4. Case 3. Blockchain and smart contracts: regulatory challenges and regulatory approaches

Miguel Amaral

“The term smart contract is itself imperfect. A smart contract is neither smart, nor is it necessarily a contract” (Chamber of Digital Commerce, 2018[1])  

In recent years, the opportunities and challenges brought by distributed ledger technologies (DLTs) have drawn much attention from media, business, and governments. While this technology is still at his infancy, both in terms of development and adoption, it could come to significantly transform industries and markets. These disruptive changes raise a number of significant challenges for governments, who strive to find a balance between fostering this innovation while protecting consumers against its potential unintended consequences.

DLTs offer new ways of sharing data and organizing transactions without relying on trusted, central authorities such as banks or governments. Any public or private intermediation that would record and validate the transactions is not necessary. Instead, the third party validation is substituted by a distributed consensus on the new piece of information added to the ledger. To a certain extent, trust is replaced by parties’ awareness that each party is bound by the same technological architecture and is accordingly subject to the same procedures and sanctions that the technology defines.

DLT have first emerged as the technology behind crypto-currencies (e.g. Bitcoin) but they now have wider applications such as smart contracts, which offers original ways to develop transactions across a wide range of sectors.

The International Organization of Securities Commission defines DLT as “a consensus of replicated, shared, and synchronized digital data geographically spread across multiple sites, countries, and/or institutions. DLT are technologies used to implement distributed ledgers(IOSCO, 2017[2]). While DLTs have a number of variable features, the most important characteristics are the following:

  • Distributed: “each node of the blockchain independently constructs its own record of transactions, meaning that there are, at all times, copies of the same ledger being maintained by each node in the network(Berryhill, Bourgery and Hanson, 2018[3])

  • Immutable: “through its use of cryptography, once a transaction is added to a blockchain, it generally cannot be undone. As such, all users can have confidence that, unlike in a centralised database, the record has not been altered, whether through error or misfeasance (Berryhill, Bourgery and Hanson, 2018[3]);

  • Agreed by consensus: “no block can be added to the ledger without approval from specified nodes in the network. Rules regarding how this consent is collected are called consensus mechanisms(Berryhill, Bourgery and Hanson, 2018[3]).

The term “smart contract” was first introduced by Nick Szabo in 1994 who defines it as “a set of promises, specified in digital form, including protocols within which the parties perform on these promises(Szabo, 1994[4]). Four main properties can be derived from this definition:

  • A set of promises”: smart contracts consist of contractual terms and/or rules-based operations designed to carry out an economic activity;

  • “Specified in digital form”: smart contracts are concluded and enforced digitally, and consist of lines of code within software that execute predetermined rules when a condition occurs;

  • Protocols”: the set of code-based rules and the data are processed by an algorithm (or a combination of algorithms);

  • Within which the parties perform”: the execution of the contract is immutable.

(Szabo, 1997[5]) further specified that a smart contract is a “computerised transaction protocol that executes the terms of a contract. The general objectives are to satisfy common contractual conditions (such as payment terms, liens, confidentiality, and even enforcement), minimize exceptions both malicious and accidental, and minimize the need for trusted intermediaries. Related economic goals include lowering fraud loss, arbitrations and enforcement costs, and other transaction costs.” In other words, smart contracts deployed on a blockchain are a set of predefined terms agreed by contracting parties and executed by the DLT itself when a predefined contingency occurs. As such, they are not a contract in the strict legal sense but rather self-executing and self-enforcing code-based rules. The contractual terms are embodied in software code and the DLT implements the entire agreement between the transacting parties. The execution of the contract results automatically from the occurrence of a set of preconditions. This is achieved through the combination of two technologies: electronic contracting and cryptography.

The creation of blockchain platforms such as Ethereum has triggered the development of smart contracts in a wide number of sectors. Potential applications are countless and span across many sectors and activities where information needs to be communicated and stored: from to energy, telecoms, sharing economy or health care; from retail to wholesale markets; from SMEs to large multinationals and public administration. Smart contracts can also take a various forms, ranging from simple escrow schemes to complex joint ventures.

