The Spanish government has been cautious and conservative in its approach to cryptocurrencies. This is because Spanish law is highly protective of the rights of investors and consumers and, during the recession, there have been a number of cases of financial, securities and crypto-asset fraud. Cryptocurrency cannot be legally treated as legal tender, as Law 46/1998 of 17 December, on the introduction of the euro as the national currency, provides that from 1 January 1999 the national currency of Spain shall be the euro.

In January 2023, the Spanish fintech company, Monei, was green-lighted by the Bank of Spain to carry out its digital euro project, which was showcased in the Spanish financial sandbox. Under the name EURM, this stablecoin will be the first digital euro in Europe. EURM facilitates online payments and the transmission of euros between individuals through the creation of a token using the new Ethereum 2.0 blockchain technology. This shows that the Bank of Spain’s intention is not to fight blockchain technology but, rather, to embrace it and focus increasingly on it.

As regards AML matters, on 28 April 2021, the Spanish National Gazette published the Royal Decree-Law 7/2021, of April 27 (“RD-Law 7/2021”), transposing EU directives in the areas of competition, prevention of money laundering and credit institutions. RD-Law 7/2021 modified Law 10/2010, of April 28, on the prevention of money laundering and terrorist financing (the “AML Law”) – issues that have caused all governments great concern when it comes to the misuse of crypto-assets. The most relevant inclusions in RD-Law 7/2021 were official definitions of virtual assets and the new regulated entities included within Article 2 of the AML Law – among which can be found (in Section Z), the “providers of services regarding the exchange between virtual and fiat currency, and the custody of virtual wallets” (hereinafter “virtual asset service providers (VASPs)”). This means that all VASPs must be registered within the Bank of Spain’s specifically tailored registry for these types of entities. The registry has been active since January 2022 and, to date, 80 entities have been registered and now operate in Spain.

Furthermore, Law 6/2023, of March 17, on securities markets and investment services (the new Ley del Mercado de Valores, or LMV) entered into force on April 2023. This new law establishes that all financial instruments that are issued, registered, transferred or stored using distributed ledger technology or other similar technologies will be subject to the new LMV. It also appoints the National Stock Market Commission (Comisión Nacional del Mercado de Valore, or CNMV) as the competent authority to oversee compliance on the Markets in Crypto-Assets Regulation (the “MiCA Regulation”), which was published on 9 June 2023 by the Official Journal of the European Union. This marks an important transition point towards the digitalisation of traditional economy. It is important to note that, even though MiCA Regulation has already entered into force, it will only apply from 30 December 2024.

Lastly, Law 28/2022, of December 21, on the promotion of the start-up ecosystem (the “Start-up Law”) entered into force on 22 December 2022. Although it is not tailored specifically to blockchain technology, start-up companies that use this technology for innovative purposes will benefit from the Start-up Law. Besides introducing tax benefits and other facilitators, the law also regulates controlled test environments (known as “regulatory sandboxes”). The purpose of these spaces is to remove the general regulations – under the supervision of a regulatory body or entity – so as to evaluate the usefulness, viability and impact of technological innovations in different sectors. In this respect, the start-ups are allowed to test for one year in an environment controlled by the corresponding regulator.

Spain is actively working towards attracting entrepreneurs, venture capitalists (VCs) and corporate venture capitalists (CVCs) by establishing an efficient legal framework that promotes the seamless integration of blockchain technology. This approach facilitates innovation and presents compelling solutions to current challenges in the worlds of finance and data protection. Several recent developments contribute to this objective, including the publication of the MiCA Regulation, the introduction of the new LMV, the enactment of the Start-up Law, and the application of AML provisions to VASPs.

Blockchain technology is being used by businesses and individuals throughout Spain in a variety of promising ways – be they B2B, business-to-person (B2P), B2C, peer-to-peer (P2P), or customer-to-customer (C2C) applications (or, in the case of Digital Euro and Jobchain, all of these).

Digital Euro

As mentioned in 1.1 Evolution of the Blockchain Market, one notable recent announcement is the EURM project, which was presented through the regulatory sandbox by fintech start-up Monei and received approval from the Bank of Spain in January 2023. The project’s objective is to leverage blockchain technology to fully digitise payments and money transfers, thereby enhancing security and programmability as well as significantly reducing costs compared to traditional transfer systems. The project will cater both to consumer needs (eg, facilitating money transfers between individuals and enabling payments for goods and services) and B2B applications, including digitising and automating daily payments from retailers to suppliers.

“TrustOS” Technology

TrustOS, a decentralised software layer powered by smart contracts deployed across various blockchain networks, offers a wide range of functions through which to integrate blockchain technology smoothly into B2B and B2P processes. By leveraging a series of HTTP libraries and application programming interfaces (APIs), TrustOS provides core capabilities such as traceability, certification, reconciliation, and tokenisation. These functionalities interact seamlessly with existing platforms, networks, and ecosystems, enabling businesses to leverage the benefits of blockchain technology.

