In 2023 and 2024, the main focus of the French blockchain sector has been the preparation of the implementation of Regulation (EU) 2023/1114 on Markets in Crypto-Assets (MiCA), which becomes fully applicable on 30 December 2024. Other significant developments include the tightening of the French regulatory framework of digital asset service providers (DASPs) following the bankruptcy of FTX in 2022 and the adoption of a bill that regulates the promotion by influencers of digital asset services. Finally, the French regulators have initiated several reports on the impact and regulation of decentralised finance.

MiCA

On 31 May 2023, the European Parliament and the Council of the European Union adopted the MiCA Regulation, which creates a unified European framework for digital asset services and issuances of digital assets (including stablecoins and utility tokens). With MiCA, the European Union is the first major jurisdiction to adopt a clear and harmonised regulatory framework for digital assets.

The provisions of MiCA on stablecoins became applicable on 30 June 2024. The remaining provisions apply as from 30 December 2024, but French DASPs which provided similar services before that date will be granted an 18-month transition period. On 30 June 2026, at the latest, all French DASPs will be required to be licensed as crypto-asset service providers (CASPs) under MiCA.

During much of 2023 and 2024, the European regulators (ie, the European Securities and Markets Authority or ESMA, and the European Banking Authority or EBA) conducted consultations to prepare for the adoption of dozens of “level 2” or “level 3” regulations. These are implementing regulations that supplement the provisions of MiCA on various technical matters (eg, regulatory technical standards may determine precisely what information needs to be included in the white paper published by an issuer of a digital asset). While this norm-making process has been rather delayed due to disagreements between ESMA and the European Commission, it is now expected that all these technical regulations will be adopted and published before the end of 2024.

Since the provisions of MiCA on stablecoins (formally designated as “electronic money tokens” or EMTs) are now applicable, various stablecoin issuers started to issue EMTs in accordance with MiCA as early as July 2024. In France, the EU subsidiary of the Circle group (the biggest centralised stablecoin issuer after Tether) obtained an electronic money institution licence and started the issuance of USDC and EURC in compliance with the provisions of MiCA (a white paper was published for each stablecoin, and EU holders of USDC and EURC were granted a legal redemption right on par with the French subsidiary of Circle). SG-FORGE (a subsidiary of banking giant Société Générale) also obtained a similar licence and started the issuance of EURCV.

Transfer of Funds Regulation (TFR)

On 31 May 2023, the revised Transfer of Funds Regulation (Regulation (EU) 2023/1113 on information accompanying transfers of funds and certain crypto-assets and amending Directive (EU) 2015/849) was also adopted. TFR strengthens the EU’s anti-money laundering and countering the financing of terrorism (AML/CFT) rules by transposing the “travel rule” promoted by the Financial Action Task Force (FATF) to the transfers of digital assets received or executed by CASPs.

Accordingly, EU CASPs will be required to comply with the travel rule obligations for every transaction, regardless of its amount. TFR becomes applicable on 30 December 2024, but its obligations will not be enforced immediately because they only apply to CASPs. Therefore, French DASPs which benefit from the 18-month transition period will not be expected to comply with the TFR until they convert their registration to a CASP licence. However, since the TFR also modifies the fourth Anti-Money Laundering Directive, French DASPs will have to implement additional verifications when dealing with self-hosted wallets, as early as January 2025.

Transition From the French DASP Framework to MiCA

In 2019, France was one of the first European jurisdictions to adopt a comprehensive regulatory framework for digital assets: Act No 2019-486 of 22 May 2019 (nicknamed the “PACTE Act”). The PACTE Act established a clear regulatory framework applicable to both DASPs and initial coin offerings (ICOs). Under the PACTE Act, an entity is required to register as a DASP with the French Financial Markets Authority (Autorité des Marchés Financiers or AMF) when it provides at least one of the following four services:

• custody of digital assets on behalf of third parties;
• buying or selling of digital assets in legal currency;
• the exchange of digital assets for other digital assets; and
• the operation of a digital asset trading platform.

In response to the bankruptcies of FTX and other prominent companies, the DASP framework was tightened in 2023. As a result, since July 2023, entities seeking to provide regulated services can no longer benefit from the original DASP status (ie, the “simple” registration) and must apply for a “reinforced” registration which involves additional obligations. The DASPs that were already registered before that date, however, are not subject to these new obligations. The three regulatory statuses that now co-exist in France: the “simple” registration, the “reinforced” registration, and the licence are described in detail in 4. Blockchain Regulation.

