Insight
October 9, 2024

French Jurisdictions Rulings on the Liability of Digital Asset Service Providers in Managing Clients’ Crypto-assets

In the past four months, the French judicial court has provided significant clarifications regarding the liability of digital asset service providers (DASPs) in managing their clients’ crypto-assets through three key rulings. These DASPs have been registered under the regulatory framework established by the PACTE law in France. While these decisions serve as instructive examples, offering a guiding framework that other EU member states may draw inspiration from, it is important to note that DASPs do not fall under the Markets in Crypto-Assets (MiCA) regulation. Consequently, these decisions do not carry the same legal implications for other EU member states as those regulated by MiCA. This distinction highlights the variability in regulatory approaches across the EU and underscores the importance of harmonizing regulations to foster a cohesive digital asset market.

The three decisions that will be cited in this Client Alert are rulings from judicial courts made between August 22 and September 18.

The proximity of these three decisions demonstrates the French legislator’s intention to address this type of legal issue in light of the implementation of MiCA. Contrary to what one might think, the legislator, the regulator, and the French courts have taken this matter to heart and aim to deploy regulation that is both effective and commensurate with the stakes for both service providers and users.

These decisions are important because they exonerate DASPs from liability, whether in the context of mandates for the reception and transmission of orders on behalf of third parties (RTO), concerning contractual liability and risk warnings, or in cases of fraud.

I/ The Need for Proven Harm to Hold DASPs Liable Under an RTO Mandate

Since the decree of August 22, 2023, on the definition of investment services, an RTO mandate is defined by Article D321-1 as the activity of “receiving and transmitting orders concerning financial instruments to another person or entity, on behalf of a third party, for the purpose of executing transactions.” As such, the DASP acts as an intermediary between its client and the financial markets. The RTO mandate allows the DASP to receive orders to buy or sell crypto-assets from the client and then transmit them to a third party for execution.

  • Mandate relationship
    • In this context, the DASP (acting as the agent) is bound to its client (the principal) by a contract or mandate that outlines its responsibilities. This mandate authorizes the DASP to act on the client's behalf by transmitting their orders, but it does not necessarily impose an obligation to ensure the success of the transactions.
  • Limitation of liability
    • As a result, the DASP is not liable for transaction losses or malfunctions as long as it complies with the terms of the mandate and acts in good faith by correctly transmitting the orders. Indeed, liability is often limited to technical execution rather than the performance of the investments themselves.
  • Distinction of roles
    • The DASP does not make decisions on behalf of the client and does not directly manage the crypto-assets; it merely transmits the orders. This distinction is critical in determining its liability. If it fulfills its obligations by properly transmitting the orders, it cannot be held responsible for market fluctuations or other external events beyond its control.

Case Example: Méria case, on June, 28, 2024, case n°22/07788 of the Judicial Court of Créteil (FRANCE)

In a decision dated June 28, 2024, a client of a DASP requested that the Judicial Court of Créteil order the DASP to pay €38,080 in damages for financial losses resulting from investments made beyond the scope of the mandate.

In this case, the DASP was bound to its client by an RTO mandate. Based on this contractual relationship, the DASP was expected to limit its actions to the client’s instructions, without having the authority to manage or control the client’s portfolios. However, due to the sudden and severe collapse of Universal Stablecoin Token Contract and the native token of the Terra blockchain, LUNA assets, the DASP unilaterally decided to liquidate the client’s positions in a lending arrangement to mitigate the devaluation of their portfolio.

By doing so, the DASP exceeded its mandate’s scope by independently deciding to close the client’s positions.

Can the DASP be held liable for this loss?

According to the judicial court, there is no evidence that the DASP’s contractual breach caused any harm to the client. In fact, no documentation was provided to show that the client had placed or intended to place orders that could have more favorably limited the devaluation of the assets in the portfolio. Consequently, the DASP cannot be held responsible for this loss, given the sudden and unpredictable nature of the crash.

Why is this decision important for DASPs?

This ruling underscores the importance for DASPs to clearly and precisely define the terms of the RTO mandate to avoid potential liability.

II/ An Obligation of Result for Recognizing the DASP’s Contractual Liability Regarding Risk Warnings

In law, a distinction is made between the obligation of means and the obligation of result.

