Blockchain & Crypto-Assets 2026 Comparisons

Last Updated June 11, 2026

Contributed By Gernandt & Danielsson

Law and Practice

Authors

Niclas Rockborn
Rikard Sundstedt
Robin Entenza

Gernandt & Danielsson has established a reputation as one of the leading Swedish fintech law firms, particularly in payments, cryptocurrency/blockchain and other innovations in digital finance. Its financial services team brings together 12 legal professionals with diverse backgrounds in corporate law and securities, banking and finance, regulatory compliance, data privacy and cybersecurity and several other key areas. The firm services the full spectrum of fintech legal needs (excluding tax), covering payments and e-money, anti-money laundering, licensing of new fintech firms, data protection, cryptocurrency (and other blockchain and distributed ledger technology matters), cybersecurity and intellectual property rights for the protection of unique fintech concepts. It advises a diverse roster of emerging and incumbent clients, including market-leading Swedish cryptocurrency exchange service providers, multinational fintech companies (eg, offering cryptocurrency trading and transfer services), leading global cryptocurrency exchanges and major Swedish banking institutions.

The blockchain sector in Sweden is undergoing a fundamental transformation with 2026 marking the first year in which crypto-asset service providers are comprehensively subject to regulatory authorisation requirements under Regulation (EU) 2023/1114. This regulation, known as MiCA (Markets in Crypto-Assets), comes at a time when other use cases of blockchain technology are simultaneously being explored and afforded legitimacy at unprecedented levels. While only a few years ago blockchain technology and crypto-assets received no bespoke legal treatment under Swedish law, they now represent a distinct category of financial assets subject to rules comparable to those governing traditional financial activities (banking, payment services, investment services, etc). The clear market trend is that both supervisory authorities and larger financial institutions are shifting from a conservative stance towards a more open and welcoming approach to crypto-assets and blockchain technology. One example is the joint initiative by nine major European banks (including Swedish SEB) to launch a Euro-pegged stablecoin.

A key regulatory milestone was reached in late 2025, when the transitional regime under MiCA expired, making it mandatory for crypto-asset service providers to have submitted authorisation applications in order to continue their activities. This marked a clear shift from a largely unregulated environment to one subject to comprehensive licensing and supervision. The coming year will therefore be a period for recently authorised firms to demonstrate their ability to adapt to operating in a regulated environment, and for supervisory expectations to be articulated more concretely.

In parallel with MiCA, the DLT Regulation (Regulation (EU) 2022/858) has introduced a pilot regime enabling the use of blockchain technology for trading and settlement of financial instruments. A Swedish legislative proposal (SOU 2023:102) was put forward in 2023, seeking to align Swedish law with the DLT Regulation by introducing provisions modelled on existing rules for book-entry financial instruments. The proposal has, however, been subject to delays and has not yet entered into force. These developments illustrate a broader trend in Sweden towards integrating blockchain-based financial services into the established regulatory framework, albeit at a pace that has not always kept up with the EU legislative agenda.

For several years, the industry has been led by traditional blockchain operations such as cryptocurrency exchanges. However, interest has grown in innovative uses of blockchain technology in other contexts, such as a means of collateral in lending arrangements and in crossovers and combined service offerings of token-based payment transactions and traditional payment transactions. In line with Sweden’s reputation as a leading fintech market, Swedish companies continue to explore blockchain applications that extend beyond conventional practices.

There are currently no regulatory sandboxes for blockchain technology in Sweden. The Swedish Financial Supervisory Authority (SFSA) has taken a clear position against them, citing concerns that regulatory sandboxes may lead to differential treatment and conflicts of interest, that legislation inhibits and restricts the SFSA’s ability to grant waivers or exemptions from applicable regulations, and that there is insufficient evidence of regulatory sandboxes having meaningful impact and beneficial effects on the market. This position by the SFSA has been criticised and challenged by the industry.

As an alternative, the SFSA has launched an initiative called the Innovation Compass ‒ an initiative for structured dialogue between the SFSA and financial sector stakeholders on matters relating to innovation and business development. The process involves market participants submitting topic proposals, the SFSA selecting which to pursue, forming reference groups for discussion, and publishing the outcomes in reports.

While the SFSA has traditionally been perceived as conservative in providing proactive guidance, the Innovation Compass potentially signals a shift towards a more open and collaborative approach.

Blockchain technology, as such, is not regulated under Swedish law. However, many use cases of blockchain are subject to broader technology-oriented regulation.

DLT Regulation

The DLT Regulation is a major component of blockchain use-case regulation, supplemented by proposed domestic Swedish legislation.

The DLT Regulation introduces a time-limited pilot regime enabling operators of DLT market infrastructures to be exempt from certain regulatory requirements that would ordinarily apply to market infrastructure providers. This facilitates testing, trading and settlement of DLT-based financial instruments in a less heavily regulated environment. Operators may opt into the regime by applying to the SFSA and, if approved, benefit from the reduced requirements.

The Swedish legislative proposal seeks to supplement the DLT Regulation by amending relevant Swedish legislation to facilitate the use of DLT in securities trading and settlement. Key proposed changes include:

  • adaptations to Swedish law addressing the possibilities of DLT-based financial instruments being nominee-registered and managed by, for example, a bank (a nominee) on behalf of a client; and
  • changes to Swedish companies law declaring distributed ledgers as share registers, which is equivalent to share registers managed by a central securities depositary.

The amendments were proposed to take effect from 1 January 2025 but have been delayed, and no new effective date has been set.

Data Privacy

At face value, the Swedish laws and regulations that apply to data privacy fundamentally apply to operations with blockchain-based products and services in the same way as for other operations, without any specific derogations for blockchain-related operations specifically. To date, there is no case law or guidance from the Swedish Authority for Privacy Protection specifically addressing blockchain-based data processing.