To facilitate the adoption of blockchain technology among Spanish and Latin American start-ups, telecommunications company Telefónica launched the “Blockchain Activation” programme in 2019. As part of this programme, up to 15 start-ups had the opportunity to explore and implement TrustOS in various use cases.

GSMA International Roaming

The promotion of international roaming services involves the exchange of information and secure payments between telecommunications companies (telcos). Recognising the need for more efficient business processing in this area, GSMA (an international trade association that represents mobile operators such as Telefonica) has turned to blockchain technology. In an effort to address the challenges faced by the wholesale roaming industry, GSMA has released a proof of concept that aims to revolutionise existing B2B processes.

According to GSMA, the wholesale roaming industry is experiencing a 5.6% Compound Annual Growth Rate (CAGR), while the costs associated with running its operations are growing at an 8% CAGR. This disparity creates an unsustainable model for the future, emphasising the urgent need to improve the existing roaming processes between telcos. So the critical issue lies in facilitating network traffic between operators, which traditionally requires dealing with each individual operator’s portability database. By leveraging blockchain technology, the creation of a single shared database for all operators becomes feasible. This breakthrough would greatly accelerate data traffic and reduce the costs associated with managing the compensation for international calls between operators.

Employability and Remuneration

Within the realm of blockchain technology, exciting projects are emerging to foster a more dynamic relationship between employers and employees. Platforms such as Jobchain, which is operated by a company registered as a VASP with the Bank of Spain, are at the forefront of this movement. Their goal is to simplify the connection between a wide range of service providers and users, thereby revolutionising the way people hire and get hired – irrespective of time and location. These platforms also offer the added benefit of instant compensation, empowering both employers and employees to maintain their rights within a secure and verified environment.

Green Energy Verification

As the green energy corporate contracting market continues to expand, the demand for proof of the renewable origin of energy is increasing. Blockchain technology offers a promising B2C solution to this demand, thereby enabling efficient customer service on a global scale.

A notable example of how this technology can be used for verification purposes can be found in the Spanish company Acciona, which has developed a commercial platform called Greenchain. This platform leverages blockchain technology to provide customers with real-time visibility into the renewable origin of the energy they receive. Through Greenchain, customers can access accurate and reliable accreditation of the energy’s 100% renewable source.

Visa B2B

Alongside IBM, Visa developed a payment platform that utilises blockchain technology to facilitate money transfers between banks and thus removed the need for the current Society for Worldwide Interbank Financial Telecommunication (SWIFT) network. Spanish banks like Santander and BBVA are showing interest in the applicability of blockchain technology for these purposes. However, no significant steps have been taken towards its implementation.

Know Your Customer (KYC)

Many Spanish companies are incorporating blockchain data platforms such as Chainalysis to reinforce their client onboarding processes. This is undoubtedly one way blockchain technology can be used to provide citizens and companies with a greater sense of security and trust.

The use of decentralised finance (“DeFi”) protocols by residents in Spain is still in the developmental stage. DeFi encompasses various innovative financial applications, including automated market makers, wallet aggregators, decentralised synthetic investment platforms, decentralised prediction markets, decentralised stablecoins, and decentralised lending platforms.

In Spain, there is growing interest in DeFi, with individuals and businesses exploring the potential benefits and opportunities that these protocols offer. However, it is important to note that the regulatory landscape for DeFi in Spain continues to evolve and there are currently no specific regulations or guidelines tailored specifically to DeFi.

Spanish regulators such as the Bank of Spain and the CNMV have expressed concerns about the potential risks associated with DeFi – for example, money laundering and risks to investor protection and market integrity.

Spain has shown its intention to actively participate the non-fungible token (NFT) market, which has been expanding globally. This trend is particularly evident in the sports industry; tokens and NFTs have already gained a penetration rate of 34% among sports fans in Spain. Sports sponsorship agreements have played a role in raising awareness and interest in these products – for instance, leading digital asset management platform WhaleFin signed a sponsorship agreement with Atlético de Madrid to become the the sports club’s main sponsor for the next five seasons (and, even though concerns arose due to market struggles, the club recently expressed its commitment to the agreement). Another notable example is the partnership between Sorare, an online platform for trading football cards using cryptocurrencies, and Spain’s premier football division LaLiga. Through this collaboration, LaLiga plans to issue its own collection of player stickers as NFTs.

These two examples clearly demonstrate the industry’s recognition of the crucial role that NFTs can play in connecting fans with sports. Moreover, companies in Spain are exploring the potential of NFTs in various sectors, including:

• verifying product authenticity;
• tracking product location;
• offering membership plans and customer loyalty programmes;
• providing authenticity certificates for art collectors; and
• offering property titles within the real estate market.