With MiCA becoming fully applicable on 30 December 2024, French DASPs must now prepare their transition to the CASP status, which will become mandatory on 30 June 2026. During that 18-month period, French DASPs can continue their operations under the pre-existing DASP regulation, but are expected to prepare their CASP application.

The AMF plans to facilitate the transition to the DASP licence for the DASPs that are currently subject to the stricter levels of regulation (ie, the DASPs subject to the “reinforced” registration and the licensed DASPs). These actors will benefit from a “fast track” procedure whereby the AMF will only conduct a limited review of part of the pre-existing operational procedures, as some obligations under the DASP framework are deemed equivalent with those of MiCA.

Indeed, MiCA effectively creates a competition between national regulators: since CASPs licensed under MiCA will be able to “passport” their services within the EU (ie, to provide their services in other EU countries without having to set up a local branch or be licensed by the local regulator), the first actors that will obtain the CASP licence will benefit from a competitive advantage. Therefore, in order to ensure that France remains a hub for digital asset service providers, it is in the interests of the AMF to facilitate the transition of the biggest French DASPs to the CASP licence.

Regulation of Influencers

On 9 June 2023, the Influencers Act (Act No 2023-451) was adopted. This act regulates the activities of influencers and prohibits influencers from marketing certain products, such as therapeutic methods, wild animals, and high-risk financial products. In particular, influencers are now prohibited from promoting:

• ICOs, except when the issuance is approved by the AMF (see 4. Blockchain Regulation);
• digital asset services, except when the DASP is registered; and
• digital assets themselves, except when the promotion is related to a digital asset service whose provider is a registered DASP, or when the advertiser is not subject to the DASP regulation.

Shortly after its enactment, the Influencers Act was criticised for being potentially incompatible with EU law. Therefore, an amendment has been prepared by the French government. It is expected to adjust the territorial scope and modify certain obligations applicable to influencers, but should not change the provisions related to digital assets.

Another recent government decree has adapted the Influencers Act to MiCA.

Central Bank Digital Currencies

The French Central Bank (Banque de France) has conducted many experiments and research projects around central bank digital currencies (CBDCs) in the past few years. These experiments relate both to wholesale CBDCs that could be used in inter-bank operations and for the settlement of transactions on tokenised market infrastructure, and retail CBDCs that could be accessible to retail users.

In 2023, for example, the Banque de France participated in Project Mariana with the Bank for International Settlements and the central banks of Singapore and Switzerland. That project tested the cross-border trading and settlement of wholesale CBDCs, and notably used, for the first time, blockchain-based market infrastructures to enable forex transactions between CBDCs. Specifically, Mariana used an automated market maker (AMM) inspired by the protocol Curve to implement these forex trades.

DLT Pilot Regime

In 2022, the EU adopted Regulation (EU) 2022/858 on a pilot regime for market infrastructures based on distributed ledger technology (the “DLT Pilot Regime”). It was part of the Digital Finance Package introduced by the European Commission in 2020 alongside MiCA.

Under a framework similar to a sandbox, the DLT Pilot Regime allows traditional financial intermediaries to develop market infrastructure based on distributed ledger technology (DLT). The purpose of the DLT Pilot Regime is to enable the creation of DLT trading and settlement systems (DLT TSS), which would combine in the same infrastructure both a multilateral trading facility (ie, a trading platform) and a settlement system. Effectively, under the monitoring of the regulated intermediary, the blockchain would replace the central securities depository, because the securities traded on the platform would be registered and transferred through the blockchain.

So far, the DLT Pilot Regime has been rather unsuccessful and there has not been any authorisation granted under that framework in the entire EU. However, in France, Kriptown completed a fundraise in 2024 and plans to obtain a DLT TSS authorisation in 2025.

Decentralised Finance (DeFi)

The current consensus is that DeFi is not included in the scope of MiCA. A recital of MiCA states that, “where crypto-asset services are provided in a fully decentralised manner without any intermediary, they should not fall within the scope of [MiCA]”. Therefore, experts are debating the precise meaning of “fully decentralised without any intermediary”. While some DeFi protocols could already be subject to MiCA (due to their lack of decentralisation), it is expected that the regulators will not seek to force these protocols to comply with MiCA in the short term.

