On 25 June 2021, the Cyprus Securities and Exchange Commission (CySEC) released its directive on the CASP register (CASP Directive), which forms subsidiary legislation issued under section 61E of the Cypriot Prevention and Suppression of Money Laundering Law 2007.
Furthermore, on 13 September 2021, CySEC issued a Policy Statement on the Registration and Operations of Crypto-Asset Service Providers (the “Policy”).
Please refer to the Policy here
CX Financia’s Legal and Compliance Department, following a thorough analysis of both the CASP Directive and the Policy, hereby presents a brief summary on the subject:
What are Crypto Assets?
It is a digital representation of value that is:
- Neither issued nor guaranteed by a central bank or a public authority
- It is not necessarily attached to a legally established currency and
- Does not possess a legal status of currency or money, but
- It is accepted by natural or legal persons as a means of exchange and
- Can be transferred, stored, and traded electronically, and
- It does not qualify either as fiat currency or as any of the instruments termed
- As Financial Instrument Tokens (FIT), which qualify as financial instruments under the Investment Services and Activities and Regulated Markets Law, transposing MiFID II, and,
- E-Money Tokens (EMT), which qualify as Electronic Money under the Electronic Money Law, transposing EMD.
Which business models are affected by the legislation?
The CASP registration concerns, at least, the following crypto-business models and cases:
- Cryptocurrency exchanges: the digital marketplaces where you can buy and trade cryptocurrencies, crypto-asset, altcoins, and NFTs either as crypto-to-crypto or as fiat-to-crypto and vice versa transactions (i.e. Coinbase, Binance)
- Crypto Wallet businesses and anyone that providers management, administration, transmission, transfer, retention, custodianship and safekeeping of crypto-assets or cryptographic keys or means which allow for the exercise of control in crypto-assets.
- ICO, STO, IEO, IDO
- All initial offerings, offerings and/or sale of crypto assets
- Participation and/or provision of financial services related to the distribution, offering and/or sale of crypto assets. Such financial services cover:
- Reception and transmission of orders
- Execution of orders on behalf of clients
- Dealing on own account
- Portfolio management
- Provision of investment advice
- Underwriting and/or placing of crypto assets on a firm commitment basis
- Placing of crypto assets without a firm commitment basis
- Operation of a multilateral system, where multiple third-party buying and selling trading interests in crypto assets are able to interact in the system in a way that results in a transaction.
Should my business obtain a CASP registration under CySEC?
The businesses that provide any combination of the crypto-asset activities in the table below describing the three (3) CASP classes
CASP Class |
Type of crypto-asset activity and service |
Initial Capital |
Class 1 |
CASP that provide investment advice |
50,000 EUR |
Class 2 |
CASP that provide investment advice and/or any of the following services:
|
125,000 EUR |
Class 3 |
CASP that provide investment advice and/or any of the following services:
and/or any of the following services:
|
150,000 EUR |
Registration and renewal fees for all classes |
Registration and renewal fees for all classes
|
CySEC Fees and Subscriptions
Registration and renewal fees for all classes
- 10,000 EUR for the examination of an application
- 5,000 EUR annual renewal fee from year two onwards
Any CASP established in the EEA and registered with the respective AML/CFT national supervisor must submit a notification to CySEC. This CASP must provide evidence in relation to their valid registration for each service or activity, and in cases where these services or activities are not covered by the framework that governs their CASP registration for AML and CFT purposes, an application should be submitted for registration as a CASP with CySEC.
CySEC has six (6) months to decide on the application for CASP registration.
CySEC’s requirements for CASPs
Capital requirements
CASPs need to comply with the following requirements for registration and operation:
- Initial capital adequacy and own funds. These range from 50,000 EUR to 150,000 EUR (see table above for more details)
- The own funds’ requirement for CASP is at least equal with the greater amount of the following:
- The amount of the initial capital that the respective CASP applicant is required to possess as per the CASP Classes table, or
- A quarter (1/4) of the CASP’s fixed overheads of the previous years that is based on a transitional basis, starting from:
- 30% of the ¼ of fixed expenses from 1/1/2022
- 60% of the said fixed expenses from 1/1/2023
- And finally, 100% of the said expenses from 1 January 2024 and thereafter
Other basic requirements
- Competency of directors and shareholders: UBOs, directors, and persons holding a managerial position are required to be of good repute and competency. Additionally, the financial soundness of beneficiaries with a qualifying holding in the applying crypto-assets services provider is required.
- Board composition and Staff: The CASP board must be composed of at least four directors, two of which perform executive duties and the other two being independent non-executive directors. The majority of the board need to be permanent Cyprus residents. It is also required that the persons employed possess the appropriate knowledge, experience, and competence to perform their assigned responsibilities.
- Close links: It is required to ensure that any close links existing between the applying CASP and any third parties do not impede CySEC to perform its supervisory functions.
- AML and risk management: It is of particular importance for the applying crypto-assets services provider to have in place risk management systems and adequate procedures and systems to ensure compliance with the AML Law and the related Directive
- Governance and operational arrangements: the applying CASP needs to demonstrate robust governance and business continuity arrangements, record keeping, complaint handling processes and remuneration conditions are in place
- Organisational arrangements: the proper administrative, accounting, internal control, risk assessment, and digital processing of data systems/mechanisms, protection, and confidentiality of data are required.
- Operational Functions’ outsourcing: it is required for maintaining adequate outsourcing arrangements, especially for the outsourcing of critical functions with the view of ensuring business continuity and compliance with the AML regime and the applicable legal and regulatory framework
How can we help?
We have a dedicated team on Crypto Assets regulation and compliance always ready to help you address your needs. Our stellar track record of applications to CySEC enables us to complete your CASP registration successfully.
Don’t hesitate to contact us at [email protected] to request more information and to ask our Crypto-Asset team any questions on CASP registrations