Blockchain 2022 Comparisons

The blockchain sector in Sweden is developing and evolving rapidly and continuously. For a few years, the industry has been led by more traditional and well-established blockchain operations, such as cryptocurrency exchange. However, there has been increased interest of late in other innovative uses of blockchain-based technology in entirely different contexts – eg, as means of collateral in lending arrangements – and in crossovers and combined service offerings of token-based payment transactions and traditional payment services. Consistent with Sweden's history and reputation as a spearhead fintech market, Swedish companies continue to show interest in innovating the use of blockchain technology in various ways that extend beyond the more traditional uses.

The main legal challenges expected in the blockchain sector stem from the European Commission’s proposals in its so-called digital finance package, published in September 2020. The package includes several legislative acts, such as:

• a proposed Regulation on Markets in Crypto-assets (MiCA);
• a proposed regulation on a pilot regime for market infrastructures based on distributed ledger technology; and
• amendments to the existing framework of securities and investment laws to explicitly include financial instruments based on distributed ledger technology.

In a recent development regarding the legislative process, the European Parliament’s Committee on Economics and Monetary Affairs adopted a draft report on the MiCA on 14 March 2022, which contained a notable point of contention in the proposed prohibition on the use of the “proof of work” mining method which, after voting in the Committee, was not included in the most recent iteration of the Regulation (see 9. Mining and Staking). Furthermore, the proposed regulation on a pilot regime for market infrastructures based on distributed ledger technology was adopted on 30 May (see Regulation (EU) 2022/858) and will, in most parts, apply from 23 March 2023. The legislative process and negotiations now continue regarding the remaining parts of the legislative package among the European Parliament, the European Council and the European Commission.

The most predominant use of blockchain technology in Sweden, by sheer scale of operations, continues to be in the cryptocurrency exchange sector. There are two market-leading Swedish companies offering such services, and also a number of foreign exchanges whose services are accessible in Sweden.

In terms of more innovative uses of blockchain technology, there has been increased interest in developing financial instruments based on distributed ledger technology, with the intention of such instruments being traded on regulated markets. To date, there are no cases where this has been accomplished in Sweden, but foreign examples have sparked Swedish interest in evaluating and possibly developing similar models.

In April 2022, Karolinska University Hospital announced that it is evaluating the possibilities of utilising blockchain technology in the healthcare sector, particularly to facilitate more secure management and sharing of personal health data within highly specialised healthcare.

There are also numerous other initiatives, with a general upward trend in Swedish companies and public bodies showing interest in utilising the unique characteristics and benefits of blockchain technology.

There is currently no specific regulatory regime or position on decentralised finance protocols in Sweden. The operations of automated market makers, wallet aggregators, decentralised synthetic investment platforms, decentralised prediction markets, decentralised stablecoins and decentralised lending platforms will need to be assessed against the regulatory frameworks for similar traditional financing activities in order to determine how they should be handled from a regulatory and licensing perspective.

As will be further elaborated in this article, the Swedish regulations are generally technology-neutral and the analysis to be performed favours a function-over-form approach. This means that the actual rights and obligations connected to digital assets and services provided in relation to them will determine which regulatory regime applies, rather than formal classifications and the underlying technology that is used.

The non-fungible token (NFT) movement is fairly undeveloped in Sweden but there is a steady increase in interest from the market, mainly on the buy side but with increasing interest from creators to market their creations through NFTs and the use of NFTs to represent digital ownership rights (noting that the legal status of such rights is still relatively unclear under Swedish law).

However, whilst there is increasing interest in NFTs in Sweden, the widespread and developed international infrastructure for creating and trading NFTs continues to be used rather than local infrastructure providers.

Swedish law does not contain any comprehensive regulation governing blockchain technology or cryptocurrencies as such. There is, to a limited extent, specific regulation regarding certain activities relating to virtual currencies, which subjects custodian wallet providers and virtual currency exchanges to regulatory registration requirements and requirements to comply with the Swedish Anti-Money Laundering Act (SFS 2017:630) (the AML Act), but operations relating to virtual currencies are otherwise largely unregulated under Swedish law. Depending on the characteristics of any particular virtual currency or other type of blockchain-based digital asset, it is also possible for them to be included under more general legal frameworks – eg, to the extent they constitute financial instruments.

The Swedish AML Act implements EU Directive 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (the AMLD), including as amended by EU Directive 2018/843, whereby some categories of virtual asset service providers were brought within the scope of rules governing anti-money laundering (AML) and countering the financing of terrorism (CFT).