In the meantime, the French regulators have shown a great interest in decentralised finance – both its technical functioning and its potential regulation. In 2023, both the French Prudential Supervision and Resolution Authority (Autorité de contrôle prudentiel et de résolution, or ACPR) and the AMF published consultation papers presenting their analyses of DeFi and potential regulatory proposals. The HCJP (Haut Comité juridique de la Place financière de Paris), a public think tank on banking and financial law sponsored by the French government and the regulators, created a working group on the treatment of decentralised anonymous organisations (DAOs) under French law, which published a report in May 2024. In addition, the AMF and ACPR created a joint working group on the certification of smart contracts.

The implicit purpose of these initiatives has been to influence the work of the European Commission on DeFi, since the European Commission is expected to publish a report on the matters not covered by MiCA (including DeFi) by the end of 2024.

France has become the central hub for crypto and blockchain companies in Europe, and several French start-ups have begun their international expansion. The following are examples of business models developed by French start-ups in the past few years:

• trading platforms for retail and institutional investors (Paymium);
• digital asset brokers focused on retail clients such as Coinhouse, Meria or Deskoin;
• prime brokers offering over-the-counter (OTC) services to traditional businesses and crypto-funds, such as Woorton and Aplo;
• market makers specialised in digital assets such as Flowdesk;
• hardware wallet manufacturers like Ledger (arguably the most prominent French crypto-company);
• data collection and analytics services such as Kaiko, offering market data on digital asset exchanges to institutional clients;
• NFT-based fantasy sports (Sorare);
• blockchain software development companies, including Nomadic Labs and Ark.io;
• layer 1 blockchains such as Massa Labs, a company developing a scaleable blockchain infrastructure;
• various DeFi projects founded by French teams (Morpho, Angle, Paraswap, Usual, Paladin, Mangrove, Atlendis, Kleros, etc);
• tokenised investment funds (Spiko tokenises regulated money market funds on public blockchains) and tokenised market infrastructure (Kriptown); and
• digital asset tax reporting and compliance tools (Waltio).

Some established financial institutions have also nurtured internal blockchain teams. The best example is SG-FORGE, which was one of the first to launch tokenised investment products (mostly regulated corporate bonds). SG-FORGE also launched Coinvertible (EURCV), a stablecoin that is now compliant with MiCA.

Finally, several global actors of the crypto-industry have chosen France as their European hub. The most prominent are Binance and Circle, the latter of which is now issuing its stablecoins (USDC and EURC) out of France in accordance with the MiCA framework.

Until recently, no specific provision under French law clarified the nature of the rights of ownership with respect to digital assets. Scholars and experts unanimously considered that digital assets belonged to the category of intangible goods (which also includes claims, patents, or copyrights).

New Provisions Dedicated to Digital Assets

Decree No 2024-936 of 15 October 2024 has created new provisions dedicated to digital assets in the Monetary and Financial Code. These rules are very similar to those that apply to traditional securities. The law now states that digital assets are “negotiable” intangible goods. The fact that they are negotiable means that, if the digital asset incorporates rights against a third party (which would be the case for stablecoins and for most utility tokens), these rights are transferred with the token to the new owner, without requiring notification of the issuer.

These new provisions further state that the transfer of ownership of digital assets results from the inscription of these digital assets “to the benefit of the buyer” on the blockchain. An exception to this rule is made when the digital assets are custodied by a professional custodian (such as a CASP): in that case, their transfer of ownership results from their inscription in the “register of positions” maintained by the CASP (ie, the internal accounting ledger that tracks the holdings of the CASP’s clients).

Further, MiCA seeks to protect investors against that risk by providing that a custodian of digital assets ensures that the assets belonging to its clients are safeguarded in the event of the CASP’s insolvency. Currently, some legal uncertainty may arise if a custodian of a digital asset were to become insolvent, since French law does not expressly state that the clients of a DASP are the legal owners of the digital assets that they deposited. Therefore, it is expected that French law will be amended again soon in order to clarify that the clients of a custodian remain the legal owners of their digital assets.

Under French law, there are currently only two categories of digital assets (actifs numériques): (i) tokens (jetons); and (ii) other digital assets.

The “other digital assets” include any digital representation of value that is not issued or guaranteed by a public authority and does not qualify as legal currency, but is accepted by legal or natural persons as a medium of exchange, and can be transferred, stored or traded electronically. That category notably includes cryptocurrencies. On the other hand, “tokens” are defined more broadly as intangible assets digitally representing one or several rights that may be issued, registered or transferred through a distributed ledger and which allow the direct or indirect identification of their owners.

