1 Legal and enforcement framework

1.1 What general regulatory regimes and issues should blockchain developers consider when building the governance framework for the operation of blockchain/distributed ledger technology protocols?

Gibraltar's legal system is based on that of England and Wales, and English common law and rules of equity apply. The majority of statutory law in Gibraltar is based on legislation passed by the Gibraltar Parliament, but a small number of the older English statutes are in force in Gibraltar by virtue of the Application of English Law Act 1962. EU law similarly applies to Gibraltar pursuant to Article 355(3) of the Treaty on the Functioning of the European Union and Gibraltar's own European Communities Act 1972.

The principal legislative regime underpinning distributed ledger technology (DLT) in Gibraltar is the Financial Services (Distributed Ledger Technology Providers) Regulations 2017 (the ‘DLT Regulations'). With the enactment of the DLT Regulations, Gibraltar has distinguished itself from other jurisdictions globally, placing itself at the forefront of the DLT sector by establishing a principles-based legislative framework bringing into regulatory scope any firm that carries out by way of business, in or from Gibraltar, the use of DLT for storing or transmitting value belonging to others (see question 3.5).

The Gibraltar Financial Services Commission (GFSC) has further issued guidance notes supplementary to the DLT Regulations which direct DLT providers as to the operational, technical and organisational standards expected under the DLT Regulations.

When considering their governance framework, developers should pay due regard to the GFSC's Corporate Governance Guidance Note and the underlying purpose of the protocol itself; whether the intention is for the protocol to be ‘permissioned' or ‘permissionless'; and the governance questions that arise thereafter at both the protocol and operational level. In addition, in the case of a permissioned blockchain, consideration will also need to be given to the following matters:

  • What are the possible structures for the governance body/bodies?
  • What is the ideal size of the governing body/bodies?
  • What kind of decisions need to be made?
  • What expertise and/or information is required to make these decisions?
  • Whose preferences should be taken into account for these decisions?
  • Who should be involved (directly and indirectly) in the decision-making process?
  • Do the individuals forming part of the governing body/bodies require any qualifications?
  • How can those individuals or groups be selected? By whom?
  • What mistakes could be made in this selection process?
  • How can the probability of mistakes be minimised?
  • How can one ensure that decisions are implemented?
  • How can one determine whether a rule has been broken?
  • What are the consequences when rules are broken?

In the case of permissionless blockchains, the above considerations take on more of a technological nature because of the open access of the decentralised network.

Developers should also consider data protection and privacy rules (see question 5.1)

1.2 How do the foregoing considerations differ for public and private blockchains?

For substantive public blockchains, governance is maintained via technological consensus and therefore advanced by widespread adoption. Conversely, from a governance perspective, it is possible that private blockchains can remain susceptible to the influence of those holding positions or responsibility for governance, or other influencers, due to the lack of distribution of governance responsibility. The organisational structure should also similarly be considered (eg, the use of non-profit organisations) when contrasting governance between public and private blockchains.

1.3 What general regulatory issues should users of a blockchain application consider when using a particular blockchain/distributed ledger protocol?

The DLT Regulations do not seek to regulate the technology itself – only the organisations and the individuals in those organisations that seek to use DLT by way of business for storing or transmitting value belonging to others.

1.4 Which administrative bodies are responsible for enforcing the applicable laws and regulations? What powers do they have?

The GFSC is the principal body enforcing applicable laws and regulations for the financial services industry. Although DLT enterprises are not necessarily operating within the financial services sector, the GFSC was selected as the body most suited to play the role of regulator when the DLT Regulations were introduced. The GFSC's powers will often depend on the extent to which it can act in accordance with the relevant statutory framework. Predominantly, however, the GFSC operates under general supervisory powers, with further supplementary powers such as the ability to obtain particular information and sanctioning powers (eg, suspension or withdrawal of a licence or authorisation).

The Gibraltar Regulatory Authority acts as the national supervisory and regulatory authority for telecommunications (including data protection) in accordance with EU law.

1.5 What is the regulators' general approach to blockchain?

The GFSC has adopted a risk-based approach, underpinned by a Risk Governance Framework, to innovative offerings and businesses within the Gibraltar finance industry, including blockchain. The framework prescribes a set of processes, policies, standards and disciplines that safeguard a consistent understanding of risk, as well as adequate resource allocation in those areas which are outside the FSC's risk appetite and tolerance. This approach ensures a focus on how best to support the safe growth of the jurisdiction, while not stifling innovation within the industry.

