The United Arab Emirates (UAE) has rapidly emerged as a key global financial hub, attracting investors and financial firms from around the world. As the market continues to grow, the need for clear regulatory frameworks becomes increasingly important to ensure transparency, protect investors, and foster trust.

At the heart of this regulatory landscape is the Securities and Commodities Authority (SCA), responsible for setting standards that ensure trust, transparency, and market integrity.
One of the key authorizations under the SCA framework is the Category 5 License, designed specifically for firms engaged in arranging and advisory activities within the UAE’s financial markets.
It enables  companies to promote financial products, introduce investors to licensed regional and global entities, and offer advisory services — all while complying with the highest regulatory standards.

In short, a Category 5 License offers an entry point for companies aiming to connect UAE investors with global financial opportunities. It is designed for international brokers seeking to legally and transparently engage clients and promote their financial products within the UAE.

Understanding the scope and benefits of the Category 5 license is essential for businesses aiming to establish or expand their presence in the UAE’s financial sector. This article explores why this license matters, the opportunities it creates, and how firms can navigate the application process successfully.

UNDERSTANDING THE SCA CATEGORY 5 LICENSE:

The Category 5 License authorizes companies to conduct the so-called “Arranging and Advisory” activities, including:

• Promoting or marketing of financial instruments
• Introducing investors to regulated financial institutions
• Providing financial consultancy and advisory services

— all without directly managing or holding client funds!

Firms can facilitate connections between investors and licensed brokers, asset managers, or product issuers, while ensuring compliance with UAE’s strict conduct and marketing standards.

WHY OBTAIN THE SCA CATEGORY 5 LICENSE?

 1. Regulatory Credibility

Operating under an SCA license demonstrates that your firm meets all regulatory standards and maintains strong internal controls, governance, and transparency. It immediately establishes trust with both institutional partners and clients, differentiating your business from unlicensed operators and helping you avoid any potential breach of SCA regulations and decisions.

2. Enhanced Market Access

This authorization provides a gateway to new business opportunities and partnerships in investment promotion, brokerage introductions, and financial advisory. It also offers a clear and compliant pathway for foreign financial institutions seeking to establish a presence or expand their reach in the UAE through promotional and introduction activities. Holders of this license may introduce UAE-based investors to their regulated brokerage or investment entities abroad, ensuring that all communications and marketing efforts comply with the SCA’s standards for conduct, transparency, and fair promotion.

3. Investor Confidence

Licensing gives clients the assurance that all activities are supervised by a respected regulatory authority. It signals integrity, professionalism, and commitment to operating transparently, critical factors for attracting and retaining clients and business partners in the financial services industry.

4. Legal Protection and Operational Clarity

Obtaining an SCA license gives your business a clearly defined regulatory framework to operate within. It ensures your promotional and introduction activities are fully recognized by the regulator, protecting both your firm and your clients from the risks linked to unlicensed financial marketing. By operating under an authorized structure, you gain legal certainty and clear guidance on how to conduct compliant activities in the UAE market.

5. Alignment with International Standards

The SCA framework is aligned with global financial governance standards, including the OECD and FATF principles. Licensed firms benefit from being recognized as compliant with international norms which is an essential factor when expanding into regional or cross-border partnerships.

6. Sustainable Business Growth

 By building a regulated structure from the start, your firm can scale confidently knowing its operations meet regulatory expectations and can adapt to future compliance developments.

An SCA license lays the foundation for long-term growth, reputation, and business continuity.

A FINAL CONSIDERATION

 The SCA Category 5 License is more than a regulatory requirement.  It is a strategic asset that builds trust, enables growth, and enhances access to the UAE’s thriving financial markets.

Whether you’re an international firm entering the UAE or a local business seeking to expand,

FiveComply ensures your licensing journey is seamless, transparent, and compliant every step of the way.

HOW WE CAN HELP

At FiveComply, we provide end-to-end support to help firms obtain their SCA authorization smoothly and with confidence. Obtain your license with confidence through our tailored approach, which includes A-to-Z guidance throughout the licensing process, ongoing compliance support, and internal audit services to ensure continued regulatory alignment.

Our goal is to ensure that every licensing project is completed accurately, meets all regulatory requirements, and supports each client’s firm’s long-term operations in the UAE.

Book a consultation with our team today for actionable guidance and a streamlined path to securing your SCA Category 5 license.

On 5 September 2025, the Cyprus Securities and Exchange Commission (CySEC) issued Regulatory Administrative Act (RAA) 270/2025, amending its National Product Intervention Measures (NPIMs) on Contracts for Difference (CFDs). The move reflects CySEC’s ongoing focus on investor protection, market stability, and alignment with EU supervisory standards.

1. New CFD Leverage Restriction:

The amendment revises Annex I of Directive DI87-09 and introduces a 10% initial margin requirement (1:10 leverage) for CFDs where the underlying is:

• Any commodity, and
• Any stock index not expressly listed in the 1:20 leverage category (i.e. gold and major equity indices such as FTSE 100, DAX, S&P 500, etc.).

In practice, this ensures that all unlisted or exotic commodities and indices will now fall under the 1:10 leverage cap.

1. Background (2019–2025 Framework):

Since 2019, CySEC has imposed permanent limits on CFD leverage for retail clients, aligned with ESMA’s measures:

• 1:30 – Major FX pairs
• 1:20 – Non-major FX pairs, gold, and major indices
• 1:10 – Other commodities and non-major indices
• 1:5 – Individual equities and other reference values
• 1:2 – Cryptocurrencies

The new amendment closes gaps by ensuring that any product outside the 1:20 category now defaults to 1:10 leverage, reducing scope for regulatory arbitrage.