Interestingly, financial instruments may qualify as tokens as soon as they are registered on a distributed ledger, which is permitted under French law (see 2.3 Tokenised Securities). Such tokenised securities would not qualify as digital assets, however, and would remain fully subject to securities law.

Categories Under French Law

Regarding the distinction between security tokens and digital assets, French law does not use jurisprudential precedents similar to the Howey test. Under French law, financial instruments (instruments financiers) include derivative contracts, equity securities, bonds, and shares in collective investment schemes. To determine whether a token qualifies as one of these subcategories, a judge would consider the purpose of the agreement between the token issuer and the subscriber, as well as the rights granted to the subscriber (ie, if a token-holder is entitled to a fixed share of the benefits of the entity issuing the token, that token may qualify as an equity security, and therefore as a financial instrument).

MiCA Categories

As from 30 December 2024, the categories created by MiCA will replace the existing categories used in French law. Under MiCA, the main category is that of “crypto-asset”, defined as a digital representation of a value or of a right that is able to be transferred and stored electronically using DLT or similar technology. Sub-categories include utility tokens, electronic money tokens, and asset-referenced tokens. Like French law, MiCA clearly states that a tokenised security that would satisfy the definition of “crypto-asset” would not be regulated under MiCA, but only under the other regulations that apply to traditional securities.

Since 2017, French law has allowed the “tokenisation” of traditional securities (titres financiers). The securities that can be tokenised include equity securities, debt securities (such as bonds) and units or shares of collective investment schemes (ie, investment funds regulated under the UCITS or AIFM Directives). Derivatives cannot be tokenised, since they are contracts and are not embedded in transferable titles.

In practice, this means that a tokenised security has the exact same value as a security registered using a traditional method (such as a paper ledger). That equivalence is expressly confirmed by the applicable provisions of the Monetary and Financial Code. As such, the token does not “represent” or “reflect” the underlying security: the token is the security. All the legal rights attached to the security are embedded within the token, and the transfer of the ownership of the security results from the valid transfer of the token on the blockchain.

However, it is important to note that French law does not expressly state what kind of blockchain has to be used (eg, public or private), nor how the registration is supposed to be made. The common practice is for the issuer to mint fungible tokens (with each token representing an individual security) and transfer them to the blockchain addresses controlled by the security holders. But other methods could be used.

The tokenisation of securities has now become rather common in France. Pioneers include Equisafe and Blockpulse, which started to provide tools for start-ups to manage their tokenised capital as early as 2019. More recently, SG-FORGE tokenized various debt issuances on the Ethereum blockchain. BNP Paribas’ Asset Foundry did the same in 2022 for an ESG bond issued by energy giant EDF ENR. The tokenisation of regulated investment funds is also increasingly used, with notable funds tokenisation platforms including Spiko and Iznes.

The Pilot Regime

However, French law only allows the tokenisation of unlisted securities. Indeed, the regulation of market infrastructure was deemed incompatible with the use of blockchain for the registration and transfer of listed securities. Therefore, the Pilot Regime, a dedicated EU-wide sandbox, was created in 2022. The Pilot Regime allows national regulators to exempt traditional financial intermediaries from certain obligations when they operate a blockchain-based market infrastructure dedicated to tokenised securities.

Despite their growing popularity, stablecoins were not subject to any specific treatment under the DASP regulatory framework. They clearly qualified as digital assets and were treated as such by both regulators and DASPs.

Categories of Stablecoins

However, since 30 June 2024, MiCA directly regulates stablecoins. MiCA creates two categories of stablecoins: (i) “electronic money tokens” (EMTs); and (ii) asset-referenced tokens (ARTs). EMTs are defined as “a type of crypto-asset that purports to maintain a stable value by referencing the value of one official currency”, while ARTs are defined as “a type of crypto-asset that is not an electronic money token and that purports to maintain a stable value by referencing another value or right or a combination thereof, including one or more official currencies”. ARTs are a catch-all category that would notably include a stablecoin pegged to several currencies (such as the Libra stablecoin which Meta planned to build in 2019) or a stablecoin pegged to a commodity (such as PAX Gold).