Although smart contracts hold the potential to create substantial disruption in the way contracts are concluded and executed, it should be noted that some of the challenges raised by this new technology are not out of the ordinary. As underlined by (Werbach and Cornell, 2017[6]), “contractual agreements embodied in software code, and even their automatic performance, are nothing new. For several decades, larger corporations have used electronic data interchange formats to communicate digitally across supply chains. The internet brought electronic commerce (e-commerce) to ordinary consumers, who accede to a digital contract every time they begin a relationship with an online service provider by clicking a button”. Smart contracts with automated transactions have also existed for a very long time outside the new opportunities provided by DLT-based platforms (a canonical example is the vending machine involving automated payment). Yet, powered by DLTs, smart contracts holds the potential to create disruption along four main avenues:

  • Strong reduction of the need for (central) third-parties;

  • Emergence of new or transformed forms of collaboration;

  • Creation of new enforcement protocols. An essential difference between smart contracts and any other form of contractual arrangement is that the DLT automatically performs the contract once the predefined contingency occurs;

  • Diminution of the role of informal co-ordination mechanisms such as trust or reputation.

The key transformative impacts of smart contracts should be properly understood in order to help governments navigate the regulatory challenges and target appropriate regulatory responses. The nature of these impacts can be broken down into four broad categories: decentralisation, transaction costs, competition and data protection.

The seminal idea behind the development of blockchain was to create a decentralised electronic transaction system, in which economic agents would exchange without the intermediation of central and trusted intermediaries. While most blockchain-enabled smart contracts are not fully decentralised today, the emergence of distributed architectures challenges the traditional dynamics and structure of transactions.

The decentralised architecture underlying DLTs has two main consequences from a trust perspective. On the one hand, economics agents know that the ledger is replicated across many different nodes of the blockchain and that, if one of the nodes fails to perform, all the other nodes with copies of the ledger will have the relevant information to enforce the contract. To a certain extent, trust on the execution of the contract terms is transferred into the hands of the software code behind smart contracts. Secondly, the decentralised architecture also means that there is no need to rely on a trustworthy centralised authority to enforce the contract. The code will “simply” execute what it has been instructed to do.

The development of decentralised transactions between individually trusted parties through smart contracts is exacerbating the rise of private governance, which relies on code to execute contractual terms and address traditional enforcement issues. Smart contracts might help create new economic transactions responding to the willingness of consumers to preserve their autonomy and anonymity without a centralised third-party.

Some argue that blockchain-based contracts might be an example of institutional evolution (Davidson, De Filippi and Potts, 2018[7]) as they hold the potential to be a substitute for the economic co-ordination provided by markets, hierarchies, informal co-ordination and governments (provided that relevant regulatory governance of smart contracts are implemented). A key challenge for governments is that smart contracts allow economic agents to shift away from traditional liability regimes, making difficult for to enforce existing regulatory frameworks

In addition, it is worth noting that the decentralised architecture holds also the potential to facilitate market access to small players, in particular in situations where they would usually need to rely on centralised or intermediating trust party to conclude and enforce the contract.

Since the seminal (and pivotal) paper by (Coase, 1937[8]) on the “Nature of the firm” and the follow-up works by (Williamson, 1975[9]) and (Williamson, 1985[10]), a vast body of literature has been developed on the effects of contracting costs associated with each transaction. These so-called “transaction costs”, which occur both ex ante (e.g. information costs, bargaining and haggling costs, cost of drafting the contract, costs of protecting the property rights, costs of anticipating and developing mitigation strategies for potential contractual breaches) and ex post (e.g. monitoring and enforcement costs), are a key driver of the governance structures’ effectiveness.

One of the main issue addressed by transaction costs economics relates to the enforcement problems once the contractual agreement has been concluded by the parties. In situations where the continuity of the exchange relation is of special importance, parties usually face a risk of ex post opportunistic behaviour (e.g. renegotiation). Parties might indeed engage in ex post contractual strategies to exploit the opportunities offered by contractual incompleteness (and most contracts are likely to be incomplete when a complex transaction is involved). This so called ‘hold-up problem’ could impel economic agents to invest in contractual design (e.g. completing the contract with safeguards) and monitoring activities to protect the value generated by the transaction, but this may generate substantial transaction costs. Parties could also rely on an ex post intervention of a third-party enforcer (e.g. court) but legal enforcement can be costly, cumbersome and prone to error (this is notably the case when contract law regimes are weak and/or when some actions or contingencies are not verifiable by third parties such as courts). These co-ordination problems and the associated transaction costs may result in suboptimal outcomes as regard investments. In some cases, parties may even be discouraged from contracting in order to avoid transaction costs.

