Please note: the majority of the basic definitions below, which are referred to in various locations on the website, are taken from the standardisation work carried out by the International Organization for Standardization (ISO), which BaFin was involved in. In other cases, the information is taken from articles published by BaFin.

DLT or distributed ledger technology is a technology that enables the operation and use of distributed ledgers.

A block refers to structured data comprising block data and a block header.

A block header refers to structured data that includes a cryptographic link to the previous block unless there is no previous block.

Block data are structured data comprising zero or more transaction records or references to transaction records

A blockchain is a distributed ledger with confirmed blocks organised in an append-only, sequential chain using cryptographic links.

Confirmed means accepted by consensus for inclusion in a distributed ledger.

A consensus is an agreement among DLT nodes that a transaction is validated and that the distributed ledger contains a consistent set and ordering of validated transactions; consensus does not necessarily mean that all DLT nodes agree.

A consensus mechanism refers to the rules and procedures by which consensus is reached.

Crypto exchanges act as intermediaries between investors and the start-up and benefit from the trading and listing fees and from the fees for services associated with due diligence processes during the financing phase.

A cryptographic hash function is a function mapping binary strings of arbitrary length to binary strings of fixed length, such that it is computationally costly to find for a given output an input that maps to the output, it is computationally infeasible to find for a given input a second input that maps to the same output, and it is computationally infeasible to find any two distinct inputs that map to the same output.

A cryptographic link is a reference, constructed using a cryptographic hash function technique, that points to data. It is used in the block header to reference the previous block in order to create the append-only, sequential chain that forms a blockchain.

A decentralised autonomous organisation (DAO) is a collectivly owned, blockchain-governed organisation working towards a shared mission without centralised leadership that aimes to offer a safe way to collaborate with strangers.

Decentralized finance (DeFi) is a general term for DLT-based financial services and products, including payments, lending, trading, investments, insurance, and asset management. The objective of DeFi is for services to operate without centralised intermediaries or institutions. To achieve this, open protocols are used to allow DeFi financial services to be combined.

A distributed ledger is a ledger that is shared across a set of DLT nodes and synchronised between the DLT nodes using a consensus mechanism; it is designed to be tamper resistant, append-only and immutable containing confirmed and validated transactions.

A DLT node is a device or process that participates in a network and stores a complete or partial replica of the ledger records.

A hash value is a string of bits which is the output of a cryptographic hash function.

Immutable means that ledger records cannot be modified or removed once added to a distributed ledger.

Initial coin offerings (ICOs) are fundraisings where the issuer exchanges newly created tokens for existing funds or tokens from investors.

Initial exchange offerings (IEOs) are ICOs that take place within a crypto exchange and that meet the requirements and rules of this exchange.

A ledger is an information store that keeps records of transactions that are intended to be final, definitive and immutable.

A ledger record is a record containing transaction records, hash values of transaction records, or references to transaction records recorded on a distributed ledger; a reference can be implemented as a cryptographic link.

A non-fungible token (NFT) is a crypto token that is not fungible. Not fungible means not capable of mutual substitution among individual units. A bitcoin, for example, can be replaced by a different bitcoin, which means it is fungible. An original Picasso painting cannot be replaced by a different original Picasso painting, so it is not fungible.

Online banking –¬ digital banking –¬ neobanking: The term “online banking” refers to the execution of banking transactions via the internet. Customers have direct access to their account data held by their bank. They can access their data using their bank’s app or by way of a third party program that enables them to manage several accounts and contracts at various banks and insurance companies. During the early stages of digitalisation, online banking was one of the first services provided in the financial industry that was actively used by a wide range of customers. In that early stage, banks attempting to win market shares by offering purely digital services without any branch banking at all were called “neo-banks” or “challenger banks”. However, since nearly all established institutions now offer digital services and are simultaneously reducing the number of branches in their networks, these terms are no longer as relevant as they were in the past.

