The Abu Dhabi Global Market’s Guidance clarifies and expands FSRA expectations for OCAB Framework license holders.

By Brian A. Meenagh

In June 2018, the Abu Dhabi Global Market (ADGM) Financial Services Regulatory Authority (FSRA) unveiled a dedicated cryptoasset regulatory framework by way of various amendments to the FSRA’s core regulations — the Financial Services and Markets Regulation (FSMR), as well as supplementary guidance thereto.

In May 2019, the FSRA issued updated and greatly expanded guidance (FSRA Guidance) that includes a more granular level of detail and addresses a range of topics not covered in the initial guidance. This blog will consider some of these topics in more detail.

The First Regulatory Framework in the ADGM

The ADGM is one of two dedicated financial free zones established in the UAE pursuant to UAE Federal Law Number 8 of 2004 concerning financial free zones. Certain restrictions apply to activities conducted “onshore” in the UAE by entities domiciled in the financial free zones.

The introduction of the financial service of “Operating a Crypto Asset Business” (OCAB Framework) into the FSMR in June 2018 ushered in the first comprehensive regulatory framework for cryptoasset activities to be regulated as a financial service in the region. Firms licensed by the FSRA under the OCAB Framework are treated as fully licensed authorized firms to which the full gamut of the FSRA’s regulatory rules and obligations apply.

New FSRA OCAB Framework Guidance

Stable Coins and Fiat Tokens

The FSRA Guidance introduces the concept of stablecoins and describes them as blockchain-based tokens valued by reference to an underlying fiat currency or basket of assets. A fiat token is in turn described in the FSRA Guidance as a stablecoin that is fully backed (1:1) by fiat currency. The FSRA Guidance provides that the FSRA will only permit OCAB Framework licensees to deal in fiat tokens, i.e., stablecoins that are fully backed by fiat currency, and also meet the requirements to be designated as an “Accepted Crypto Asset” under the OCAB Framework. Issuers of fiat tokens for the purposes of facilitating or effecting payments will be treated as money services businesses that must obtain a financial services permission from the FSRA under the FSMR for the financial activity of Providing Money Services (an activity that sits outside the scope of the OCAB Framework).

Furthermore, whilst fiat token issuers licensed to conduct the activity of Providing Money Services will not also have to apply for a separate license under the OCAB Framework, they will be required to comply with certain provision of the OCAB Framework in relation to client money rules (under the FSRA’s conduct of business rulebook) and certain rules that apply to cryptoasset custodians.

OCAB Framework license holders may deal in fiat tokens that are Accepted Crypto Assets.

Anti-Money Laundering and Sanctions Rules and Guidance

The FSRA Guidance also elaborates on the AML obligations of OCAB Framework licensees. The Guidance makes specific references to the guidance issued by global standard setting bodies, in particular to that of the Financial Action Task Force’s draft Interpretive Note to Recommendation 15 on the mitigation of the money laundering and terrorism financing risks associated with virtual assets. This comes against the backdrop of the UAE’s new 2018 Federal AML law and its implementing regulations, which constitute the legislative basis for the FSRA’s AML rules and which now include digital assets within the definition of “funds” in line with the FATF’s draft Interpretive Note on Recommendation 15.

A set of six principles that should inform OCAB Framework license holders when formulating and implementing anti-money laundering and counter-terrorism financing policies, procedures, systems, and controls has also been introduced in the FSRA Guidance. Of particular note is the guidance relating to the use of e-KYC measures for client due diligence and on-boarding procedures, including the use of “selfies” and biometric verification tools.

Technology Governance

Whilst the FSRA Guidance reiterates the FSRA’s “technology neutral” approach to regulating OCAB Framework licensees, it does provide specific guidelines that OCAB Framework licensees are expected to adhere to when seeking to comply with the FSRA’s general (GEN) and conduct of business (COBS) rules. These guidelines relate to the maintenance and development of system architecture, security measures, and procedures for the safe storage and transmission of data, cryptographic keys and wallet storage, password protection and encryption, origin and destination of cryptoasset funds (in conjunction with the relevant AML rules), system outages, management of personnel and decision-making, third-party outsourcing, and the management of soft and hard fork events in the underlying cryptoasset protocol.

Custody

The FSRA Guidance further elaborates on the FSRA’s expectations in terms of custody governance and operations.

Implications

The FSRA Guidance provides a greatly expanded level of detail as to the FSRA expectations for OCAB Framework license holders when seeking to implement certain policies, procedures, systems, and controls required by the OCAB Framework. The FSRA Guidance also clarifies the FSRA’s position on a number of pressing matters, including stablecoins and the requirements surrounding the use of e-KYC measures.

This post was prepared with the assistance of Khaled Alhuneidi in the Dubai office of Latham & Watkins.