In this context, the self-executing and self-enforcing properties of smart contract might offer great opportunities to reduce these co-ordination costs. They should, in principle, raise fewer information asymmetries such as adverse selection and moral hazard. Beyond a potential reduction of information costs, the self-executing features of smart contracts should prevent any deviation from the contractual terms that parties have agreed upon ex ante and, as such, avoid ex post opportunistic renegotiation (and, in turn, the risk of hold up). This reduction in counter-party risks, coupled with the fact that smart contracts may also reduce ambiguities which could lie in legal contracts, may sharply reduce contractual hazards and enforcement costs. As pointed out by (Werbach and Cornell, 2017[6]), “cost savings occur at every stage, from negotiation to enforcement, especially in replacing judicial enforcement with automated mechanisms.

Smart contract-facilitated transactions might also significantly reduce the role of informal co-ordination mechanisms such as trust or reputation, since they have the potential of generating ‘no-party’ trust. One important feature of blockchain-enabled smart contracts is that the identity (and therefore the quality or the reputation) of the economic agents does not matter much. Transactions can remain anonymous to a large extent, through using cryptographic authentication for example. By contrast, engaging in a transaction without any hint on the identity of the contractual partner could be quite unlikely to occur in ‘traditional’ contracts.

In that sense, some argue that blockchain-based smart contracts are complete arrangements, which fully suffice to co-ordinate economic agents, without the need of any institution of informal co-ordination mechanism. While there is certainly room for cautionary arguments regarding the detailed effects of smart contracts on contractual costs, they undoubtedly enable the creation of new exchange relationships (at least for simple transactions that do not require adaptation during the execution of the contract), the development of outsourcing opportunities as well as the emergence of new and transformed business models.

The development of smart contracts bears important consequences in terms of competition dynamics. On the one hand, smart contracts bring the potential to increase competition within the market (OECD, 2018[11]). They may indeed offer small players an efficient and trusted mechanism to reach out consumers and hence reduce barriers due to existing economies of scale in data-driven markets. As highlighted above, smart contract may also strongly reduce hold-up concerns during the execution of the contract and facilitate outsourcing strategies due to the reduction in transaction costs. They provide therefore avenues for small firms to scale up which, in turn, should contribute to the development of more competitive markets.

Smart contracts may however create avenues for anticompetitive strategies and, in particular, collusive practices: beyond the fact smart contracts do not allow any change in the terms of a collusive arrangement without the agreement of the other parties, they enable participants to closely monitor the prices operated by the colluders and therefore facilitate the detection of deviant strategies. As noted by (Schrepel, 2019[12]), “smart contracts make it easier for parties to keep their word” and, as such, they might help sustain a collusive agreement.

The consequence of the rapid development of DLT-based smart contracts on data protection is still a puzzle, which raises a number of challenges for governments and businesses. DLTs offer indeed a major differentiation to traditional forms of data storage and management. The decentralised architecture, coupled with the absence of central third parties, creates strong differences from the highly centralised processes by which large platforms collect and control massive amounts of personal data.

On the one hand, smart contracts may trigger innovative forms of economic transactions that are more protective of privacy (Finck, 2019[13]). Engaging in smart contracts might indeed allow economic agents to share the data that is strictly necessary to the transaction, which stands in sharp contrast the current data economy where the pervasive collection of data, combined with the spread of algorithms, carries critical challenges in terms of data privacy.

On the other hand, the right to be forgotten (i.e. rights of data correction and data erasure) presents a conflict with the immutability properties of blockchain-based smart contracts. While the ledger’s immutability is one on the most heralded features of DLTs, some argue that this concept should not be overstated as the data can still be manipulated through human intervention in some specific, yet extraordinary, circumstances (Conte de Leon et al., 2017[14]). Such efforts would however be extremely burdensome and expensive (erasure of data would require both a backward deconstruction of the blockchain and a reconstruction of the system from the point of the deleted data forward). An interesting response to this problem could be to keep personal data off-chain on content-addressable storage systems (Zyskind, Nathan and Pentland, 2015[15]). The solutions combining blockchain and off-chain storages may however require the reintroduction of an intermediated trusted third party, which could (at least partly) defeat the initial rationale behind the use of DLTs.

While DLT-based smart contracts are still a recent technology with relatively rare applications, the rapid pace of change creates a potential disconnect with regulatory frameworks. As for other emerging technologies, they tend to develop faster than the regulation or social structures governing them (Marchant, Allenby and Herkert, 2011[16]).

The disconnect between the pace of technology and the pace of regulation has always been a concern. There is a growing consensus, though, that the current manifestation of the pacing problem is particularly challenging for DLTs and smart contracts. One reason why governments struggle to keep up with this rapidly growing technology lies in their intrinsic complexity. Even if governments have the technical knowledge, smart contracts create countless avenues for new transaction structures and business models that could be difficult to understand, monitor and, where appropriate, regulate.