A privacy coin is type of digital asset that aims to enable anonymity by lacking individuality, distinction, and recognisability. Unlike other pseudonymous crypto assets, privacy coins aim to hide e.g. transaction movements, sender, receiver, transaction amounts and balances. Privacy coins aim at making chain analysis infeasible. Examples of privacy coins include Monero (XMR), Zcash (ZEC), Dash and Oasis Network (ROSE).

A record is information created, received and maintained as evidence and as an asset by an organisation or person, in pursuit of legal obligations or in the transaction of business.

A smart contract is a computer program stored in a DLT system wherein the outcome of any execution of the program is recorded on the distributed ledger. A smart contract can represent terms in a contract in law and create a legally enforceable obligation under the legislation of an applicable jurisdiction.

Stablecoins are crypto tokens that use a stabilising mechanism that is aimed at making them less volatile than other crypto tokens such as bitcoin or ether. Assets or algorithms are used in an attempt to achieve this stabilisation. The assets can be central bank-issued currencies (e.g. US Dollar, Euro), physical assets (e.g. gold, silver) or other crypto assets. Stablecoins that use central bank-issued currencies or physical assets as collateral usually store the collateral off-ledger with a separate entity that aims to hold and manage the collateral as reserves. Stablecoins that use other crypto assets as collateral are usually over-collateralised, where the collateral is stored on-ledger in a smart contract and a stabilising mechanism is built in, such as in the case of DAI/Maker DAO. Stablecoins that use an algorithm to achieve stabilisation usually use one freely floating crypto asset and one stabilised crypto asset, where both are connected by smart contracts that create/mint and sell or buy and destroy either crypto asset to achieve a stabilisation effect, such as in the case of the failed Terra/Luna. Overall, stablecoins aim for efficient on-ledger payments and financial inclusion but they add counterparty risk, are capital inefficient or are prone to death spirals. (Source: Catalini, C., & de Gortari, A. (2021). On the Economic Design of Stablecoins. Available at SSRN 3899499.)

A transaction is the smallest unit of a work process related to interactions with blockchains or distributed ledgers.

A transaction record is a record documenting a transaction of any type. It can be included in, or referred to in, a ledger record and can include the result of a transaction.

Validated means the status of a transaction when its required integrity conditions have been checked.

A wallet (also known as an e-wallet or digital wallet) is an application used to generate, manage, store or use private and public cryptographic keys. A wallet can be implemented as a piece of software or as hardware and can be operated either online as a “hot wallet” or offline as a “cold wallet”. A hosted wallet is operated by a third party by agreement, while an unhosted wallet (or self-hosted wallet) is operated by the users themselves. With a custodian wallet, a third party (the provider) is granted access to a user’s private keys by agreement, while with a non-custodian wallet no third parties have access to a user’s private keys.

White label banking always involves two partners –¬ a bank with a banking licence (white label provider) makes its infrastructure and, if relevant, other services available to a partner company (non-bank partner) for a fee. In this manner, the non-bank partner can offer banking services to its customers without having to hold the authorisations that would be required for a credit institution. The white labelling model is attractive for many start-ups in the financial sector: the start-up can focus on marketing its business idea while, in the background, an established commercial bank provides the banking services requiring authorisation. White labelling structures also give rise to a shift in the distribution of risks. This increases the levels of interconnectedness and complexity both for BaFin and for these providers’ customers –¬ especially consumers. Consumers are therefore urged to bear in mind the potential decrease in transparency: an offer advertised under a brand name may be a front for complex contractual interrelationships and multiple companies –¬ not all of which are necessarily directly under BaFin’s supervision. It is not considered to be white labelling if a provider conducts banking business or provides financial services on the market in its own name and without any required authorisation, and if this provider only makes use – behind the scenes – of an institution that does not establish its own contractual relationships with the customers. In such a case, BaFin checks whether the business activities are being conducted without authorisation – and this can have significant legal consequences for the provider and its customers. More information for consumers can be found on the BaFin website (only availabe in German language)