Whereas the AMLD applies only to service providers in the blockchain sector that are engaged in exchange services between virtual currencies and fiat currencies, as well as custodian wallet providers, Swedish law extends the scope of AML/CFT requirements to a slightly wider set of service providers by also including providers of exchange services between virtual currencies.

However, Swedish law does not go as far as to completely align with the FATF standards, which also extend to persons conducting business activities of transferring virtual assets and participating in and providing financial services related to an issuer’s offer and/or sale of a virtual asset. In some cases, those activities may nevertheless be within the scope of Swedish regulatory registration requirements (as well as requirements to comply with AML legislation) if they comprise one or more regulated financial operations, such as providing financial advice or acting as underwriter.

The Swedish Financial Supervisory Authority (Finansinspektionen) (the SFSA) supervises the compliance of registered providers of virtual currency exchange services and/or custodian wallet providers with the Swedish AML Act and the requirements stipulated therein, such as carrying out a business-wide risk assessment, applying customer due diligence measures, monitoring transactions and reporting suspicious activities or transactions.

Notably, the SFSA commenced supervisory investigations in October 2021 relating to two Swedish companies providing cryptocurrency exchange services. The SFSA noted that virtual currency exchange services has been identified as being associated with a high risk of money laundering by both the European Commission and the Swedish national co-ordinating function for measures to combat money laundering and terrorist financing (which is led by the Swedish Police Authority). This indicates that the blockchain industry and compliance with regulatory requirements by participants in that industry are of particular interest to the regulator.

Currently there are no self-regulatory organisations or trade groups that perform regulatory or quasi-regulatory roles in relation to blockchain in Sweden.

In a judgment from 2017 (NJA 2017 p. 769), the Swedish Supreme Court assessed whether a negotiable debt instrument under Swedish law can be digital. A negotiable debt instrument is essentially an instrument that is itself representative of a legal debt, meaning that whoever holds the instrument is typically entitled to require payment from the obligor. The Swedish legislation on negotiable debt instruments is from 1936 and thus assumes that these instruments exist in physical paper form. However, the Supreme Court’s judgment held that the law does not strictly require a negotiable debt instrument to exist physically, and should be interpreted and applied in a technology-neutral manner, provided that doing so does not jeopardise the fundamental principles and interests that the law is intended to protect. According to the Supreme Court, this means that a digital negotiable debt instrument can be recognised legally, provided that it is designed in a manner that ensures an obligor is afforded technical means of verifiably fulfilling its payment obligation and extinguishing the debt, comparable to those afforded an obligor under a physical negotiable debt instrument (who is by law entitled to have the physical negotiable debt instrument returned to them upon making payment).

While the Supreme Court did not specify in its judgment how this could be achieved in practice, it has been theorised and discussed in the legal community that blockchain-based technology could possibly enable corresponding possibilities of verifying payment, due to its inherent limited capability of being manipulated.

In 2013, the SFSA issued a decision against a person who was providing money remittance services comprised of taking receipt of fiat currency from customers in Sweden and using those funds to purchase Bitcoin from an exchange service provider in Iran. The customers could subsequently instruct the Iranian exchange service provider how to settle the outstanding balance – eg, by exchanging the balance in Bitcoin to local currency. In essence, this enabled the customers to transfer money from Sweden to Iran by way of exchanges to and from Bitcoin. The SFSA intervened and ordered the Swedish service provider to cease its operations on the basis that they comprised licensable payment services for which the service provider did not hold the requisite licence as a payment institution. The decision was appealed but was upheld by the Stockholm Administrative Court in 2014.

This case provides some guidance as to the perimeter of permitted and prohibited blockchain activities, by clarifying that, although virtual currencies themselves are not considered to constitute “funds” for purposes of the Swedish Payment Services Act (SFS 2010:751), a service provider taking receipt of funds (ie, fiat currency) from customers and transferring a corresponding amount by purchasing Bitcoin for purposes of effectively remitting the customers’ funds is carrying out activity that is licensable as a payment service under the Payment Services Act.

There are currently no regulatory sandboxes for blockchain technology in Sweden. However, the SFSA has established an innovation hub that deals with fintech in general.

No particular tax rules have been introduced in relation to blockchain or cryptocurrencies, or operations relating to such technology.