While commodities (other than gold) and non-major indices were already capped at 1:10, there was scope for interpretation regarding new or unlisted products.

1. Wider Regulatory Developments

Alongside the CFD amendment, CySEC continues to expand its supervisory agenda:

• Sanctions enforcement: A new framework strengthens compliance with EU and UN sanctions, including the creation of the National Sanctions Implementation Unit under the Ministry of Finance. Regulated firms must enhance monitoring, reporting, and internal controls.
• Capital adequacy: From early 2025, CySEC will apply EBA guidelines on the group capital test under the Investment Firms Regulation (IFR), clarifying requirements on capital, risk management, and governance. Low-risk firms may apply for reduced capital requirements, though CySEC retains the right to revoke permissions if conditions change.
• Forward-looking priorities: CySEC has signalled its focus on digital transformation, enforcement of upcoming MiCA (crypto-assets) and DORA (digital resilience) frameworks, and improving supervisory capacity. For 2025, its budget of €17.5 million will fund increased staffing and technology investments.

1. What Investment Firms Shall Do

• CFD brokers: Adjust margin settings, review product catalogues, and update client agreements, risk warnings, and marketing communications to reflect the new leverage rules.
• All regulated firms: Ensure sanctions compliance frameworks are up to date and prepare for capital adequacy changes under the EBA guidelines.
• Compliance teams: Reinforce monitoring and staff training to align with CySEC’s stricter supervisory approach.

Although the amendment does not overhaul leverage rules, it represents a tightening of scope. By closing definitional gaps, CySEC has made clear that any retail CFD product not explicitly listed under higher categories will be restricted to 1:10 leverage.

This move signals CySEC’s intent to limit regulatory arbitrage and reinforce its reputation as a regulator aligned with the EU’s strictest investor protection standards.

How We Can Help

If your firm requires assistance in reviewing product offerings, updating margin settings, or aligning compliance documentation with the new directive, please contact our team of experts.

FiveComply can support you in navigating CySEC’s evolving regulatory framework.

The UAE is one of the first countries to establish a dedicated regulator for virtual assets, providing legal clarity, investor protection, and regulatory innovation in a rapidly evolving industry. Dubai has rapidly become a global hub for virtual assets and blockchain innovation and at the center of this ecosystem is the Virtual Assets Regulatory Authority (VARA).

What Is VARA?

Established under Law No. (4) of 2022 Regulating Virtual Assets in the Emirate of Dubai (Dubai VA Law), VARA is the regulatory authority responsible for overseeing Virtual Assets (VAs) and Virtual Asset Service Providers (VASPs) in Dubai (excluding the DIFC, a separate financial free zone in Dubai, that is regulated by the Dubai Financial Services Authority (DFSA)). Its mandate is to provide a clear, progressive framework to govern and enable the responsible growth of the virtual asset economy. As part of its strategic goals, VARA aims to position Dubai as a global hub for virtual assets, promote innovation and investment, and ensure strong regulatory protections for market participants.

What Is a VASP Licence?

Any firm seeking to carry on Virtual Asset activities in or from Dubai (excluding DIFC) has a legal obligation to be licensed by VARA prior to commencing operations. This includes businesses involved in:

• Virtual Asset Platform operation and management services.
• Exchange between Virtual Assets and national or foreign currencies.
• Services for the exchange between one or more forms of Virtual Assets.
• Virtual Asset transfer services.
• Virtual Asset safekeeping, management, or control services.
• Services related to Virtual Asset Wallets.
• Services related to offering, and trading in, Virtual Tokens.

No person may carry out these activities without obtaining a permit from VARA, issued according to applicable legislation and procedures. Businesses must be legally established in Dubai, in an approved legal form, and must secure VARA’s approvals before proceeding with commercial licensing. All activities must comply with the requirements and regulations specified in the permit.

Key Steps to Obtain a VARA VASP Licence

Applying for a VASP Licence is completed in two stages: First, application for an Approval to Incorporate (“ATI”) to establish a legal entity and to commence operational setup, then an application for VASP Licence.

Step 1: Initial Disclosure and Business Setup

• Submit the Initial Disclosure Questionnaire (IDQ) to Dubai Economy & Tourism (DET) or the relevant Free Zone authority.
• Provide required documents, including your business plan and details of beneficial owners and senior management.
• Pay initial fees (usually 50% of the licence application fee).
• Receive Approval to Incorporate (ATI), allowing you to complete your company’s legal incorporation and operational setup (office, employees, etc.).

Note: At this stage, your firm is not permitted to conduct virtual asset activities. VARA may withhold ATI if your business falls outside the regulatory scope or does not meet standards.

Step 2: Full VASP Licence Application

To apply for a Category 5 license, businesses must meet specific regulatory and operational requirements set by the SCA

• After obtaining ATI, prepare and submit your full VASP licence application to VARA with the necessary documentation as guided.
• Engage with VARA during their review process, which may involve meetings, interviews, and additional document requests.
• Pay the remaining licence fees and the first year’s supervision fees.
• Upon successful review, receive your VASP Licence, which may include operational conditions to comply with.

Once you’ve obtained your VARA licence, your firm must operate strictly within the scope of the approved permit. Ongoing compliance with VARA’s regulatory framework including reporting, disclosures, and supervision requirements is mandatory to maintain your licence in good standing.

Paid-Up Capital Requirements Under VARA

To ensure financial stability, operational resilience, and protection to clients, ensuring the long-term integrity of Dubai’s virtual assets ecosystem, Virtual Asset Service Providers (VASPs) licensed by VARA are required to maintain specific levels of Paid-Up Capital. These requirements vary depending on the type of virtual asset activity a firm undertakes ranging from AED 100,000 for advisory services to up to AED 1.5 million for exchange services. In some cases, the capital threshold is calculated as a percentage of the VASP’s fixed annual overheads, whichever is higher.

