At a Glance
Germany’s eWpG (Gesetz über elektronische Wertpapiere) lets you issue electronic securities (including crypto-securities) with legal equivalence to paper certificates, recorded either in a central electronic register or a crypto-securities register. Operating the crypto register and providing crypto custody are regulated BaFin activities. Region: European Union / GermanyEffective: 2021-present Scope:
- Entities: Issuers, custodians, registrars, trading venues
- Activities: On-chain issuance, registry operations, custody, secondary trading
- eWpG (Gesetz über elektronische Wertpapiere, 2021–)
- BaFin licensing for crypto-securities registrars & custody
Core Compliance Expectations
Registration / Licensing
Operating a crypto-securities register requires authorisation; crypto custody is a separate licence.Disclosure / Reporting
Issuers must meet prospectus & corporate law duties; registrars maintain accurate, tamper-evident records.Governance & Liability
Clear operator accountability for register accuracy, availability, and change controls.Actionable Best Practices
Funds & Assets (Issuance)
Use DLT-native issuance only after legal qualification. Obtain a legal opinion confirming the instrument qualifies under eWpG before committing to on-chain issuance.Before issuing crypto-securities, confirm:
- Instrument type qualifies under eWpG (bonds, profit participation rights, etc.)
- Legal opinion addresses enforceability and insolvency treatment
- Corporate law requirements are satisfied (shareholder approval where needed)
- Prospectus obligations are assessed
- Stock splits and consolidations
- Redemptions and buybacks
- Dividend distributions
- Voting and corporate events
Custody
Segregate client assets. Implement segregation both on-chain (separate addresses) and in books & records.See Custody Patterns for:
- On-chain segregation architecture
- Books & records reconciliation
- Asset-location attestation
- Dual approval for all key operations
- Break-glass procedures for emergency access
- Compensating-transaction runbooks for error remediation (never rewrite history)
Trading
Map secondary trading venue classification. Determine whether trading occurs on:- Regulated market
- Multilateral Trading Facility (MTF)
- Organised Trading Facility (OTF)
- Over-the-counter (OTC)
- Verify eWpG qualification vs. MiFID financial instrument classification
- Assess prospectus triggers and exemptions
- Confirm registrar authorisation status
- Crypto-securities register incident or unavailability
- Issuer disclosure failure
- Material misstatement in register entries
- Regulatory action against issuer or registrar
Identity & Compliance
Run KYC/AML on holders where required. Especially critical for:- Primary distribution to investors
- Restricted or qualified investor tranches
- Transfer restrictions by investor type
See Identity & Compliance Patterns for:
- KYC lifecycle workflows
- Beneficial ownership verification
- Sanctions screening integration
- Whitelists for authorized holders
- Jurisdiction filters
- Investor qualification checks
- Auditable override procedures (with dual approval)
Data & Oracles
Log register events with immutable audit trails. Capture:- Issuance transactions
- Transfers (primary and secondary)
- Cancellations and redemptions
- Corporate actions
- Timestamp (block number and wall-clock time)
- Transaction hash
- Before/after state
- Authorized operator identity
See Data & Oracles Patterns for:
- Immutable audit trail design
- Time-stamped proof generation
- Oracle governance frameworks
- Document source selection criteria
- Define fallback procedures
- Establish dispute resolution policy
- Maintain data lineage records
- Recovery Time Objective (RTO): maximum downtime before switching to contingency mode
- Recovery Point Objective (RPO): maximum acceptable data loss
- Business continuity procedures:
- Read-only mirror registry
- Delayed settlement mode
- Manual transaction processing fallback
Key Risks to Watch
Enterprise Opportunities
Native on-chain securities under a major EU jurisdiction. Germany’s eWpG provides legal certainty for DLT-native instruments recognized across EU member states. Streamlined corporate actions and transparent cap-tables. On-chain registers enable:- Real-time shareholder visibility
- Automated dividend distributions
- Efficient voting mechanics
- Reduced reconciliation overhead with regulator-recognised registers
Implementation Checklist
When implementing eWpG-compliant systems:- Obtain legal opinion on instrument qualification under eWpG
- Secure BaFin authorisation for crypto-securities register operation
- Obtain separate BaFin licence for crypto custody (if providing custody)
- Implement on-chain and books & records segregation
- Deploy dual-control key management (MPC/HSM)
- Establish corporate actions playbooks with CSD/ICSD
- Build immutable audit trail for all register events
- Implement transfer restrictions at smart-contract layer
- Define RTO/RPO and business continuity procedures
- Establish incident reporting to BaFin
- Obtain SOC 2 / ISO 27001 certification
- Secure professional indemnity insurance
Glossary
eWpG — German Electronic Securities Act (Gesetz über elektronische Wertpapiere) Crypto-securities register — DLT-based register for recording electronic securities with legal equivalence to traditional certificates Registrar — Licensed operator accountable for the crypto-securities register’s correctness, availability, and compliance BaFin — German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht)See Also
Related IPTF Patterns:- Custody - Safeguarding, segregation, key management
- Identity & Compliance - KYC, beneficial ownership, transfer restrictions
- Data & Oracles - Audit trails, pricing governance, register events
- Funds & Assets - Issuance workflows, corporate actions