The Swedish Central Bank (Riksbanken) is currently assessing the possibility of establishing and backing an e-currency: the e-krona.

Since February 2020, Riksbanken has been running a pilot project with a third-party technical service provider to develop a technical platform for a blockchain-based e-krona. The solution is based on digital tokens that are portable, cannot be forged or copied (double-spent) and enable instantaneous peer-to-peer payments. The tokens would be guaranteed a fixed value corresponding to the Swedish krona, so that the value of the user’s funds would always be identical regardless of whether they are held in the form of cash, a bank account balance or e-currency. The technical solution for the e-krona currently being considered is based on the e-krona being issued and redeemed exclusively by Riksbanken, while the e-krona would be distributed via participants in a private e-krona network administered by Riksbanken (eg, banks).

Riksbanken evaluated the first phase of its pilot project in an April 2021 report, in which it commented that the e-krona would not legally be classified as a virtual currency if it is based on the technical solution that is currently being considered, where it would not be decentralised.

The pilot project has been extended to a phase 2, which will include continued analysis of the legal aspects of the e-krona, as well as continued technical developments. In addition, the Swedish government has requested the preparation of a report to be published in November 2022, covering, inter alia, an analysis of the need for Riksbanken to issue an e-currency as well as the need for legislative amendments in order to enable it to do so.

There are two perspectives on the ownership and valid transfer of blockchain-based digital assets:

• the finalisation of a transfer as between the parties to such transfer; and
• the finalisation and validity of transfer of ownership for purposes of rights in rem.

As between the parties to a transfer of blockchain-based assets (as well as the respective service providers involved in such a trade), general contract law principles apply, meaning that the parties are generally at liberty to agree and determine at what point during the transactions various rights and obligations associated with the ownership of the assets shall be transferred from one party to the other, as well as the involved parties’ respective liabilities to one another during the course of completing the transaction (as well as thereafter). In that regard, Swedish law does not prescribe any particular rules specific to blockchain-based assets.

However, the validity of ownership transfer from the perspective of obtaining rights in rem is a more complex issue, and in the absence of precedence it is a question that is yet to be definitively settled. One fundamental aspect of rights in rem under Swedish law is how and when transfer of ownership to certain property confers protection to the transferee (purchaser) from claims by the creditors of the transferor (seller).

The general rule under Swedish law is that a transfer of ownership must have been manifested through some observable action in order to entail rights in rem for purposes of protection from creditors for the purchaser. For typical physical movable property such as ordinary goods, the change in ownership is manifested through the act of transferring possession of the goods to the purchaser, pursuant to the so-called principle of tradition. However, due to practical impossibilities this principle cannot be applied the same way in relation to immovable property or dematerialised assets. In those cases, the legislator has instead enacted specific legislation that ties the validity of rights in rem association with ownership to registration. For example, this applies to dematerialised stocks and bonds, other types of financial instruments and emission allowances.

For blockchain-based assets however, there are no similar rules under Swedish law which ascribe validity to rights in rem based on registration. It is therefore uncertain whether and how rights in rem could be obtained for transfers of blockchain-based assets.

The situation could possibly be resolved through the analogous application of principles that apply to other types of property that share some common characteristics with blockchain-based assets. One conceivable such solution could be to make comparisons with a simple claim, for which rights in rem are obtained by a transferee giving notice to the debtor of the change in creditors from the transferor. The same applies to transfers of bank account balances, wherein the bank is given notice of the transfer of ownership. However, it also conceivable that blockchain-based assets could be treated the same way as various intellectual property rights, in relation to which the Swedish Supreme Court has held that a purchaser obtains rights in rem through the purchase agreement alone (see NJA 2010 p. 617).

Another possibility is that rights in rem would be conferred upon the transferee being severed from exercising rights of disposal over the property by way of technical and practical restrictions, making it impossible for the transferee to execute any disposition over the assets. Finally, it is not entirely impossible that, for some types of blockchain-based assets, Swedish law simply may not recognise any practically feasible means of ensuring rights in rem when transferring ownership.

It is possible – and quite probable – that not all blockchain-based assets would be treated the same in this regard, but rather that there could be different solutions and views applied to various types of blockchain-based assets based on their individual characteristics. For example, for security tokens or other blockchain-based assets that represent a claim on the issuer or sponsor, it might make sense to analogously apply the same principles as for transfer of ownership to simple claims and bank accounts – ie, by providing notice to the issuer or sponsor. However, that would not work well – and might therefore be a less relevant analogy – for other types of blockchain-based assets, such as Bitcoin or other cryptocurrencies used as means of payment.