The blockchain technology supporting smart contracts is, by definition, a borderless technology. The fact that DLTs are not rooted in a specific location creates strong concerns in terms of jurisdiction and applicable law. For smart contracts in particular, the territoriality issues are doubled: the different parties involved (contractual parties, developers of the code, minors, validators, etc.) may indeed be subject to different regulatory regimes in their respective countries and, in most cases, there is no third party or authority ultimately responsible.

Beyond the potential for regulatory arbitrage, territorially issues increase the enforcement and liability concerns for governments and businesses (one third of the respondents to a survey developed by Deloitte in 2019 cited smart contracts enforceability as a matter of regulatory concern (Deloitte, 2019[17])).

As well as the possibility of one party breaching the contractual agreement, there are chances that the contract itself may be flawed, either due to coding errors or design errors, leading to unexpected or unintended consequences. Besides, the claim that smart contracts and their associated programming language resolves all sources of ambiguity is partially misleading (Grimmelmann, 2021[18]). The code (that can be unobservable by the contractual parties) may also embed ambiguities that entail transaction failures and potential damage for transacting parties. As in most cases there is no third party ultimately responsible for the system and the information it conveys, who should be liable when a smart contract fails to perform due to coding or design problems? In case the smart contract is audited and certified, should the auditor be liable? These problems make it difficult to perform basic legal and regulatory functions, such as ascertain liability, determine what piece of regulation is applicable in a particular situation, carry out regulatory monitoring or enforce rules.

Recent initiatives taken by governments further highlight the paradox raised by smart contracts as regard enforcement. The conception whereby smart contracts are complete contractual arrangements (i.e. which fully suffice to co-ordinate economic agents) ultimately means that there is no need to rely on the law to enforce contractual terms. As such, the exercise of contractual interpretation becomes irrelevant. Yet, recent guidance adopted in the UK or in the Netherlands indicate that existing regulations may apply to smart contracts, implying that the general interpretation rules is still applicable. One of the key interpretation principle in the Netherlands is given by the so-called Haviltex standard. According to this principle, it is not only the text of the contract (i.e. the code) that is decisive, but also external parameters such as parties’ original intentions. As a consequence, the meaning that contractual parties might have attached to the provision in reasonable circumstances would matter in interpreting a smart contract. A similar principle prevail in the UK: in 2009, a House of Lords decision1 highlighted the importance of ensuring that the contract wording is consistent with the parties' intentions. Accordingly, and as indicated by the (UK Jurisdiction Taskforce, 2019[19]), “when interpreting a contract, a judge strives to identify the intention of the parties by reference to what a reasonable person having all the background knowledge which would have been available to the parties would have understood them to be using the language in the contract to mean”. Such guidance raise however a fundamental question to policymakers: how could these interpretation principles combine with the idea that smart contracts take the form of complete arrangements that fully suffice to coordinate contractual parties? Some initial ideas have been put forward (see below) but the question remains puzzling for governments and, to the knowledge of the author, no formal statement or regulatory decision has yet been taken.

Given that DLT-based contracts are cross-sectorial and involve different technologies, existing regulatory landscapes could be unclear, redundant or overlapping. The underlying reason is that the traditional regulatory frameworks are often designed on an issue-by-issue, sector-by-sector, technology-by-technology basis and, as such, they may not fit well with smart contracts’ properties. It entails a number of negative consequences, including:

  • Uncertainties that may undermine the incentives to enter new markets;

  • Poor risk management.

Beyond blurring market and sectors definition, one of the main consequence resulting from the development of smart contracts is a shift from traditional regulation (e.g. property law) towards private governance schemes. The rise of decentralised transactions delegated to code without a public authority creates unprecedented challenges to the traditional regulatory framework.

The dis-intermediation and autonomous organisation features of DLT-based smart contracts are such that the law, most often, is perceived as a non-active element of the transactions. In this context, attributing liability, and certifying transactions, combined with the need to reconcile these technologies with data protection issues create critical regulatory challenges for governments (OECD, 2021[20]).