MiCA does not distinguish between fiat-backed stablecoins and crypto-backed (such as DAI or LUSD) or algorithmic stablecoins. What matters is the purpose of the stablecoin (ie, “maintain a stable value” by referencing an official currency), and not the method to achieve that stability. Similarly, MiCA does not distinguish between centralised and decentralised stablecoins, although decentralised stablecoins might benefit from MiCA’s “DeFi exemption” (ie, crypto-asset services provided “in a fully decentralised manner without an intermediary” are not covered by MiCA).

Licensing of Issuers

Issuers of EMTs are required to be licensed either as credit institutions or as electronic money institutions. Issuers of ARTs may be licensed as credit institutions, or obtain a specific authorisation under MiCA. In both cases, the issuance of the EMT or ART requires the publication of a white paper (ie, a offering document containing various information about the issuer, the tokens being issued, and the rights attached to the tokens) and the compliance with certain specific obligations. For example, issuers of EMTs and ARTs (and CASPs providing services in relation to these stablecoins) are forbidden from granting interest to their clients.

In France, two stablecoin issuers have already obtained a MiCA-compatible licence and started to issue EMTs in compliance with MiCA: Circle Internet Financial Europe (the EU subsidiary of Circle), which issues USDC and EURC in the EU, and SG-FORGE, which issues EURCV.

Non-fungible Tokens (NFTs)

Currently, no regulatory framework exists in France concerning NFTs. The legal qualification of NFTs is rather difficult since their characteristics often vary, both in terms of actual non-fungibility and representation of “offchain” rights or assets. A case-by-case analysis is therefore necessary to determine whether an NFT qualifies as a “token” under French law.

Concerning MiCA, NFTs are theoretically out of its scope. A recital provides that MiCA “should not apply to crypto-assets that are unique and not fungible with other crypto-assets, including digital art and collectibles”. But MiCA also states that NFTs would not necessarily be regarded as “unique and not fungible” if they are issued “in a large series or collection”. The main criterion is the unicity: in order to be truly non-fungible, the NFT should represent rights or assets that are not fungible between themselves.

MiCA also requires ESMA to prepare a report assessing the development of NFT markets and determining whether and how NFTs should be regulated. The EU crypto-industry widely expects that NFTs will be included in the future update of MiCA (ie, the “MiCA 2” project), along with other activities that are not covered by MiCA, such as decentralised finance, staking, and the lending of crypto-assets.

In France, only the euro is recognised as legal currency and a creditor cannot be compelled to accept a payment made in another currency. However, upon agreement of the parties, international payments and payments between professionals can be made in foreign currency.

Despite the recognition of Bitcoin as an official currency in El Salvador in 2021, it is still not considered as an actual foreign currency in France – notably from a tax perspective.

In any case, since the principle of contractual freedom generally prevails, the parties to a contract may agree to use a digital asset as a means of payment. However, that operation would be legally regarded as an exchange rather than a payment. In practice, various French retailers and websites allow payments in digital assets. Most of these retailers use an external payment services provider, which automatically converts the digital assets received from the client to euros, shielding the retailer from price volatility.

Finally, the status of regulated stablecoins (ie, EMTs) as legal currency is currently debated between regulators, scholars and experts. Indeed, MiCA states that EMTs “shall be deemed to be electronic money”. Electronic money is itself included in the category of “funds” under the payments legislation, along with scriptural money, bank notes and coins. Therefore, some argue that payments in EMTs will be deemed equivalent to payments in traditional electronic money, which themselves are effectively used as an alternative to traditional bank transfers.

French law does not establish a framework specific to the use of digital assets in collateral arrangements.

However, most scholars and experts agree that digital assets can validly be used as collateral in contractual relationships under the general rules applicable to security interests. More precisely, since digital assets are intangible goods that are not subject to a specific regime, their use as collateral is governed by the rules applicable to tangible goods. These rules are generally compatible with general assets and even allow the use of a custodian to ensure that the collateral is safeguarded by a third party in order to protect the creditor.

In connection with the upcoming reform of French civil law, aimed at creating rules specific to digital assets (such as rules clarifying the ownership of digital assets deposited with a custodian), it is expected that a regime dedicated to the use of digital assets as collateral will be created.

No regulation currently addresses the enforceability of smart contracts.