Ultimately, however, due to the absence of any precedent, one can merely speculate as to how the question may be resolved and it can currently only be concluded that the state of Swedish law is uncertain as to whether and how one can transfer ownership to blockchain-based property for purposes of rights in rem in relation to protection from the transferor’s creditors.

There is no recognised categorisation system for digital assets in Sweden; their legal classification needs to be analysed on a case-by-case basis against traditional legal concepts and institutes. This makes the determination of the legal nature of digital assets fairly difficult for market participants without legal expertise.

Since the rights associated with a digital asset may vary in each individual case, and since the naming of certain assets will not affect their legal categorisation, it is difficult to provide general observations. However, a few comments can be made regarding the most discussed categories – namely security tokens, utility tokens and currency tokens – and how they typically relate to the same relevant legal concepts, such as financial instruments. It is also important to note that nothing precludes a digital asset from having characteristics that may bring it under legal concepts that are not typically associated with the classification of such assets – eg, a utility token that provides rights to potential dividends if the launch of a service is successful may be deemed to be a financial instrument even though utility tokens are generally unlikely to be deemed as such.

It is currently uncertain whether digital assets may be deemed to be financial instruments under Swedish law. The determining factor in this context is the legal concept of transferable securities, which is an EU-wide concept that determines the application of, inter alia, the MiFID II rules and their national implementations. The European Securities Markets Authority (ESMA) is of the opinion that digital assets may constitute transferable securities, although this depends on their structure in each individual case. The SFSA has expressed that dematerialised instruments might be deemed to be securities if the digital asset is capable of being registered in a manner that has the same legal effect as a traditional bearer security (ie, a physical certificate – see 2.5 Judicial Decisions and Litigation and 3.1 Ownership). The SFSA further expressed that the lack of precedent on how an acquirer obtains right in rem (ie, rights against other parties than the seller) renders it unclear whether digital assets can constitute securities. A further condition mentioned by the SFSA is the need for the digital asset to confer rights to its holder in relation to the issuer for it to be deemed a security.

Based on the above, it can be concluded that currency tokens (ie, digital assets that are intended to be used as a general means of payment) will not be deemed to be financial instruments since they will generally not qualify as securities under Swedish law. If the currency tokens were to confer rights to the holder, it is still unlikely that they would qualify as transferable securities under MiFID II since instruments of payment are exempt from the definition of transferable securities.

Digital assets that function as a means of access to or payment for a specific service or good without general application as a means of payment (ie, utility tokens) are unlikely to be classified as transferable securities, mainly because they function as a means of purchase of a specific service or good rather than an instrument intended to transfer capital and risk between parties. The relationship between the buyer and seller of goods or services is mainly governed by generally applicable commercial law and consumer protection law, as well as any potential regulation relating to the specific category of goods or services. However, if a utility token is being marketed as an investment opportunity with the potential to make a profit if the project relating to the token is successful, it is more likely that the token may qualify as transferable securities.

Security tokens (ie, digital assets with the primary purpose of raising capital for an issuer and/or serving as an investment opportunity for the investors with characteristics that may resemble customary financial instruments such as shares and bonds) are likely to be classified as transferable securities, provided that they meet the Swedish test for qualifying as securities and the requirements on transferability and being negotiable on the capital market.

If a digital asset is deemed to be a financial instrument, the provision of investment services relating to that digital asset is subject to securities and investment laws and regulations, most notably MiFID II and the Prospectus regulation.

Stablecoins are not explicitly regulated in Sweden and there is limited guidance on how they should be interpreted under Swedish law. No distinction is made between stablecoins backed by deposits of fiat currency and algorithmic stablecoins. An analysis will have to be performed in each individual case regarding the rights of the holder and the obligations of the issuer of the stablecoin.

To the extent that the holder of the stablecoin receives rights vis-à-vis the issuer (eg, the right of conversion to the underlying currency or asset), the legal relationship may either directly or by analogy fall under the rules applicable to negotiable debt instruments (see 2.5 Judicial Decisions and Litigation). If the condition of negotiability (ie, that the rights pertain to the holder of the stablecoin rather than it being treated as a debt of the issuer in relation to a specific person) is not met, the rules applicable to non-negotiable debt instruments may be applied instead. These rules under Swedish law are applied by analogy law to claims in general.

