Do dPoS Staking Providers Require Authorization in Germany?

(For German version click here)


Prior to start of operations in Germany most blockchain-based business models require BaFin authorization, because of the legal qualification of most cryptocurrencies as financial instruments in the sense of the German Banking Act (KWG). The German legislator explicitly confirmed his administrative practice of BaFin being in place already since 2011 by explicitly regulating crypto assets as financial instruments and by introducing the financial service of crypto custodian service to the KWG, which is subject to authorization requirement. Nevertheless, the obligation to obtain authorization in accordance with the KWG is not automatically given as soon as a business model is related to cryptocurrencies. Instead, a BaFin authorization is only required if the business activity qualifies as a banking business or a financial service pursuant to the KWG.

What are dPoS Staking Providers Offering to Their Clients?

A rather new business model within the blockchain community is the offering of dPoS staking infrastructures. In this business model providers run servers which they let participate as nodes for the specific consensus-mechanism of blockchains which work on basis of the Delegated Proof-of-Stake (dPoS) mechanism. Customers may delegate their tokens to nodes of the specific blockchain in order to participate in the staking rewards generated by the nodes in form of newly created tokens. The delegation of tokens works via a smart contract on the underlying blockchain in the way that customers intending to delegate their tokens need to inform the smart contract that their tokens shall be delegated to a node of the provider. An actual transfer of tokens is not required. The tokens and the associated private keys remain entirely with the customer. The tokens that are newly generated as a result of participation in the consensus mechanism are credited by the smart contract both to the client as well as to the provider in the amount of the ratio as laid down in the smart contract.

dPoS Staking Providers Do Not Provide Crypto Custodian Services

The operation of dPoS staking infrastructuresthat are offered to customers for use is therefore a purely technical service in the first place. It is not a crypto custody service, because of the fact that at no point in time tokens are transferred and because the private keys to the tokens remain with the customer. According to the administrative practice of BaFin, crypto custody services always require access to the crypto assets respectively to the associated private keys of third parties. This mandatory requirement is generally not fulfilled by operators of dPoS staking infrastructures. The other two variants of the crypto custody business regarding neither fulfilled, because BaFin deems the possibility of disposal a base requirement also for these variants.

Additional Services May Trigger the Obligation to Obtain Authorization

Individually, the offering of dPoS staking infrastructures as a service does generally not trigger any authorization obligations pursuant to the KWG. However, this does not necessarily mean that there can never be any any additional services performed within the business model that can potentially trigger authorization requirements. Should for example a provider offer additional services such as the sale or brokerage of deals concerning the acquisition or disposal of tokens which are suited for staking, this additional service might trigger an authorization requirement, depending on the details of the specific case.


Rechtsanwalt Lutz Auffenberg, LL.M. (London)




Our Blog Articles in a Monthly Newsletter?

The FIN LAW Newsletter provides you with all blog articles of the month via monthly e-mail. Our newsletter is published regularly at the beginning of every month. Feel free to sign in to the FIN LAW Newsletter by clicking the button below. Of course can can sign off at any time if you do not wish to receive our newsletter anymore.