However, the French legal system can accommodate such contractual arrangements under the existing legal framework. The French Civil Code does not require a specific form for most contracts, therefore providing flexibility for smart contracts to be recognised as valid agreements under French law. Enforceability thus relies on general contract law principles, such as consent and capacity, as well as lawful content. French courts would likely assess smart contract validity and enforceability on a case-by-case basis, considering specific facts and circumstances. Courts would likely examine whether the smart contract at stake complies with French general and specific contract law requirements.

Difficulties may arise, since not all smart contracts are equivalent: some smart contracts can be seen as automated computer programs executing the modalities of a separate and validly formed agreement, while, in other cases, the computer code itself might be deemed as constituting the entire agreement.

To date, the main references to smart contracts in court decisions can be found in criminal matters concerning scams or hacks involving DeFi protocols. In the notable “Platypus decision” (1 December 2023), a criminal court found that the hackers that caused an USD8.5 million loss for a stablecoin protocol had not committed any criminal offence, but rather suggested that the hackers may have entered into a contractual relationship with the protocol by “borrowing” the exploited funds.

In addition, in 2023, the ACPR published a report on DeFi aimed at assessing the risks and opportunities associated with it, and exploring potential regulatory approaches. That report notably analysed the role of smart contracts and suggested that:

• Smart contracts that are addressed or used by consumers could be subject to French consumer law, which includes rules on consumer protection, professional liability and the prohibition of misleading commercial practices.
• Smart contracts that process personal data would be subject to data protection legislation, and in particular, the European General Data Protection Regulation (GDPR). Smart contract developers should therefore comply with data protection requirements, including in the collection, processing and storage of personal data, in compliance with the GDPR.
• Smart contracts that enable fund transfers or financial transactions should be subject to anti-money laundering legislation.
• The code of smart contracts should be certified by public or private authorities.

Concerning the liability of smart contract developers, there is no specific case law either. Based on the general principles of contractual liability or tort, a developer may be found liable for the losses incurred by the users of a smart contract, notably if these are related to vulnerabilities or security issues that should have been fixed by the developer.

Prudential Requirements for Credit Institutions

The latest update of the Capital Requirements Regulation (Regulation (EU) 2024/1623 of 31 May 2024 amending Regulation (EU) No 575/2013 as regards requirements for credit risk, credit valuation adjustment risk, operational risk, market risk and the output floor) determines a prudential treatment for crypto-assets, following the recommendations of the Basel Committee on Banking Supervision.

Under that new prudential framework, most crypto-assets (including cryptocurrencies and utility tokens) will be assigned a 1.25% risk weight. That framework also caps banks total exposure to crypto-assets to 1% of their Tier 1 capital. In addition, until the end of a transition period that will end on 30 June 2025 at the earliest, EMTs will be assigned the same 1.25% risk weight, despite being considered as equivalent to electronic money by MiCA. 

Investment Funds

French law currently allows two categories of regulated investment funds (which may only be distributed to professional investors) to invest in digital assets. Several regulated asset managers (such as XAnge and Arquant) have set up investment funds that will invest (partly or totally) in digital assets. These set-ups generally involve a partnership with a DASP that will handle the custody of the digital assets owned by the fund.

To date, there is no regulatory sandbox in France dedicated to blockchain or fintech initiatives, and there is no plan by French regulatory authorities to implement such a sandbox.

In general, French regulators consider that innovative actors should comply with the existing legislation and, if needed, establish partnerships with regulated entities to distribute their services in a compliant way. The regulators also try to apply a proportionality principle whereby smaller actors are not expected to dedicate as many resources to compliance as larger, established institutions.

However, the DLT Pilot Regime (which is applicable in France) can be considered a sandbox. See 1.1 Evolution of the Blockchain Market.

FATF Recommendations

The updated recommendations of the FATF suggest that a public authority should register various actors involved in the digital assets economy, and require them to comply with the AML/CFT legislation. Entities required to comply with the FATF’s requirements are those that provide the following services:

• exchange between digital assets and fiat currencies;
• exchange between one or more forms of digital assets;
• transfer of digital assets;
• safekeeping and/or administration of digital assets or instruments enabling control over digital assets; and
• participation in and provision of financial services related to an issuer’s offer and/or sale of a digital asset.

These recommendations have been followed by the EU, since all these services will be regulated under MiCA and require a CASP licence.

In addition, the FATF’s recommendation on the extension to digital assets of the travel rule have also been followed: these were included in the Transfer of Funds Regulation (TFR).

UNIDROIT

UNIDROIT is the International Institute for the Unification of Private Law. One of UNIDROIT’s working groups aims to develop a future legal instrument containing principles and legislative guidance in the field of private law and digital assets.