Swedish law does not prohibit the use of cryptocurrencies as means of payments, but does not recognise cryptocurrencies as legal tender that any person is legally required to accept as means of payment.

Swedish law recognises only banknotes and coins as legal tender that households and companies must be able to use to make payments. However, this general rule is not without exceptions. Firstly, there is the possibility of waiving the obligation to accept cash by agreement, both in private enterprise and in such public sector operations that can be equated with private enterprise (eg, municipal car parks). Secondly, there are exemptions from the obligation to accept cash as payment in a number of legal acts, such as tax legislation, which means it is not possible to pay tax in cash.

Due to these observations and the limitations of cash as legal tender, the Swedish Central Bank is currently assessing the possibility of establishing and backing an e-currency that would, per the current working assumption, constitute legal tender under Swedish law (see 2.9 Other Government Initiatives). This project is currently at a relatively early stage so it is uncertain whether and how it will be realised.

There are currently no specific regulations under Swedish law in relation to NFTs. Customary commercial and consumer protection law applicable to marketing and sales in general will also be applicable to NFTs, assuming they are not deemed to be financial instruments (see 3.2 Categorisation and 5. Capital Markets and Fundraising).

The availability of markets for digital assets is relatively broad in Sweden, especially in proportion to the size of the country. There are a handful of Swedish companies operating markets for cryptocurrencies, most of which are non-custodial, but also some which include custody services.

However, there are no widely established active Swedish-operated markets for digital asset securities, nor for NFTs. Consequently, in Sweden the distinction is quite clear between markets for cryptocurrencies on the one hand and markets for other types of digital assets on the other hand.

There are a number of service providers, both Swedish and foreign, offering exchange services relating to cryptocurrencies to Swedish customers. Under Swedish law, the regulation makes no distinction between exchange service providers of fiat-to-crypto exchanges (or vice versa) and crypto-to-crypto exchanges; both types of operations are subject to registration requirements and requirements to comply with the Swedish AML Act.

The Swedish AML Act imposes requirements on obliged entities to risk assess their operations, assess the risk of each customer, apply customer due diligence measures to obtain “know your customer” information, monitor transactions and report any suspicious activities or transactions to the Swedish Police Authority. These requirements apply to quite a wide range of activities involving digital assets but not categorically to all operations that involve digital assets. Activities that are within the scope of these requirements are services for fiat-to-crypto exchange (or vice versa), crypto-to-crypto exchange services and custodian wallet providers, while operations that are not subject to AML requirements (provided that they relate to digital assets that do not qualify as financial instruments) include the issuing of a digital asset, brokering trades in digital assets, acting as placement agent for an issuer or sponsor of a digital asset, and dealing in digital assets for own account. Moreover, the AML Act applies to financial operations such as banking activities, investment services, payment services, etc, that can be – but are not necessarily – applicable in operations relating to digital assets.

Markets for digital assets are generally unregulated, as current Swedish market abuse regulations are applicable only to financial instruments and thus do not comprehensively apply to digital assets. Consequently, many blockchain-based assets such as the most common cryptocurrencies fall outside the scope of market abuse regulations.

A digital asset exchange service provider whose services do not relate to financial instruments is subject only to a limited range of regulatory compliance obligations, which primarily relate to AML procedures. Consequently, there are no requirements for such providers to hold customers’ digital assets in any particular manner, nor any firm restrictions on the possibility of re-hypothecating such assets. Instead, this would be for the service provider and its customers to govern in their service agreements.

However, it is worth noting that the service provider would be required to adhere to certain rules in relation to how it holds customers’ assets if its customers are to be afforded protection of their digital assets from the creditors of the service provider in an insolvency event. The Swedish Escrow Funds Act (SFS 1944:181) enables so-called separation rights to apply to fungible property that is held in escrow by a trustee on behalf of a principal. Separation rights are rights for the principal to separate its assets from the bankruptcy estate of the trustee, thus protecting the assets from the (other) creditors of the trustee.

While there is no precedent under Swedish law regarding the possibilities of applying the principles of the Escrow Funds Act to fungible cryptocurrencies specifically, the act has been applied analogously to other types of fungible property than ordinary funds. Consequently, there is reason to believe that the same principles should apply to fungible cryptocurrencies such as Bitcoin, Ethereum and other similar cryptocurrencies that are interchangeable in their function as means of payment.