If a VASP is licensed for multiple activities, it must maintain separate Paid-Up Capital for each, based on the overheads specific to that activity. All Paid-Up Capital must be reconciled monthly and held in a secure manner, such as a UAE bank trust account naming VARA as the beneficiary, a surety bond, or another method approved by VARA.

How FiveComply Can Help:

FiveComply can help you navigate the full licensing lifecycle, —from application to approval—  and support your business with ongoing compliance and regulatory guidance, ensuring you remain fully aligned with VARA’s expectations and Dubai’s regulatory standards.

We can assist you with:

• Business Setup & Documentation: Supporting Free Zone incorporation, preparing required documents, and guiding you through the entire application process.
• VASP Licensing Strategy: Structuring your application and compliance approach to align with VARA’s detailed licensing requirements.
• Ongoing Regulatory Support: Providing continued assistance with compliance obligations, VARA communications, and evolving reporting requirements.

Book a consultation with our team today for actionable guidance and a streamlined path to securing your VASP licence in the UAE.

FiveComply is a global consultancy group with local presence in Cyprus, Dubai, Seychelles and Mauritius, specialising in international licensing, setting up corporate/group structures, and operations of Investment Firms, Crypto Asset Service Providers, E-Gaming, Payment Institutions / EMIs and Investment Funds with a specific focus on regulatory compliance matters. FiveComply Group provides comprehensive solutions in forex, crypto, EMI and fund licensing across various offshore and European jurisdictions.

In this interview, we will hear from Gabriel Styllas, the CEO of FiveComply Group, as he provides valuable insights into the UAE Securities and Commodities Authority (SCA) License. We will explore its key characteristics and discuss the growing popularity of the UAE SCA license in today’s financial landscape.

Q1: Why FiveComply decided to expand in Dubai?

FiveComply Group has been among the market leaders in the licensing and regulatory compliance sector for over 20 years, providing clients with tailored roadmaps to navigate the best jurisdictions for their licensing needs. We assist our clients not only in obtaining licenses but also in establishing efficient organizational structures.

We consider the UAE Securities and Commodities Authority (SCA) as a highly credible regulatory body, and we believe that the UAE SCA license is the most suitable option for brokers aiming to serve clients in the UAE. Given the significant demand for the UAE SCA license, we made the strategic decision to invest in the region by establishing FiveComply offices. This expansion allows us to better assist our clients who are interested in obtaining the UAE SCA license.

Q2: How can you acquire a license in the UAE Under SCA Regulations via FiveComply?

The Securities and Commodities Authority (SCA) is the primary financial regulatory body in the UAE, responsible for overseeing the securities, commodities, and financial services sectors. Established to enhance market transparency and investor confidence, the SCA enforces strict compliance with international financial standards. Its role includes licensing and supervising financial service providers, setting regulatory frameworks, and ensuring adherence to Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) requirements.

As the UAE continues to solidify its position as a global financial hub, the SCA plays a crucial role in fostering a stable and competitive investment landscape. Financial service providers looking to operate in the country must obtain an appropriate license from the SCA, ensuring compliance with regulatory requirements tailored to different financial activities.

FiveComply assists clients in acquiring their SCA Licence. Our team reviews and advises on the corporate structure, the proposed directors and shareholders CVs and KYC/DD documentation and prepares all the manuals and the Company’s Business Plan according to each client’s business model. Once the application is submitted to the SCA for examination, FiveComply responds to all the queries raised with the SCA and follows-up on a constant basis to ensure a smooth and prompt coordination in regard to each application.

Q3: What are the different SCA License Categories?

SCA offers different licensing categories depending on the nature of financial services. These include:

1. Category 1 – Dealing in Investments as Principal: Covers firms engaged in proprietary trading and investment activities.
2. Category 2 – Dealing in Investments as Agent: Suitable for firms facilitating transactions between buyers and sellers without taking principal risk.
3. Category 3 – Asset Management: Designed for firms managing investment portfolios on behalf of clients.
4. Category 4 – Custody: Encompasses firms responsible for safekeeping and administration of financial instruments.
5. Category 5 – Arranging and Advice: Focuses on financial consulting, advisory, and promotional activities without direct handling of client funds.

Each category has distinct requirements related to capital, compliance, and operational structure, ensuring that financial services in the UAE adhere to global standards.

Q4: Why Is Category 5 Important for Financial Service Providers?

Securing a Category 5 license under SCA offers significant advantages, such as:

• Regulatory Credibility: Operating under SCA regulation enhances trust and transparency, making firms more attractive to investors.
• Market Access: Enables firms to provide financial consulting and advisory services within the UAE’s expanding financial sector.
• Investor Protection: Ensures compliance with Anti-Money Laundering (AML) and Countering Financing of Terrorism (CFT) regulations, strengthening the financial ecosystem.
• Business Growth: Firms can establish themselves as reputable financial consultants, helping clients navigate investment opportunities.

Q5: What Are the Requirements to Apply for an SCA Category 5 License?

To apply for a Category 5 license, businesses must meet specific regulatory and operational requirements set by the SCA:

1. Legal Entity Establishment: The applicant must be incorporated in the UAE, either as a local entity or within a recognized free zone, provided the free zone law permits such activity.
2. Qualified Management Team: The firm must appoint:
   • A Head or Manager of the Category
   • A Head of Compliance

1. Physical Office Presence: A fully operational office within the UAE is mandatory, with local staff hired to manage key functions such as compliance, risk management, and operations.

1. Minimum Capital Requirements:
   • The paid-up capital must be no less than AED 500,000.

1. Compliance with AML & CFT Regulations: Firms must implement stringent AML/CFT policies, conduct customer due diligence, and report suspicious transactions to regulatory authorities.

