Blockchain Part 2: Regulatory Challenges and Implications
Author: Tahrimah Faruque
In part 1 of this series, I explored how blockchain works and the opportunities that it unlocks. As with most disruptive tech, regulation is playing catch-up. The “unknowns” in the legal space could slow down adoption unless governments and industry figure out workable solutions. Here’s a simple breakdown of the main challenges and how progress is being made.
Which legal jurisdiction has authority over the blockchain?
Blockchain is decentralised (without a single, unilateral controller) and borderless, so whilst transactions cut across countries, the law doesn’t. Traditionally, legal authority depends on geography - where the parties are or where the deal happened. With blockchain, location is not obvious, raising the question: whose law applies?
Work-arounds:
Choice-of-law clauses: incorporated into cross-border transaction contracts, these clauses aim to avoid ambiguities by specifying which legal jurisdiction would apply if there were a dispute. The challenge in doing so is that different legal systems may interpret and enforce such clauses differently. This is where lawyers play an essential role.
Alternative dispute resolution (ADR): where transactions on the blockchain are becoming increasingly complex and multi-dimensional, utilising this workaround may become more challenging too. Regulation therefore becomes even more critical.
Regulatory Progress:
EU regulatory framework: The EU has taken the clearest steps toward resolving jurisdictional uncertainty by introducing harmonised rules through MiCA and the DLT Pilot Regime, creating consistent definitions, licensing standards, and supervisory structures across all Member States. This uniformity makes it far easier to determine which courts have authority and which law applies in blockchain disputes, effectively re-anchoring a borderless technology within a predictable legal framework.
United States: by contrast, has no federal, unified blockchain regime. Instead, it relies on a patchwork of state laws (see Wyoming and Delaware blockchain statutes, for example) and fragmented oversight from agencies like the SEC, CFTC, and FinCEN. As a result, jurisdiction and choice of law in US blockchain disputes are far less predictable and vary heavily by state; the opposite of the EU’s harmonised approach.
Intellectual property: who owns what?
Normally, IP rights sit with one entity. On blockchain, decentralised autonomous organisations (DAOs) can own them instead — self-executed by smart-contracts without human intervention. With multiple stakeholders involved in DAOs, it’s unclear who controls the rights or can license them. And since IP law assumes centralised, identifiable ownership, disputes quickly raise jurisdiction headaches. New legal frameworks are needed for DAO-held IP.
Examples of Technical and Legal Frameworks
Ethereum Name Service (ENS): this allows users to register domain names as NFTs and manage them through DAOs. Put simply, ENS has built a framework which outlines NFT and DAO holders rights and responsibilities, and provides dispute resolution mechanisms in relation to ownership and control of these NFTs held by DAOs.
EU: The EU Intellectual Property Office has made DesignView and TMView. These are flagship, blockchain-based search services for, respectively, trade marks and designs.
USA: Wyoming offers one of the first real solutions by passing an Act that allows DAOs to register as Limited Liability Companies (LLCs). This gives them a legal personality, defined ownership rights, the ability to hold and license IP, and a governing law for disputes.
However, where blockchain transactions are anonymous or pseudonymised, identifying infringers and enforcing IP rights is challenging in itself, as acknowledged by the World Intellectual Property Organisation.
Blockchain as legal evidence: can courts accept it?
Blockchain promises tamper-proof records, but courts still lack standards and precedents on whether they can be admitted as legal evidence. This reversal — code driving law, instead of law shaping code properties — challenges judges’ determination of authenticity and reliability. This potentially delays the legal process and adds to legal disputes.
Case-studies – Everledger and the Silk Road darknet:
The case of Everledger, a blockchain-based platform: Everledger creates authenticity digital certificates for diamonds and provided blockchain-based evidence to the UK High Court in 2018 in a dispute over a $1.6million diamond. The party that could prove ownership of the diamond via blockchain record was ruled in favour of.
Criminal case against the founder of the Silk Road darknet marketplace: the public ledger of the Bitcoin transactions used to purchase illegal goods on the Silk Road were presented to the court by the prosecution successfully to sentence Ross Ulbricht to life in prison in 2015. A combination of other evidence was used to supplement this though. Interestingly, President Trump has recently fully and unconditionally pardoned Ulbritcht of all charges; a testament to the US push for innovators.
Smart Contracts: Enforceable?
To be legally binding, a contract must meet certain requirements such as offer, acceptance, consideration, and intention to create legal relations. Since the terms of a contract are defined in the code with smart contracts, the contract is executed automatically when these conditions are met. Therefore, traditional legal concepts such as offer and acceptance are, in some legal opinions, no longer relevant in smart contracts.
Emerging Recognition
UK: The LawTech Delivery Panel in the UK published a Legal Statement on the Status of Cryptoassets and Smart Contracts. This provides guidance on how smart contracts can be used within the existing legal framework, and their overall position.
