading on a CTP include:

  • Access – where investors, particularly retail investors, have non-intermediated access to a CTP, an important consideration for regulatory authorities centres on who performs the customer on-boarding process. Intermediaries usually carry out such steps and without on-boarding there will be concerns over conduct of business (KYC) and AML due diligence.
  • Safeguarding participant assets – customers’ crypto-assets can be held in wallets where the CTP controls the private key giving it sole control over them. At the very least, this can give rise to the sort of governance issues experienced by investors in Quadriga, whose founder apparently died, taking with him the encrypted access keys to US $143 million of cryptocurrencies held by the exchange in offline storage.
  • Price discovery – additional challenges in looking to ensure efficient price formation may arise where a crypto-asset trades on various CTPs or jurisdictions making price discovery complex and fragmented.

IOSCO also discusses the cross-border sharing of information between regulators. As CTPs operate across multiple jurisdictions, it is vital that member states cooperate in implementing consistent standards of regulation e.g. on enhancing investor protection and exchanging information. Feedback may be provided until July 29.


Sue McLean is a partner in the IT/Commercial Practice Group in Baker McKenzie's London office. Sue advises clients on technology, sourcing and digital media business models and deals, as well as the legal issues relating to the implementation of new technologies. Sue advises clients (both customers and suppliers) on a wide range of technology matters including outsourcing, digital transformation, technology procurement, development and licensing, m/e-commerce, cloud computing, AI, FinTech, blockchain/DLT, social media, data privacy and cybersecurity. Sue also advises on commercial agreements and the commercial, technology and intellectual property aspects of M&A transactions and joint ventures. Sue has experience across various business sectors, including the financial services, consumer, TMT, travel and life sciences industries. She regularly speaks and writes about the impact of disruptive technologies and has a regular blog for Computerworld.


Mark Simpson is a partner in the Financial Services & Regulatory Group in the London office where he practices in the areas of financial regulation, financial crime, and regulatory investigations. He is a member of the Firm's EMEA Financial Services & Insurance Steering Committee, as well as its Global Funds and FinTech Groups. He participates actively in industry bodies including the Alternative Investment Managers Association. He has authored a number of articles and other publications, most notably acting as a general editor of and contributor to the International Guide to Money Laundering Law and Practice, and A Practitioner's Guide to the Law and Regulation of Financial Crime.