As in other EU jurisdictions, the main source of data privacy-related rights and obligations in Sweden is the General Data Protection Regulation (Regulation (EU) 2016/679, or GDPR), which governs matters such as individuals’ right to:

  • access their personal data that is being processed;
  • the rectification of incorrect information about them; and
  • the erasure of personal data that it is no longer necessary to process, for whatever purpose it was originally collected and processed.

The rights and obligations in the GDPR require careful analysis when being practically implemented in blockchain-based operations. Data protection measures should take into account the inherent characteristics of blockchain technology, particularly that services and products often operate on public blockchains, which do not require any special permissions to become a participating node (eg, the most common cryptocurrencies powered by blockchain).

The GDPR is based on the assumption that there is a “data subject”, whose personal data is being processed by a “controller” that determines the purpose and means of the data processing. A typical scenario is of a bank that acts as the “controller” of the personal data that it processes about its customers. The bank may, in its role as a controller, engage service providers as its processors. The GDPR consequently establishes rights for data subjects and corresponding obligations for controllers and processors.

In a blockchain context, the allocation of these roles is particularly complex, as there may not be a single controller but rather numerous independent parties uploading, processing and storing data on and outside the blockchain. It is therefore important to carefully analyse and define the roles and responsibilities of all parties at an early development stage.

The roles set out in the GDPR must therefore be taken into account from the very beginning of the design phase of the blockchain in order to clearly define accountability for fulfilling the obligations that the GDPR imposes on controllers.

The architecture of the blockchain must also incorporate data protection strategies to ensure that data subject rights can be exercised in practice, given that blockchain technology generally only permits data to be added, not removed.

A notable example is the right to be forgotten ‒ the right for a data subject to have their personal data erased when there are no longer lawful grounds for processing it ‒ which is inherently difficult to implement on an immutable ledger.

The GDPR establishes the concept of “data protection by design and default”, meaning that data protection measures should be implemented as integrated components of technical systems and services rather than as additional layers. Controllers must also implement appropriate security measures to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services and to restore personal data in the event of any unforeseen incident.

Where appropriate, security measures should also include measures for the encryption of data, which is particularly interesting in the context of blockchain technology. There is an important distinction between truly anonymised data and data that is only pseudonymised. Where an anonymisation process results in data that is impossible to link to any individual and where that process is also irreversible, the resulting anonymous data is entirely beyond the scope of the GDPR.

Methods for removing identifying characteristics of data that do not meet this standard of true anonymisation are instead referred to as “pseudonymisation” and the GDPR remains applicable to pseudonymised personal data. In a blockchain context, data will often qualify as pseudonymised rather than anonymised, because although a public blockchain may not openly contain identifying details, it is typically possible to indirectly link public keys or addresses to individuals through pattern analysis.

Blockchain-based services are therefore generally not considered anonymous and remain subject to the GDPR, although each blockchain must be assessed on the basis of its particular characteristics.

In April 2025, the European Data Protection Board (EDPB) published draft guidelines on the processing of personal data through blockchain technologies. The guidelines address the intersection of the GDPR and blockchain technology and provide a framework for assessing the implications of blockchain architecture on personal data processing, emphasising the need for careful consideration of roles and responsibilities within the blockchain ecosystem.

One of the matters the draft guidelines address is potential ways to satisfy the requirements in the GDPR in blockchain-based data processing where the technical possibilities of deleting or modifying data are typically very limited or non-existent, due to the inherent essential characteristics of blockchain technology. The draft guidelines suggest that technical security measures such as encryption of data, hashing or use of cryptographic techniques can be evaluated as tools and means to facilitate GDPR compliance in blockchain environments where modifying or deleting data is typically impossible. The draft guidelines also emphasise more generally that technical impossibility cannot be invoked to justify non-compliance with GDPR requirements and highlight the importance of conducting a data protection impact assessment (DPIA) before implementing blockchain-based processing of personal data.

Smart Contracts – Enforceability

There are no specific laws or judicial decisions addressing the legal enforceability of smart contracts. The Swedish law on the formation of contracts is technology-neutral and therefore does not preclude smart contracts from constituting valid agreements between the parties that use them. In this regard, two cases may be distinguished.

In the first case, parties agree “off-chain” to use a particular smart contract as a mode of delivery when executing an obligation that has been agreed “off-chain” (eg, an interest payment) on a particular date that is automatically calculated and executed by the smart contract where the underlying right to the payment is documented in a loan agreement “off-chain”. The validity of the performance of an obligation is within the freedom of contract of the parties and will generally be legally binding.

In the second case, the parties do not have a pre-existing relationship that has been agreed “off-chain” but rather use the smart contract as their only mode of communicating and exchanging performances. Under Swedish law, a contract may be entered into between parties through action, with the textbook example of a car park user being bound by the terms of the parking garage by parking in the garage (as long as the terms are available to the car park user). It is likely that the same reasoning can be applied to a contract being entered into through the use of a smart contract.

It is not the smart contract itself that constitutes the agreement. An agreement between two parties is a legal concept of an abstract nature that in turn can be manifested and documented (eg, through a written contract or computer code in a smart contract), but the manifestation does not necessarily reflect the binding abstract agreement between the parties. However, it is often difficult to prove that the content of an agreement differs from its physical manifestation.

Swedish law on the formation of contracts also allows for the altering of contracts on the grounds of their being unconscionable (especially in relation to consumers vis-à-vis businesses) or because the formation of the contract was invalid due to fraud, usury or duress, for example. The manifested obligations and any performance of a smart contract can therefore potentially be challenged in court on the grounds of the agreement being unfair or invalid.

There are a few industry organisations active on the Swedish blockchain market with the aim of publishing reports, engaging with regulators, enabling networking and providing a forum for innovation. These include Blockchain Sweden and the Swedish Blockchain Association.