1.6 Are any industry or trade associations influential in the blockchain space?

Key industry associations – such as the Gibraltar Association of Compliance Officers, the Gibraltar Electronic Money Association, the Gibraltar Bankers Association and the newly formed Gibraltar Association for New Technologies – operate as formal lines of communication between policy makers and the private sector in Gibraltar's fintech and blockchain industries. They facilitate the exchange of information and ideas, with a view to enhancing knowledge and awareness in these sectors.

Further industry organisations have similarly embraced blockchain offerings. As an example, the Gibraltar Funds and Investments Association published a Code of Conduct for Crypto Funds in October 2018.

2 Blockchain market

2.1 Which blockchain applications and protocols have become most embedded in your jurisdiction?

Over the last two years, Gibraltar has become the preferred jurisdiction for a number of blockchain applications, due to the flexible, principles-based framework which is currently in place. The most notable blockchain applications within Gibraltar are:

  • Rootstock – the first open source smart contract platform secured by the bitcoin network;
  • Holochain – an open source framework for building fully distributed peer-to-peer applications;
  • Coinfirm – a provider of regtech for blockchain, providing a foundation for the safe adoption and use of blockchain; and
  • Colu – a wallet service provider.

Under the Financial Services (Distributed Ledger Technology Providers) Regulations 2017 (the ‘DLT Regulations'), the Gibraltar Financial Services Commission (GFSC) has awarded full DLT provider licences to the following blockchain businesses:

  • CEX.IO Limited;
  • CFE Limited;
  • Covesting International Limited;
  • Digital Asset Management Ltd;
  • Eppur Group Limited;
  • eToro X Limited;
  • GBX Limited;
  • Huobi Technology (Gibraltar) Co Ltd;
  • LMAX Digital Broker Ltd;
  • Quedex Limited;
  • The Badger Technology Company Limited; and
  • Upstream Ventures Limited.

Due to the increased popularity of blockchain businesses in Gibraltar, the funds industry has also expanded into the blockchain market, with the following cryptofunds now being domiciled in Gibraltar:

  • Blockstars Fund PCC Limited;
  • RockCyph3r Fund PCC Limited; and
  • Goldbaum Fund PCC Limited.

2.2 What potential new applications/protocols are most actively being explored?

Gibraltar is extremely fortunate to play host to, and work with, many innovative projects and businesses. Particularly current and garnering substantial interest locally is a private sector initiative exploring regtech solutions for the Financial Action Task Force ‘travel rule'.

2.3 Which industries within your jurisdiction are making material investments within the blockchain space?

Following the surge of crypto-related businesses which are looking towards Gibraltar, several local industries are expanding to facilitate the services which are available to blockchain entities. The banking industry is seeking to expand its services to develop accessible platforms and services for blockchain entities. The legal, funds and insurance industries are also making investments into expanding the services which can be provided to crypto-related businesses.

2.4 Are any initiatives or governmental programmes in place to incentivise blockchain development in your jurisdiction?

In 2016 the Gibraltar government, together with the assistance of the GFSC, launched an initiative to make Gibraltar a credible, friendly and responsible hub for blockchain business. On 1 January 2018 the DLT Regulations, which regulates the provision of licences to DLT providers, entered into force (see question 3.5). The GFSC oversees the implementation of the regulatory principles and the licencing process. This legislation has prompted an influx of crypto-related businesses, which have established a presence in Gibraltar and been awarded DLT provider licences.

The Gibraltar crypto ecosystem has also been expanded, with the launch of the Gibraltar Association for New Technologies (GANT). GANT aims to encourage cooperation between members of the association and to stimulate the participation of new technologies in Gibraltar's financial industry. It also aims to establish a recognised medium for communication between the association and stakeholders in the new technologies space. GANT also works closely with the Gibraltar government, the GFSC and the University of Gibraltar to promote the development of a strong and sustainable industry, including the delivery of educational programmes that will help to advance a core understanding of the underlying technologies supporting the sector.

In March 2018 the Gibraltar Finance Department issued a proposal for the regulatory framework for token sales, secondary token market platforms and investment services relating to tokens. The proposed legislation aims to protect customers, to safeguard Gibraltar's reputation and to support the safe use of token-based crowd financing. It is also proposed to make undertakings that receive proceeds from the sale of tokens subject to anti-money laundering (AML) and countering financing of terrorism (CFT) legislation, and to designate the GFSC as the relevant supervisory authority for AML/CFT purposes. It was anticipated that the proposed legislation would be implemented by the end of March 2018; however, it has not been implemented yet.