1. Technology and Security Standards: Firms must ensure their platforms have robust cybersecurity measures, data protection policies, and secure transaction processing systems.

Q6: What Services Can a Licensed Financial Service Provider Offer?

Under the SCA’s regulatory framework, a licensed financial service provider under Category 5 may offer a variety of services, depending on the scope of their license. These services include:

• Financial Consulting
• Financial Advisory (Issuance Manager)
• Listing Advisory
• Introducing
• Promotion

Q7: Focusing on Promotion and Introduction Services

Among the available services under Category 5, Promotion and Introduction are the most common choices for companies due to their significant role in financial services expansion and client acquisition.

1. Promotion: This activity involves marketing and promoting financial products or investment opportunities to potential clients. Firms engaging in promotion act as intermediaries, ensuring that financial products reach the right investors while adhering to regulatory guidelines. Companies focusing on promotion must appoint a Promotion Manager to oversee compliance and strategic outreach.
2. Introduction: This service allows firms to introduce clients to financial institutions, investment firms, or other financial service providers. Unlike advisory services, firms conducting introductions do not provide direct financial guidance but facilitate connections between potential investors and service providers. No specific job title is mandated for this role, offering firms flexibility in structuring their operations.

Q8: How Long Does the Licensing Process Take?

The SCA licensing process typically takes 4-6 months, depending on the completeness of the application and compliance with regulatory requirements. The application process includes:

1. Pre-Application Consultation: Meeting with the SCA to discuss business models and regulatory expectations.
2. Submission of Application: Providing detailed business plans, compliance policies, and financial documentation.
3. Regulatory Review: The SCA assesses the application, including a due diligence review of company directors and key stakeholders.
4. Approval and Licensing: Upon successful evaluation, the applicant is granted an SCA Category 5 license to operate as a financial consulting and advisory provider.

Q9: The Future of Financial Consulting Regulations in the UAE

The UAE has positioned itself as a global leader in financial services and investment advisory. With regulations evolving rapidly, businesses operating in the sector must remain vigilant and adaptable to new compliance requirements. The regulatory acceptance of financial consulting services is a strong indicator of the government’s commitment to fostering a secure and innovative financial environment.

Q10: How FiveComply can Assist in Obtaining an SCA Financial Consulting and Advisory License?

Our team specializes in regulatory compliance and licensing for financial service providers in the UAE. We offer end-to-end support, including:

• Guidance on SCA licensing requirements and business structuring.
• Preparation and submission of regulatory applications.
• AML and compliance framework implementation.
• Ongoing compliance monitoring and reporting support.

If you are considering establishing a financial consulting or advisory business in the UAE, reach out to us for expert assistance in navigating the SCA’s licensing process and regulatory framework.

You can reach us at info@fivecomply.com for any information you might need, we are happy to provide further information, arrange a call or a face-to-face meeting!

On 28^th February 2025, the Financial Services Authority (FSA) Seychelles released Circular No. 3 of 2025, delivering important updates for Securities Dealers offering Contracts for Differences (CFDs) with Cryptocurrencies as underlying assets. With the world of digital finance rapidly evolving, staying ahead of regulatory shifts is more important than ever.

Under section 8 of Schedule 1 of the Securities Act, 2007, it is stated that ‘property of any description’ may serve as an underlying asset for CFDs, thereby permitting Virtual Assets to be included without requiring further legislative amendments.

FSA Key Statistics

• 190 Securities Dealers currently licensed in Seychelles.
• 187 licensees have been approved to offer CFDs under Schedule 1 of the Securities Act, 2007, covering a range of underlying assets, including but not limited to commodities, indices, forex, equities and cryptos.
• 105 entities (56%) are actively offering CFDs on Virtual Assets / Cryptocurrencies.

Determination on CFDS on Virtual Assets

The FSA has clarified that, CFDs involving Virtual Assets do not fall under the definition of Virtual Asset Services, as outlined in the Virtual Asset Service Providers Act, which was introduced in late 2024, as they do not involve the actual exchange, custody or transfer of ownership of Virtual Assets.  According to the FSA, CFDs on Cryptos are to be regulated as standard CFD products under the Securities Act 2007, not as virtual asset services under the Virtual Asset Services Providers Act. This formal confirmation aligns with the approach previously followed by the FSA but now has been officially confirmed in writing through this Circular.

Why?

• Traders do not own the actual Virtual Assets; they only speculate on price fluctuations.
• CFDs are traded on platforms and not via blockchain, like traditional crypto-trading.
• There is no actual exchange of Virtual Assets, just a financial contract.

Expectations of the Authority

The FSA expects all licensees to adhere to the following measures:

• Securities Dealers must conduct suitability tests to ensure traders have the necessary experience and financial knowledge to engage in CFD trading, ensuring responsible market participation.
• All promotional material must clearly outline the risks associated with CFDs on Virtual Assets, particularly their high volatility and potential financial losses. Risk warnings must be prominent and easily accessible to traders.
• Securities Dealer Licensees must avoid misleading promotions and ensure that their advertising efforts do not inappropriately target retail investors who may lack sufficient knowledge of CFD trading risks.
• Licensees must maintain detailed records of client onboarding, suitability assessments, risk disclosures and trading activities. These records must be readily available for regulatory scrutiny and potential audits by the FSA to ensure compliance with financial regulations. These records must demonstrate compliance with suitability assessments, client classification and risk disclosures.

In today’s rapidly changing regulatory landscape, entities that prioritise compliance as a strategic asset are set to excel. Staying ahead means ensuring proper licensing, implementing robust internal policies, and building strong risk mitigation frameworks—these are not just necessities, but your keys to long-term success. Make compliance your advantage and thrive in the future.