There are no privately governed organisations with judicial or semi-judicial powers in the blockchain field.

Crypto-assets are recognised as property under Swedish law and can be owned and transferred under generally applicable rules. Swedish law does not require that legal validity of intangibles be explicitly set out in statute, and the legal protections afforded to other forms of intangibles also apply to crypto-assets. No bespoke formalities exist for establishing or exercising ownership of crypto-assets.

There are two ways owned blockchain-based digital assets can be transferred, these being:

  • finalisation of a transfer between the parties to the transfer; and
  • finalisation and validity of transfer of ownership for purposes of rights in rem.

General contract law principles apply between the parties to a transfer of blockchain-based assets, meaning that the parties are generally free to determine at what point during the transactions various rights and obligations associated with the ownership of the assets will be transferred from one party to the other, as well as their respective liabilities to one another during the course of completing the transaction (and thereafter). In that regard, Swedish law does not prescribe any particular rules specific to blockchain-based assets.

However, the validity of ownership transfer from the perspective of rights in rem is more complex and, in the absence of precedents, remains unsettled. One fundamental aspect of rights in rem under Swedish law is how and when transfer of ownership to certain property confers protection to the transferee (purchaser) from claims by the creditors of the transferor (seller).

Under Swedish law, a transfer of ownership must ordinarily be manifested through some observable action to confer rights in rem (ie, protection from the seller’s creditors). For physical movable property, this is achieved through the transfer of possession (the “principle of tradition”). For immovable property and dematerialised assets, where physical delivery is impractical, the legislature has instead enacted specific legislation tying rights in rem to registration.

For example, this applies to:

  • dematerialised stocks and bonds;
  • other types of financial instruments; and
  • emission allowances.

However, for blockchain-based assets, there are no similar rules under Swedish law which ascribe validity to rights in rem based on registration. It is therefore uncertain whether and how rights in rem could be obtained for transfers of blockchain-based assets.

This issue is addressed in the legislative proposal accompanying the DLT Regulation (SOU 2023:102). If enacted, the proposed changes would mean that the person registered as owner in the ledger of a DLT-based financial instrument is presumed to have ownership rights (unless proven otherwise), and that rights in rem are established through validation of the transfer via a consensus mechanism.

The proposal would also ensure that a validated transfer protects the transferee from subsequent claims by the transferor’s creditors in respect of any right that was not registered in the ledger before the validation of the transfer. This proposal will not only apply in respect of transfers in ownership stemming from the sale of assets but other transfers such as gifts, wills, inheritance or division of property as well.

MiCA imposes specific requirements and restrictions on the types of partners that crypto-asset service providers can use for general banking and payment services.

Under MiCA, crypto-asset service providers are required to place clients’ funds (other than e-money tokens) with a credit institution or a central bank by the end of the business day following the day on which those funds were received. Furthermore, crypto-asset service providers are required to keep client funds in accounts separately identifiable from the provider’s own funds. These safeguarding and segregation requirements, which essentially mirror those applicable to Swedish payment institutions, constrain how crypto-asset service providers may arrange their banking partnerships.

Furthermore, crypto-asset service providers who provide payment services relating to the services they offer may do so directly or through a third party, provided that the crypto-asset service provider or the third party is authorised under Directive (EU) 2015/2366 (PSD2) ‒ for example, as a payment institution or e-money institution. Partnering with unregulated payment processors is not permitted.

Sustainability – ESG/Sustainable Finance Requirements

In November 2021, the SFSA and the Swedish Environmental Protection Agency (Naturvårdsverket) published a joint opinion proposing that mining activities should be regulated because of the environmental impacts of the inherent high energy demand of the Proof of Work mining method. This was partly a reaction to a significant increase in energy consumption for cryptocurrency mining in Sweden, likely driven by low energy prices, attractive tax regulations and a good supply of renewable energy sources. The opinion did not result in legislative action.

However, MiCA explicitly recognises the potential adverse environmental impacts of consensus mechanisms and addresses this through disclosure requirements. Issuers must include information on principal adverse climate and other environment-related adverse impacts in the White Papers to be drawn up by the offeror, issuer and/or person admitting a crypto-asset to trading on a trading platform.

Crypto-asset service providers are also required to make the ESG-related disclosures available in a prominent place on their websites, in respect of each crypto-asset available through the service provider’s scope of services.

The European Securities and Markets Authority (ESMA) is empowered to develop detailed delegated legislative acts specifying the content and form of ESG-related disclosures. Following ESMA’s proposal, the European Commission adopted a delegated regulation in December 2024 specifying the content, methodologies and presentation of sustainability indicators in crypto-asset White Papers and on the website of a crypto-asset service provider. The delegated regulation includes an annex which specifies the format and data points to be included in the sustainability disclosures.

White Papers must describe the consensus mechanism used for each particular crypto-asset (eg, Proof of Work or Proof of Stake) and include an environmental impact analysis. This analysis should be based on three main features:

  • the energy consumption of each DLT network node;
  • the location of the DLT network nodes; and
  • the devices used by each DLT network node to take part in the DLT network and to technically hold a replica of the network’s ledger.

In terms of indicators and methodologies for presenting the ESG-related information to be disclosed, those drawing up White Papers are required to calculate and disclose quantitative data on energy consumption resulting from the crypto-asset. Annual energy consumption is the key mandatory indicator because it is considered to be the most conducive to making investors aware of the impact of consensus mechanisms. For issuers with significant energy consumption levels exceeding certain thresholds, additional disclosures covering energy intensity and greenhouse gas emissions are required.

There is no applicable information in this jurisdiction.

