Crowd, cloud and virtual currencies: The legal issues you need to know about
How can your business stay safe in a world of new technology services? Keystone Law’s Susan Atkinson and Tony Watts highlight key legal points
The UK tech sector has been triumphant in its recovery from the recent fiscal malaise. But with technology on course for contributing more than ever to Britain’s economy, what are the main legal considerations at the heart of the tech innovations enabling economic growth?
With cloud computing there is no longer the need to invest in large and expensive systems and applications. Instead, business owners can – at their convenience – scale up and scale down the organisation’s use of off-the-shelf technology solutions.
In recent years the solutions on offer have become increasingly sophisticated and with more scope for configuration to individual requirements. Plus, the general quality of services on offer has also improved considerably.
This dramatic shift in the cloud computing space has mainly been driven by large corporates, which have placed more and more demands on the providers of SaaS (Software as a Service). While bigger businesses have paid a premium to achieve these demands, what we have seen is that many of those improvements are filtering down to the general service offerings. So small and mid-sized businesses can also now benefit from service offerings which in general have become far more robust, with greater legal protection.
Care does, however, does still need to be taken to ensure that an appropriate service is selected, as there is little standardisation of the services on offer. Issues such as data security, business continuity and data retrieval can be problematic if not properly looked into at the outset.
The problem with trying to ascertain the true nature of a SaaS provider’s service offering, is that it is unlikely that the answer will be found in one place.
Effective due diligence should include reviewing the features of the service offerings and associated FAQs (frequently asked questions), the applicable terms and conditions, and any certifications / standards achieved.
There is little consistency or harmonisation of the certifications and standards that SaaS providers offer. CloudTrust™ ratings offered by the Cloud Security Alliance (CSA), TRUSTe for data privacy, ISO 27001 standard for information security management systems (ISMS), ISO 9001 for quality management and SSAE16 which is the certification standard for compliance with the trust principals of the AICPA (American Institute of Certified Public Accountants) are probably some of the respected.
The client portfolio, case studies and client references can also help build up a picture of the SaaS provider’s service offering.
Meanwhile, crowdfunding has emerged to become a major source of finance. Of course it can take various different forms:
- Crowdinvesting where investors get shares or debt securities (i.e. bonds) in companies looking for capital;
- Crowdlending (also known as peer to peer lending) where investors lend money to enterprises looking for funding;
- Rewards-based crowdfunding where those giving money receive a reward such as a copy of an album being produced or tickets for a performance that will be staged; and
- Donation-based crowdfunding where money is given to the entrepreneur without any financial or other return.
Looking more closely at crowdlending and crowdinvesting, questions have been raised as to how far their activities are (or should be) regulated.
As both have increasingly gained acceptance in recent years, so governments and regulatory authorities have adapted to provide a better legal environment for them.
In the UK, both crowdlending and crowdinvesting are now subject to a clear regulatory regime covering aspects such as requiring platform operators to have the correct regulatory authorisation (i.e. licensing) and disclosures to investors/lenders. Peer to peer lending was largely unregulated before the changes.
Now operators of P2P lending platforms are required to be authorised by the FCA (Financial Conduct Authority). They must be “fit and proper” (so unsuitable should be kept out of the business). There is a code of rules setting out how they operate the platform and what information they must provide to lenders on their platform.
Eventually (after a transitional period ends) they will need to maintain minimum capital and have plans to ensure lenders and borrowers do not suffer if the platform operator goes out of business.
Investment-based crowdfunding (e.g. platforms offering shares in start-ups and small companies) has always been regulated but the limits of this have not always been clear. Most platform operators always needed to be authorised by the FCA with requirements of minimum capital etc. Now there are specific rules.
They must ask questions and get confirmations from investors; basically, investors need to confirm that they are high net worth, sophisticated investors or are investing no more than 10% of their net assets in crowdfunding investments. Again, there are strict rules as to information about companies looking for investment on the platform (including that it be “clear, fair and not misleading”).
So, while they put limits on crowdfunding platforms, they also provide a more stable environment and at least minimum quality standards. This is likely to help both investors and companies looking for investment. The rules are to some extent applied differently by different platforms. But the basic framework provides an environment in which the industry can grow.
The same theme has been taken up at EU level. The ESMA (the EU organisation involved in the regulation of securities and markets) and the EBA (its counterpart in the banking sector) have given cautious welcomes to these recent developments. Both have given their views on how existing EU-wide laws apply to these activities but call for a harmonised framework and for the same treatment in all EU states.
The World Bank has also recognised the power of crowdfunding to aid development, believing that it can ignite innovation, create jobs and grow economies. It also calls for regulatory regimes which recognise and support these new developments.
Peer-to-peer payments and virtual currencies
The trend is also growing steadily in other areas that harness the power of the internet. For example, peer-to-peer payments and foreign exchange currency facilities enable payments to be made in a much cheaper way, eliminating the need for conventional banking or payment methods.
Meanwhile, the growth of virtual currencies such as Bitcoin, also has the clout to aid the entrepreneur worldwide. The ideas and technologies that form the basis of virtual currencies are seen as having the potential to enable micropayments to be made both quicker and at a fraction of the cost involved using the conventional banking and payments infrastructure.
The regulation of virtual currencies is far more difficult than that relating to crowdfunding (at a European level the reaction has been less positive). But this could well be an area to watch!
At the moment, Virtual Currencies exist outside the legal frameworks of most countries; there is in general no protection whatsoever for those who use them and this is likely to be a brake on their gaining popularity outside their circle of devotees. This is a much debated area but it is difficult to see how it will develop at this stage.
Today’s leaders understand that the tech industry continues to challenge the status quo, by breaking down boundaries and providing opportunities for alternative models and new competitors.
With current levels of innovation higher than ever before, is it possible that talk will soon shift from the Billion Dollar Club, to the Billion Pound Club? In the meantime, keeping abreast of the legal framework is a must to ensure your business takes full advantage of this burgeoning sector.
Susan Atkinson and Tony Watts are commercial lawyers, between them specialising in IT, e-commerce, banking and online financial services at Keystone Law.