One of the best places to start and run business, both within the EU and worldwide,²¹² Estonia, with its innovation oriented regulatory environment, has without surprise been an attractive destination for blockchain-based business. As an EU member state, Estonian financial regulation is based on EU financial law instruments (incl. Prospectus Directive, MiFID II, EMIR, UCITS Directive, AIFMD and AMLD4 discussed above) and, respectively, is yet to put in place a definitive legislative framework regulating ICOs. Having this in mind, this chapter will focus on the existing legislation potentially applicable to ICOs and the current position of the regulator - Estonian Financial Supervision Authority - to the phenomenon of token offerings.

The chapter will, first, provide an analysis of the regulatory framework applicable to ICOs, followed by an overview of the regulatory statements and decisions relevant to token offerings and a few examples of ICOs (including the 'Estcoin' initiative). Finally, the chapter will finish by some critical remarks.

Regulatory framework

Securities Law

Estonian securities law will apply to an ICO where the tokens issued (i) give the investor a participation right in the issuer or (ii) a right to (expect and) receive returns from the investment made when purchasing the tokens. Such tokens would qualify as transferable securities in the meaning of the Securities Market Act -- the key piece of Estonian securities legislation.

Securities Market Act²¹³ defines security as a proprietary right or obligation or contract transferred on the basis of at least unilateral expression of will, even if no document is being issued therefor, which can be executed in the form of, inter alia:

1. a share or other similar tradable right;

2. a bond, convertible security or other tradable debt obligation issued which is not a money market instrument;

3. a subscription right or other tradable right granting the right to acquire securities specified in clause 1) or 2) of this subsection;

4. an investment fund unit and share;

5. a money market instrument (i.e. a low credit, unsecured, transferable and marketable debt obligation issued by an issuer for a term of up to one year which is traded on the money market, including a treasury bond, commercial paper, certificate of deposit and bill of exchange secured by a credit institution complying with the aforementioned characteristics);

6. a derivative security or a derivative contract;

7. a tradable depositary receipt.

Hence, in the absence of the relevant practice available at the time of writing, tokens will be considered as transferable securities and Securities Market Act shall apply to the ICO-s conducted in Estonia (i.e. by an entity incorporated in Estonia) where the tokens issued give the investor participation rights in the issuer (e.g. voting or other rights equal to those of the shareholders) or rights to receive investment returns (interests, dividends or any other type of returns).

Where the tokens qualify as transferable securities it needs to be assessed whether the issue qualifies as a public offering and is subject to the prospectus requirement. Securities Market Act provides for a negative definition of the public offering, whereby any offering must be considered as public, unless the offering (i) is addressed solely to qualified investors,²¹⁴ or (ii) it is addressed to fewer than 150 persons per EU/EAA member state, other than qualified investors, or (iii) is addressed to investors who acquire securities for a total consideration of at least 100,000 euros per investor, for each separate offer, or where (iv) the nominal value or book value is at least 100,000 euros per security (per token), or, finally, (v) where the total consideration of the offering is of less than 2,500,000 euros per all the EU/EAA member states in total calculated in a one-year period of the offering of the securities (tokens).

Where the ICO qualifies as a public offering of securities, the issuer is obliged to comply with the prospectus requirements -- the requirements of the Prospectus Directive (Directive 2010/73/EU) transposed to the Estonian law in the Securities Market Act -- and register the prospectus with the Estonian Financial Supervision Authority (Finantsinspektsioon or EFSA).²¹⁵

Money regulations
-----------------

E-money

Issue of e-money is regulated under Estonian law by Payment Institutions and E-money Institutions Act,²¹⁶ which transposes the E-money Directive (Directive 2009/110/EC) into Estonian legislation. According to the article 6 (1) of the Act, e-money is monetary value stored on an electronic medium (an e-money device) which expresses a monetary claim against the issuer and (i) is issued at par value of the amount of the monetary payment received (i.e. the value of the tokens issued in exchange for a payment of 10 EUR has to be equal to 10 EUR); (ii) is used as a payment instrument to execute payment transactions; and (iii) is accepted as a payment instrument by at least one person who is not the issuer of the same e-money.

The notion of payment transaction under Estonian law is enshrined in article 709 (6) of the Law of Obligations Act, which provides that "a payment transaction is an act initiated by the payer or on the payer's behalf or by the payee of placing, transferring or withdrawing funds, irrespective of any legal relationship between the payer and the payee constituting the basis thereof." Therefore, a payment token which can be "spent" as a means of payment in a payment transaction (e.g. to pay for a service) would constitute e-money under Estonian law for as long as it is issued at par value and is accepted by at least one other person than the one which has issued the token. Accordingly, such or any other types of tokens, which are used to pay for goods or services, do not qualify as e-money if they are not issued at par value of the amount of the monetary payment received or where such tokens are accepted as a payment instrument by its issuer only.

The most significant consequence of a token qualifying as e-money is an authorization that needs to be complied with by the issuer. Under Estonian law (article 6 (7) of the Payment Institutions and E-money Institutions Act), e-money may be issued by either (i) e-money institutions authorized under the Payment Institutions and E-money Institutions Act; (ii) credit institutions within the meaning of the Credit Institutions Act (i.e. banks); (iii) the European Central Bank and central banks of EU/EAA member states when not performing their duties as monetary authorities or other state agencies; or (iv) EU/EAA member states or their regional or local governments when performing their duties. Where the tokens qualify as e-money, they may be distributed or redeemed by either the e-money issuer or a person acting on behalf of the e-money issuer (an agent or a distributor). Upon use of such distributor, the issuer has to notify EFSA and to comply with the specific due diligence requirements set out in the Payment Institutions and E-money Institutions Act and in the Money Laundering and Terrorist Financing Prevention Act (including KYC requirements).