In January 2023, UNIDROIT released a public consultation on a collection of “Draft Principles and Commentary pertaining to Digital Assets and Private Law”. These principles notably address control, custody, secured transactions, enforcement, and insolvency. They state conflict of law rules that may apply to these various situations. The final principles were adopted in May 2023.

The AMF is the regulator responsible for supervising DASPs and ICOs. It will also be in charge of CASP applications under MiCA.

The Prudential Supervision and Resolution Authority (ACPR) is the regulator of the banking, insurance and payment sectors. It reviews the AML procedures of DASP applicants and monitors DASPs’ compliance with the AML/CFT legislation. Under MiCA, the ACPR will be in charge of the supervision of EMT and ART issuers.

The prominent French trade organisation dedicated to digital assets is known as ADAN (Association pour le développement des actifs numériques). ADAN was created in January 2020 and now counts as its members the vast majority of the French crypto and blockchain ecosystem.

ADAN does not have any regulatory or self-regulatory role, although it encourages its members to develop best practices and regularly issues guides on the implementation of various regulatory obligations.

Both the AMF and the ACPR have set up internal fintech teams whose role is to advise innovative actors and put them in contact with the relevant teams internally (eg, the legal department or the authorisation department). These fintech teams also participate in many working groups on the evolution of banking and financial regulation, and notably engage with EU stakeholders (ie, ESMA, the EBA and the European Commission).

At the government level, various initiatives support the development of start-ups (eg, La French Tech, the Next40 list of future unicorns, etc). Various public programmes also aim at facilitating the funding of start-ups, notably through the support of Bpifrance (a state-owned investment bank). However, the government has not created programmes specifically dedicated to blockchain or fintech. However, several teams of the French Treasury (a directorate of the French Ministry of the Economy and Finance) directly engage with blockchain start-ups.

There have been few notable judicial decisions concerning digital assets in the past few years. It should be noted, however, that not all court decisions are public, and that obtaining a final decision from the Cour de cassation (ie, the French Supreme Court for civil and criminal cases) is a lengthy process that can take several years.

Concerning the treatment of digital assets under civil law, the most significant decision remains the decision of the Commercial Court of Nanterre dated 26 February 2020. While the Commercial Court of Nanterre is a first-level jurisdiction, this decision was not appealed and is regarded by experts as an influential legal precedent. The dispute focused on the legal qualification of a loan of bitcoins, in the context of a fork between Bitcoin and Bitcoin Cash (BCH) in 2017. Following the fork, the borrower had reimbursed the bitcoins but retained the BCH resulting from the fork. The court confirmed that the borrower was allowed to retain the BCH based on an analysis stating that bitcoins are fungible. Because they are fungible, their loan transfers the ownership to the borrower (while a loan of a non-fungible good, under French law, would not necessarily transfer the ownership). As such, any revenue or profit resulting from the ownership of the bitcoins before the reimbursement validly belongs to the borrower.

To date, no other court decision appears to have contributed to the legal regime of digital assets under civil law.

Most of the other court decisions revolve around relationships between DASPs and their clients and do not clarify the legal regime of digital assets. The other notable decisions were rendered by criminal courts in relation to DeFi hacks or scams. In particular, the ArbiApe (June 2023) and Platypus (December 2023) decisions showed that criminal courts were unable to demonstrate that common criminal incriminations (such as theft or fraud) were committed in the context of these hacks or scams.

There are currently more than 100 DASPs in France. All of these are registered by the AMF and, among various other obligations, are required to comply with the AML legislation.

The ACPR (which is in charge of monitoring the DASPs’ implementation of the AML legislation) has started an enforcement initiative and many DASPs are already under the control (or are currently being brought under the control) of the ACPR. To date, the ACPR Enforcement Committee has not issued any decision in relation to a DASP, but it is expected that several enforcement decisions will be rendered in 2025.

In addition, while no enforcement decision has been published, a DASP (Bykep SAS) was removed from the AMF’s list of registered DASPs in 2022. That removal was motivated by various breaches of that DASP’s regulatory obligations, including its failure to adequately implement the AML legislation.

The tax treatment of digital assets has mostly remained the same in the past few years, although many uncertainties remain.