While smart contracts do allow transactions to happen, they can be seen, in fact, as a ‘simple’ code-based set of specific instructions with automated decision-making. In this sense, and despite their denomination, smart contracts differ in essence from traditional legally binding contracts. Recent technological advances in DLTs have led to conjectures that smart contracts might largely, or entirely, replace the whole legal system. While there are robust reasons to be sceptical about this perspective (Werbach and Cornell, 2017[6]), smart contracts have certainly the potential to create “alternative” ecosystems alongside existing legal systems. In some cases, smart contracts may even be implemented into regulatory vacuum, which could led to possibilities of illicit activities (such as money laundering).

In addition, while DLT-based smart contracts may create a trust-enhancing environment, it does not ensure that the information is accurate. Governments may need to develop a legal system recognising smart contracts as tamper-proof and immutable guarantees of the veracity of data stored on the blockchain. To the knowledge of the author, such initiatives have not been launched to date.

Smart contracts also generate a tension between the very nature of blockchain technologies and the overall structure of data protection law (OECD, 2021[20]). Some argue that, in terms of data protection, the principles underlying DLTs and the General Data Protection Regulation (GDPR) are raising incompatibly problems at a conceptual level. The data protection mechanisms developed for centralised structures contrast indeed with blockchain core’s elements such as decentralisation, immutability, and perpetual data storage. (Finck, 2019[13]) argues that “the tension between the GDPR and these novel decentralised databases indeed reveals a clash between two normative objectives of supranational law: fundamental rights protection on the one hand, and the promotion of innovation on the other”.

This problem is leading, at least in the EU, to a reflection on how to ensure that smart contracts comply with the data protection regulation. Two important points of tension have been identified so far in recent works on GDPR:

  • GDPR is based on the underlying assumption there is at least one legal person (the data controller) responsible for each data point. This principle clashes with the decentralised nature of smart contracts, making the allocation of responsibilities especially burdensome under this regulation;

  • GDPR relies on the premise that data can be modified or erased where necessary to comply with legal requirements. Accordingly, Article 16 states for example that “the data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement”. Article 17 further specifies that “data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay” (for some specific reasons listed in the article). DLTs render such provisions difficult to apply due to their immutability properties.

Is it worth noting that the uncertainties in this area are not only related to the specific features of DLTs. Part of difficulties also lies in the uncertainties surrounding some key concepts of the GDPR, such as the notion of anonymous data, the definition of the data controller, and the meaning of erasure under Article 17 (European Parliament, 2019[21]).

A range of regulatory approaches have been implemented across countries to deal with the challenges raised by DLT-based smart contracts, which shed light on the complexity of the regulatory issues at stakes as well as the existing fragmentation of regulatory frameworks across jurisdictions.

In many cases, governments have deliberately and explicitly chosen to observe how the technology evolves without taking any regulatory action. In 2017, the European Commission announced for example that it was “actively monitoring” DLTs and part of this strategy consists of the financing of pilot projects and the organisation of workshops and conferences to engage stakeholders and gather information to acquire essential knowledge. In parallel, the European Commission has launched the EU Blockchain Observatory and Forum in 2018, with the purpose of mapping key initiatives in Europe (and beyond) and reinforcing European stakeholder engagement. In a report published in June 2020, the EU Blockchain Observatory and Forum (EU Blockhain Observatory and Forum, 2020[22]) provided a set of principles to help policy makers tackle the regulatory challenges raised by smart contracts, including:

  • Draft simple definitions of the technology;

  • Engage with stakeholders and provide guidance on legal interpretation;

  • Choose the relevant regulatory approach;

  • Build capacity within government to help tackle the technical complexity associated with DLTs;

  • Encourage self-regulation;

  • Monitor closely the evolution of the technology and its impacts on markets and societies;

  • Relying on DLTs to extend the regulatory toolbox.

In 2019, the European Commission also created the International Association of Trusted Blockchain Applications (INATBA). The objective is to bring together industry, SMEs, policy makers, international organisations, regulators, civil society and standard setting bodies to support the development of DLTs across countries and sectors.

As part of a wider work on legal issues surrounding technological developments, the UK Ministry of Justice has focused on providing increased legal certainty for smart contracts under English and Welsh law. This work has been conducted under the auspices of the UK Jurisdiction Taskforce.

In November 2019, the Taskforce published a legal statement on the status of cryptoassets and smart contracts (UK Jurisdiction Taskforce, 2019[19]) which made a series of findings including the legal implications of smart contracts. It states that there is “no good reason for treating smart contracts as being different in principle from conventional contracts”. In case of an event external to the code affecting the transaction, the existing rules of Law should apply to solve potential disputes. The taskforce considers indeed that the three requirements for a contract could be met with a smart contract:

  • The existence of an “agreement”: written terms or signature are not necessary condition to form a contract under English and Welsh law and, in any case, smart contracts could well meet a statutory “in writing” requirement;

  • The explicit intention to be legally bound; and

  • The fact that each contractual party each party to it must give something of benefit.