  • Obligation of means: The party must commit to doing everything possible to fulfill the obligation outlined in the contract. Regardless of whether the result is achieved, only the efforts made to reach the expected outcome are considered in assessing any fault of the debtor of this obligation.
  • Obligation of result: The party is required to achieve the expected result. However, the expected result must be precisely determined in the contract through objective, clear, and measurable criteria. If the result is not achieved, the party commits a contractual fault, and its liability is engaged under Article 1231-1 of the Civil Code.

On the other hand, Article 1231-1 of the Civil Code states: “The debtor shall be condemned, if applicable, to pay damages either due to the non-performance of the obligation or due to delay in performance, unless he proves that the performance was prevented by force majeure.”

Thus, if the DASP is bound by an obligation of result, it will be ordered to pay damages for failing to fulfill its obligations. If it is bound only by an obligation of means, it must prove that it did everything possible to comply with its contractual obligation.

Case example : Coin House case, on September 12, 2024, case n°22/15371 of the Judicial Court of Paris (FRANCE)

On September 12, 2024, after a loss of invested funds into an algorithmic trading strategy on Bitcoin provided by the company, a client of the DASP requested the court to rule that the company had committed breaches sufficient to engage its contractual liability toward him.

According to the facts, the client received a questionnaire from the DASP, which he filled out and returned five days later, declaring he was “aware of the high volatility of cryptocurrency prices, aware of the risk of total loss of the funds invested in cryptocurrencies”. Moreover, the client read and accepted the company's general terms and conditions, which reiterated the risks inherent in any investment in digital assets, including the risk of volatility and partial or total capital loss. Furthermore, the preamble of the contract states that the client was informed and made aware of the risks associated with the product.

Can the DASPS be held liable for a loss of funds when they had previously warned about the inherent risks associated with this program?

The Court estimated that because the obligation of the DASP was only an obligation of means, and the latter had repeatedly warned about the risks associated with using this algorithmic product, the company did not violate its contractual obligations. Thus, the DASP cannot be held responsible for this loss.

Why is this decision important for DASPs?

This decision reaffirms the importance of contractual terms regarding the liability of DASPs and the demonstration of information regarding the risks associated with these investments.

III/ A Burden of Proof for Manifest Anomaly on the Part of the DASP to Establish Liability in Cases of Fraud

  1. The Duty of Vigilance

DASPs are subject to legal obligations of vigilance under the anti-money laundering and counter-terrorism financing (AML/CTF) framework. Five key points can be distinguished:

  1. Identification and verification of clients: According to Article L.561-5 of the Monetary and Financial Code, DASPs are required to rigorously identify their clients, notably by verifying their identity through official and reliable documents. This includes both natural persons and legal entities (companies). Identification is strengthened for transactions that present a higher risk (large amounts, complex operations, etc.).
  2. Ongoing monitoring of transactions: DASPs must implement a system for monitoring transactions conducted by their clients to detect suspicious operations that may be related to money laundering or terrorist financing. This monitoring is essential for identifying abnormal patterns or unusual transactions.
  3. Obligation to report: In cases of reasonable suspicion regarding illicit activities, DASPs are required to report these transactions to the competent authority, which in France is TRACFIN (Intelligence Processing and Action Against Illicit Financial Networks). This reporting is confidential, and the DASP must not inform the affected client.
  4. Risk assessment: DASPs must conduct a risk assessment for money laundering and terrorist financing in their activities. This includes implementing measures proportional to these risks, such as enhanced controls for clients or transactions presenting increased risks.
  5. Data retention: DASPs are also required to retain information and documents related to client identification and executed transactions for at least five years. This allows competent authorities to review this information in the event of an investigation.

The duty of vigilance regarding AML/CTF imposes an active role on DASPs in preventing criminal financial risks. As intermediaries in the management of crypto-assets, DASPs are key players in the fight against money laundering and terrorist financing. Non-compliance with these obligations can lead to severe sanctions, including fines or even suspension of the DASP license.

  1. The Obligation of Non-Inference

The obligation of non-inference is a legal principle that requires certain parties, such as DASPs, not to intervene beyond what their role entails, particularly in clients’ investment decisions or asset management. This obligation is especially important in contractual relationships in which a service provider acts as an intermediary, such as under a mandate for the reception and transmission of orders.