Resolution or Insolvency Regimes

Swedish laws on resolution regimes for certain regulated financial sector entities do not apply to digital asset firms. However, in the interest of protecting investors in asset-referenced tokens, MiCA requires authorised issuers to have a reserve of assets covering the risks associated with the underlying asset and the liquidity risks associated with rights of redemption of the tokens. The reserve of assets is required to be legally and operationally segregated from the issuer’s own assets, for protection of token holders’ interests in the event of insolvency of the issuer.

The Swedish Escrow Funds Act (SFS 1944:181) enables so-called separation rights to apply to fungible property that is held in escrow by a trustee on behalf of a principal. Separation rights are rights for the principal to separate its assets from the bankruptcy estate of the trustee, therefore protecting the assets from the other creditors of the trustee.

While there is no precedent specifically applying the Escrow Funds Act to fungible cryptocurrencies, the Act has been applied analogously to other types of fungible property. There is therefore reason to believe that the same principles should apply to fungible cryptocurrencies, such as Bitcoin, Ether and other similar cryptocurrencies that are interchangeable in their function as a means of payment.

This view is also shared by the inquiry, which drafted the proposal for changes to Swedish law following the DLT Regulation (SOU 2023:102), ie, that general principles of separation rights can apply to cryptocurrencies.

Being a relatively small country, the Swedish industry for blockchain and crypto-assets is largely unified rather than separated into distinct sectors. Therefore, there is an overlap of industry organisations active within the blockchain sector and those active within the crypto-asset sector.

In addition to the organisations that have a specialised focus on blockchain and crypto-assets, the Swedish FinTech Association acts as a more broadly present industry organisation of relatively significant scale (with over 100 members) where crypto-assets is one among several industries covered by the association.

The SFSA is the competent authority for the purposes of MiCA and the DLT Regulation in Sweden. It has both a supervisory mandate and the role of processing applications for authorisation and other types of regulatory approval under MiCA and the DLT Regulation.

The SFSA has historically been cautious towards cryptocurrency and has repeatedly warned consumers against investing in cryptocurrencies. MiCA may prompt a shift in this position, as more diligent regulation brings a degree of legitimacy to firms that qualify for authorisation.

The SFSA granted its first regulatory licence under MiCA in October 2025, and, in addition, a large number of foreign crypto-asset service providers are permitted to provide services in Sweden on a cross-border basis under the passporting regime (see 3.4 Passporting).

Categorisation

As Swedish law does not include a national bespoke categorisation system for digital assets, their classification must be analysed case-by-case against general legal concepts. Historically, the focus has been on whether digital assets qualify as financial instruments, which would subject related investment services to securities and investment laws and regulations, most notably Directive 2014/65/EU (MiFID II) and the Prospectus Regulation.

In March 2025, ESMA published guidelines on the conditions and criteria for qualifying crypto-assets as financial instruments. The guidelines stipulate that classification should be carried out in line with the principle of technological neutrality and should take a substance over form approach. When assessing whether tokenised securities qualify as financial instruments under the Swedish Securities Market Act, the characteristics distinguishing crypto-assets from traditional securities and traditional capital markets should also be considered. For example, the fact that a crypto-asset is traded on online trading platforms may indicate that the assets are freely transferable but does not necessarily mean that the assets meet the condition of being negotiable on the capital markets.

MiCA has introduced a new regime for categorisation of digital assets which distinctly regulates three classes of crypto-assets:

  • asset-referenced tokens;
  • e-money tokens; and
  • utility tokens.

An e-money token is a crypto-asset that seeks to maintain a stable value by referencing one official currency. An asset-referenced token aims to maintain a stable value by referencing another value or right (or a combination thereof), including one or more official currencies. Both can be considered “stablecoins” (see also 6.2 Stablecoins).

Utility tokens are defined in MiCA as a type of crypto-asset that is only intended to provide access to a good or a service supplied by its issuer.

Regulated Activities

MiCA regulates various activities involving crypto-assets. There is fundamental divide between how MiCA regulates issuing of crypto-assets on the one hand, and providing services relating to crypto-assets on the other hand.

Under MiCA, issuers are required to publish a white paper before making a public offering of crypto-asset tokens or seeking their admission to trading on a trading platform (see 2.4 Token Issuance).

Separately from the regime applicable to issuers, MiCA governs crypto-asset services including custody, operating trading platforms, exchange services (crypto-to-fiat and crypto-to-crypto), order execution, placement, reception and transmission of orders, advising, portfolio management and transfer services. These broadly correspond to investment services under MiFID II, but relate to crypto-assets rather than financial instruments.

Providing these services requires MiCA authorisation and entails various regulatory obligations, including organisational and disclosure rules, safekeeping of client funds, outsourcing requirements, conduct rules (including an obligation to act honestly, fairly and professionally in clients' best interests), and prudential requirements such as maintaining own funds.

Client Categorisation

MiCA does not establish a formal client categorisation framework of “retail” versus “professional” clients comparable to the tiered system under MiFID II. However, there are elements of investor protection embedded in MiCA whereby the sophistication of each individual client is taken into account. Specifically, in the context of providing advice or portfolio management relating to crypto-assets, MiCA stipulates a requirement for service providers to assess whether the crypto-asset services or crypto-assets are suitable for their clients. In fulfilling this requirement, firms are required to obtain from their clients or prospective clients the necessary information regarding:

  • their knowledge of, and experience in, investing, including in crypto-assets;
  • their investment objectives, including risk tolerance;
  • their financial situation, including their ability to bear losses; and
  • their basic understanding of the risks involved in purchasing crypto-assets, so as to enable crypto-asset service providers to recommend to clients or prospective clients whether or not the crypto-assets are suitable for them.

In relation to crypto-asset issuing activities, MiCA draws a more formal distinction based on investor type. In order to benefit from the exemption from authorisation requirements for issuing asset-referenced tokens, one of the criteria is that the offer is addressed solely to qualified investors and the asset-referenced tokens can only be held by such qualified investors. In this context, qualified investors are primarily institutional investors, large undertakings, and national or regional governments, central banks and international or supranational institutions.