It acknowledges, however, that “the modern approach to interpretation of commercial contracts is very much focused on the language” and, therefore, a smart contract relying exclusively on code might not create any room for legal interpretation. Such contract would be considered as a clear and unambiguous arrangement, with no robust reason to depart from it. A judge will however be able to intervene in situations where the code does not reflect the initial intentions of contractual parties or in cases of fraud.

The taskforce also makes clear that a smart contract between anonymous (or pseudo-anonymous) parties does create legal obligations, although it creates obvious difficulties in case of contract breach. The report underlines that the fact that a party does not have information about the identity of the contractual partner is not at all specific to smart contract and is fully allowed under English law.

The UK Ministry of Justice is currently working with the Law Commission of England and Wales on a project that aims to take forward the Law Commission’s earlier work on smart contracts and the findings made in the Legal Statement.

In 2019, the Research and Documentation Centre of the Dutch Ministry of Justice and Security published a report on DLTs and smart contracts. The reports consider that the Dutch contract law apply to smart contracts and, as a consequence, an adaptation of regulatory framework seems unnecessary. As mentioned earlier, the Haviltex standard may, in particular, continue to apply and, consequently, external conditions (such as parties’ initial intentions) would matter when interpreting contract clauses. The reports suggest however that, for smart contracts, an overriding weight may be given to the code itself for interpretation purposes.

The report also highlights that some of core contractual principles under Dutch law might be difficult to apply to smart contracts. This is the case for example of the ‘force majeure’ concept. Such normative principle cannot be embedded into the code as it not strict rule governing its application. A solution would be to reintroduce a third-party in the contractual equation but this would defeat the rationale for relying on DLT-based smart contracts.

Given these difficulties, the report does not provide concrete directions and warns that that downside risks might outweigh potential benefits of using smart contracts. The formal response of the governments should be made available soon.

In the same vein, the Swiss Federal Council published a report in 2019 (Switz Federal Council, 2018[23]) to provide an overview of the legal framework applying to DLTs and smart contracts in particular and identify the need for regulatory action. The reports highlights that smart contracts cannot be seen as contracts in the sense of the Swiss Code of Obligations and that their immutability properties creates a tension with the classical private law. Against this background, the Federal Council states that “parties wishing to conclude a smart contract should provide for suitable mechanisms for possibly changing circumstances and dispute resolution. There will certainly be further developments in the area of smart contracts, but as it is still in the embryonic stage, it seems premature to legislate at the moment”.

Governments can enact provisions specifically tailored to DLT-based smart contracts to provide legal status to such arrangements. In Italy, the Parliament has for example passed a law provision introducing a definition of distributed ledger technologies and smart contracts in the legal framework. The law, which entered into forced in 2019, provides a legal definition of DLT and smart contract and states that the latter meet the requirement of written form (provided that the identification of the parties complies with a procedure defined by the Agenzia per l'Italia Digitale2). It also stipulates smart contracts have the same legal properties as ‘electronic time stamps’ defined in the European Regulation on electronic identification.3

Similar initiatives have been developed in the US federal states. In 2017, the state of Arizona passed an amendment to its Electronic Transaction Act adding a new article providing specific regulation for DLTs and smart contracts. As regards DLT-based smart contract, the Act states for example that:

  • A signature that is secured through blockchain technology is considered to be in an electronic form and to be an electronic signature”;

  • A record or contract that is secured through blockchain technology is considered to be in an electronic form and to be an electronic record”.

  • Smart contracts may exist in commerce. A contract relating to a transaction may not be denied legal effect, validity or enforceability solely because that contract contains a smart contract term”.

As for the Italian initiative, the Act also provides definitions of DLTs4 and smart contracts.5 Following Arizona’s initiative, Delaware, Florida, Ohio, Nevada, Tennessee and Wyoming enacted similar laws, which echoes a general understanding that smart contracts can be enforced through the existing legal system. The State of New York has also introduced amendments to the state technology law, introducing state definitions of DLTs and smart contracts to recognise them in the context of commerce.

To foster innovation in financial markets, the United Kingdom's FCA has launched a number of regulatory sandboxes since 2016. The objective is to allow innovative firms to test new products, services and business models in a controlled regulatory environment. The FCA provides a number of tools to innovative firms: tailored authorisation processes, individual guidance, informal steers, regulatory waivers as well as no enforcement action letters.