In this last regard, a novel approach has been introduced by InmoBalize, which is an online platform launched by Nuclio Labs. It purchases properties and divides the exploitation rights into smaller parts, which are then sold to individuals interested in real estate investment without substantial capital requirements. Using blockchain technology, InmoBalize divides these exploitation rights into NFTs valued at EUR100, thereby allowing holders to earn proportional income from the property’s exploitation and trade them on the market or within the InmoBalize platform.

As previously mentioned in 1.3 Decentralised Finance Environment, Spain lacks a specific regulatory framework for distributed ledger technology/blockchain and cryptocurrencies. However, through RD-Law 7/2021 (see 1.1. Evolution of the Blockchain Market), Spanish law has regulated providers of crypto-to-fiat currency exchange (and vice versa) and custodian services from the standpoint of AML legislation and introduced a definition for virtual currencies.

On another note, even though cryptocurrencies are not considered legal tender or financial instruments in Spanish law, they can be treated as securities (in the case of public offerings) or as chattels or commodities when traded individually.

To the extent that cryptocurrencies can be considered as securities, initial coin offerings (ICOs) may fall within the prospectus-filing requirements of the new Spanish LMV, as the definition of financial instruments and negotiable securities is very wide (Article 2 of the LMV). This was confirmed by the CNMV through a communiqué published back in 2018 and, more recently, by the entry into force of the new LMV. As stated in 1.1. Evolution of the Blockchain Market, the new LMV brings within its scope all financial instruments that are issued, registered, transferred or stored using distributed ledger technology or other similar technologies.

To address the need for regulation, the MiCA Regulation was published in the Official Journal of the European Union on 9 June 2023. During the adaptation period, the CNMV and Bank of Spain will play a crucial role in implementing indirect regulations related to cryptocurrencies in Spain. Article 247 of the new LMV, for example, empowers the CNMV to establish prerequisites for cryptocurrency advertising and remove fraudulent or misleading advertisements. (These prerequisites and conditions were outlined within Circular 1/2022, of January 10, of the CNMV, regarding the advertising of crypto-assets presented as a means of investment.) The LMV also designates the CNMV as the authority responsible for supervising compliance with the MiCA Regulation.

As mentioned earlier, Virtual Asset Service Providers in Spain are subject to AML legislation. Spain’s AML regulations have been developed in accordance with international standards and driven by Spain’s membership in the Financial Action Task Force (FATF) since its establishment in 1989.

The following regulators are most relevant to businesses or individuals using blockchain in Spain.

• The Bank of Spain – businesses or professionals that provide services for the exchange from fiat money to virtual assets (and vice versa) and/or for the custody of electronic wallets (“cryptocurrency service providers”) must be registered with the Bank of Spain to operate in the country.
• The Executive Service of the Commission for the Prevention of Money Laundering and Monetary Offences (Servicio Ejecutivo de la Comisión de Prevención del Blanqueo de Capitales e Infracciones Monetarias, orSEPBLAC) – the SEPBLAC is in charge of reviewing the required documentation cryptocurrency service providers must file in order to be registered within the Bank of Spain (generally, a risk analysis assessment and a money laundering prevention manual), as well as overseeing AML compliance.
• The CNMV – the CNMV is in charge of overseeing stock market regulation compliance and, when it comes to blockchain, has been appointed as the authority to oversee compliance with the MiCA Regulation in Spain. Additionally, even though crypto-assets are not directly regulated by the LMV, the CNMV may subject the advertising of crypto-assets to authorisation or other forms of administrative control (eg, the introduction of risk warnings).

There are no self-regulatory organisations or trade groups that perform regulatory or quasi-regulatory roles with regard to businesses or individuals using blockchain in Spain.

Please note that, as a civil law jurisdiction, Spanish case law does not rely on the doctrine of binding precedent.

Nonetheless, back in 2019, the Spanish Supreme Court decision (STS 326/2019) constituted the first judicial pronouncement in Spain to address one of the most well-known blockchain technologies – namely, cryptocurrencies – and, specifically, Bitcoin (the most famous of them all). In this sense, the decision outlines an analysis of Bitcoin’s nature – essentially, that:

• bitcoins are defined as units of account transferred or exchanged through the computer and cryptographic technology known as Bitcoin;
• bitcoins are intangible assets that can be exchanged or used as consideration in any bilateral transaction in which the parties involved accept them; and
• bitcoins are in no way money, nor can they be considered as such in legal terms.

This was indeed an accurate legal description that, as expected, aligned with the views of both the European Central Bank (ECB) and the Bank of Spain regarding crypto-assets.