Under the obligation of non-inference, DASPs, when acting as intermediaries in the RTO, are not to replace their clients’ decisions. They must simply transmit the orders given by the client without influencing or guiding the client’s choices. In this context, DASPs cannot provide investment advice unless they have a specific license or authorization to offer such services. Their role is limited to the technical execution of the transaction without interfering in the clients’ investment strategies or decisions. DASPs must remain neutral and objective in executing orders, ensuring that these are processed diligently and in accordance with the client’s instructions, without imposing their own judgment or influence on how these orders are executed.

The obligation of non-inference also requires the DASP to strictly adhere to the limits defined by the mandate entrusted by the client. They should not act beyond the established framework, except with explicit agreement and in compliance with applicable laws. This obligation also protects the DASP from excessive liability in managing the assets or investment losses suffered by clients, as long as the provider has adhered to the terms of their mandate and acted according to the instructions. In other words, a DASP cannot be held liable for losses resulting from decisions made by the client themselves, in the absence of any breach or negligence on the part of the DASP.

Illustration with the Coin House Case, on September 18, 2024, case n°RG 23/13786 of the Judicial Court of Paris (FRANCE)

In the case dated September 18, 2024, a client of a DASP requested the Judicial Court of Paris to order the latter to cover costs for failing to meet its legal duty of vigilance under the AML/CTF framework.

The court reminded the concerned parties that the establishment does not need to concern itself with the destination of the funds or the appropriateness of the transactions made on behalf of the principle of non-inference, unless it encounters apparent anomalies or irregularities during operations requested by its client, which it must detect, in accordance with its client.

Moreover, numerous measures were implemented by the DASP to prevent the risk of fraud, such as client knowledge questionnaires and in-person meetings with clients. According to the facts, the client had himself guaranteed the aforementioned fraudster, presenting him as a family member and concealing information from the DASP that could have revealed an apparent anomaly.

Therefore, according to the court, and in the absence of any apparent anomaly, the DASP did not have to further question its client under the principle of non-inference.

In conclusion, a DASP cannot be held responsible for failing to comply with vigilance obligations in the absence of proof of a manifest anomaly on its part. Furthermore, and in accordance with consistent case law, AML/CTF obligations cannot be invoked by a client.

Why is this decision important for DASPs?

This ruling aligns the responsibility of DASPs with that of banks regarding the prevention of fraud.

At Goodwin, we are committed to navigating the complexities of EU law and its regulatory landscape. Our team of experts specializes in EU law and is well-equipped to engage with regulators in each EU member state to ensure compliance with relevant regulations.

We provide comprehensive support to help you navigate the intricate regulatory framework established by EU law. Understanding and adhering to these regulations is crucial for your operations. Our legal experts are skilled in drafting clear and effective contracts with clients, ensuring that all terms are transparent and compliant with EU regulations.

We assist you in preparing and submitting necessary documentation to regulatory authorities, streamlining the process and ensuring all requirements are met.

Our team conducts ongoing legal monitoring to keep you informed of any changes in regulations that may impact your operations, ensuring that you remain compliant in a constantly evolving legal environment.

We understand the complexities and challenges faced by DASPs in navigating the legal landscape surrounding AML/CTF obligations. Our experienced team is dedicated to providing comprehensive legal support tailored to the unique needs of DASPs. We can help DASPs implement robust client identification and verification processes. Our firm will guide you in developing effective protocols that ensure compliance, minimize risk, and enhance customer trust while also addressing higher-risk transactions appropriately. Our legal experts are equipped to assist DASPs in establishing an efficient monitoring system for client transactions to identify suspicious activities.

Our team will also help you clearly define the boundaries of your role as an intermediary, ensuring compliance with client instructions while safeguarding your firm from excessive liability. We can assist in drafting clear client agreements and protocols to minimize risks associated with client decisions and enhance the clarity of your responsibilities. If you are a DASP looking to navigate the legal complexities surrounding AML/CTF obligations, our law firm is here to help. We provide personalized legal solutions that empower you to operate confidently in the digital asset space. Contact us to discuss how we can assist you in achieving compliance and managing your legal risks effectively.

 

This informational piece, which may be considered advertising under the ethical rules of certain jurisdictions, is provided on the understanding that it does not constitute the rendering of legal advice or other professional advice by Goodwin or its lawyers. Prior results do not guarantee a similar outcome.