Drawing upon case law relating to other types of fungible property and applying it analogously to fungible cryptocurrencies, it is likely that a number of requirements would need to be fulfilled in order for separation rights to be recognised under Swedish law:

• the service provider must be bound by terms and conditions that require it to account for the principal’s cryptocurrency and hold it in trust, and prohibit it from intermingling the principal’s cryptocurrency with the service provider’s own assets;
• the service provider must hold its customers’ cryptocurrency in technically separate account-like structures (wallets or similar constructions) that have the characteristics of a rational and natural manner of handling property held in trust;
• the service provider may not at any time hold its own cryptocurrency or other assets on the accounts where customers’ cryptocurrencies are held; and
• from the time that the service provider takes receipt of customers’ cryptocurrencies, they must be transferred to the technically separate customer accounts without delay (any more than two days is likely to constitute delay).

Custodian wallet providers are subject to regulatory registration requirements (with the SFSA) and requirements to comply with the Swedish AML Act.

Please see 3.2 Categorisation regarding the classification of tokens as transferable securities and financial instruments. Activities involving tokens that are classified as transferable securities (and thereby financial instruments) are subject to securities and investment laws. These are harmonised throughout the EU to a significant extent, most notably through MiFID II and the Prospectus regulation (Regulation (EU) 2017/1129). In relation to so-called utility tokens that do not qualify as financial instruments, general commercial law, consumer protection law and regulations specific to any underlying good or service will be applicable.

The use of an exchange in the offering of tokens does not generally affect the regulations applicable to an ICO. However, the exchange itself may be subject to regulatory requirements, particularly if the tokens offered are deemed to be financial instruments under MiFID II.

As far as is known, no token launch mechanisms other than the ones mentioned in 5.1 Initial Coin Offerings and 5.2 Initial Exchange Offerings are being used in Sweden.

Swedish laws regulating investment funds and collective investments schemes generally implement the EU UCITS Directive (Directive 2009/65/EC) and the AIFM Directive (Directive 2011/61/EU); while there are certain particularities in these Swedish laws, they do not specifically relate to investment funds or collective investment schemes that invest in digital assets.

There is no bespoke regime that applies to operations specifically relating to blockchain-based assets or other digital assets per se.

There are no specific laws or judicial decisions addressing the legal enforceability of smart contracts. The Swedish law on the formation of contracts is technology-neutral and as such does not preclude smart contracts from constituting valid agreements between the parties that use them. Two cases may be distinguished.

In the first case, parties agree “off-chain” to use a particular smart contract as a mode of delivery when executing an obligation that has been agreed off-chain (eg, an interest payment) on a particular date that is automatically calculated and executed by the smart contract where the underlying right to such a payment is documented in a loan agreement off-chain. The validity of such performance of an obligation is within the freedom of contract of the parties and would generally be legally binding.

In the second case, the parties do not have a pre-existing relationship that has been agreed off-chain but rather use the smart contract as their only mode of communicating and exchanging performances. Under Swedish law, a contract may be entered into between parties through action, with the textbook example being a car parker being bound to the terms of the parking garage by parking in the garage (as long as the terms are available to the car parker). It is likely that the same reasoning can be applied to a contract being entered into through the use of a smart contract.

It should be noted that it is not the smart contract itself that constitutes the agreement. An agreement between two parties is a legal concept of an abstract nature that in turn can be manifested and documented (eg, through a written contract or computer code in a smart contract), but where the manifestation does not necessarily reflect the binding abstract agreement between the parties (although it is often difficult to prove that the content of an agreement differs from its physical manifestation).

Furthermore, the Swedish law on the formation of contracts allows for the altering of contracts on the grounds of them being unconscionable (especially in relation to consumers vis-à-vis businesses) or because the formation of the contract was invalid due to fraud, usury or duress, for example. The obligations manifested through and any performance of a smart contract can therefore potentially be challenged in court on the grounds of the agreement being unfair or invalid.

Under Swedish law, developers of blockchain-based networks would not be held responsible in relation to users of said networks due to the developers being considered as fiduciaries.

Swedish law regulates both consumer and corporate lending, and the differences between the two sets of regulatory frameworks are quite significant. Consumer lending and consumer loan brokerage are subject to licensing requirements under a bespoke national regime, while corporate lending is generally subject only to a less onerous registration requirement in the same way as a number of other financial operations (including services for the exchange of virtual currencies or custodian wallet services). However, if lending (whether to corporate or consumer borrowers) is combined with deposit-taking from the public, the lender is subject to licensing requirements as a credit institution.