3 Cryptocurrencies

3.1 How are cryptocurrencies and/or virtual currencies defined and regulated in your jurisdiction?

Neither ‘cryptocurrencies' nor ‘virtual currencies' are directly defined under local legislation. However, distributed ledger technology (DLT) is regulated under the Financial Services (Distributed Ledger Technology Providers) Regulations 2017 (the ‘DLT Regulations'). The DLT Regulations provide the regulatory framework for a DLT business which is "carrying on by way of business, in or from Gibraltar, the use of distributed ledger technology for storing or transmitting value belonging to others".

3.2 What anti-money laundering provisions apply to cryptocurrencies?

The EU Anti-Money Laundering Directive has been transposed in Gibraltar by the Proceeds of Crime Act 2015 (POCA). The local legislation is applicable to businesses that receive proceeds from cryptocurrencies, which must therefore comply with the act. These obligations are akin to the obligations imposed on other financial services providers. The local legislation provides that a "relevant financial business" must apply different levels of due diligence measures based on a risk-based approach; these measures will be categorised as either customer due diligence, simplified due diligence or enhanced due diligence.

POCA has similarly been amended to include undertakings that receive – whether on their own account or on behalf of another person – proceeds in any form from the sale of tokenised digital assets involving the use of DLT or a similar means of recording a digital representation of an asset.

Cryptocurrency exchanges and custodian wallet providers may also be brought within the scope of anti-money laundering regulation at EU law level in the form of the Fifth Money Laundering Directive.

3.3 What consumer protection provisions apply to cryptocurrencies?

Currently there are no consumer protection provisions in place which are applicable to cryptocurrencies.

3.4 How are cryptocurrencies treated from a tax perspective?

Gibraltar has a territorial based system of taxation, with companies being taxed only on profits accruing in or deriving from Gibraltar. There is a 10% corporate tax rate for taxable profits. However, there is no capital gains tax, withholding tax or value added tax. Accordingly, the categorisation of any gain which accrues to a company is fundamental and its consequences will vary depending on the activity which is being conducted. A practical example of this is the distinction between trading cryptocurrencies ‘on one's own account' or via a managed account. While the latter is often classified as ‘income' under the Gibraltar Income Tax Act 2010 and is therefore subject to tax, the latter is less clear and the ‘badges of trade' test will have to be applied to establish whether such trading results in taxation.

No definitive answer can be given in this regard and an assessment must be made on a case-by-case basis.

3.5 What regulatory requirements apply to a cryptocurrency trader/exchange?

The DLT Regulations provide a flexible, principle-based regulatory framework for blockchain businesses to obtain a licence which allows them to carry on "by way of business, in or from Gibraltar, the use of distributed ledger technology for storing or transmitting value belonging to others". The DLT Regulations are based on the following core principles:

  • acting with honesty and integrity;
  • paying due regard to the interests and needs of customers;
  • maintaining adequate resources;
  • having forward-looking risk management practices;
  • protecting client assets and money;
  • having effective corporate governance;
  • maintaining high security access protocols;
  • detecting and disclosing financial crime risks; and
  • being resilient.

A DLT provider will also need to satisfy the Gibraltar Financial Services Commission's (GFSC) ‘four eyes principle', which is designed to ensure that at least two minds are applied to both the formulation and implementation of the policy of its business. The ‘mind and management' from Gibraltar principles will also need to be demonstrated by the DLT provider. In order to satisfy this principle, the provider must evidence that at least the following activities are conducted from its Gibraltar office by staff permanently based in that office:

  • decision making pertaining to the running of business on a day-to-day basis;
  • approval of operational policy and guidelines;
  • approval of key deviations from standard company policy and guidelines;
  • approval of significant expenditure items;
  • approval and sign-off of key contracts, including outsourcing arrangements; and
  • approval of all major expenditure incurred by the company.

3.6 How are initial coin offerings and securities token offerings defined and regulated in your jurisdiction?

The Gibraltar government, together with the GFSC, intends to regulate initial coin offerings provided in or from Gibraltar. As discussed in question 2.4, although a proposal document has been published by the government, it is not clear at this stage which activities will be within the scope of the new regulation and what requirements will be imposed on persons or entities wishing to undertake such activities in or from Gibraltar.