Regulation of Legal “Wrappers” – Alternative Investment Funds

By using a legal wrapper, for example an alternative investment fund, as an indirect vehicle to give investors exposure to underlying crypto-assets without directly investing in crypto-assets themselves, the sectoral rules governing crypto-assets will, in principle, be replaced by sectoral rules governing alternative investment funds instead – in so far as it concerns the relationships with ultimate investors.

A key practical consequence is that alternative investment fund managers (AIFMs), already regulated under sectoral legislation, are not subject to authorisation by or notification to the SFSA under MiCA.

However, using a fund wrapper introduces different regulatory and practical consequences affecting both the service providers and investors. For example, in an alternative investment fund structure, depositary requirements impose liability on the depositary for losses of the fund’s assets, which can be complex when the underlying assets are crypto-assets subject to risks of DLT malfunctions or cyberattack-related misappropriation.

Regulated Firms/Funds with Exposure to Digital Assets

Regulatory capital requirements for credit institutions and large investment firms stem primarily from Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and investment firms (CRR) and are EU-based rather than Sweden-specific.

The prudential treatment of crypto-assets under the CRR prescribes specific risk weights for various categories of crypto-asset exposures. The EBA, being mandated to develop regulatory technical standards (RTS) specifying how institutions calculate own funds requirements for crypto-asset exposures, published its final draft RTS in August 2025; once adopted, these standards will provide detailed rules on calculating exposure values and aggregating positions in crypto-assets.

MiCA’s Issuing Regime

Under MiCA, token issuers are required to publish a white paper before making a public offering of crypto-asset tokens or seeking their admission to trading on a trading platform. The white paper must contain certain mandatory disclosures and be notified to the SFSA in advance. Exceptions apply where, for example, the offer (other than for asset-referenced tokens or e-money tokens) is directed at fewer than 150 persons per EU member state, the total consideration does not exceed EUR1 million over a 12-month period, or the offer is exclusively addressed to qualified investors who are the only permitted holders.

Issuers of e-money tokens or asset-referenced tokens face significantly more extensive regulation under MiCA compared to issuers of other types of crypto-assets. Subject to some exemptions, e-money token issuers must be authorised credit institutions or electronic money institutions, comply with applicable sectoral legislation, and publish a white paper notified to the SFSA.

Issuers of asset-referenced tokens need to obtain prior authorisation from a member state National Competent Authority (NCA) and publish a white paper approved by the relevant NCA. In order to obtain MiCA authorisation, asset-referenced token issuers are under an obligation to demonstrate compliance with own funds requirements, governance arrangements, disclosure requirements, conflict of interest and complaints handling mechanisms, reserve of assets obligations, custody and investment policies for reserve assets, and orderly wind-down planning.

Limited exemptions from full authorisation exist, notably where the issuer’s outstanding amount of stablecoins remains below EUR5 million or where tokens can only be held by qualified investors. Even where these exemptions apply, the issuer is still required to prepare a crypto-asset white paper setting out the key characteristics and risks of the tokens and to notify the competent authority of the white paper before its publication.

Financial Instruments and Prospectus Obligations

If tokens are considered to be transferable securities, they may be subject to the existing Prospectus Regulation and Swedish law and regulations that implement the European prospectus regime. If transferable securities are offered to the public or are being listed on a regulated market, a prospectus must be prepared unless an exemption is applicable. It has traditionally been customary as part of the initial coin offering (ICO) process to publish a white paper, usually describing the project and related topics in brief. Historically, the content of these white papers has not, in general, met the Swedish prospectus requirements.

Criminal and Civil Fraud and Enforcement

Swedish criminal law takes a broad approach to offences such as fraud, embezzlement and money laundering, and applies equally regardless of whether the offence involves traditional money or virtual currencies. For instance, fraud and embezzlement do not require any actual transfer of money. What matters is whether the perpetrator gained a profit or advantage at the expense of the victim ‒ which can be the case even where the relevant property is a virtual currency. Similarly, money laundering covers any action aimed at concealing the criminal origin of money or other property, including virtual currencies. Since virtual currencies are recognised as property under Swedish law, the criminal provisions apply to them in the same way as to traditional forms of money.

Since 31 May 2021, Sweden has had legislation in place implementing the EU Directive on combating fraud and counterfeiting of non-cash means of payment. Under this framework, the fraudulent use of non-cash means of payment is a criminal offence. The definition of non-cash means of payment is broad and includes instruments that enable transfers of virtual currency. In this context, a virtual currency is understood as a digital representation of value that is not issued or guaranteed by a central bank or public authority, is not necessarily linked to a legally established currency and does not have the legal status of currency or money, but is accepted by natural or legal persons as a means of exchange and can be transferred, stored and traded electronically.

MiCA has introduced a dedicated market abuse regime for virtual currencies, drawing on the principles already familiar from the Market Abuse Regulation applicable to financial instruments. Under MiCA, issuers of virtual currencies that are admitted to trading on an authorised trading platform are required to disclose insider information. In addition, MiCA prohibits insider dealing, market manipulation and the unlawful disclosure of inside information in relation to such virtual currencies.

In 2013, the SFSA intervened against a person providing money remittance services by receiving fiat currency from Swedish customers and using those funds to purchase Bitcoin from an exchange service provider in Iran. The customers could subsequently instruct the Iranian exchange service provider on how to settle the outstanding balance, eg, by exchanging the balance in Bitcoin into local currency. In essence, this enabled the customers to transfer money from Sweden to Iran by way of exchanges into and from Bitcoin. The SFSA ordered the provider to cease operations on the basis that the activities constituted licensable payment services. The decision was appealed but was upheld by the Stockholm Administrative Court in 2014.

