What is the Point of the Cyprus Crypto-Asset Service Provider Policy Statement
The Cyprus Securities and Exchange Commission (“CySEC”) on the 13 of September 2021, published a detailed Policy Statement on the registration and operation of Crypto-Asset Service Providers (PS -01-2021) (the “Policy Statement”), setting out its approach to the registration and operation of Crypto-Asset Providers and the principles contained in the Act to Prevent and Combat Money Laundering and Terrorist Financing Law of 2007, as amended.
CySEC highlights that, depending on their structure, crypto-assets may be considered either:
- as financial instruments under the Investment Services and Activities and Regulated Markets Law; or
- as Electronic Money under the Electronic Money Law; or
- Be a digital representation of value that is not issued or guaranteed by a central bank or public authority, is not necessarily linked to a legally established currency, and does not have the legal status of a currency or money, but is accepted by natural or legal persons as a medium of exchange and can be transmitted, stored and traded electronically, and does not qualify as a fiat currency or as one of the instruments referred to in the points above.
In addition, the Policy Statement refers to the limited number of investment firms that are currently permitted to offer limited crypto-asset activities as a non-regulated activity. These firms must formulate and submit to CySEC an action plan for phasing out their crypto-asset activities by the end of 2022 and, in the meantime, apply for registration as a Crypto-Asset Providers no later than the end of October 2021 or otherwise establish another entity to apply for registration as a Crypto-Asset Providers.
Finally, through this Policy Statement, CySEC amends the previously issued Crypto-Asset Providers Registration Directive in a number of aspects, one of which includes the clarification that, Crypto-Asset Providers authorized by CySEC pursuant to Investment Services and Activities and Regulated Markets Law are not subject to the obligation to hold own funds other than the higher of their initial capital and 25% of their fixed overheads as set out in the said Directive. However, depending on their type of authorization, they may be subject to other capital adequacy requirements (e.g. Cyprus Investment Firms is subject to the specific capital adequacy requirements of IFR/IFD or CRR II/ CRDV.
Registering a Cyprus CASP
Through this Policy Statement CySEC sets out its expectations for Crypto-Asset Provider’s compliance with the regulatory framework, including certain specific expectations in relation to Crypto-Asset Provider’s compliance with their obligations under the CySEC Directive on Preventing and Combating Money Laundering and Terrorist Financing.
In this regard, Crypto-Asset Providers must bring their business into compliance with the AML/CFT Rules and fully comply with their obligations under the AML/CFT Law, including but not limited to:
- organizational and operational requirements;
- conducting “Know Your Client” and other due diligence on clients,
- establishing the economic profile of their clients
- identifying the sources of funds of their clients,
- monitoring client transactions,
- identifying and reporting suspicious transactions
- conducting a comprehensive risk assessment in relation to their clients and activities conducted; and
- taking proportionate measures per client, activity and crypto asset, etc.
Requirements to Register a Cyprus CASP
The Policy Statement also sets out the registration process and requirements for potential Crypto-Asset Providers wishing to register on CySEC’s Crypto-Asset Providers register, as well as CySEC’s expectations of all potential Crypto-Asset Providers during the application stage and thereafter (until the publication of the relevant forms and documents for the commencement of the registration process of Crypto-Asset Providers operating in or from Cyprus), which can be summarized as follows:
