The essence of the act:
This is a detailed regulation that specifies what information financial entities must provide when notifying authorities of their intention to provide crypto-asset services. It establishes comprehensive requirements for documentation, operational procedures, and security measures that crypto-asset service providers must implement and describe in their notifications.
Structure and main provisions:
The regulation consists of 12 articles covering different aspects of notification requirements:
– Programme of operations (Article 1)
– Business continuity plans (Article 2)
– Anti-money laundering measures (Article 3)
– ICT systems and security (Article 4)
– Client asset segregation (Article 5)
– Custody policies (Article 6)
– Trading platform rules (Article 7)
– Exchange services (Article 8)
– Execution policies (Article 9)
– Advisory services (Article 10)
– Transfer services (Article 11)
Key important provisions:
1. Financial entities must provide detailed 3-year operational plans including target markets, marketing strategies, and resource allocation
2. Comprehensive cybersecurity and ICT systems documentation is required, including third-party audits
3. Strict client asset segregation rules must be documented, especially for crypto custody services
4. Detailed anti-money laundering procedures and risk assessments must be provided
5. Trading platforms must document their admission rules, execution procedures and market abuse prevention systems
The regulation creates a standardized framework for authorities to evaluate crypto service providers’ preparedness and compliance capabilities before allowing them to operate.