The FCA has accepted a number of DLT-related projects, including on smart contracts:

  • The first regulatory sandbox (cohort 1) authorised the company Tramonex to test an e-money platform based on distributed ledger technology that facilitates the use of smart contracts to transfer donations to a charity;

  • During the second cohort, Oraclize tested a DLT-based e-money platform which turns digital identity cards into secure digital wallets through the use of smart contracts and fiat-backed tokens;

  • Under cohort 3 and 4 of the regulatory sandbox, the firm Etherisc has also conducted a test to use smart-contracts on a blockchain to provide fully-automated decentralised flight insurance.

  • Under cohort 6, the firm Crowdz UK has been accepted to test a SMEs invoice financing platform relying on DLT-based smart contracts to tokenise invoices and re-route payments.

While little evidence is available at this stage on the use of regulatory management tools by governments to tackle the challenges raised by smart contracts, several co-operation initiatives have been launched across the world and at the EU level in particular. In 2018, seven EU member states (Cyprus, France, Greece, Italy, Malta, Portugal and Spain) signed the Ministerial Declaration on Distributed Ledger Technologies, underlining that “as a technology based on trust, [the Ministers] see Distributed Ledger Technologies as being a potential game changer using – inter alia smart contracts in areas such as certifying product origin, education, transport, mobility, shipping, land registry, customs, company registry, and healthcare amongst others to transform the way that such services are delivered”. The declaration points, in particular, to the need for regulatory frameworks to allow innovation and experimentation to foster policy learning. On April 2018, 21 Member States6 (and Norway) agreed to sign a Declaration creating the European Blockchain Partnership (EBP) and co-operate in the establishment of a European Blockchain Services Infrastructure (EBSI) to support the delivery of cross-border digital public services (since then, eight more countries have joined the partnership, bringing the total number of signatories to 30).

Distributed ledger technologies (DLTs) are developing fast and have the potential to redefine our socio-economic systems substantially. One key application of these technologies consists of smart contracts, which generate important disruptions by strongly reducing the need for central trusted intermediaries, bringing about new forms of collaboration and business models, and creating new enforcement methods. DLT-based smart contracts they tend to develop faster than the regulation or social structures governing them due to their intrinsic complexity, which makes it hard for non-experts such as policy makers to enact and enforce effective regulatory approaches. In addition, DLTs being by definition a borderless technology, the fact that smart contracts are not rooted in a specific location means that determining the applicable jurisdiction and legal provisions is by no means straightforward. Moreover, the need to attribute liability, certify transactions, and reconcile these technologies with data protection imperatives creates critical challenges for governments. These challenges are compounded by the complexity of the regulatory issues at hand as well as the existing fragmentation in regulatory frameworks across jurisdictions.

While “waiting and seeing” (i.e. observe how the technology evolves without taking any regulatory action) may in some cases prove useful, governments need to deploy a range of additional measures if regulatory action is to be up to the above-mentioned challenges. Providing appropriate guidance and taking action to reduce legal uncertainty and limit risks raised by DLT-based smart contracts is particularly important, and a number of countries are already engaging in such activities. Governments can notably enact provisions specifically tailored to smart contracts in order to clarify their legal status, and put in place regulatory sandboxes to foster innovation in controlled regulatory environments. In addition, international co-operation initiatives (of which the case study provides various examples) can be instrumental in addressing territoriality challenges and supporting the development of smart contracts.


[3] Berryhill, J., T. Bourgery and A. Hanson (2018), “Blockchains Unchained: Blockchain Technology and its Use in the Public Sector”, OECD Working Papers on Public Governance, No. 28, OECD Publishing, Paris, https://dx.doi.org/10.1787/3c32c429-en.

[24] Böhme, R. et al. (2015), “Bitcoin: Economics, Technology, and Governance”, Journal of Economic Perspectives, Vol. 29/2, pp. 213-238, https://doi.org/10.1257/jep.29.2.213.

[23] Catalini, C. and J. Gans (2016), Some Simple Economics of the Blockchain, National Bureau of Economic Research, Cambridge, MA, https://doi.org/10.3386/w22952.

[1] Chamber of Digital Commerce (2018), Smart Contracts Legal Primer - Why Smart Contracts Are Valid Under Existing Law and Do Not Require Additional Authorization to Be Enforceable.

