THE ISSUANCE OF A VIRTUAL FINANCIAL ASSET (‘VFA’)
& ADMISSION TO TRADING OF A VFA
In light of the various rule books and regulatory updates issued by the Malta Financial Services Authority (hereinafter referred to as “MFSA”) in the recent past, we have prepared an overview of the initial and ongoing requirements applicable to an initial offering of a virtual financial asset (hereinafter referred to as “IVFAO”), in or from within Malta.
Such requirements are based on the final version of Chapter 2 of the Virtual Financial Asset Rule Book, entitled ‘Virtual Financial Assets Rules for Issuers of Virtual Financial Assets’, as the relevant provisions of the Virtual Financial Assets Act
(hereinafter referred to as “the VFA Act”).
1. General Requirements
Chapter 2 of the Virtual Financial Asset Rulebook, applies to Issuers of Virtual Financial Assets, (hereinafter referred to as ‘VFA/s’), who are seeking to provide Virtual Financial Assets activity in or from within Malta.
Issuers must be legal persons duly formed in Malta, and must adhere to general high-level principles when carrying out their function.
This includes inter alia performing duties in an ethical manner, with great integrity, whilst considering the investors’ best interests at all time.
The Virtual Financial Assets Act seeks to regulate initial offering of a virtual financial asset, ‘IVFAO’ where an issuer issues Virtual Financial Assets in or from within Malta.
2. Requirements for Issuers – A brief overview
The Issuer, whose business must be managed in satisfaction of the dual control principle, must commence the offering of its Virtual Financial Assets to the public or admit its Virtual Financial Assets to trading on a DLT exchange within six (6) months from the date of registration of the whitepaper with the MFSA.
Prior to performing the offering or admitting to a DLT exchange, the Financial Instrument Test must be carried out and signed by the Issuer’s Board of Administration and subsequently endorsed by the appointed VFA Agent.
The Issuer is obliged to draw up an annual compliance certificate in relation to its business – the certificate shall be subsequently reviewed and submitted by the VFA Agent after it is signed off by all members of the Issuer’s Board of Administration.
Once the compliance certificate is submitted, the Issuer must pay the applicable supervisory fees to the Authority.
3. Ongoing requirements applicable to IVFAOs and trading Virtual Financial Assets on DLT Exchanges
Virtual Financial Assets may only be offered to the public in or from within Malta, and subsequently apply for admission to trading on a DLT Exchange if the Issuer’s Whitepaper complies with the requirements of the VFA Act and is registered with the MFSA Accordingly.
A simplified version of the process has been outlined hereunder for ease of reference:
STEP 1: FINANCIAL INSTRUMENT TEST
Undertaking the Financial Instrument Test and determination of the token in question as a Virtual Financial Asset, which determination is to be endorsed by the VFA Agent. This should always be the starting point as it is only in the event that that the token in question qualifies as a Virtual Financial Asset that the subsequent steps should be undertaken.
STEP 2: APPOINTMENT OF A VFA AGENT
Appointment of a registered VFA Agent, which appointment shall be maintained at all times. Blockchain Advisory has applied for the VFA Agent license and may assist you with such service.
STEP 3: BOARD OF ADMINISTRATION
The Issuer shall be effectively directed or managed by at least 2 individuals, in satisfaction of the dual control principle. The following principles must also be adhered to:
– Responsible for ensuring that the Issuer complies with its obligations under the rules and any guidelines;
– Collective and individual responsibility to acquire and maintain sufficient knowledge and understanding of the Issuer’s business to enable them to discharge their duties;
– It is the duty of the Board of Administration to inform itself of its activities as a whole, have a proper understanding of its financial condition, and examine documents submitted for its attention;
– If Board delegates any of its functions, such delegation shall not absolve the Board from the duty to supervise the discharge of such delegated functions.
STEP 4: CORPORATE FORM
The Issuer must be a legal person duly formed under any law for the time being in force in Malta.
Accordingly, it will be necessary to incorporate a Maltese Company, typically a private limited company (ltd.) or public limited company (plc.), as the case may be.
Furthermore, it is now also possible to use a Foundation, following amendments to the Civil Code.
STEP 5: APPOINTMENT OF FUNCTIONARIES
An Issuer shall appoint, and have at all times appointed, the following Functionaries, who have sufficient knowledge and experience in the field of information technology, DLT assets and their underlying technologies and have a good understanding of the Issuer’s business:
1. Systems Auditor – reviewing and auditing the Issuer’s Innovative Technology Arrangement/s (ITA/s) including cyber security arrangements, and shall prepare an annual systems audit report on its ITAs in compliance with guidelines issued by the Malta Digital Innovation Authority (MDIA).