4 Smart contracts

4.1 Can a smart contract satisfy the legal requirements of a legal contract under the laws of your jurisdiction? What will be considered when making this determination?

Broadly, in order for a smart contract to be compliant and enforceable in Gibraltar, it must demonstrate offer, acceptance, consideration, certainty and intention to create legal relations, with these terms encapsulating their various forms and means.

An ‘offer' can be considered as an expression of willingness to contract on specified terms with the intention that it is to become binding as soon as it is accepted by the person to whom it is addressed.

In many cases, a smart contract code deployed on a distributed ledger would likely constitute an ‘offer' if it was to exhibit the requisite certainty of contract (see question 4.4) and intention to be contractually bound, as opposed to an invitation to negotiate terms.

‘Acceptance' is considered to be the final and unqualified expression of assent to the terms of an offer. For smart contracts, the expression of acceptance should present no particular issues or concern, with the communication of acceptance predominantly occurring by way of action (eg, signing the transaction with a private key – although this does present additional issues with regard to fraudulent signatures).

Notwithstanding the above, advanced smart contract algorithms may be employed to make decisions on behalf of a party, which may present further challenges in the event of a contractual dispute.

In order to be legally binding, a smart contract must demonstrate that some form of ‘consideration' (eg, a type of value) is exchanged. Gibraltar courts generally will not judge adequacy of consideration.

Agreement between parties is assessed objectively: once both parties have outwardly agreed on the same terms and subject matter, neither can broadly rely on some unexpressed qualification or reservation to show that it had not in fact agreed to the terms to which it had appeared to agree (see question 4.4).

In principle, therefore, if structured correctly, smart contracts could be enforceable under Gibraltar law. However, despite much debate, courts worldwide – including those in Gibraltar – are yet to publicly announce their enforceability.

The UK Jurisdiction Taskforce of the LawTech Delivery Panel, established by the UK government, has issued a public consultation paper seeking input from industry stakeholders on the enforceability of smart contracts under English private law, among other things.

4.2 Are there any regulatory or governmental guidelines or policies within your jurisdiction which provide guidance on regulating/defining smart contracts?

No.

4.3 What parts of traditional contract might smart contracts be able to replace?

Smart contracts are predominantly drafted on a conditional basis (eg, if event A occurs, execution event Z takes place). Therefore, conditional events of a specific nature which can be written into code could replace similar provisions within any traditional contract. Examples of this could include specified lists of events of default, payment terms, boilerplate clauses and choice of law and jurisdiction clauses.

4.4 What parts of traditional contracts might smart contracts be unable to replace?

As alluded to in question 4.3, only particular legal conditions can be codified; others (eg, non-exhaustive lists of circumstances, with terminology such as "examples of which may include but not be limited to…") may present certain difficulties in this regard. Such open terminology or phrasing within any contract is used to provide important context, but allow for the necessary flexibility to accommodate situations which may not have been initially foreseen between the parties; it is thus difficult to include in any smart contract. Similarly, any implied terms developed through common law or statute may be outwardly burdensome or not particularly relevant in a smart contract.

4.5 What issues might present themselves in your jurisdiction with regard to judicial enforcement of smart contracts?

With the enactment of the Financial Services (Distributed Ledger Technology Providers) Regulations 2017, Gibraltar's courts may be better positioned than their counterparts in other jurisdictions in respect of their general understanding of distributed ledger technology and exposure to possible legal concerns. A lack of expert-level technological understanding may act as a hinderance in effective enforcement. Moreover, an overarching lack of desire at a policy level to enforce smart contracts could negatively impact on development.

4.6 What are some practical considerations that parties should consider when drafting a smart contract?

Operationality of terms and a user-friendly interface should be included as far as possible within a smart contract's design, to ensure simplicity for the end user (eg, dropdown menus).

As it is unlikely in practice that qualified legal practitioners will draft smart contract code, all parties – including their legal counsel – should be wary of the implications of the smart contract code that has been deployed and how accurately its design reflects the legal and commercial intentions of the parties.

To this end, liability in drafting the smart contract should also be considered by the parties.

4.7 How will the foregoing considerations differ when smart contracts are running on a private versus public blockchain?

Depending on the protocol upon which the smart contract is deployed, many smart contracts may not be entirely compliant with the EU General Data Protection Regulation (see question 5.1).

See also the issues discussed in question 1.2.