In 2021, the SFSA initiated a thematic supervisory review of anti-money laundering compliance by two Swedish cryptocurrency exchanges. One of the investigations was concluded without any formal supervisory intervention, while the other resulted in an administrative fine of SEK2 million.

These supervisory activities occurred prior to MiCA, at a time when activities relating to crypto-assets were not heavily or extensively regulated. With MiCA, a change can be expected in the supervisory enforcement attitude toward regulated firms in the area of non-compliance, not only because the regulatory obligations are vastly more comprehensive and rigorous, but also because the scope and scale of activities have been significantly expanded to advisory services, portfolio management services, brokerage, and other services.

Licensing

Before MiCA, digital asset-related activities were largely outside the scope of Swedish licensing requirements, with only service providers offering services for the exchange of virtual currencies or custodian wallet services being subject to regulatory registration requirements. However, MiCA significantly expanded the scope of licensable activities relating to digital assets, imposing authorisation requirements for issuers of asset-referenced tokens and for crypto-asset service providers (eg, trading, exchanging, transferring or advising in relation to crypto-assets).

As a temporary transitional measure, existing providers of crypto-asset services who became subject to regulatory authorisation requirements under MiCA were afforded a limited time period to continue their operations before obtaining MiCA authorisation. MiCA affords individual EU member states a degree of flexibility in determining the duration of the transitional relief period and Sweden elected to permit service providers who were lawfully operational before 30 December 2024 to continue their operations until 30 September 2025. As this time has now expired, the full scope of authorisation requirements set out in MiCA now applies in Sweden.

Territorial Scope

As a general principle, Swedish financial regulatory licensing requirements only apply to activities that are deemed to be conducted in Sweden, which covers both local operations and foreign operations actively targeting a Swedish audience.

By contrast, the concept of reverse solicitation can potentially enable foreign service providers (regardless of whether they are established inside or outside the EEA) to avoid Swedish licensing requirements, as services (of any kind) are not deemed to be provided in Sweden in cases of reverse solicitation. The principle of reverse solicitation essentially permits a foreign firm to provide regulated services to Swedish clients on an unlicensed basis provided there is a genuine and unsolicited request by the Swedish client for one or more particular services. Whenever a firm intends to rely on reverse solicitation, it is essential to ensure that there has been no prior marketing of the relevant firm’s services that can be considered to have influenced a client’s request, neither in the form of broad public marketing to a Swedish audience or direct marketing to a particular client who subsequently makes a request for services or products. Furthermore, a client serviced on a reverse solicitation basis may not be offered or provided any other category of services or products than those requested, nor be subsequently offered the same service at a later point in time unless another request has been made by the client. ESMA has developed guidelines specifying how to determine whether reverse solicitation applies in the context of crypto-asset services, and the SFSA complies with these guidelines.

The formalities for obtaining a licence in Sweden as a crypto-asset service provider are set out in MiCA and corresponding EU delegated regulations. The licence application is submitted to the SFSA, and comprises various documentations such as:

  • a programme of operations setting out the types of crypto-asset services to be provided;
  • a description of governance arrangements;
  • a description of prudential safeguards;
  • information on shareholders with qualifying holdings;
  • documentation to support the suitability of members of the applicant’s management body; and
  • a business continuity plan, policies for detection and prevention of money laundering and terrorist financing, etc.

Additional documents may be required for each specific service, eg, a custody and administration policy, a description of the procedure for the segregation of client crypto-assets and funds, and an execution policy.

Under MiCA, a crypto-asset service provider is required to have in place prudential capital equal to the higher of two amounts: either a percentage of the fixed overhead costs of the preceding year, or a fixed amount depending on the nature of crypto-asset services provided (ranging from EUR50,000 to EUR150,000).

As an alternative to maintaining own funds, a crypto-asset service provider may obtain professional indemnity insurance covering the territories where the service provider operates, provided that such an insurance policy has adequate coverage and otherwise is compliant with more detailed requirements set out in MiCA.

Part of the process of becoming authorised under MiCA as an asset-referenced token issuer or as a crypto-asset service provider is the approval of significant owners as satisfying the criteria of sufficiently good repute. Significant owners are shareholders or members, whether direct or indirect, who have qualifying holdings. A qualifying holding means any direct or indirect holding in an issuer of asset-referenced tokens or in a crypto-asset service provider which represents at least 10% of the capital or of the voting rights or which makes it possible to exercise a significant influence over the management of the firm.

Before any acquisition of a qualifying holding in an authorised issuer or crypto-asset service provider, the proposed acquirer must undergo an assessment of suitability. Any change of control in relation to the firm is therefore subject to a regulatory procedure involving an assessment by the SFSA. This corresponds to the established procedure for a number of other categories of regulated entities such as banks, investment firms and payment service providers.

As with many other categories of EU financial service providers, crypto-asset service providers may leverage their home-state authorisation to provide services across the EEA under MiCA’s passporting regime.

Passporting under MiCA, although not entirely automatic, is a relatively straightforward procedure. It involves submitting a notification to the SFSA of the intention to offer services in another EEA member state, specifying information such as the types of services offered in the host jurisdiction, how the services will be provided, whether a local branch will be established or whether it is a case of an entirely remote service offering. The SFSA then communicates the notification to the host country’s supervisory authority and to ESMA.

Passporting is limited to the range of services for which the crypto-asset service provider is appropriately licensed, and does not extend to any other types of crypto-asset services nor to any services of a completely different type. There is no corresponding equivalence or recognition regime available for third-country crypto-asset service providers.

Marketing

Marketing of digital assets is governed by general marketing rules under Swedish law, including:

  • the Swedish Marketing Act (SFS 2008:486);
  • the Swedish Act on Price Information (SFS 2004:347); and
  • the Swedish Act on Contractual Terms in Consumer Relations (SFS 1994:1512).

