Top Questions From FinTech Lawyer
The blockchain and crypto industry is becoming increasingly regulated. While the banking and traditional finance industry have been regulated and developing for a long time, the crypto and blockchain industry has been actively developing since 2009.
That is to say, it is a relatively young area for conducting business, and compliance with regulatory requirements should be approached with special caution.
The same risks as in traditional finance are present here – anti-money laundering and sanctions evasion, customer identification, data storage, etc. However, regulation has not yet stabilized, and legal practice has not fully developed.
Therefore, if you plan to open a VASP (Virtual Asset Service Provider), you need to study the issue thoroughly. How are regulatory risks related to your activities? What do you need to operate in this field? And most likely, without the help of a lawyer, you won’t be able to solve this task.
Banking lawyers are reluctant to venture into the crypto business because the rules and conditions in this area change too often, and they are used to working in a very stable environment. Lawyers specializing in crypto and fintech law are still relatively few. And the level of a lawyer’s competence is one of the problems when bringing a VASP to the market because you must ensure that all rules and conditions of operation are complied with.
The second problem you will face is the issues with frameworks in different countries, as in different countries not only different approaches and rules apply when working with VASP, but also different definitions of the crypto business.
Therefore, if you have decided to launch a VASP, you need to answer several key questions. In this article, we will thoroughly examine the algorithm of actions and ways to solve this problem with Mihhail Sherle, Head of Legal Practice in Gofaizen & Sherle, which provides consulting services for FinTech and crypto companies and VASP owners.
The first question you need to answer is what exactly the VASP will do and what service it will provide. There are quite a few options.
If you provide a cryptocurrency wallet service, do you store customers’ currency, do you allow them to make transactions?
If you do not store the currency, then the question arises – do you need to open a VASP at all? Perhaps your company sells or simply provides software, and this activity is not licensed.
If you plan to open a cryptocurrency exchange, you need to answer what exchange operations you will conduct. Cryptocurrencies to cryptocurrencies or to fiat money.
If you implement an innovative solution – crypto-acquiring, lending, ICO, fashionable tokens – this is a complex financial service for which a full service description will be required. In addition, it is important to consider whether your service will provide the ability to trade on leverage or trade derivative financial instruments such as futures, options, CFDs, etc.
It all depends on how much money you need to start your project: what licenses you need to obtain, what capital requirements exist, and whether you can provide these services in different jurisdictions.
The second question you need to answer is where your company will operate and where its main infrastructure will be located.
In other words, you need to decide which jurisdiction you are operating in and in which jurisdiction you are providing the service. The requirements for VASPs depend on this: internal policies, including requirements for employees, capital, and the like. Some jurisdictions, such as Lithuania, require the managing director of the VASP to be localized within the country, even if the service is provided in another jurisdiction.
That is, you must take into account the need for physical presence in the country, maintaining an office, local capital requirements, and so on. Obviously, this affects the amount of money needed to operate your project.
The third question is who you are offering your service to and who will be buying it. It is not always possible, while being in one jurisdiction, to offer services to customers in another. For example, the CFTC accused Finance Exchange of providing services to US citizens without additional licensing. According to the commission, Binance did not properly conduct compliance control and did not require additional data from customers to avoid violations.
Thus, not always, while being in one country, can you offer the service to people from another. You need to take into account the risks of additional licensing
An extremely important aspect is how you offer or sell your service. You need to understand what internal processes need to be established, such as identification, transaction monitoring, reporting, and communication with regulators. The key processes depend on the industry, and there may be many more of them.
Although the requirements for them may be unique in each jurisdiction, there are international standards that can help you – pan-European standards (AMLD) and standards of international organizations (e.g. FATF). Experience in traditional banking will also be useful – risk management principles, for example, are the same everywhere.
Define your partners. You need to understand what service providers you need. If you work with fiat currency, you need a fiat gateway (payment system), as well as a liquidity provider.
You also need service providers who will ensure the collection and storage of data, solutions for risk management and transaction monitoring, screening and monitoring of customers to comply with transaction control requirements. It is important to understand where to look for these providers and how much their services cost.
An important point to remember is data privacy. Data security covers numerous risks, including financial ones. It’s crucial to ensure the safety of personal data of customers and employees, even if you’re a small company. In EU countries, there is a general regulation on personal data protection, GDPR. Therefore, when processing personal data of EU citizens, you must comply with its requirements. And you need to understand the rules for working with personal data in your jurisdiction.
A very important point that is often overlooked is the need to maintain your business reputation. This is critically important in the financial sector – if your reputation suffers, it is unlikely that you will be able to simply open another project with the same level of trust. Therefore, it’s important to check and choose partners who provide services to avoid becoming part of a semi-legal scheme.
Finally, you should be prepared for a fairly long timeline. Obtaining licenses for VASPs is a slow process, taking several weeks to several months. During this time, you can fully describe your business and its processes, choose providers, and carefully consider all the details of licensing in the required jurisdictions. This way, you enter the market with reflected processes, a clear goal, and the necessary resources.
This article is sponsored content and does not represent the views or opinions of BeInCrypto. While we adhere to the Trust Project guidelines for unbiased and transparent reporting, this content is created by a third party and is intended for promotional purposes. Readers are advised to verify information independently and consult with a professional before making decisions based on this sponsored content.