5 Data and privacy

5.1 What specific challenges or concerns does blockchain present from a data protection/privacy perspective?

As in the other EU member states, the EU General Data Protection Regulation (2016/679) (GDPR) applies to the processing of ‘personal data' in and from Gibraltar, building upon Gibraltar's Data Protection Act 2004 which was designed to implement the EU Data Protection Directive (95/46/EC).

The Communications (Personal Data and Privacy) Regulations 2006 (the ‘Privacy Regulations') similarly implement into Gibraltar law the provisions set out in the EU E-privacy Directive (2002/58/EC). The Privacy Regulations:

  • afford specific privacy rights in relation to electronic communications such as marketing calls, emails, text and faxes;
  • regulate the use of cookies and similar tracking technologies;
  • impose obligations relating to the security of communication services (and data storage); and
  • set out specific reporting obligations for security and data breaches.

Against this backdrop, it is apparent that private and/or permissioned blockchains are far simpler to structurally design to ensure compliance with the EU and Gibraltar data protection laws in mind.

That said, the key areas of potential conflict are:

  • the GDPR's fundamental principle in a data subjects ‘right to erasure' (under certain circumstances); and
  • the outward open contradiction with distributed ledger technology's ‘append only' protocol, where immutability of data is key and a desired characteristic of its architecture.

Further, the role or existence of data controllers on blockchain protocols under the GDPR may be similarly conflicted. ‘Data controllers' are key legal persons that data subjects can address to enforce their rights under EU data protection law. With blockchain protocols distributing this role, the allocation of responsibility and accountability can be overly burdensome.

Despite the above, debate remains ongoing as to whether data stored on a distributed ledger (eg, public keys, transactional data and other encrypted data) will qualify as personal data for the purposes of the GDPR.

5.2 What potential advantages can blockchain offer in the data protection/privacy context?

Despite the above highlighted conflicts, the GDPR and blockchain share many common objectives. Blockchain protocols can be designed to ensure compliance and are therefore flexible in their structural plan.

Blockchain technology's public and private key pair authorisation mechanism guarantees that participants remain in control of their data existing on the ledger, with its use being transparent. Cryptography on blockchain protocols further ensures pseudonymisation and anonymity of data, supporting transaction confidentiality with access controls that prevent unauthorised use, protecting data management and distribution, and safeguarding effective data governance.

6 Cybersecurity

6.1 What specific challenges or concerns does blockchain present from a cybersecurity perspective?

One of the principal challenges that blockchain technology continues to experience is the number of high-profile ‘hacks' of enterprises or intermediaries that operate on blockchain protocols (eg, virtual currency exchanges), which systematically discourages trust in the technology. The unauthorised use of private keys has similarly plagued blockchain protocols. Such events act as barriers to blockchain technology's widespread adoption and evidences its potential shortcomings (see question 6.2).

6.2 What potential advantages can blockchain offer in the cybersecurity context?

The ‘CIA security triad model' (confidentiality, integrity and availability) is often employed as a useful means of assessing information systems within a cybersecurity context. We have applied its principles to answer this question.

When considering ‘confidentiality', initial attention should be drawn towards the blockchain protocol itself and whether it is ‘public' or ‘private', as their access differs substantially. However, even if an intruder obtains full access to a blockchain protocol, cryptography may still result in data not being retrievable or disclosable. We score ‘confidentiality' as high.

Data ‘integrity' or consistency is fundamental in any data store. Blockchain protocols, with their cryptographic techniques and decentralised architecture, make them fundamentally near-impossible for any party to tamper with, making them outwardly secure. We score ‘integrity' as high.

‘Availability' in the blockchain context refers to the reliable access and use of information. The decentralised peer-to-peer nature of blockchain makes it harder to disrupt than conventional distributed application architectures – although this is not to say that blockchain protocols are not subject to distributed denial-of-service attacks or the authorised use of private keys (see question 6.1). We score ‘availability' as medium to high.

6.3 What tools and measures could be implemented to mitigate cybersecurity risk?

Noting the points discussed in question 6.2, potential areas of weakness fall under ‘availability' in the CIA security triad model.

Any publicly available data system or blockchain protocol presents a target for bad actors; therefore, it may be difficult for any measures implemented to fully mitigate this risk. However, enterprises should appropriately secure their systems with adequate security checks and/or additional procedures that seek to identify unusual transactions.

Principle 7 of the Financial Services (Distributed Ledger Technology Providers) Regulations 2017 (the ‘DLT Regulations') provides that "a DLT Provider must ensure that all systems and security access protocols are maintained to appropriate high standards". This similarly obliges firms falling within scope of the DLT Regulations to implement appropriate cybersecurity measures.