Furthermore, the ECJ’s decision in Skatteverket v David Hedqvist (Case C-264/1456), which was promulgated on 22 October 2015, remains the sole ruling addressing the legal aspects of cryptocurrency transactions. According to the ECJ’s analysis, the exchange of bitcoins for legal tender is deemed a “taxable supply of services” exempt from VAT under Directive 2006/112/EC of November 28. The significance of this decision lies not only in its conclusion but also in its ratio decidendi, which acknowledges that Bitcoin exists solely as a virtual currency with bidirectional flow, used for exchanging with traditional currencies and functioning exclusively as a means of payment.

Currently, there is no ongoing litigation in Spain that is expected to impact the blockchain sector.

There have not been any enforcement actions in Spain that have helped market participants better understand the “regulatory perimeter” of permitted and prohibited activity utilising blockchain.

In November 2020, the Spanish government approved Law 7/2020 on the digital transformation of the financial system, which provided for the creation of a test space specifically tailored for innovations within the financial sector subject to administrative supervision (the “financial sandbox”). It is an attempt to change the Spanish regulatory culture by establishing an information centre for technofinance, as well as offering the industry a space to test new products and share experiences. Pilot projects are selected, supervisors are appointed to conduct the follow-up, and – if testing is satisfactory – licences are granted.

Moreover, as mentioned in 1.1. Evolution of the Blockchain Market, the Start-up Law entered into force on 22 December 2022. This regulates controlled test environments, known as regulatory sandboxes, for innovations beyond the financial sector.

Blockchain projects have made a few appearances in these sandboxes, with the most recent highlight being the approval of the digital euro project showcased by Monei.

In April 2023, the Council of Ministers approved Royal Decree 249/2023, of April 4, which amends the main regulations of the Spanish General Tax Law with the aim of developing administrative review. Among the modifications it introduces, the most relevant is the obligation to declare – from 1 January 2024 – the possession of cryptocurrency (and other virtual assets) and any operations that are carried out with their use. The amendment introduces three reporting obligations.

• Obligation to report balances in virtual currencies – persons and entities resident in Spain (as well as foreign-owned permanent establishments in Spanish territory) that provide services to safeguard private cryptographic keys on behalf of third parties for the purpose of maintaining, storing and transferring virtual currencies will be obliged to file an annual informative declaration detailing all the virtual currencies they keep in custody.
• Obligation to report transactions with virtual currencies – persons and entities residing in Spain (as well as foreign-owned permanent establishments in Spanish territory) that provide the above-mentioned services and services for exchanging virtual currencies and fiat currency or exchanging different virtual currencies, or that intermediate in any way in the execution of these operations, will be required to submit an annual informative declaration regarding the acquisition, transmission, exchange, and transfer of virtual currencies in which they are involved or act as intermediaries (along with the receipts and payments made in such currencies). Its important to note that the foregoing does not apply to individuals or entities that limit their activity to advising on virtual currencies.
• Obligation to report virtual currencies located abroad – all the above-mentioned must also annually declare all virtual currencies held abroad (either as the owner or, where applicable, the beneficiary).

For the declaration of cryptocurrencies, the Tax Office has included a section (1800) dedicated to virtual currencies. All buying and selling transactions must be included in this section – up to a maximum limit of 25 capital gains and losses.

Furthermore, in 2024, Form 721 will be introduced, as a replacement for Form 720, to report on virtual currencies held abroad. In this case, there will be no obligation to report cryptocurrencies if the combined balances as of December 31 do not exceed EUR50,000.

On the other hand, Forms 172 and 173 will focus on companies with tax residency in Spain that participate in the cryptocurrency market, either as exchange service providers and/or electronic wallets custody providers.

Although there have been initiatives aimed at developing blockchain regulation in Spain (eg, the financial sandbox system), the CNMV and the Bank of Spain are continuously striving to promote awareness of the risks associated with blockchain and cryptocurrency usage. To achieve this, they have published various informative documents and regularly organise conferences in collaboration with universities and blockchain industry stakeholders.

Currently, in Spain, there are no specific parameters or regulations in place that explicitly determine the ownership of digital assets based on blockchain technology. However, the determination of ownership can vary depending on the type of digital asset in question.

As outlined in the recently published MiCA Regulation, there are different categories of cryptocurrencies:

• crypto-assets, which are digital representations of value or rights that can be electronically transferred and stored using distributed ledger technology or similar technology;
• asset-referenced tokens, which aim to maintain a stable value by referencing the value of fiat currencies, commodities, or other crypto-assets;
• e-money tokens, designed as a means of exchange and to maintain a stable value by referencing a legal tender fiat currency; and
• utility tokens, which provide digital access to goods or services available through a distributed ledger technology and are accepted solely by the issuer.

