Navigating Germany’s Financial Digitalisation: The Impact of the New Act

26th March 2024

Introduction  

On 7 February 2024, the German government published the final draft of the law on the digitalisation of the financial markets (Finanzmarktdigitalisierungsgesetz – the “Act”).  

The Act is an amending law which shall harmonise German law with European law and the European Commission’s strategy to increasingly digitalise and regulate the financial system. In 2020, the European Commission presented a strategy for digital finance (COM (2020) 591 final). The aim of this strategy is, in particular, to promote Europe’s competitiveness and innovation in the financial sector. On the EU level, this has already been approached by the implementation of Regulation (EU) 2022/2554 on digital operational resilience for the financial sector Regulation (Digital Operational Resilience Act – “DORA”) as well as Regulation (EU) 2023/1114 on markets in crypto-assets, the Markets in Crypto-Assets Regulation (“MiCAR”).  

 The Act would amend a number of current German laws, including amongst others, the German Banking Act (Kreditwesengesetz – “KWG”), the German Investment Code (Kapitalanlagegesetzbuch – “KAGB”), as well as the German Securities Trading Act (Wertpapierhandelsgesetzbuch – “WpHG”). In addition, the Act would introduce a new law, the German Crypto Markets Supervision Act (Kryptomärkteaufsichtsgesetz – “KMAG”). 

 EU strategy for digitalisation of the financial market 

Due to the growth of digital financial services and in light of ensuring the integrity and stability of the financial system, the EU has recognised that measures must be taken to increase digital resilience and counteract new money laundering risks. The European Commission therefore presented a strategy for a digital financial system in 2020 (COM (2020) 591 final) with the aim to promote Europe’s competitiveness and innovation in the financial sector.  

 The regulatory framework of DORA and MiCAR 

As part of the EU COM (2020) strategy, the EU has, amongst others, introduced MiCAR and DORA. Until the implementation of MiCAR, several EU Member States had implemented national legislation with different rules and requirements. This made it difficult for investors and providers to adapt to each regulatory landscape. By creating a harmonised framework that offers legal certainty and investor protection in the EU, potential providers and investors could be enticed to invest and trade in crypto-assets. MiCAR introduced a harmonised framework on certain types of crypto-assets and imposed a regulatory framework for crypto-assets to protect investors while mitigating risks for financial stability.  

DORA is aimed at increasing digital resilience in the financial sector focussing on new additional requirements for risk management. Whereas financial market participants’ main categories of operational risk focussed on the capital, they did not address all components of operational resilience. DORA sets out a framework requiring implementing rules for the protection, detection, containment, recovery and repair capabilities against incidents related to information and communication technology (“ICT”). Under DORA, relevant entities are required to take into consideration ICT risks and set up internal policies, procedures and rules on ICT risk management, incident reporting, operational resilience testing and ICT third-party risk monitoring. DORA came into effect on 16 January 2023 and will be fully effective from 17 January 2025.  

Harmonising German law with DORA and MiCAR 

The Act regulates the necessary amendments for compliance of German Law with MiCAR, Regulation (EU) 2023/1113 (Transfers of funds and certain crypto-assets Regulation) and DORA. It also provides for the implementation of Directive (EU) 2022/2556 (DORA Directive) into German law.  

According to the explanatory memorandum to the Act, the amendments of German law in line with MiCAR are necessary in order to open the European market “to German providers and Germany’s locational advantages will be realised thanks to its extensive experience in the field of crypto regulation with regard to new market access“. The Act addresses key issues, such as the creation of a comprehensive framework for crypto-assets regarding authorisation and supervisory requirements of the Federal Financial Supervisory Authority (“BaFin”) as well as transparency and disclosure obligations. It focuses on the cybersecurity of the financial sector through uniform requirements for network and information systems as well as organisational IT security. It also targets money laundering, an issue that is often associated with cryptocurrencies. 

A new Crypto Markets Supervision Act (Kryptomärkteaufsichtsgesetz – “KMAG”) would be enacted by the Act to implement provisions of MiCAR. The creation of the KMAG takes into account the alternative relationship created by MiCAR between financial instruments within the meaning of Directive 2014/65/EU (“MiFID II”) and crypto-assets within the scope of MiCAR. MiCAR contains extensive regulatory mandates for the EU Member States concerning the powers of competent authorities and powers with regard to the sanctioning of violations of MiCAR. The German legislator intends to implement these regulatory mandates with the implementation of the KMAG.  

 The Act would also amend the existing national rules for banking transactions and financial services regarding crypto assets in the German Banking Act. It would harmonise the German Banking Act with the new legal framework of MiCAR and adapt it to the special features of the crypto markets where necessary. Institutions that currently conduct banking business and provide financial services in relation to crypto assets under national law could then fall under the provisions of this new legal framework. 

In addition, amendments to the German Anti-Money Laundering Act are required with regard to crypto asset transfers. This includes in particular the definition of the supervisory power of BaFin for monitoring compliance with the requirements by providers of crypto asset services. In addition, providers of crypto asset services will fall under the category of obligated entities under the German Anti-Money Laundering Act. In addition, issuers of asset-referenced tokens would be included as obligated entities, where a settlement does not take place exclusively via a provider of crypto asset services. 

 To also harmonise German law with DORA and transpose the DORA Directive into German Law, adjustments are required in the relevant German acts. These relate in particular to the responsibilities and supervisory powers of the supervisory authorities set out by DORA and the sanctioning of violations under DORA. Insofar as there is a need to implement the DORA Directive, amendments and additions shall be made to the German Investment Code (“KAGB”), the German Restructuring and Resolution Act (“SAG”), the German Securities Trading Act (“WpHG”) and the German Payment Services Supervision Act (“ZAG”).  

 The German Securities Trading Act would also include a transitional provision on the application of the new regulation set out in Regulation (EU) 600/2014 (“MiFIR”) (last amended by Regulation (EU) 2016/1033)), prohibiting inducements for the transmission of client orders. The prohibition applies to investment services firms domiciled in Germany when providing investment services to clients in Germany from 30 June 2026. 

 Outlook 

The Act is planned to enter into force during the summer of 2024.  

 How can we help? 

If you have any questions or require support, the Zeidler Legal Team is here to help. Our global team of professionals remains up to date on the latest legal, regulatory and compliance changes affecting the asset management industry.  If you require additional information or assistance, please get in touch with us.

Author

Patricia Nitschke