At FiveComply, our local presence in Seychelles and our team of experts specialising in Seychelles licensing and compliance are perfectly positioned to provide comprehensive A-Z solutions. Whether you are applying for a new license or require support with setup and operations, our dedicated team is ready to assist you every step of the way.

The Financial Services Authority (FSA) of Seychelles has issued Circular No. 1 of 2025, to notify licensees that the Securities (Amendment) Act, 2024, which was assented on December 13, 2024, along with the following regulations enacted by the Minister of Finance on December 30, 2024, have come into effect as of January 1, 2025:

• Securities (Forms and Fees) (Amendment of Second Schedule) Regulations
• Securities (Conduct of Business) (Amendment) Regulations
• Securities (Advertisement) (Amendment) Regulations
• Securities (Financial Statements) (Amendment) Regulations

In addition, the latest revisions to licensing fees and compliance regulations which have been clarified in the Circular No. 1 of 2025, published on 13 January 2025, bring significant changes to existing and new Licensees. The updated guidelines introduce a revised structure for both annual license fees and perpetual licensing. As part of these changes, the introduction of a new regime requires the payment of fees and submission of a compliance certificate by January 31^st each year, starting from 2025.

Please see below a summary of the new amendments:

A. Revised Annual License Fees & Perpetual Licensing

Annual license fees have been revised as part of the new framework. Alongside this, the introduction of a perpetual licensing regime means that existing licensees must now make payments and submit a compliance certificate annually by the 31^st of January each year to renew their licenses on time. The first deadline is set for January 31^st, 2025.

B. Pro Rata Adjustments for 2025

In a one-time adjustment for 2025, licensees will see a pro rata calculation of their annual license fees. For all existing licensees, this calculation will be done in accordance with the month of expiration of the current license. This adjustment ensures fairness and accuracy in how fees are applied.

As such, a relevant table has been published by the FSA as follows:

C. Payment Structure for New Licensees

For new licensees, those who are issued a license after the first quarter of 2025 will follow a quarterly pro rata fee structure. This structure will take into account the quarter in which the license is granted and apply the fees accordingly.

As such, a relevant table has been published by the FSA as follows:

D. Compliance Deadlines for License Holders

For license holders who were issued their licenses before 2025, full compliance with the updated Act and regulations—excluding the changes regarding fees and perpetual licensing—is required by June 30, 2026.

E. Fees for 2026

It is noted that effective from 2026, the renewal fees for all SDL and SDRL licenses will be USD 6,000 and USD 750 respectively. Payment of these fees and renewal of the Licences will be due by January 31, 2026 for all Licensees.

F. Next Steps for Licensees

To fully understand the impact of these changes, licensees are encouraged to review the legislative amendments, detailed circular and fee tables, which are available on the official FSA website https://fsaseychelles.sc/legal-framework/legislations.

At FiveComply, we are dedicated to helping you stay ahead of regulatory changes and ensuring that your operations remain fully compliant. Our tailored compliance solutions are designed to integrate seamlessly into your business, providing you with the confidence to focus on your core activities.

If you have any questions or need assistance in understanding how these changes affect your operations, don’t hesitate to reach out to us. We are here to guide you through these updates and provide the support you need to maintain full compliance with the new regulations.

The Consolidated Directive for the Prevention and Suppression of Money Laundering and Terrorist Financing for Crypto Asset Service Providers (CASPs) integrates key provisions from R.A.D. 269/2021, R.A.D. 384/2021, and R.A.D. 343/2023. It establishes a robust framework to regulate and oversee CASPs in Cyprus, ensuring compliance with anti-money laundering (AML) and counter-terrorism financing (CTF) laws while harmonizing with EU directives.

Key Features of the Directive

1. Registration of CASPs

The directive mandates that CASPs must register with the Cyprus Securities and Exchange Commission (CySEC). The CASP Register provides transparency and public accessibility, listing key details such as:

• The CASP’s name, trade name, legal form, and physical address.
• The services and activities offered.
• The CASP’s website information.

2. Registration Conditions

CySEC evaluates CASPs based on rigorous criteria before approving registration:

• Integrity and Competence: Management must demonstrate good reputation, skills, and technical expertise. This includes no history of criminal activity or administrative sanctions.
• Financial Stability: CASPs must maintain sufficient financial soundness to ensure operational sustainability.
• Operational Independence: CASPs must operate through a dedicated, CASP-owned website unless specific risk assessments are conducted.
• Organizational Requirements: Proper governance, internal controls, and security measures must be in place to safeguard client assets and data.

3. Capital Requirements

The directive outlines tiered capital adequacy standards based on the services provided:

• Class 1: Investment advice requires initial capital of €50,000.
• Class 2: Activities like execution of orders or crypto-to-fiat exchanges require €125,000.
• Class 3: Comprehensive services, including custody and multilateral trading systems, require €150,000.

CASPs must also maintain funds equivalent to at least one-quarter of their fixed overheads from the previous financial year.

4. Changes and Deregistration

• Material Changes: CASPs must notify CySEC of any significant changes, such as new management, website updates, or expanded service offerings.
• Deregistration: CASPs intending to cease operations must submit a detailed six-month action plan, including client communication, fund returns, and resolution of complaints.

CySEC can also suspend or remove CASPs from the register for non-compliance, inactivity, or providing false information.

5. Organizational and Operational Requirements

The directive emphasizes robust internal systems:

• Conflict of Interest Policies: CASPs must manage potential conflicts between their operations and client interests.
• Client Communications: Information provided must be accurate, clear, and not misleading, enabling informed decision-making.
• Security and Record-Keeping: Comprehensive records of all activities and effective data protection mechanisms are mandatory.