In practice, this means that firms regulated under the DLT Regulations must prove to the Gibraltar Financial Services Commission that their cybersecurity systems are of a high standard before they can obtain a licence to begin operating in Gibraltar. This, in turn, leads to a more secure industry.

7 Intellectual property

7.1 What specific challenges or concerns does blockchain present from an IP perspective?

From an IP perspective, blockchain presents several concerns, due to the vast array of purposes which it serves – particularly as blockchain technology is developing so rapidly. There are still a lot of gaps in relation to how IP rights and protections can be awarded to the primarily open source software which underlies blockchain technology. One of the biggest issues is that of patentability, as ideas which are already in the public domain cannot be patented and much blockchain technology falls within this category.

7.2 What type of IP protection can blockchain developers obtain?

Patent protection can be offered to blockchain developers, although an original application cannot be made in Gibraltar. Patent applications must be made to the UK Intellectual Property Office, with protection then extended to include Gibraltar within three years of the date of issue of the UK patent.

7.3 What are the best open-source platforms that could be used to protect developers' innovations?

No specific regulatory frameworks or legal measures could be used in this context. However, attention should be paid to the nature of the innovations themselves and whether they qualify under patent or copyright legislation accordingly.

7.4 What potential advantages can blockchain offer in the IP context?

The most notable advantages of blockchain are that it provides an un-hackable system which is transparent and creates a secure, time-stamped record of information. Blockchain technology is currently being used to track the location of goods within supply chains – a crucial benefit within the pharmaceutical industry and the luxury and consumer goods industry in particular, where there is an urgent need to trace the origins of goods in case of counterfeiting.

Within the distributed ledger technology context, a ledger can clearly show what rights brand owners hold and serve as a point of reference on the extent to which those rights are used within the market. This could provide legitimate proof of genuine or first use – a crucial requirement for protection in certain jurisdictions.

Another advantage concerns the distribution of patents. As there is currently no single registry for patents, a distributed network could provide a single solution for patent offices.

Ultimately, the biggest benefits of blockchain relate to smart contracts (see question 4). These can hold, execute and monitor contractual codes, but can also be used to enforce IP agreements where licences are required or royalties must be paid.

8 Trends and predictions

8.1 How do you think the regulatory landscape in your jurisdiction will evolve in the blockchain space over the next two years? Are any pending changes currently being considered?

Gibraltar is seeking to expand its blockchain offering with the implementation of token regulations, expected within the first half of 2020, designed to target the following activities conducted in or from Gibraltar:

  • the promotion, sale and distribution of tokens;
  • the operation of secondary market platforms trading in tokens; and
  • the provision of investment and ancillary services relating to tokens.

Other anticipated developments include the advancement of ‘green initiatives' via the use of tokenised international transferred mitigation outcomes and the concept of tokenised carbon trading in Gibraltar, furthering and supporting sustainable development globally.

8.2 What regulatory changes would you like your jurisdiction to implement to further advance the blockchain industry?

The enactment of the Financial Services (Distributed Ledger Technology Providers) Regulations 2017 (the ‘DLT Regulations') provided the necessary regulatory certainty for blockchain businesses operating in or out of Gibraltar. Industry stakeholders are thus in the fortunate position of being able to actively assist in the development of blockchain-based service providers with confidence and surety, with the added benefit of a regulator which is open to discussions with industry participants.

The Gibraltar government and the Gibraltar Financial Services Commission have also actively engaged stakeholders in the development of the DLT Regulations and throughout the licensing process for applicants. This open dialogue is highly supported and commended by industry stakeholders, and is a policy that we expect to continue.

8.3 What is the largest impediment within your jurisdiction to the adoption of blockchain technology?

As discussed in question 9.2, Gibraltar has adopted rules and regulations for blockchain-based businesses. Therefore, we foresee no impediments to its widespread adoption.

9 Tips and traps

9.1 What are your top tips for effective use of blockchain technologies in your jurisdiction and what potential sticking points would you highlight?

Our advice is simple: whether you are an established blockchain enterprise or a start-up, consider, understand and be aware of your legal and regulatory obligations to ensure compliance. Plan effectively and always seek advice and guidance at the earliest juncture. Gibraltar is fortunate to have a regulator in the Gibraltar Financial Services Commission and local advisers that are open to dialogue and willing to offer expert assistance wherever needed. You should therefore use these benefits to your own advantage.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.