Individuals

The specificity of the French tax regime applicable to individuals is that “crypto-to-crypto” transactions do not trigger a taxable event. An individual that owns digital assets is taxed when (i) they sell those digital assets for legal currency; or (ii) they use those digital assets to purchase a good or service without first converting the digital assets to legal currency (ie, when digital assets are used as a means of payment). The taxation is waived when the aggregate amount of the sales is below EUR305 per year.

For individuals acting outside of a professional activity, these capital gains are subject to a 30% flat tax. For individual traders (or whenever the capital gains are related to a professional activity), the tax regime above is not applicable and the common tax regime for professionals is used (ie, the “crypto-to-crypto” transactions do trigger a taxable event).

In addition, the tax administration has issued guidelines stating that gains from mining made by individuals will be taxed as non-business profits. In 2023, an amendment to the annual finance bill planned to put the “passive” revenues earned by owners of digital assets (such as staking) in the same “non-business profits” category. That amendment was eventually overturned and the tax regime applicable to staking revenues remains uncertain.

Professionals and Companies

The flat tax mentioned above is not applicable to companies and individuals acting as professionals. For them, digital assets are treated as regular intangible assets and each transaction is included in the company’s profit and loss statement. The annual income generated by the sales of digital assets (or by the passive revenues generated by the digital assets owned by the company) is taxed at the applicable rate, like any other non-crypto income.

In France, the ESG impact of digital assets has been mentioned in various reports on digital assets published by public institutions. For example, a 2021 report on crypto-assets by the French National Assembly stated that the environmental impact of proof-of-work blockchains is “not negligible”. In particular, the French parliament rejected a proposal to include crypto-miners in the list of “electro-intensive industries” that are exempt from a tax on electricity consumption.

Otherwise, the main application of ESG/sustainable finance principles to digital assets results from MiCA. Under MiCA, any white paper (whether related to an EMT, an ART, or any other crypto-asset such as a utility token) must contain information on the “principal adverse impacts on the climate and other environment-related adverse impacts of the consensus mechanism used to issue the crypto-asset”.

Draft regulatory technical standards (RTS) have been prepared by ESMA and the EBA to precisely determine the information that will be provided in the white paper by token issuers. For example, they must disclose the total amount of electricity used by the blockchain network for the issuance, and determine the share of energy generated from renewable sources.

The protection of personal data is regulated by Regulation (EU) 2016/679 of 27 April 2016 (the General Data Protection Regulation or GDPR) and Act No 78-17 of 6 January 1978 (as amended).

The GDPR provides EU residents with various rights in connection with their personal data, such as:

• the right of access – ie, the right to request a copy of any of the data subject’s personal data which is being “processed” (ie, used in any way) by “controllers” (ie, those who decide how and why data is processed);
• the right to erasure – ie, the right for the data subject to have its data erased, without undue delay, by the data controller, if one of the conditions set out in the GDPR applies; and
• the right to rectification – ie, the right to have the data rectified by the controller without undue delay.

The decentralised nature of public blockchains raises a number of challenges regarding the enforcement of these rights. In this regard, it might be complex or impossible to identify a data controller and a data processor within the meaning of the GDPR. Further, the immutable nature of blockchains may prevent the enforcement of certain rights, such as the right to erasure.

Many of these issues could be mitigated, but doing so would result in a solution which substantially deviates from the way public blockchains work. For example, a private permissioned blockchain would allow its controlling entity to identify all the participants and process their personal data in accordance with the GDPR.

Relatedly, storing most of the personal data on “off-chain” ledgers would alleviate some of the issues around erasure, data minimisation and storage limitation.

The compatibility of blockchain technology with the GDPR was discussed in an analysis published in September 2018 by the French data protection authority (the National Commission on Informatics and Liberty, or CNIL). The CNIL concluded that once personal data is available on a blockchain, GDPR rules apply. However, the CNIL acknowledged that enforcing the GDPR is impractical with respect to public blockchains, and recommends not storing unencrypted personal data in a blockchain.

Finally, the status of a blockchain address as personal data (within the meaning of the GDPR) is still unclear. While it is clear that the address is personal data when it is collected in conjunction with other personal data (eg, when a DASP collects both the identity of its client and the blockchain address used for on-chain withdrawals), this may not be the case when the only data that is collected is the blockchain address (ie, when the person that controls the address remains anonymous). Some experts still argue that, even in this case, a blockchain address must be treated as personal data because the owner of the address could theoretically be identified (notably, using on-chain analytical tools).