2. VFA Agent – receives confirmations from the Issuer that the Board of Administration has been established, that the investors have been provided with a roadmap establishing the milestones for the IVFAO and also be provided with financial information and profit forecasts.
3. Custodian – shall be considered the ITA if custody of Virtual Financial Assets is being performed through such, however in terms of custody for fiat currencies, this may only be carried out by a central bank, payment institution, money market fund, electronic money institution, bank in a third country or a credit institution.
4. Auditor – draws up a report confirming that AML/CFT/KYC systems are in place.
5. Money Laundering Reporting Officer – carried out by individuals who comprehend the extent of responsibilities attached to the role, must be competent, financially sound and of a good repute, as well as have the adequate knowledge, professional expertise and experiences in traditional financial services as well as the Prevention of Money Laundering Act.
STEP 6: DRAWING UP OF WHITEPAPER & SMART CONTRACTS DISCLOSURE
Drawing up of the Whitepaper in accordance with the form and content as prescribed in the First Schedule of the Virtual Financial Assets Act and any rules issued by the MFSA.
This includes requirements relating to the deployment of smart contracts.
STEP 7: APPLICATION FORM AND ACCOMPANYING DOCUMENTATION
An Issuer desirous of carrying out the above-mentioned activity/activities must, through its VFA Agent, submit the following to the MFSA:
1. White paper and supplementary documents signed by Board of Administration.
2. Copy of the Financial Instruments’ Test signed by Board of Administration and endorsed by a VFA Agent.
3. Confirmation from the Systems Auditor that the Issuer’s ITA complies with MDIA guidelines.
4. Annual audited Accounts for each of the last three (3) financial years, and/or if the Issuer is part of a Group – the consolidated accounts of the Group.
5. Certified copy of constitutional documents.
6. Registration Fee.
STEP 8: FEES
Whitepaper Registration Fees – €8,000
Whitepaper Annual Supervisory Fees – €2,000 (payable upon the submission of the certificate of compliance)
STEP 9: ONGOING OBLIGATIONS
1. Appointing a Board of Administration
Such board – responsible for ensuring the Issuer complies with Authority’s Rules and obligations – must act honestly, exercise reasonable care when carrying out functions, avoid conflicts of interest, monitor compliance, identify risks and manage them, as well as be responsible for Issuer’s compliance with AML/CFT requirements, whilst being aware of the Issuer’s activities and financial condition.
2. Establishing a Cyber Security Framework
This shall include various policies, such as; response and recovery plan, business continuity, sensitive data management etc.
The framework must comply with internationally recognized cyber security standards and shall be in line with GDPR provisions.
3. Record Keeping Procedures
The Issuer shall retain documents and keep available for the MFSA to monitor the Issuer’s compliance in line with the MFSA rules pertaining to Virtual Financial Assets.
Such documents are to be retained for at least five (5) years unless MFSA requests that such are kept for seven (7) years.
The medium wherein the documents shall be held, must be accessible for future reference by the MFSA and in such a form and manner that the following conditions are met:
– unfettered MFSA access including the ability to reconstitute each stage of the transaction process;
– amendments and corrections to the contents of the documents must be easily ascertained;
– documents cannot be manipulated.
4. Robust I.T. Infrastructure
The Issuer shall ascertain that its I.T. infrastructure ensures:
– the integrity and security of any data stored therein;
– availability, traceability and accessibility of data;
– privacy and confidentiality; and
– is in line with the provisions of the GDPR.
5. Annual filings
The Issuer must make the following annual submissions with the MFSA:
– the Annual Compliance Statement submitted by VFA Agent on behalf of the Issuer;
– the Audited Financial Statements; and
– the Auditor Report.
Issuer shall pay the Annual Supervisory Fees to the MFSA upon submission of the Annual Compliance Statement. Such statement shall include a confirmation that the VFA Agent is satisfied that:
i. Local AML/CFT requirements have been satisfied, which confirmation should be obtained from the Issuer’s MLRO; and
ii. Issuer’s technology arrangements comply with any qualitative standards set and guidelines issued by the MDIA applicable to the particular type of arrangement, which confirmation should be obtained from the Issuer’s Systems Auditor.
4. Limitations, Enforcement and Sanctions
A. Cap on maximum investable amount
An Issuer shall ensure that an investor (who is not considered as experienced) does not invest more than EUR 5,000 in its Initial VFA Offerings over a 12-month period.
Please note that an experienced investor does not necessarily equate to a professional and/or accredited investor, but should possess knowledge of the industry and have previous experience with ICOs.
B. Sanctions when in breach
Where an Issuer/ VFA Agent breaches or infringes a Rule, the MFSA may by virtue of the authority granted to it under Article 48 of the VFA Act impose administrative penalties, without recourse to a court of law, up to a maximum of EUR 150,000.