Singapore: The Electronic Transactions Act was first enacted in Singapore in 1998 and amended to recognise smart contracts as legally binding in 2019.
Switzerland: Smart contracts are legally recognised as enforceable under the Swiss legal framework introduced by the Federal Council in 2019. Subsequent parliamentary developments in 2020 adjusted several federal laws to address this legal framework for distributed ledger tech and smart contracts (Federal Act on the Adaptation of Federal Law to Developments in Distributed Ledger Technology).
US: the Uniform Electronic Transactions Act (UETA) and E-SIGN Act hold that a contract cannot be denied legal effect because it is electronic.
Abu Dhabi: In 2021, The Abu Dhabi Global Market (ADGM), a financial free zone in the United Arab Emirates (UAE), enacted the Electronic Transactions Regulations. This established a legal framework to recognise and enforce electric records contracts.
Preventing Illicit Activities
The Financial Action Task Force (FATF) is a global intergovernmental organisation that sets Anti-Money Laundering standards. Due to a lack of regulation and the anonymity of blockchain users, FATF has identified virtual assets such as cryptocurrencies to be at a high risk of money laundering, terrorist financing and illegality. Blockchain is ideal for criminals to move funds without detection. Counties have been recommended to implement regulations for virtual asset service providers on blockchain-based platforms to ensure AML/Know-Your-Consumer compliance.
The Response:
EU: a Directive requiring compliance (European Union’s Fifth Anti-Money Laundering Directive (5AMLD).
US: Financial Crimes Enforcement Network (FinCEN) has issued guidance on compliance.
Consumer Protection
The lack of an intermediary for blockchain-based transactions creates opportunities for fraudulence. The following are some examples of this at play:
Hacking: In 2019, Binance (a cryptocurrency exchange) underwent a hack via a vulnerability in its security measure, costing them over $49million in Bitcoin.
Ponzi schemes: On a more regular basis, Ponzi schemes often compromise consumer safety. This is where investors are promised high returns which are paid from subsequent investors payments rather than actual profits. The 2008 Madoff investment scandal was a massive Ponzi scheme, that defrauded thousands of investors of an estimated $65 billion, making it the largest financial fraud in history. The lack of centralised governance on the blockchain makes detecting and dismantling this challenging.
Sale of illegal goods or services: the anonymity of blockchain-based transactions again make weapons, drugs, and counterfeit goods tradable on the platform. The earlier mentioned Silk Road marketplace was an example.
Scams and phishing: blockchain technology can be used to generate fake tokens or ICOs to trick investors into investing in fake projects. The PlexCoin ICO fraud was a high-profile case of this.
Regulatory and Industry Progress:
EU’s GDPR: enables individuals to remove their personal data from the blockchain.
US Securities and Exchange Commission (SEC): legally requires companies to register initial coin offerings (ICOs) and takes actions against those who don’t.
Companies: developing blockchain-based identity verification systems to mitigate identity theft and fraud. Reputation systems to track and verify the history of organisations and users have also been developed to help prevent scams and fraudulence.
Governance
Governing the blockchain is essential to enable stakeholders to operate systems and networks. Governance is challenged by the ‘blockchain paradox’: how do you govern a system designed to avoid central control? Too little oversight risks fraud; too much undermines decentralisation.
For example, large entities could monopolise mining power in proof-of-work blockchain where miners compete to solve complex algorithms to validate transactions and gain rewards. Concentrating power in one place leaves the network open to attacks.
Active Solutions:
Bitcoin: implemented a ‘difficulty adjustment’ mechanism to regulate the algorithms difficulty based upon the total mining power on the network. Decentralisation can therefore be maintained since it is more difficult for larger entities to control the majority mining power.
Ethereum (second-largest blockchain network): also used to use proof-of-work mechanisms like Bitcoin. Instead, they now use a proof-of-stake mechanism which gives validators a limited amount of tokens to validate transactions and earn rewards. They also use ‘slashing’ to penalise malicious validators acting outside of the network’s rules. Thus, integrity of the network is aimed for and decentralisation is supposedly maintained.
Conclusion – looking forward:
AI is increasingly proliferating systems and its integration into the blockchain could create new decentralised applications and autonomous agents. However, the transparency and accountability of these systems remains a concern. This raises big questions:
If lawyers can utilise these systems to escape negligence concerns in relation to transactions, who remains responsible for the actions of the AI agent on the network?
Where errors are made by an AI agent, how can these be corrected since blockchain-based systems are immutable or unchangeable?
Additionally, since AI Agents require big data to train and decision-make, how can blockchain’s transparency remain without compromising privacy?
The answers aren’t here yet — but they’ll define the next decade of blockchain regulation and a trainee lawyer may be confronted with such issues.