6. Compliance and Reporting

CASPs must ensure ongoing compliance through:

• Anti-money laundering policies in line with the Prevention and Suppression of Money Laundering and Terrorist Financing Law.
• Appropriate safeguards to prevent theft or loss of client crypto assets.

7. Fees and Charges

Registration and operational fees include:

• €10,000 for initial registration.
• €5,000 annual renewal fee.
• Additional charges for material change notifications.

8. Final Provisions and Timeline

The directive includes transitional arrangements for capital adequacy:

• 30% compliance by January 2022.
• 60% compliance by January 2023.
• Full compliance by January 2024.

How We Can Help

Navigating the regulatory framework for Crypto Asset Service Providers (CASPs) can be complex and challenging. Our team of regulatory compliance experts specializes in providing tailored solutions for businesses in the crypto-asset sector, ensuring compliance with CySEC’s directives and the evolving regulatory landscape.

We offer comprehensive support, including:

• CASP Registration and Application Support: Assisting with the preparation and submission of complete registration applications, including guidance on meeting CySEC’s rigorous registration requirements.
• Compliance Framework Development: Designing robust internal controls, governance policies, and AML procedures to meet operational and organizational standards outlined in the directives.
• Ongoing Compliance and Reporting Assistance: Providing continuous guidance on reporting obligations, material change notifications, and interaction with CySEC.

Ensure your business stays compliant and ahead of regulatory changes. Contact our team today to develop a customized compliance strategy and secure your position in the growing crypto-asset market.

On December 13, 2024, the Cyprus Securities and Exchange Commission (CySEC) released the Policy Statement (PS-03-2024) on the fees payable and information required for entities falling under the scope of the Markets in Crypto-Assets Regulation (MiCAR). This publication follows the consultation period where CySEC engaged with stakeholders in the crypto-asset sector, ensuring that the final approach reflects industry insights and addresses key concerns. This detailed Policy Statement establishes a clear framework for businesses operating with crypto-assets in Cyprus, especially those dealing with Asset-Referenced Tokens (ARTs), E-Money Tokens (EMTs), and other crypto-assets not falling under the ART or EMT categories.

 MiCAR, which came into force in the European Union on 31 May 2023, aims to create a harmonized legal framework for crypto-assets, enhancing regulatory clarity and reducing risks in the crypto-asset market. The regulation focuses on ensuring transparency, investor protection, and market integrity in relation to three main categories of crypto-assets:

1. Asset-Referenced Tokens (ARTs): Often referred to as stablecoins, ARTs are designed to maintain a stable value by referencing other assets, such as fiat currencies or commodities.
2. E-Money Tokens (EMTs): These are crypto-assets that maintain a stable value by referencing a single fiat currency, and they are similar to electronic money.
3. Other Crypto-Assets: This category includes all crypto-assets not classified as ARTs or EMTs, providing a residual category for diverse digital assets.

Entities engaging in the issuance, offer, or provision of services related to these crypto-assets in the EU are subject to MiCAR’s provisions. These businesses range from issuers of crypto-assets to Crypto-Asset Service Providers (CASPs), each of which is required to meet strict regulatory standards.

Key Components of the Policy Statement

1. Fee Structure for Entities under MiCAR

 The Policy Statement establishes a comprehensive fee structure for entities regulated under MiCAR, focusing on the following categories:

• Notification and Modification Fees: Entities seeking to notify CySEC of a crypto-asset white paper, or modifications to such papers, will be subject to specific fees:
  • €1,000 for the notification of a new white paper.
  • €500 for the notification of a modified white paper. These fees apply to crypto-assets other than ARTs and EMTs, and stakeholders have supported these amounts as fair and aligned with industry standards.
• Annual Fees: Entities under MiCAR, including offerors and persons seeking admission to trading of crypto-assets (excluding ARTs and EMTs), will pay an annual supervision fee of €5,000, which will be due each November 30. For entities operating less than 12 months, the fee will be prorated.
• Specialized Fees for ARTs and EMTs: Issuers of ARTs and those seeking admission to trading will face application and assessment fees, which vary depending on the type of ART and its specific requirements. For example:
  • Application for Authorisation to Offer ARTs: €15,000.
  • Assessment of Plan for ART Issuers: €10,000 (required when thresholds for ART transactions are exceeded).
  • Annual Fee for ART Issuers: €20,000 flat fee plus a variable fee based on the value of the reserve of assets held by the issuer.
• CASP Fees: Crypto-Asset Service Providers (CASPs) are subject to fees related to the application for authorisation, notifications of changes, and annual supervision. Notably, the annual supervisory fee for CASPs is based on the type of services they provide. For example:
  • Custody and administration of crypto-assets: €10,000 annually.
  • Operation of a trading platform: €20,000 annually.
  • Exchange services and portfolio management: €5,000–€8,000 annually.

Additionally, a variable component will apply based on the turnover from crypto-asset services, with a cap of €500,000 annually.

2. Reporting Requirements and Information Submission

 Alongside the fees, the Policy Statement outlines critical reporting obligations for entities under MiCAR. The reporting structure is designed to maintain transparency and ensure ongoing regulatory compliance. Notable reporting requirements include:

• Notification of Changes: Entities must notify CySEC of various changes, such as modifications to their white papers, changes to management bodies, key function holders, and any discontinuation plans. These notifications must be submitted promptly to ensure compliance with MiCAR’s governance standards.
• Annual Audits and Submissions: Issuers of ARTs and EMTs, as well as CASPs, are required to submit annual audited financial statements. These audits will form the basis for calculating certain fees, particularly the variable component for CASPs, based on their financial turnover. Additionally, ART issuers must submit an annual report on the reserve of assets they hold to ensure compliance with MiCAR’s liquidity requirements.
• Discontinuation and Recovery Plans: Issuers of ARTs are required to submit plans for the discontinuation of services or recovery plans in case of financial distress. These plans ensure that the issuer is prepared for all eventualities and that investor protection remains a priority.

