The Consolidated Directive for the Prevention and Suppression of Money Laundering and Terrorist Financing for Crypto Asset Service Providers (CASPs) integrates key provisions from R.A.D. 269/2021, R.A.D. 384/2021, and R.A.D. 343/2023. It establishes a robust framework to regulate and oversee CASPs in Cyprus, ensuring compliance with anti-money laundering (AML) and counter-terrorism financing (CTF) laws while harmonizing with EU directives.
Key Features of the Directive
1. Registration of CASPs
The directive mandates that CASPs must register with the Cyprus Securities and Exchange Commission (CySEC). The CASP Register provides transparency and public accessibility, listing key details such as:
- The CASP’s name, trade name, legal form, and physical address.
- The services and activities offered.
- The CASP’s website information.
2. Registration Conditions
CySEC evaluates CASPs based on rigorous criteria before approving registration:
- Integrity and Competence: Management must demonstrate good reputation, skills, and technical expertise. This includes no history of criminal activity or administrative sanctions.
- Financial Stability: CASPs must maintain sufficient financial soundness to ensure operational sustainability.
- Operational Independence: CASPs must operate through a dedicated, CASP-owned website unless specific risk assessments are conducted.
- Organizational Requirements: Proper governance, internal controls, and security measures must be in place to safeguard client assets and data.
3. Capital Requirements
The directive outlines tiered capital adequacy standards based on the services provided:
- Class 1: Investment advice requires initial capital of €50,000.
- Class 2: Activities like execution of orders or crypto-to-fiat exchanges require €125,000.
- Class 3: Comprehensive services, including custody and multilateral trading systems, require €150,000.
CASPs must also maintain funds equivalent to at least one-quarter of their fixed overheads from the previous financial year.
4. Changes and Deregistration
- Material Changes: CASPs must notify CySEC of any significant changes, such as new management, website updates, or expanded service offerings.
- Deregistration: CASPs intending to cease operations must submit a detailed six-month action plan, including client communication, fund returns, and resolution of complaints.
CySEC can also suspend or remove CASPs from the register for non-compliance, inactivity, or providing false information.
5. Organizational and Operational Requirements
The directive emphasizes robust internal systems:
- Conflict of Interest Policies: CASPs must manage potential conflicts between their operations and client interests.
- Client Communications: Information provided must be accurate, clear, and not misleading, enabling informed decision-making.
- Security and Record-Keeping: Comprehensive records of all activities and effective data protection mechanisms are mandatory.
6. Compliance and Reporting
CASPs must ensure ongoing compliance through:
- Anti-money laundering policies in line with the Prevention and Suppression of Money Laundering and Terrorist Financing Law.
- Appropriate safeguards to prevent theft or loss of client crypto assets.
7. Fees and Charges
Registration and operational fees include:
- €10,000 for initial registration.
- €5,000 annual renewal fee.
- Additional charges for material change notifications.
8. Final Provisions and Timeline
The directive includes transitional arrangements for capital adequacy:
- 30% compliance by January 2022.
- 60% compliance by January 2023.
- Full compliance by January 2024.
How We Can Help
Navigating the regulatory framework for Crypto Asset Service Providers (CASPs) can be complex and challenging. Our team of regulatory compliance experts specializes in providing tailored solutions for businesses in the crypto-asset sector, ensuring compliance with CySEC’s directives and the evolving regulatory landscape.
We offer comprehensive support, including:
- CASP Registration and Application Support: Assisting with the preparation and submission of complete registration applications, including guidance on meeting CySEC’s rigorous registration requirements.
- Compliance Framework Development: Designing robust internal controls, governance policies, and AML procedures to meet operational and organizational standards outlined in the directives.
- Ongoing Compliance and Reporting Assistance: Providing continuous guidance on reporting obligations, material change notifications, and interaction with CySEC.
Ensure your business stays compliant and ahead of regulatory changes. Contact our team today to develop a customized compliance strategy and secure your position in the growing crypto-asset market.