In 2023, following a large number of complaints being filed with it, the Swedish Consumer Agency (SCA) examined how digital assets were being marketed in Sweden. Complaints have commonly concerned different kinds of fraudulent offers related to digital assets. However, marketing of fraudulent offers falls outside the authority of the SCA and is handled by other authorities such as the SFSA. The SCA’s examination is therefore only focused on the marketing of legal digital asset offerings by Swedish service providers.

In its examination, the SCA identified several areas where much of the marketing of legal digital assets failed to comply with Swedish marketing rules, most notably:

  • unfounded positive claims regarding market position (such as purporting to be Sweden’s leading crypto broker), swiftness and customer satisfaction, etc;
  • advertising implying that the service provider is under the supervision of the SFSA and consequently approved by the SFSA (when the service provider was only registered with the SFSA);
  • insufficient display of risk information, while much of the marketing examined contained risk information, the information should, according to the SCA, be more prominently displayed and should also be included in every piece of advertising;
  • concealed price information – information regarding fees should be shown in direct connection with the marketing (a customer should not need to scroll down or click on a link to access the information);
  • terms in consumer relations prescribing dispute settlement in foreign courts or in arbitration, which are generally considered unfair in relation to consumers;
  • terms that require notice of termination to be sent in writing, which are considered unfair in relation to consumers;
  • terms regarding changes in general terms, where the service provider is allowed to change the terms without proper notice and without giving the consumer the chance to terminate the agreement; and
  • unfair terms regarding limitation of liability, both in relation to the services provided and to the information on the service provider’s websites.

White labelling refers to a situation in which a regulated institution provides products or services which are distributed and offered to customers under the brand of a partner who may or may not be a regulated entity. White-label solutions can, in principle, be used by firms partnering to provide crypto-asset services, but unlike certain other financial regulatory frameworks like MiFID II and PSD2, MiCA does not provide a regulatory framework for formal agency relationships. Unlike investment firms and payment institutions (for example), a MiCA-authorised crypto-asset service provider cannot formally appoint a third-party agent to provide services on its behalf. If a third party is effectively providing crypto-asset services (including cases involving a partnership with an authorised crypto-asset service provider) this will trigger MiCA authorisation requirements.

Therefore, white-label solutions in the field of crypto-asset services need to be arranged in such a manner that any and all licensable processes and functions are performed by the appropriately authorised entity, while a third party may only have a more limited role and may not itself provide regulated services to customers.

On the token issuing side, MiCA permits third-party distribution of asset-referenced tokens provided the issuer gives written approval and the distributor complies with obligations under MiCA regarding market communications, fair and professional conduct, clear communication, equal treatment of token-holders, and the prohibition on interest-bearing tokens.

While MiCA’s application extends to services and activities performed in a partially decentralised manner, cases where crypto-asset services are provided in a fully decentralised manner, without any intermediary, should not fall within the scope of regulation.

There is very limited activity with respect to decentralised autonomous organisations in Sweden. There are no specific regulations in relation to decentralised autonomous organisations but Swedish general company law may be applicable, either by choice or because the underlying circumstances deem the decentralised autonomous organisations to constitute an unregistered partnership (enkelt bolag), for example; an unregistered partnership exists where two or more parties have agreed to operate a business together.

Due to the limited extent of decentralised finance activities falling outside the scope of MiCA, there is limited guidance from case-law and regulators on the concepts of accountability and liability in this specific context. Sweden has not introduced specific legislation governing these aspects for DeFi structures, and therefore generally applicable liability and tort principles apply.

Use of Digital Assets in Payments

Swedish law does not prohibit the use of crypto-assets as a means of payment, but does not recognise them as legal tender. Only banknotes and coins are recognised as legal tender, which households and companies must be able to use for payments.

MiCA classifies e-money tokens as electronic money, bringing them within the definition of “funds” under PSD2 and the Swedish Payment Services Act. This means that payment transactions using e-money tokens become subject to dual sets of regulatory frameworks, which is contrary to the EU legislator’s intention. In response, the EBA issued a no-action letter in June 2025 advising supervisory authorities not to enforce dual authorisation for all types of e-money token transactions, for a limited time period, in the interest of business continuity pending resolution through the forthcoming PSD3 framework.

Payment in Kind Using Bitcoin

In a judicial decision from November 2022, the District Administrative Court in Härnösand considered whether a Swedish limited liability company could be incorporated by payment for company shares in kind using Bitcoin. The Court found that payment in kind using Bitcoin could be considered to satisfy the requirements under Swedish law. However, the decision was appealed, and in December 2023 the Administrative Court of Appeal in Sundsvall repealed the decision, owing (inter alia) to uncertainty regarding rights in rem in relation to blockchain transactions and to the volatile nature of Bitcoin.

Other Government Initiatives

The Swedish Central Bank (Riksbanken) is currently assessing the possibility of establishing and backing an e-currency: the e-krona. The e-krona is envisaged as a retail CBDC, ie, a central bank digital currency that is available to the general public.

For a number of years (2020–2024), Riksbanken was running a pilot project with a third-party provider to develop a blockchain-based e-krona platform. The pilot comprised four phases of analysis, testing and evaluation, with the final results published in March 2024.

No legislative initiative has been proposed to make the e-krona a reality. Riksbanken has concluded that a digital euro would generally have a positive influence on the usefulness of an e-krona. One reason for this is that an e-krona would contribute to safeguarding the current role of the Swedish currency. Another reason is that a digital euro may reduce the cost and complexities of launching an e-krona. Thirdly, Riksbanken has expressed that a co-existing digital euro and e-krona could improve cross-border payments through interoperability.

MiCA covers stablecoins that meet the definition of asset-referenced tokens or e-money tokens, but it does not explicitly distinguish algorithmic stablecoins from others in terms of classification. The same rules apply regardless of the stabilisation mechanism.

An aspect of MiCA’s substantive regulatory requirements that may have an impact on the practical feasibility of issuing algorithmic stablecoins is that, among the requirements introduced by MiCA on issuers of asset-referenced tokens, there is an obligation to have a reserve of assets covering the risks associated with the underlying asset and the liquidity risks associated with rights of redemption of the tokens. The reserve of assets is required to be legally and operationally segregated from the issuer’s own assets.

Stablecoins were not explicitly regulated in Sweden before MiCA but are now subject to its extensive framework. Both asset-referenced tokens and e-money tokens (as defined in 2.2 Crypto-Asset Regulatory Frameworks) may be considered stablecoins.

For the definitions of e-money tokens and asset-referenced tokens, see 2.2 Crypto-Asset Regulatory Frameworks.

E-money tokens are legally classified as funds within the pre-existing payments regulatory framework, similar to e-money. This dual nature – falling within both MiCA and the payments framework – has caused regulatory friction, addressed by the EBA’s no-action letter in June 2025 (see 6.1 Fiat Currency and Algorithmic Stablecoins).

Asset-referenced tokens are regulated as a distinct category of financial assets. They do not fall under the payment services regulatory framework but are instead subject to a bespoke regime established under MiCA. This bespoke regime is characterised by fundamentally different priorities, concerns and interests than the payment services regime. For example, MiCA imposes transaction caps for asset-referenced tokens which, if exceeded, require the issuer to refrain from issuing additional tokens and submitting a plan to the competent authority for how to reduce the transactional volumes below the maximum threshold. These transaction caps are intended to function as a safeguard to prevent asset-referenced tokens from becoming a widespread substitute for official currencies within a currency area, which could threaten monetary sovereignty and financial stability.

Funds received in exchange for e-money tokens must be safeguarded by depositing at least 30% in separate accounts with credit institutions, with any remainder invested in secure, low-risk, highly liquid financial instruments with minimal market, credit and concentration risk.

Issuers of asset-referenced tokens are required to maintain a reserve of assets that is legally segregated from their own assets that is sufficient to cover the risks associated with the referenced assets, as well as the liquidity risks arising from token holder redemption rights. Any invested portion of the reserve may only be placed in highly liquid financial instruments with minimal market, credit and concentration risk.

MiCA adopts a categorical ban on yield-bearing stablecoins. Issuers of asset-referenced tokens or e-money tokens may not grant interest or any other benefit related to the length of time during which a holder holds such tokens.

Significant asset-referenced tokens and e-money tokens are subject to enhanced regulatory oversight under MiCA. The EBA designates these tokens as significant based on specific criteria, such as the number of holders, market impact as well as the transaction volume. Issuers of significant tokens are also subject to direct supervision by the EBA.

Issuers of significant tokens must comply with stricter obligations, including adopting sound risk management policies, implementing liquidity management policies, ensuring diverse custody options, and conducting regular stress testing. These stricter obligations include a requirement that at least 60% of fiat funds corresponding to issued tokens be held as deposits with credit institutions. 

Tokenisation involves expressing ownership rights and other rights attached to an asset as programmable code, a so-called smart contract, on a distributed ledger or blockchain.

One method of tokenisation involves tokens being issued directly on the blockchain, and having all records related to tokens and their issuance, redemption, disposal and transfer be recorded solely on the blockchain. Another method is a digital twin model, where tokens do not alone represent the legal existence of the right, and are instead a digital proof of ownership in addition to the underlying original manifestation of ownership (eg, in a traditional register).

As Sweden has not enacted any specific legislation governing tokenisation, the general rule is that tokenisation may give assets a new technical form but typically not change the characteristics of the underlying assets. For example, tokenised bank deposits are legally and economically identical to money in bank accounts, and therefore represent a claim on the bank.

For some types of assets, this means that tokenisation has limited use. For example, for property that is subject to specific legislation requiring ownership transfers to be manifested in particular manners (eg, for sale of real property where there is a written form requirement), a digital transfer of a tokenised reflection of the property will not actually transfer title to the underlying asset.

However, for other types of assets, the absence of express recognition or accommodating legislation is less of a practical hindrance, and for those cases tokenisation can have real benefits. One example is tokenised fund units, which can enable faster and more efficient subscription and redemption processes, open up for fractional ownership, and provide near real-time transparency through tamper-proof traceable transactions and portfolio transparency on the blockchain.

Due to the stagnation in Sweden’s legislative adjustments to the DLT Regulation, and the absence of follow-up on the legislative proposal published in 2023, it is uncertain what lies ahead for tokenisation in the Swedish market.

Gernandt & Danielsson

Hamngatan 2
Box 5747
114 87 Stockholm
Sweden

+46 8 670 66 00

info@gda.se www.gda.se
Author Business Card

Law and Practice in Sweden

Authors

Niclas Rockborn
Rikard Sundstedt
Robin Entenza

Gernandt & Danielsson has established a reputation as one of the leading Swedish fintech law firms, particularly in payments, cryptocurrency/blockchain and other innovations in digital finance. Its financial services team brings together 12 legal professionals with diverse backgrounds in corporate law and securities, banking and finance, regulatory compliance, data privacy and cybersecurity and several other key areas. The firm services the full spectrum of fintech legal needs (excluding tax), covering payments and e-money, anti-money laundering, licensing of new fintech firms, data protection, cryptocurrency (and other blockchain and distributed ledger technology matters), cybersecurity and intellectual property rights for the protection of unique fintech concepts. It advises a diverse roster of emerging and incumbent clients, including market-leading Swedish cryptocurrency exchange service providers, multinational fintech companies (eg, offering cryptocurrency trading and transfer services), leading global cryptocurrency exchanges and major Swedish banking institutions.