The number of words is 2532 words, and the estimated reading time is 6 minutes.
Previous articleBritish Virgin Islands – Is it a good choice for virtual asset service providers? (above) explains the basic concepts in the British Virgin Islands ("BVI") Virtual Asset Service Providers Act 2022, from which readers can understand the meaning of the terms "virtual assets", "virtual asset services business", "virtual asset custody services", "virtual asset exchanges", etc. This article will introduce the basic requirements for applying to become a Virtual Asset Service Provider ("VASP") in the BVI and the subsequent obligations of VASPs. At the same time, under the Virtual Asset Service Providers Law (2022) of the Cayman Islands, it is proposed to clarify whether applying to become a VASP in the BVI is a good option in two similar offshore locations.
According to the BVI's Virtual Asset Service Providers Act 2022, entities intending to apply to become VASPs are required to provide the following information or materials:
· the names and addresses of the directors and officers of the proposed VASP;
· the names and addresses of the shareholders (including their percentage shareholding in the VASP entity);
· Name and address of the person who has "beneficial control" over the VASP;
· the physical address of the VASP in the BVI;
· the name and address of the VASP auditor and his "letter of consent to act as auditor";
· Name and address of the proposed authorized representative of the VASP (whose primary function is to act as an intermediary between the VASP and the FSC);
· Detailed business plan (see below for details);
· A written risk assessment of the VASP, outlining the risks that the VASP will face or may face and specifying how these risks will be identified, measured, assessed, monitored, controlled and reported;
· A written manual setting out how the applicant intends to comply with the requirements of the VASP Act and any regulations under the Act after being approved for registration, including how the applicant intends to protect against money laundering, terrorist financing and proliferation financing activities;
· the internal safeguards and data protection systems (including cybersecurity) to be used;
· A system on how VASP will handle customer assets, escrow relationships and complaints.
According to the guidance for the establishment of a VASP issued by the Cayman Monetary Authority (hereinafter referred to as "CIMA"), an entity to be registered as a VASP is required to provide the following documents:
· Registration application form;
· A list of the applicant's blockchain address;
· Details of all shareholders holding more than 10% of the shares, as well as a questionnaire provided by CIMA;
· Personal information (including resumes) of the CIO and the Chief Information Security Officer;
· Provide a copy of the cybersecurity policy in accordance with CIMA's guidance on cybersecurity;
· Provide a copy of the AML/CFT policy in accordance with the AMLS manual and guide;
· Detailed business plan (see below for details);
· Transaction flow chart;
· Outsourcing arrangements and content of agreements.
As can be seen from the above, whether it is a Cayman or a BVI VASP, a detailed business plan needs to be drawn up before registration. However, the two offshore requirements include different elements in the business plan.
The BVI's Virtual Asset Service Providers Act 2022 requires that a business plan must cover the following:
- State the applicant's expertise, skills and trading experience;
- the estimated cost of setting up a VASP;
- the nature, scale, scope of services of VASP, and the mode of operation and delivery of the VASP to be applied to virtual assets;
- staffing expected to be invested in VASP;
- Indicate whether there is an outsourcing plan and the management system of the enterprise;
- the marketing methods of the VASP and the intended source of business;
- the number of virtual assets that VASP intends to issue or purchase;
- Initial capital and financial development projections for the first three years of VASP's operations.
However, according to the VASP establishment guidelines issued by CIMA Cayman, a detailed business plan should state at least the following:
- ongoing or proposed trade activities;
- the types of products and services being offered or proposed to be offered and a description of how they are planned to be provided;
- The company's financial statements and financial forecasts for the past two years;
- Where virtual asset service business is carried out;
- Basic information about customers, such as the number of customers, customer location;
- Delivery channels, marketing plans, operational strategies;
- The company's governance structure, such as the composition of the board of directors and senior management;
- Staffing and organizational chart of the company;
- Contracts with affiliates and outsourcing agreements with third parties and setting out whether these contracts/agreements are regulated in other jurisdictions.
In terms of staffing, the BVI requires VASPs to appoint the following persons, all of whom are subject to approval by the Financial Services Commission prior to appointment:
· Authorised Representative;
· Auditors;
· Compliance Officer.
Section 11 of the BVI's Virtual Asset Service Providers Act 2022 also provides for the appointment of directors and officers of VASPs:
· Unless otherwise required by law, each VASP entity is required to have at least two individual directors;
· Depending on the nature of the VASP, the FSC may at any time require the VASP to have a local director who is physically resident in the BVI;
· The appointment of Directors and senior management requires the prior written consent of the Financial Services Commission.
There are no mandatory staffing requirements for VASPs in Cayman, but senior executives, trustees and anti-money laundering compliance officers need to be approved by CIMA.
As required by the BVI's Virtual Asset Service Providers Act 2022, VASPs need to register with the BVI Financial Services Commission. At the same time, in order to ensure VASP's compliance with applicable regulatory acts, VASPs must meet the following obligations, including:
· Comply with information reporting obligations with the BVI Financial Services Commission;
· Entities with significant control over VASPs may not sell or dispose of their VASP-related interests without the prior consent of the BVI Financial Services Commission;
· Proper maintenance of accounting records and accounts, such as financial records, financial statements, etc.;
· Do not disseminate false statements or make misleading material statements or promises of return;
· Identify and isolate the assets of different clients;
· Actively take protective measures to protect customer assets when customer assets are illegally interfered with and infringed;
· Establish a dedicated Compliance Officer to meet AML/CFT compliance obligations.
Article 9 of the Cayman Virtual Asset Service Providers Law (2022) sets out the general requirements that VASPs should comply with, covering the following:
· to comply with notification obligations on specific matters;
· VASP is required to provide an audit report issued by an independent auditor;
· Prepare annual accounts for review by CIMA;
· Ensure that senior management, trustees and beneficiaries are qualified persons;
· take necessary measures to protect the security of Customer's personal data and its virtual assets;
· Ensure accurate communications when providing services;
· Meet anti-money laundering, counter-terrorist financing, and non-proliferation financing compliance obligations;
· Have a registered office in Cayman;
· Appropriate documents or declarations are requested by CIMA.
It is not difficult to see that the BVI's compliance and regulatory requirements for VASP are still relatively high. In terms of information disclosure, it is required to disclose the names and addresses of VASP directors, senior management, shareholders and actual controllers. In terms of customer power, VASPs need to predict monthly trading volumes, customers' ability to use leverage, and client asset holdings. In terms of internal governance, VASP needs to introduce the operation and management specifications in detail, and the applicant needs to prove that he has the skills and professional knowledge to provide experience support and strategic guidance for the long-term and efficient operation of VASP. In compliance documents, it is necessary to prepare a written risk assessment report and develop an AML/CFT manual. Finally, it is important to ensure that entities have a robust data protection and cybersecurity framework in place to protect and custodial the virtual assets in which customers invest.
Since the BVI is a popular investment location for cryptocurrency and virtual asset projects, entities applying to become VASPs in this jurisdiction can indeed enjoy many dividends, but the high regulatory and compliance requirements of the BVI also discourage many entities who want to apply to become VASPs. Therefore, whether applying to become a VASP in the BVI is a good choice is a matter of opinion. The most important thing is to compare the explicit provisions of the law with your own actual situation and make a comprehensive judgment.
Exegesis:
[1] https://www.cima.ky/vasp-faq