In determining ownership, factors such as whether the token represents an underlying asset or if the token itself holds intrinsic value can be considered. Additionally, when it comes to the digital file and associated metadata, ownership is typically established by the blockchain technology and the smart contract involved. The same principles apply to NFTs. However, it is important to note that rules regarding ownership of chattels or assets are generally governed by the Spanish Civil Code in Spain.

In Spain, there is currently no comprehensive local legislation that provides a detailed categorisation of digital assets. However, in 2018, the CNMV published a document addressing ICOs and cryptocurrencies that specifically targets professionals within the financial sector. In this publication, the CNMV expressed the view that a significant number of ICO operations should be treated as issuances or public offerings of negotiable securities. This assertion was based on the broad concept of negotiable securities outlined in Article 2.1 of the LMV in force at the time.

The CNMV publication highlighted several factors that were deemed relevant in determining whether an ICO involved the offering of negotiable securities:

• tokens granting rights or expectations of participation in the potential appreciation or profitability of businesses or projects (or presenting equivalent rights to shares, bonds, or other financial instruments regulated by the Spanish LMV);
• tokens providing the right to access services or receive goods or products, with an explicit or implicit reference to benefiting from their appreciation or receiving remuneration associated with the instrument; and
• tokens mentioning liquidity or the possibility of trading on markets considered equivalent or similar to regulated securities markets.

Furthermore, when traded individually, cryptocurrencies could be classed as chattels or commodities.

Following the CNMV’s publication in 2018, the Spanish Securities Market Law was repealed, and the new LMV was introduced during the first quarter of 2023. As mentioned in 1.1. Evolution of the Blockchain Market, Article 2 of the new LMV was amended to include all financial instruments issued, registered, transferred, or stored using distributed ledger technology or similar technologies under the CNMV’s supervision. In other words, the views documented by the CNMV in its 2018 publication were legally reinforced.

In parallel, the MiCA Regulation (published in June 2023) explicitly excludes crypto-assets qualifying as financial instruments under the Markets in Financial Instruments Directive 2014 (“MiFID II”), which serves as the foundation for the new LMV. The MiCA Regulation calls for the European Securities and Markets Authority (ESMA) to issue guidelines on the criteria and conditions for classifying crypto-assets as financial instruments – with a view to establishing a clear distinction between crypto-assets regulated by the MiCA Regulation and traditional financial instruments.

Until ESMA issues these guidelines, market participants will need to rely on the aforementioned statements from the CNMV and the available context (eg, documents such as the issuer’s white paper) to determine the categorisation of digital assets.

As mentioned in 3.2 Categorisation, there is no local legislation that makes distinctions between tokens. Therefore, there is no formal distinction between stablecoins that are backed by deposits of fiat currency and “algorithmic” stablecoins that use a formula to maintain their peg. Therefore, it would be necessary to assess – on a case-by-case basis – whether the specific token qualifies as a security/financial instrument (subject to the Spanish stock market legislation) or as “crypto-assets not considered financial instruments” (subject to Spanish AML law).

Nonetheless, it is worth emphasising that the MiCA Regulation introduces a definition for asset-referenced tokens and for e-money tokens, and specific rules are proposed for these types of assets. The so-called “algorithmic” stablecoins, which aim to maintain a stable value in relation to an official currency or in relation to one or several assets via protocols, are also mentioned in the MiCA Regulation. Although the MiCA Regulation separates them from asset-referenced tokens and e-money tokens, it states that the same rules contained in Titles III or IV of the regulation will apply. However, in the case of algorithmic crypto-assets that do not aim to stabilise the value of the crypto-assets by referencing one or several assets, Title II of the MiCA Regulation will apply.

Its important to consider that, as the MiCA Regulation has been published and entered into force, these classifications also apply in Spain – even though the MiCA Regulation will only be applicable from 30 December 2024.

The euro is the only legal tender in Spain. The use of cryptocurrencies as a means of payment must be agreed by the parties to a transaction.

In fact, the AML Law defines a “virtual currency” as a digital representation of value that is:

• not issued or guaranteed by a central bank or public authority;
• not necessarily associated with a legally established currency;
• lacking legal tender status as currency or money; but
• accepted as a medium of exchange that can be transferred, stored, or traded electronically.

In other words, even though cryptocurrency is not recognised as legal tender, it is accepted as a means of payment if so agreed by the parties to the transaction.

Non-fungible tokens are not regulated within Spanish legislation nor the MiCA Regulation. If an NFT does not fall within the categorisation of financial instruments contained in Article 2 of the new LMV, it will therefore not be subject to Spanish stock market legislation.

At this stage, there are no specific markets in the Spanish jurisdiction for digital assets beyond private centralised crypto exchange platforms such as Binance, Coinbase and Bit2me.