3. Consultation Feedback and CySEC’s Response

CySEC’s final Policy Statement reflects the feedback received during the consultation period. In response to concerns raised by stakeholders, CySEC introduced a cap on the annual fees for CASPs, set at €500,000, providing businesses with more predictability regarding their regulatory costs. Furthermore, CySEC clarified the methodology for calculating the turnover component of the fees, which is based solely on revenue generated from crypto-asset services to avoid double-charging for services under different regulatory frameworks.

CySEC also clarified the process for entities that are currently operating under national regulations but intend to transition to MiCAR’s framework. These businesses will need to undergo full authorisation procedures to continue their operations once the MiCAR regime is fully implemented. Additionally, the MiCAR framework introduces several new definitions and obligations for CASPs, including the necessity to submit detailed assessments of the suitability of their management bodies.

4. Next Steps and Implementation Timeline

Entities affected by MiCAR are encouraged to begin their applications and submit notifications to CySEC as soon as possible. CySEC has also highlighted the importance of monitoring future publications by the European Securities and Markets Authority (ESMA) and the European Banking Authority (EBA), as these will further elaborate on the technical standards and guidelines for MiCAR’s implementation.

In particular, CySEC reminds entities that the regulation on the information accompanying transfers of funds and certain crypto-assets, which becomes applicable on December 30, 2024, must also be adhered to, particularly by CASPs operating during the grandfathering period of MiCAR’s transitional phase.

How FiveComply Can Help:

 At FiveComply, we specialize in guiding businesses through the complex regulatory landscape of the financial and crypto-asset sectors. Our team of regulatory and compliance experts is equipped with the knowledge and experience to help your company navigate the evolving MiCAR framework, ensuring full compliance with CySEC’s new policies and reporting requirements.

We can assist you with:

• MiCAR Compliance Strategy: Tailoring a compliance plan that aligns with MiCAR’s detailed regulatory requirements.
• Application and Fee Guidance: Helping you understand the fee structure and supporting you through the application process for authorizations.
• Ongoing Regulatory Support: Providing continuous guidance on reporting, notifications, and submissions to CySEC.

Book an appointment with our experts today to get personalized, actionable insights and ensure your business stays ahead of regulatory changes in the crypto-asset industry.

As the financial industry continues to evolve, staying compliant with regulations is more critical than ever. At FiveComply, we specialize in providing comprehensive compliance support tailored to your business needs. On the 6^th of August 2024, the Cyprus Securities and Exchange Commission (CySEC) issued a significant Policy Statement (PS-01-2024) aimed at enhancing the onboarding process for non-face-to-face (NFTF) customers. This new regulation highlights the importance of using innovative electronic methods to ensure robust customer due diligence (CDD).

Understanding the CySEC Policy Statement:

The newly issued Policy Statement by CySEC addresses the challenges and opportunities associated with remote customer onboarding. The policy, which takes into account the European Banking Authority (EBA) Guidelines and other regulatory frameworks, emphasizes the need for a risk-sensitive approach when adopting Remote Customer Onboarding Solutions (RCOS).

Key aspects of the policy include:

1. Technology-Neutral Approach: CySEC supports a technology-neutral approach, encouraging Obliged Entities (OEs) to incorporate RCOS without bias toward specific technologies. This allows businesses to choose the most suitable solutions that align with their compliance strategies.
2. Comprehensive Risk Assessment: Prior to implementing RCOS, entities are required to conduct a thorough risk assessment. This assessment ensures that the chosen solutions effectively mitigate risks associated with money laundering and terrorist financing.
3. Regulatory Notification: Entities must notify CySEC of their intent to integrate RCOS into their NFTF onboarding processes. This notification, along with a standardized attestation from responsible persons, demonstrates a commitment to regulatory compliances.
4. Limitations on Transactions: A risk-based approach necessitates setting explicit limits on assets and transaction sizes during remote onboarding. This helps in maintaining control over potential risks and ensuring that due diligence measures are adequately applied.
5. Identity Verification Procedures: The policy outlines stringent requirements for electronic NFTF identification, including the use of dynamic selfies or video calls. All verification must occur through a single device to enhance security and authenticity.
6. Revised electronic NFTF Customer Identification procedure: CySEC emphasizes the need for accuracy and authenticity in verifying identification documents and specifies that entities should use official sources, highlighting PRADO as a trusted and reliable database. The use of PRADO is recommended because it provides a centralized repository of authentic identity documents recognized across Europe, ensuring that investment firms can verify documents vetted and considered valid by regulatory authorities.

The Importance of Compliance in Digital Onboarding:

The shift towards digital onboarding brings both convenience and challenges. While innovative technologies offer seamless customer experiences, they also necessitate a heightened focus on compliance to prevent financial crimes. The CySEC guidelines serve as a crucial framework to guide entities in integrating effective remote onboarding solutions that adhere to regulatory standards.

How FiveComply Can Help:

At FiveComply, we offer specialized compliance support services to help your business navigate the complexities of the CySEC policy and other regulatory requirements. Our team of experienced consultants provides tailored solutions to ensure your onboarding processes are compliant, efficient, and secure.

Navigating the complexities of compliance in the digital age can be challenging. However, with the right guidance and support, your business can stay ahead of regulatory requirements and maintain a competitive edge. FiveComply is here to assist you every step of the way, ensuring that your compliance processes are both effective and efficient.

