Entities that provide crypto-asset storage and transaction services are subject to requirements for accounting, custody, and recordation of ownership and related rights. Thus, issuers of crypto-assets (if the digital asset in question is classified as a security and traded on a trading venue) could be required to ensure that such securities are recorded in the accounts of authorized Central Securities Depositories (CSDs) within the meaning of Article 2(1) of Central Securities Depositories Regulation. However, the applicability of the rules on custody and book-entry of securities ownership is unclear in the context of crypto-assets.
First, the Regulatory Technical standards used for reporting and record-keeping requirements are based on identifiers and classifications that do not capture crypto-assets; therefore, they likely need to be adapted to such new instruments.
Second, there is no EU-wide definition of what constitutes custody and record-keeping activities, and the relevant rules apply to a variety of actors such as custodians, registrars, notaries, depositaries or CSDs.
Finally, it is not clear what is meant by custody in the specific context of crypto-assets. ESMA considers that the holding of private keys on behalf of clients could be considered a custody activity, which would trigger the applicability of the relevant rules. However, further clarification is needed as control over private keys may be exercised jointly by several actors, such as in the case of "multi-signature wallets" where more than one key is needed to validate transactions.
In a recent guidance document, the U.S. agency Financial Crimes Enforcement Network (FinCEN) clarified the applicability of the Bank Secrecy Act (BSA) to business models involving money transfers in "convertible virtual currencies". Examining a number of exemplary business models, the document highlights that P2P exchanges must comply with BSA obligations applicable to money transmitters, including registering with FinCEN as an money service business (MSB) and complying with AML programs, recordkeeping, and reporting requirements.
With respect to wallet providers, the analysis distinguishes between "hosted" wallets (where funds are controlled by a third-party provider) and "non-hosted" wallets (where users control the funds themselves).
While hosted wallet providers must comply with AML and monitoring obligations applicable to money transmitters, non-hosted wallet providers are generally exempt from these requirements. The document also considers the case of "multiple signature wallet providers" who generally "hold one key for additional validation while the wallet owner holds the other private key locally."
Again, the key distinction is between hosted and non-hosted wallets, which determines the provider's control over the stored value as If the multi-signature wallet provider is limited to creating non-hosted wallets that require a second authorization key to be added to the wallet owner's private key to validate and complete transactions, the provider is not a money transmitter because it is not accepting and transmitting value. In contrast, if the person combines the services of a multi-signature wallet provider and a hosted wallet provider, the person is considered a money transmitter.
The FinCEN guidance notes the importance of looking at the actual technical capabilities and level of control exercised by the service provider to determine the appropriate level or type of legal responsibility. In line with these criteria, the applicability of accounting forms, record-keeping and record-keeping obligations could be excluded for those actors that do not store transactions on privately controlled servers or do not manage users' private keys.
In order to determine which rules should apply to the operations and technical procedures of financial actors, it seems essential to consider the technical infrastructure underlying transactions and the way in which it shapes the interactions between the parties involved.
By giving users greater control over funds and making the records of transactions on the blockchain publicly available, some of the rules envisaged for accounting forms, bookkeeping and record-keeping may become redundant.
Contact Us and Apply for a Crypto License in Estonia
Specialists from AlphaLAW will be happy to help you obtaining a cryptocurrency license in Estonia. Our assistance includes the preparation of the list of required documents, help in developing company procedural rules, translation of documents into Estonian/English and support throughout the whole licensing process.
In case you have any questions or are interested in obtaining an Estonian license to exchange cryptocurrencies and other virtual assets for a fiat currency (crypto license in Estonia), please contact us through the following communication channels.