'Virtual currencies'

The notion introduced in the revised Money Laundering and Terrorist Financing Prevention Act,²¹⁷ entered into force on 27 November 2017, under article 3(9) of which virtual currencies "means a value represented in the digital form, which is digitally transferable, preservable or tradable and which natural persons or legal persons accept as a payment instrument, but that is not the legal tender of any country or funds for the purposes of Article 4(25) of PSD2 or a payment transaction for the purposes of points (k) and (l) of Article 3 of the same Directive".

Article 4(25) of PSD2 defines funds as banknotes and coins, scriptural money or electronic money as defined in point (2) of Article 2 of Directive 2009/110/EC (E-money directive), whereas points (k) and (l) of Article 3 of PSD2 define payment instruments and transaction as follows:

• services based on specific payment instruments that can be used only in a limited way, that meet one of the following conditions: (i) instruments allowing the holder to acquire goods or services only in the premises of the issuer or within a limited network of service providers under direct commercial agreement with a professional issuer; (ii) instruments which can be used only to acquire a very limited range of goods or services; (iii) instruments valid only in a single Member State provided at the request of an undertaking or a public sector entity and regulated by a national or regional public authority for specific social or tax purposes to acquire specific goods or services from suppliers having a commercial agreement with the issuer; and

• payment transactions by a provider of electronic communications networks or services provided in addition to electronic communications services for a subscriber to the network or service: (i) for purchase of digital content and voice-based services, regardless of the device used for the purchase or consumption of the digital content and charged to the related bill; or (ii) performed from or via an electronic device and charged to the related bill within the framework of a charitable activity or for the purchase of tickets;

Taking into account the above, tokens, which are accepted as a payment instrument, yet do not qualify neither as e-money under the Payment Institutions and E-money Institutions Act (see earlier discussion of "E-money") nor as funds or payment instruments or transactions under PSD2, may qualify as 'virtual currencies' in the meaning of article 3(9) of Money Laundering and Terrorist Financing Prevention Act. The main consequences of such qualification are (i) the authorization requirement (authorization is obtained from the Financial Intelligence Unit (FIU), an independent structural unit of the Estonian Police and Border Guard Board, which is charged with the supervision of the entities which are subject to Money Laundering and Terrorist Financing Prevention Act²¹⁸ and (ii) the obligation of the issuer to comply with the due diligence requirements as set out in the Money Laundering and Terrorist Financing Prevention Act (including KYC requirements).

Although qualification as a 'virtual currency' under Estonian law is obvious with respect to payment tokens such as Bitcoin (see overview of the Supreme Court decision below), it is not explicitly excluded also for other tokens which are used as payment instruments. Such concerns have been voiced by EFSA,²¹⁹ which suggests conducting a case-by-case assessment when organizing an ICO or purchasing tokens.

Payment services

The regulation of provision of payment services may apply to the token issuers in the context of operations with fiat currencies. Payment Institutions and E-money Institutions Act provides a list of payment services, which amongst others, include execution of payment transactions, including transfer of funds to a payment account opened with a payment service provider.²²⁰ Insofar as the token issuers offer payment accounts to the token holders with the possibility to conduct payment transactions (see the definition above) the issuers will may have to comply with the authorization requirements (as payment institutions) as set out in the Payment Institutions and E-money Institutions Act.

Credit institution authorization

Token offerings which qualify as public offerings, and are aimed at raising funds with the purpose of lending, are reserved to authorized credit institutions (banks).

In accordance with the notice issued by EFSA (08.09.2015)²²¹ all undertakings, who use funds obtained from the public (incl. through public offerings or any other kind of debt issue) to grant loans as a part of their business and commercial activities, shall be authorized as credit institutions. Credit institution's authorization is granted under the conditions specified in the Credit Institutions' Act.²²² This position has been reiterated by EFSA with respect to the ICO's as a consideration to be assessed on a case by case basis when planning the issue (see under section II below).

Consumer protection

General consumer rights are enshrined in the Consumer Protection Act, which regulates the offering and sale, or marketing in any other manner, of goods or services to consumers by traders, provides for the procedure for alternative dispute resolution between consumers and traders, including the organisation of the work of the Consumer Disputes Committee, the organisation and supervision of consumer protection and liability for violations of the Act.²²³

Specific rights and obligations, applicable depending on the type of token issued in an ICO, include the disclosure and information obligations laid down in Securities Market Act (under Prospectus requirement, articles 14 et seq.) as well as the provisions of the Law of Obligation Act, (article 709 et seq.), regulating provision of information and fees related to the payment service contracts.

Critical thoughts and comparative analysis

Known as technological innovation hub, Estonia has attracted numerous blockchain-based projects, including ICOs. In line with the general approach to innovation, Estonian financial sector regulator (EFSA) has expressed its interest in the new developments and readiness to engage in the dialogue with the market players -- both issuers and investors.

Despite the openness of the regulator the legislative (regulatory) framework is yet to embrace ICOs within its scope. While some indications have been made as to potential applicability of the existing rules to the new phenomenon of ICO and tokens more broadly, specific legislative initiatives are not to be expected. Insofar as Estonian legislation potentially applicable to different types of ICO (notably securities, e-money, payments and AML law) is largely based on EU secondary legislation, it is unlikely, that ad hoc national laws will be introduced to facilitate ICOs in the absence of EU initiative or a wider European consensus. However, Estcoin (see above) initiative, if implemented, can result in creating a new standard for a 'trusted ICO', that will allow to improve legal certainty and contribute into establishing of a comprehensive regulatory framework for token offerings.

Nikita Divissenko