In Spain there is no specific set of rules under which the exchange of fiat currency for cryptocurrency (or vice versa) is carried out. These exchanges are commonly performed within online platforms managed by cryptocurrency service providers, who must nonetheless comply with Spanish AML legislation and be registered with the Bank of Spain in order to offer their services in Spanish territory.

For any entity or individual to offer crypto transaction services in Spain, they must comply with the provisions set out within the AML Law and register with the Bank of Spain. This means all who provide services related to the transaction, exchange or storage of cryptocurrency will have to integrate before proper AML internal bodies and undergo the relevant AML procedures, including KYC procedures, the application of due diligence, certified verification systems, efficient transaction monitoring.

Digital asset markets are not currently regulated in Spain and there have been no enforcement actions on the matter (see 2.6 Enforcement Actions). Please see 1.1 Evolution of the Blockchain Market for more on the relevant regulatory initiatives and 2.3 Regulatory Bodies for details of the competent national authorities.

In Spain, there are no specific regulatory limits concerning the ability of a digital asset exchange to re-hypothecate customers’ digital assets to third parties.

As mentioned in previous answers, businesses that provide online services related to the custody of electronic wallets will have to comply with Spanish AML legislation and register with the Bank of Spain. (The legislation does not establish a distinction between hot or cold storage solutions, so provisions apply to both.)

Additionally, in the case of consumer and data protection issues, the Spanish consumer protection framework and the General Data Protection Regulation (Regulation (EU) 2016/679, or GDPR) may apply respectively.

An analysis of the nature of the tokens offered through the ICO must be carried out in order to determine whether this is a “securities” or “commercial” activity. In this sense, as mentioned in 2.1 Regulatory Overview, ICOs may fall within the prospectus-filing requirements of the new LMV – given that cryptocurrencies could be considered securities, as the definition of financial instruments and negotiable securities is very wide (Article 2 of the LMV). If this is the case, the relevant provisions will apply to the following:

• the issuance, representation and transfer of the assets;
• the trading and distribution of the assets;
• the requirements applicable to information quality (ie, white papers); and
• market abuse.

There are no regulations in Spain that apply specifically to fundraising through the sale of tokens. Nevertheless, as stated in 5.1 Initial Coin Offerings, if – and to the extent that – such tokens fall under the definition of financial instruments contained in Article 2 of the new LMV, the Spanish and EU rules on public offerings for the exchange of securities may be applicable.

At the same time, if – and to the extent that – crowdfunding activities use tokens, the Spanish legal regime on crowdfunding may be applicable.

There are no specific regulations in Spain concerning the distribution of tokens via an airdrop or similar launch mechanism that does not necessarily involve a purchase of the token.

There are no special regulations in Spain that apply to investment funds or collective investment schemes that invest in digital assets, unless these fall under the definition of financial instruments contained within Article 2 of the LMV. In that case, the entity will be considered a financial collective investment scheme and accordingly have to comply with the provisions established in Law 35/2003, of 4 November, on collective investment institutions and the corresponding EU regulations.

There are special regulations in Spain applicable to broker-dealers or other financial intermediaries that deal in digital assets. Nonetheless, as per 5.4 Investment Funds, if the digital asset has the features of a financial instrument, then Spanish stock market legislation and the corresponding EU legal framework may apply to such financial intermediary.

There are no specific laws or regulations in Spain addressing the legal enforceability of private contractual arrangements made in whole or in part using blockchain-based smart contracts. Likewise, there are no judicial decisions on the matter (see 2.5 Judicial Decisions and Litigation).

That being said, in March 2022, the Spanish Data Protection Agency (Agencia Española de Protección de Datos, or AEPD) published a statement declaring that – to the extent the automated decisions of a smart contract may significantly affect individuals or profile them – the smart contract’s design must consider the requirements set out in Article 22 of the GDPR and incorporate the necessary safeguards and measures to protect the rights of data subjects.

Additionally, the Bar Association of Madrid (Ilustre Colegio de Abogados de Madrid, or ICAM) also published an article in its online blog in which it is argued that the smart contract’s recognition by the Spanish legal system will depend on the technical configuration of the smart contract, which determines how its authenticity and validity can be verified. The verification of these smart contracts can be conducted in several ways, including:

• through a trusted third party;
• by means of a network of trusted third parties;
• through a public notary or other authorized official; and
• through an open and fully decentralised network that relies on technologies such as blockchain.

Smart contracts turn the tables on the way agreements are defined and managed between parties. This is why law firms in Spain are playing a significant role in preparing a definition of this technology and possible resolutions in case conflicts arise from its misuse.