Swedish law is ambiguous as to whether the lending of digital assets comes within the scope of Swedish laws that relate to lending activities: while Swedish law states that a number of types of lending are within the scope of these rules, such as consumer credit, credit agreements relating to immovable property, factoring, with or without recourse and the financing of commercial transactions including forfeiting, all of these examples relate to lending of funds (ie, fiat currency) and not to lending of other types of property.

However, the preparatory works to this legislation establish that the meaning of lending is broad and includes many different types of financing, and that the term should be given an interpretation that is functional in nature and includes activities that are functionally similar to the granting of credit in a more traditional sense. The assessment of whether lending of any particular type of digital asset qualifies as licensable under Swedish law therefore needs to be made on a case-by-case basis, taking into account whether the transaction is functionally similar to traditional lending. There may be a distinction between, for example, the lending of digital assets that are readily available to be used as means of payment (which would be more likely to fall within the scope of Swedish legislation on lending activities) and the lending of digital assets that do not inhabit such characteristics, such as utility tokens.

Ultimately, given the absence of case law or other clear guidance, it remains to be determined whether and how the Swedish legislation on lending activities can be applied to lending activities that relate to digital assets.

Pursuant to Swedish law, the action necessary to perfect a pledge in order to create a security interest is generally the same as the action to be taken in order for a purchaser of an asset to receive rights in rem towards the creditors of the seller. As explained in 3.1 Ownership, there is significant uncertainty regarding what action is necessary in relation to digital assets.

A central element is that the pledging party (pledgor) will need to be cut off from having access to the pledged asset. As this may be difficult to achieve with digital assets because it is difficult to know whether the pledgor has back-ups of its private key relating to the wallet where the digital asset is kept, the creation of an effective security interest would normally be achieved through an actual transfer of the asset to the pledgee (the actor benefitting from the pledge). Upon payment of the underlying debt, the pledgee would then transfer the pledge back to the pledgor. This is also the method generally used by Swedish law enforcement to temporarily seize digital assets.

There are no specific rules requiring professional investors to transfer digital assets in which they have invested to a custodian (provided that the digital asset does not constitute a financial instrument and that the investor is not required to keep financial instruments in custody), nor are there any specific rules applicable to operating as a custodian of digital assets (provided that the digital asset does not constitute a financial instrument), apart from the AML rules applicable to custodian wallet providers as discussed in 4.3 KYC/AML. In relation to the operations of a custodian and the assets of its clients, please see 4.5 Re-hypothecation of Assets regarding the need for the custodian to keep the clients' assets separate in order for them to be protected against the creditors of the custodian.

At face value, the Swedish laws and regulations that apply to data privacy fundamentally apply to operations with blockchain-based products and services in the same way as other operations, without any specific derogations or distinctions to account for the particularities of blockchain-related operations.

As in other EU jurisdictions, the main source of data privacy-related rights and obligations in Sweden is the General Data Protection Regulation (Regulation (EU) 2016/679) (the GDPR), which governs matters such as individuals’ right to access their personal data that is being processed, the right to the rectification of incorrect information about them, and the right to the erasure of personal data that is no longer necessary to process for whichever purpose it was originally collected and processed.

Many of the rights and obligations in the GDPR are challenging to apply practically to blockchain-based operations, due to the inherent characteristics of blockchain technology, and particularly because services and products that are based on public blockchains do not require any special permissions to become a participating node (eg, the most common cryptocurrencies).

The GDPR is based on the assumption that there is a “data subject” whose personal data is being processed by a “controller”, who determines the purpose and means of data processing. The typical scenario is that a service provider is the controller of personal data that it processes about its customers. Consequently, the GDPR establishes rights for data subjects and corresponding obligations for controllers. However, this assumption is far from straightforward to apply to blockchain-based operations where there is not a single controller, but rather a vast number of independent parties storing synchronised copies of data on the blockchain. Thus, there is a fundamental challenge in applying the GDPR to these types of operations, since it is unclear who can be held accountable for fulfilling the obligations that the GDPR imposes on controllers. In the debate within the blockchain industry, it has been argued that the protocol developers of any particular blockchain often do not develop the technology with any particular use case in mind (but rather as a tool that can be put to use in a variety of manners), and that treating protocol developers as controllers could be likened to treating the inventors of the worldwide web as controllers for all personal data processing that is carried out via the internet.