[8] Coase, R. (1937), “The Nature of the Firm”, Economica, Vol. 4/16, pp. 386-405, https://doi.org/10.1111/j.1468-0335.1937.tb00002.x.

[14] Conte de Leon, D. et al. (2017), “Blockchain: properties and misconceptions”, Asia Pacific Journal of Innovation and Entrepreneurship, Vol. 11/3, pp. 286-300, https://doi.org/10.1108/apjie-12-2017-034.

[7] Davidson, S., P. De Filippi and J. Potts (2018), “Blockchains and the economic institutions of capitalism”, Journal of Institutional Economics, Vol. 14/4, pp. 639-658, https://doi.org/10.1017/s1744137417000200.

[17] Deloitte (2019), “Deloitte’s 2019 Global Blockchain Survey”.

[22] EU Blockhain Observatory and Forum (2020), “2018-2020 Conclusions and Reflections”.

[21] European Parliament (2019), “Blockchain and the General Data Protection Regulation.”.

[13] Finck, M. (2019), “Smart contracts as a form of solely automated processing under the GDPR”, International Data Privacy Law, Vol. 9/2, pp. 78-94, https://doi.org/10.1093/idpl/ipz004.

[18] Grimmelmann, J. (2021), “All Smart Contracts are Ambiguous”, Journal of Law & Innovation, Vol. 2/1.

[2] IOSCO (2017), “Research Report on Financial Technologies (Fintech)”.

[16] Marchant, G., B. Allenby and J. Herkert (eds.) (2011), The Growing Gap Between Emerging Technologies and Legal-Ethical Oversight, Springer Netherlands, Dordrecht, https://doi.org/10.1007/978-94-007-1356-7.

[20] OECD (2021), “Regulatory Approaches to the Tokenisation of Assets”, OECD Blockchain Policy Series.

[11] OECD (2018), Blockchain Technology and Competition Policy.

[12] Schrepel, T. (2019), “Collusion By Blockchain And Smart Contracts”, SSRN Electronic Journal, https://doi.org/10.2139/ssrn.3315182.

[5] Szabo, N. (1997), “Formalizing and Securing Relationships on Public Networks”, First Monday, Vol. 2/9, https://doi.org/10.5210/fm.v2i9.548.

[4] Szabo, N. (1994), “Smart Contracts: Building Blocks for Digital Markets”.

[19] UK Jurisdiction Taskforce (2019), “Legal Statement on Cryptoassets and Smart Contracts.”.

[25] Walport, M. (2016), “Distributed Ledger Technology: Beyond Blockchain”, Government Office for Science, London.

[6] Werbach, K. and N. Cornell (2017), “Contracts Ex Machina”, Duke Law Journal, Vol. 67, pp. 313-382.

[10] Williamson, O. (1985), The Economic Institutions of Capitalism, New York: Free Press, https://doi.org/10.1007/978-3-8349-9320-5_6.

[9] Williamson, O. (1975), Markets and Hierarchies: Analysis and Antitrust Implications, A Study in the Economics of Internal Organization.

[15] Zyskind, G., O. Nathan and A. Pentland (2015), “Decentralizing Privacy: Using Blockchain to Protect Personal Data”, 2015 IEEE Security and Privacy Workshops, https://doi.org/10.1109/spw.2015.27.


← 1. Chartbrook Ltd v Persimmon Homes Ltd [2009] UKHL 38.

← 2. The Agenzia per l'Italia Digitale is a public agency in charge of the digital agenda of the Italian government.

← 3. Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.

← 4. Distributed ledger technology that uses a distributed, decentralised, shared and replicated ledger, which may be public or private, permissioned or permissionless, or driven by tokenised crypto economics or tokenless. The data on the ledger is protected with cryptography, is immutable and auditable and provides an uncensored truth”.

← 5. Event-driven program, with state, that runs on a distributed, decentralised, shared and replicated ledger and that can take custody over and instruct transfer of assets on that ledger”.

← 6. Austria, Belgium, Bulgaria, Czech Republic, Estonia, Finland, France, Germany, Ireland, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, United Kingdom.

Metadata, Legal and Rights

This document, as well as any data and map included herein, are without prejudice to the status of or sovereignty over any territory, to the delimitation of international frontiers and boundaries and to the name of any territory, city or area. Extracts from publications may be subject to additional disclaimers, which are set out in the complete version of the publication, available at the link provided.

© OECD/KDI 2021

The use of this work, whether digital or print, is governed by the Terms and Conditions to be found at http://www.oecd.org/termsandconditions.