Pilot Regime for Market Infrastructures based on Distributed Ledger Technology


Pilot Regime for Market Infrastructures based on Distributed Ledger Technology, or short "DLT Pilot Regime", is another proposal that is part of the EU Digital Finance Package.

Expected application date: March 2023


Please refer to DLT Pilot regime released: how EU is preparing for tomorrow’s digital securities market (Deloitte Luxembourg) for a succint analysis of this proposed regulation.

Important distinction with MiCA

DLT Pilot Regime provides a legal framework for the trading and settlement of transactions in those crypto-assets that qualify as financial instruments within the meaning of Directive 2014/65/EU ("MiFID II"), hence true digital securities.

For the other crypto-assets that do not qualify as financial instruments (such as stablecoins, e-money tokens and utility tokens), a dedicated regulatory framework at EU level (MiCA) is currently well underway. The overall objective of MiCA is to provide a harmonized EU framework for those crypto assets which are not currently captured by EU financial service legislation. 

Source: Deloitte Luxembourg

Overview of information security & IT risk requirements


DLT market infrastructures should have specific and robust IT and cyber arrangements related to the use of distributed ledger technology. Such arrangements should be proportionate to the nature, scale and complexity of the business plan of the operator of the DLT market infrastructure. Those arrangements should also ensure the continuity and continued transparency, availability, reliability and security of the services provided, including the reliability of any smart contracts that are used, irrespective of whether those smart contracts are created by the DLT market infrastructure itself or by a third party following outsourcing procedures. DLT market infrastructures should also ensure the integrity, security, confidentiality, availability and accessibility of data stored on the distributed ledger. The competent authority for a DLT market infrastructure should be allowed to require an audit to ensure that the overall IT and cyber arrangements of the DLT market infrastructure are fit for purpose. The costs of the audit should be borne by the operator of the DLT market infrastructure.


Additional reading