European Blockchain Services Infrastructure

The European public sector is building its own blockchain services infrastructure, which should soon be interoperable with private sector platforms. The European Blockchain Services Infrastructure (EBSI) consists of a peer-to-peer network of interconnected nodes running a blockchain-based services infrastructure. Each member of the European Blockchain Partnership (EBP) – the 27 EU countries, Norway, Liechtenstein and the European Commission – will run at least one node. This collaborative approach aims to ensure secure, cross-border digital services and reinforce Europe’s digital sovereignty.

Digital Asset Bill

Digital asset is an extremely broad term, encompassing a variety of things such as digital files, digital records, email accounts, digital carbon credits, cryptoassets and non-fungible tokens (NFTs). The Law Commission’s recommendations only apply to a subset of digital assets, of which the main one is cryptotokens. Currently there are two categories of property, “things in possession” (e.g. gold, money, cars) and “things in action” (e.g. debts, shares). This Bill introduces a third category of “thing” to allow for certain digital assets to attract personal property rights. The action being taken on digital assets is in response to the Law Commission’s report in 2023. The MOJ commissioned the report to identify any barriers to the recognition of digital assets as property under English and Welsh private law and to recommend solutions. 

The European Banking Authority (EBA) 

Pursuant to the EU’s Markets in Crypto-assets Regulation (MiCAR) (Regulation 2023/1114), the EBA is responsible for carrying out assessments of asset-referenced tokens (ARTs) and electronic money tokens (EMTs) in order to identify if they meet the criteria for significance as set out in MiCAR. Where the EBA classifies an ART or EMT as ‘significant’, the EBA is responsible for carrying out relevant supervisory tasks under MiCAR, including establishing, managing and chairing supervisory colleges for all significant ARTs and significant EMTs. The EBA is responsible for conducting direct supervision of issuers of significant ARTs, while significant EMTs (where issued by electronic money institutions) are subject to dual supervision by the EBA and the respective home competent authority. The EBA will exercise its supervisory powers in close cooperation  with any other competent authorities responsible for supervising the respective issuers (in cases where the issuer also carries out other financial services activities).

HMRC new rules for crypto holders

Starting in January 2026, the UK’s HM Revenue & Customs (HMRC) will implement new regulations requiring cryptocurrency users to provide detailed personal information, including their full name, address, date of birth, and tax identification numbers, while trading platforms and crypto service providers will be obligated to collect and report comprehensive transaction data directly to HMRC, a measure designed to enhance tax compliance, increase transparency, and prevent tax avoidance, while also creating a more secure and accountable environment for digital asset management in the UK, signaling a major step toward formalizing regulatory oversight of the cryptocurrency sector and ensuring that individuals and businesses engaging in crypto activities operate within clearly defined legal and fiscal frameworks. This regulatory shift is expected to operate in parallel with, and be reinforced by, information-sharing frameworks and cooperative initiatives between HMRC and European Union tax and financial authorities, enabling cross-border tracking of cryptocurrency transactions and enhancing the effectiveness of both UK and EU efforts to combat financial crime, tax evasion, and illicit use of digital assets.

Digital Operational Resilience Act (DORA)

The Digital Operational Resilience Act (DORA) is a regulation introduced by the European Union to strengthen the digital resilience of financial entities. It entered into application on 17 Jan 2025 and ensures that banks, insurance companies, investment firms and other financial entities can withstand, respond to, and recover from ICT (Information and Communication Technology) disruptions, such as cyberattacks or system failures.

 

DORA brings harmonisation to rules relating to operational resilience for the financial sector, applicable to 20 different types of financial entities and ICT third-party service providers.

 

What is cyber recovery

Cyber recovery specifically refers to a responsive solution involving the processes and measures put in place to restore and recover data, systems, and services after a cyber incident. It is a subset of cyber resilience, focusing on the restoration of critical technology assets that may have been compromised, damaged, or rendered inaccessible during an attack. Cyber recovery strategies are well-defined recovery procedures that include recovery from the last known good sources of data. The emphasis is on minimizing downtime and ensuring that the organization can return to normal operations as swiftly as possible.

 

Anti-Money Laundering Directives (AMLD)

Essentially all regulated entities need to apply customer due diligence requirements for business relationships (i.e identify and verify the identity of clients, monitoring and reporting suspicious transactions). Over the past three decades, the European Union (EU) has regularly improved its framework to fight money laundering and terrorist financing and guarantee a consistent approach to AML legislation with the single market and protect the financial system.

The EU Anti-Money Laundering Directives (AMLDs) are issued periodically by the European Parliament to be implemented by Member States as part of domestic legislation. Every directive includes new additions or updates regulatory obligations on member-state governments. Since 2015, the EU adopted a modernised regulatory framework incorporating the following Anti-Money Laundering Directives (AMLDs):

 

Cyber Resilience Act (CRA)

The Cyber Resilience Act enhances cybersecurity standards of products that contain a digital component, requiring manufacturers and retailers to ensure cybersecurity throughout the lifecycle of their products. The Cyber Resilience Act (CRA) aims to safeguard consumers and businesses buying software or hardware products with a digital component. The Cyber Resilience Act addresses the inadequate level of cybersecurity in many products, and the lack of timely security updates for products and software. It also tackles the challenges consumers and businesses currently face when trying to determining which products are cybersecure and in setting them up securely. The new requirements will make it easier to take cybersecurity into account when selecting and using products that contain digital elements. It will be more straightforward to identify hardware and software products with the proper cybersecurity features.

 

Digital Asset Tekenization

One of the major financial discussion themes at 2024’s Annual Meeting was how physical and financial assets can be ‘tokenized’, meaning that a digital representation of the asset is created on the blockchain to allow them to be exchanged securely in real time.

Now after years of investment, proof of concept and testing, the planets are aligning and tokenization of financial assets is finally happening at an institutional and governmental level. This shift will forever change the way that nations trade and promote more inclusive financial participation, unlocking new liquidity in traditionally illiquid markets such as real estate, private equity, and infrastructure, while enabling near-instant settlement, reducing counterparty risks, and setting the stage for programmable money and compliance automation through smart contracts embedded directly in financial instruments.