Certain rights established in the GDPR are also difficult to apply in practice to blockchain-based technology. A notable example is the so-called right to be forgotten – ie, the right for a data subject to have their personal data be erased when there is no longer any lawful grounds for its processing. This right inherently conflicts with blockchain-technology that only permits data to be added to a blockchain, not removed from it.

These challenges are only a few examples in the area of seeking conformity between laws and regulations applicable to data privacy and blockchain-based operations. To date, there is no clearly guiding case law or guidance from the Swedish Authority for Privacy Protection that settles these matters, so it remains subject to debate and discussion within the industry whether and how data privacy rights and obligations can be applied to blockchain-based operations.

At face value, the Swedish laws and regulations that apply to data protection fundamentally apply to operations with blockchain-based products and services in the same way as other operations, without any specific derogations or distinctions to account for the particularities of blockchain-related operations.

When it comes to ensuring protection against unauthorised access of personal data, the GDPR establishes the concept of “data protection by design and default”, meaning that data protection measures should be implemented as integrated components of technical systems and services rather than as additional layers “on top”. Moreover, the GDPR requires controllers of personal data to implement appropriate security measures to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services, and to restore personal data in the event of any unforeseen incident.

Where appropriate, security measures should also include measures for the encryption of data, which is particularly interesting in the context of blockchain technology. First of all, there is an important distinction between truly anonymised data and data that is only pseudonymised. Where an anonymisation process results in data that is impossible to link to any individual and that is also irreversible, the resulting anonymous data is entirely beyond the scope of the GDPR. Methods for removing identifying characteristics of data that do not meet this standard of true anonymisation are instead referred to as “pseudonymisation”, and the GDPR remains applicable to pseudonymised personal data. In a blockchain context, this means that data on the blockchain will often qualify as pseudonymised personal data, because although a public blockchain may not openly and explicitly contain identifying details, it is possible to indirectly link the visible public keys or addresses to an individual (eg, through pattern analysis).

This means that blockchain-based services and products cannot generally be considered as anonymous (although each blockchain is of course to be assessed on its particular circumstances), but are instead subject to requirements in the GDPR relating to the implementation of security measures as well as the concept of “data protection by design and default”.

Mining of cryptocurrencies is permitted in Sweden, and mining activities are not subject to any bespoke regulation.

However, in November 2021, the SFSA and the Swedish Environmental Protection Agency (Naturvårdsverket) published a joint opinion proposing that mining activities should become regulated due to the environmental impacts of the inherent high energy demand of the “Proof of Work” mining method. The opinion was partially a reaction to an observable significant increase in energy consumption for cryptocurrency mining in Sweden during the period from April to August 2021, which was likely a result of cryptocurrency miners looking to operate out of Sweden due to the low energy prices, attractive tax regulations and good supply of renewable energy sources.

Specifically, the authorities’ proposal was threefold:

• the EU should evaluate prohibiting the “proof of work” mining method on an EU level;
• Sweden should counteract widespread establishment of cryptocurrency mining operations using the “proof of work” method in the meantime; and
• companies that strive to operate in accordance with the Paris Climate Accords should not be able to designate their activities as sustainable if they trade or invest in cryptocurrencies that have been mined using the “proof of work” mining method.

The opinion has not yet resulted in any legislative action in Sweden, and on an EU level the most recent legislative developments indicate that the position may be against a ban on the “proof of work” mining method.

There are no specific rules applicable to staking in Sweden. As far as is known, no specific staking as a service business operates out of Sweden.

There is very limited activity with respect to DAOs in Sweden, so it is difficult to provide information on how they are used and organised. No specific regulations exist in relation to DAOs but general company law may be applicable, either by choice or due to the underlying circumstances deeming the DAO to be an unregistered partnership (enkelt bolag), for example; an unregistered partnership exists where two or more parties have agreed to operate a business together in a company.

Since there is very limited DAO activity in Sweden, it is difficult to say how DAOs are typically organised and governed in Sweden.

As far as is known, the use of legal entity structures to facilitate interaction with non-blockchain native entities is very limited in Sweden, and it is difficult to assess which legal entity structure form is most frequently used. A significant advantage of using a legal entity structure with a legal persona (ie, the possibility to assume rights and obligations), such as a limited liability company, is the legal clarity on who the contracting party is when the DAO interacts with other parties.