The ICAM established that smart contracts are essentially a digital version of a traditional contract, with the added feature of having an external verification method – of which the parties involved in the contract are independent. This means that smart legal contracts fall within the scope of electronic contracts, which are admissible under the principle of contractual freedom and the admissibility of electronic contracts recognised in Law 34/2002, of July 11, on information society services and electronic commerce. Contracts signed electronically, without human intervention, are also enforceable.

Currently, there are no existing laws, regulations, or court rulings specifically addressing the liability of developers of blockchain-based networks (or the code running these networks). This matter has also not been addressed at the European level.

However, under the current legal framework in Spain, the liability of developers would be assessed based on the general principles of civil law – and the Spanish Civil Code, in particular – according to which, both individuals and legal entities can be held accountable for damages. Consequently, a developer of a blockchain-based network (or the code it operates on) could be held responsible for losses resulting from the use of this software. For liability to be established, whether it was to arise either from a contractual or extra-contractual relationship, certain conditions must be met:

• there must be actual losses;
• the developer must be at fault (either through negligence or intentional wrongdoing); and
• a causal connection between the fault and the losses must exist.

For the success of an eventual claim, the affected party would necessarily have to prove the existence of the above-mentioned factors and provide a reasonable valuation of the damages incurred on account of the malfunction of the blockchain network and file their claim within five years if there was a contractual relationship or within one year if there was not.

It is important to note that, depending on the relationship between the parties involved, specific laws such as sector-specific regulations or consumer protection laws may apply alongside contractual regulations. Developers’ liability can be regulated through contractual agreements, which can be particularly relevant in both private and public distributed ledger technology systems. Terms of use can be drafted to exclude or limit liability within the boundaries permitted by law; however, it is generally not possible to exclude or limit liability for acts of gross negligence or intentional misconduct.

Although developers may not automatically be considered fiduciaries, they still have legal obligations to exercise reasonable care and take necessary precautions when developing and deploying their software. Users who suffer losses due to the developer’s negligence or intentional misconduct may have grounds to seek compensation by taking legal action.

Ultimately, the determination of liability in specific cases would depend on the interpretation and application of existing laws, as well as the specific facts and circumstances surrounding each case. It is worth consulting legal professionals familiar with the Spanish legal system for a comprehensive analysis of the situation.

There are currently no specific laws or regulations applicable to DeFi platforms in Spain.

DeFi platforms are designed to operate in a decentralised manner, which means they are not managed by a centralised authority or organisation. Instead, they are governed by smart contracts and protocols that are built on blockchain technology.

In the case of many DeFi platforms, the governance is managed by decentralised autonomous organisations (DAOs). These are community-driven organisations that operate on the principles of decentralisation and allow token-holders to participate in decision-making processes. The governance of a DeFi platform may involve voting on protocol upgrades, parameter adjustments, fee distributions, and other important decisions.

In this sense, given that providers of services for the exchange of fiat currency for virtual currency (and vice versa) and the custody of electronic wallets manage centralised platforms, DeFi platforms do not fall under the scope of the Spanish AML legal framework.

Loans in fiat currency (or even in cryptocurrency) secured by a crypto portfolio are becoming increasingly popular in the EU. Nonetheless, in Spain loans are subject to consumer protection legislation (Law 16/2011 of 24 June and Directive 2008/48/EC of 23 April). Additionally, if digital assets are considered intangible chattels (to the extent that they have no physical representation), then – according to the Spanish Civil Code – the appropriate security interest to be taken over the digital asset would be a pledge (which must be constituted through a public deed).

Nevertheless, it must be emphasised that the Spanish Civil Code provides for a forfeiture clause prohibition in relation to pledged chattels. In other words, the only way the security interest (ie, the pledged digital asset) can be perfected in Spain is through enforcement by means of a public auction, which will be carried out before a notary in accordance with Spanish civil procedure law.

Although Spain has no specific rules that directly concern the custody of digital assets, if such digital assets fall under the definition of financial instruments, then the Spanish stock market legislation will apply on the basis that its scope also covers custodian services over financial instruments.

Lastly, if the digital assets are stored in a custodian electronic wallet, Spanish AML legislation will apply to whichever entity or professional provides the custody service of such wallet. As mentioned in 4.3 KYC/AML/Sanctions, this means complying with all provisions regarding AML/CFT internal bodies and procedures and being registered within the Bank of Spain.

In Spain, there are currently no laws, regulations, or court decisions that specifically address privacy concerns related to blockchain technology. Nonetheless, the GDPR and the Spanish Data Protection Act should be applicable.

However, the EU Blockchain Observatory and Forum, acting on behalf of the European Parliament, has released reports and studies on this matter. One of the reports, titled Blockchain and the GDPR, describes in detail the tensions between blockchain and the GDPR – given that data included on the chain is immutable and blockchain is an append-only database. It also states that regulatory agencies are expected to gradually propose solutions that clarify the tensions between blockchain technology and data protection rules. These solutions might address the following aspects.