In a significant step to combat financial crime, the European Union has introduced a comprehensive set of regulations designed to enhance its anti-money laundering (AML) and counter-terrorism financing (CFT) efforts. Published on June 19, 2024, this reform package marks a turning point in the EU’s approach to tackling money laundering and terrorism financing. For financial institutions and compliance professionals, understanding these regulations and preparing for their implementation will be critical to ensuring compliance and safeguarding operations.

Overview of the New EU AML/CFT Framework:
The new AML/CFT package is designed to address the complex challenges of money laundering and terrorism financing by establishing a cohesive and unified regulatory environment across all EU member states. The package comprises three key legislative components:

1. The Sixth Anti-Money Laundering Directive (MLD6)
2. The EU “Single Rulebook” Regulation
3. The Anti-Money Laundering Authority Regulation (AMLA)

These components collectively aim to eliminate inconsistencies and loopholes in the current system, enhance transparency, and improve collaboration among EU member states.

1. The Sixth Anti-Money Laundering Directive (MLD6)

The Sixth Anti-Money Laundering Directive represents a significant advancement in the EU’s regulatory arsenal, introducing several critical features aimed at enhancing financial transparency and accountability:

• Increased Transparency: The directive mandates enhanced transparency for financial transactions by requiring financial institutions to maintain detailed records that allow for traceability and verification of all transactions. This increased transparency is expected to deter criminal activities by closing existing loopholes.
• Sector-Specific Risk Management: MLD6 implements a risk-based approach, allowing institutions to tailor their AML efforts based on the specific risk profiles of different sectors. This approach ensures that resources are allocated effectively, focusing on high-risk areas to prevent potential financial crimes.
• Technological Integration: The directive embraces technological advancements, such as blockchain and digital identities, to streamline the verification process and improve transaction tracking. By integrating these technologies, financial institutions can enhance their AML capabilities and better detect suspicious activities.
• Strengthened International Collaboration: Recognizing the global nature of financial crimes, MLD6 promotes stronger collaboration between EU member states, encouraging information sharing and joint efforts to tackle cross-border money laundering and terrorist financing activities.

2. The EU “Single Rulebook” Regulation

The EU “Single Rulebook” Regulation aims to harmonize AML/CFT regulations across the EU, ensuring that all financial institutions adhere to consistent standards. This regulation addresses several crucial areas:

• Unified Standards: By establishing a single set of rules, the regulation ensures uniformity in AML/CFT measures, reducing discrepancies and loopholes that have historically existed between member states. This harmonization is crucial for creating a level playing field across the EU.
• Enhanced Supervisory Mechanisms: The regulation enhances supervisory cooperation among national authorities, including Financial Intelligence Units (FIUs), to facilitate efficient information exchange and coordination in the fight against money laundering and terrorist financing.
• Targeted Measures for High-Risk Sectors: Specific measures are introduced to address high-risk sectors, such as crypto-assets and high-value industries, ensuring that due diligence efforts are proportionate to the risks involved.
• Inclusion of Emerging Technologies: The regulation extends its scope to include new technologies and financial products, such as crypto-assets, aligning with the Markets in Crypto-Assets (MiCA) Regulation. This inclusion ensures that AML/CFT measures are up-to-date and capable of addressing modern financial threats.

3. The Anti-Money Laundering Authority Regulation (AMLA)

The creation of the Anti-Money Laundering Authority (AMLA) marks a significant step towards centralizing and enhancing the EU’s AML/CFT efforts. Key responsibilities of the AMLA include:

• Central Coordination: AMLA will act as the central body overseeing national supervisors, ensuring that EU rules are applied uniformly and preventing regulatory gaps. This centralization aims to improve the overall effectiveness of AML/CFT measures.
• Direct Oversight: AMLA will have direct supervisory authority over high-risk financial institutions and groups, enabling it to take proactive measures in identifying and mitigating risks associated with money laundering and terrorist financing.
• Facilitation of Cross-Border Cooperation: The AMLA will enhance collaboration among FIUs and other national bodies, facilitating cross-border investigations and improving information exchange to tackle complex financial crimes.

The new AML/CFT regulations introduce significant changes for financial institutions operating within the EU, requiring strategic adjustments to ensure compliance. Institutions should begin by educating their staff on these new requirements through comprehensive training programs that clarify each employee’s role in maintaining compliance. Updating internal policies and procedures is essential, especially in areas like due diligence, transaction monitoring, and customer onboarding. Conducting a compliance gap analysis can help identify deficiencies in current practices and guide necessary improvements. Additionally, institutions should focus on developing a robust compliance framework that facilitates effective collaboration with the newly established Anti-Money Laundering Authority (AMLA) and other regulatory bodies. Embracing technological advancements, such as blockchain and digital identities, will further enhance an institution’s ability to detect and prevent financial crimes. By taking these proactive measures, financial institutions can effectively mitigate risks and navigate the complexities of the evolving regulatory landscape

The application of the new AML/CFT regulations will be gradual. The AML Regulation will become effective on July 10, 2027, while member states will have varying timeframes to transpose specific parts of the directive. The establishment of the AMLA is already underway, with full operational capabilities expected by mid-2025.

The introduction of the new EU AML/CFT package represents a significant advancement in the fight against financial crime. By creating a more cohesive and harmonized regulatory framework, the EU aims to enhance its ability to detect, prevent, and combat money laundering and terrorist financing.

Financial institutions must be proactive in adapting to these changes, ensuring that their operations align with the new regulations.

At FiveComply, we understand the complexities of navigating this evolving landscape and are committed to supporting our clients in meeting these challenges head-on. Our expert team is dedicated to helping financial institutions navigate the complexities of the new EU AML/CFT regulations.

For more information on how the new AML reforms will impact your operations and how FiveComply can assist you in preparing for these changes, please contact us. Our team is ready to support you in this new era of regulatory compliance.