• Identification and obligations of data controllers and processors – iit is necessary to recognise that there are situations where it is challenging, and sometimes impossible, to identify data controllers. One such example would be when individual users are engaging in transactions or interacting with decentralised smart contracts on a public, permissionless blockchain for personal purposes.
• Anonymisation of personal data – it is necessary to assess the validity of different techniques that enable users to record “proofs of data” on the blockchain without actually revealing the underlying data, thereby ensuring privacy.
• Other relevant issues – these include lawfulness of data processing, data minimisation, the right to erasure (right to be forgotten) and the right to rectification, the right of access to personal data, automated processing, territoriality, and data protection by design and by default.

Based on the above-mentioned considerations, academic institutions and organisations utilising distributed ledger technology have put forward potential solutions, such as:

• storing data off-chain to enable its modification; or
• implementing measures to prevent access by third parties (including data controllers) once data processing concludes or when individuals request data erasure – for example, destroying encryption keys or implementing additional layers of encryption to render the data inaccessible.

Nevertheless, it is recognised in Spain and across Europe that blockchain technology offers numerous opportunities to improve data protection and security while aligning with the principles of data protection by design. This alignment ultimately ensures compliance with the GDPR.

As mentioned in 8.1 Data Privacy, the use of blockchain technology – especially public blockchains – raises issues relating to the proper identification of data controllers and processors, owing to the difficulty in identifying the actors involved. This is a challenge that complicates how data protection laws and regulations apply to the use of blockchain-based products or services and there is still no clear consensus on how regulators should proceed in this respect.

There are currently no specific laws, regulations or judicial decisions regulating mining activities in Spain. Similarly, this topic has not been addressed at the EU level.

There are currently no specific laws, regulations or judicial decisions regulating staking of tokens in Spain. Similarly, this topic has not been addressed at the European level.

Nonetheless, staking services could bear a certain resemblance to Alternative Investment Funds in the sense that the client provides a product (in this case, cryptocurrency for more cryptocurrency) and, in exchange, receives a fixed return.

However, blocking cryptocurrencies for a period of time (“staking”) is not the same as investing money into an asset, as the user does not separate themself from the possession of the cryptocurrency. Besides, there is no return of an investment in accordance with a defined policy – rather, only a reward calculated by a third party, which cannot be considered the same as an investment management company seeking absolute profitability. On the contrary, the purpose of calculating the staking seems to be to establish a percentage, based on which companies (generally crypto exchange services) charge a fee for their services.

Its important to note that Spain has transposed the Directive 2011/61/EU on Alternative Investment Funds and the authors believe that there are significant differences between the service of staking cryptocurrencies for a reward and alternative investments. Staking services would fit more appropriately within the concept of contractual freedom between two parties, thus falling under the general rules and principles that regulate all agreements – for example, good faith between the parties, free will, and legality.

On the other hand, this does not mean staking services will not be regulated in other respects. By way of an example, advertisement campaigns aimed at Spanish residents will be subject to prior notice to the CNMV when they are mass campaigns (please see 2.1. Regulatory Overview). In other words, the CNMV might obligate certain cryptocurrency service providers to comply with the prior notice requirement if it believes that their campaigns will have too much of an impact on the public.

For details of the tax provisions applicable to earnings originated from activities involving blockchain technology, please refer to2.8 Tax Regime.

To the best of the authors’ knowledge, there are currently no known DAOs in Spain. However, certain entities have begun to explore the potential of DAOs – particularly in the areas of social economy and finance.

At the moment there are no clear rules or guidelines regarding the legal and tax regime of DAOs in Spain.

In the tax field, the uncertainty arises from the fact that DAOs do not have legal personality or a registered office or management headquarters in a specific country, making it difficult to attribute a specific tax residence to them. This lack of connection with a country can present opportunities in terms of tax planning but also lead to:

• uncertainties about how tax authorities will react; and
• fiscal inefficiencies such as difficulties in protecting against double taxation.

In Spain, only one consultation has been published by the Tax Authority regarding DAOs (V2479-22) – whereby it confirms that, if the project leader of a DAO resides in Spain, they must issue their invoice to the DAO with Spanish VAT. This is because the DAO does not have legal personality, a specific location, or a tax identification number and therefore cannot be considered a business or professional entity for VAT purposes. It can be assumed that the DAO cannot deduct the VAT incurred, which represents a fiscal cost that puts the DAO in a worse position than traditional operators.

As mentioned in 10.1 General, no significant DAOs are currently active in Spain.

As mentioned in 10.1 General, there are currently no significant DAOs in Spain. However, the selection of the business model depends on the objectives and activities that the DAO wishes to carry out.