BetterNews #3: Malta: DLT System Audit requirements and DLT Exchanges
The founder of BetterTokens and CEO of Waves Platform Alexander Ivanov, and co-founder and Board member of BetterTokens Artem Tolkachev have visited Malta during this week to discuss with Malta Digital Innovation Authority and Malta Financial Services Authority the work of our association in relation to the new DLT regulatory framework that has been recently adapted on the island.
Malta Digital Innovation Authority
The discussion with Malta Digital Innovation Authority focused on DLT System Audit requirements. Specific guidelines on those are expected to be published soon for consultation purposes with market participants.
It is expected that there will be set of requirements for DLT System auditors, which will cover such areas as professional qualification and subject matter expertise, as well as adherence to guidelines published by the authorities.
From methodological point of view, such areas as security, availability, processing integrity, confidentiality and privacy could be subject to testing.
In addition, different levels of controls may be required to be reviewed, such as corporate governance, internal controls and risk management, as well as clear communication mechanisms and assignment of roles, responsibilities and authorizations amongst the personnel of DLT platform or application operators.
Another set of rules may be defined by ethical and integrity standards, as well as independence between different operational and control units.
We are very glad to notice that the Standards that we have developed in BetterTokens for companies engaged in tokenization of assets are completely in line and in compliance with these expected requirements.
Malta Financial Services Authority
The discussion with Malta Financial Services Authority focused mainly on issue and exchange of virtual financial assets and upcoming requirements for licensing of DLT exchanges.
Launching a regulated cryptocurrency exchange business in Malta is an activity that require a specific license. However, certain requirements and guidelines are yet to be published and consulted by the regulator, which leaves some questions in the air.
For now it is clear that there will be a 12 months grace period for those projects who will manage to incorporate a company and send an application by the end of this month. The grace period will allow to operate without obtaining the license. However, it is also clear that there will be certain requirements applicable even to those who benefit from the grace period, including AML/KYC of the users and appointments of compliance officer and a system auditor.
In addition, it is important to note that DLT Exchanges should not admit to trading tokens that are qualified as financial instruments. There is a specific test designed by competent authorities to comply with this requirement. This means that DLT Exchanges must ensure that the tokens admitted to trading are not classified as securities. On practice, compliance with this requirement is delegated to VFA Agents (i.e. law firms) who provide corresponding legal opinions to the projects that are willing to list their tokens. This processes is most likely to be followed by DLT Exchanges even during the grace period.
It is also expected that there may be certain rules covering market manipulation and market abuse. Despite the fact that they are not set during the grace period, it is still something to be taken into account by the operators.
Another open question relates to capital requirements to obtain the license. This is something that is expected to be subject to consultation with market participants. Worst case scenario can be as high as MiFID II broker / dealer license capital requirements.
Founders and members of BetterTokens will be engaged in similar meetings with different regulators around the world in the upcoming months. We will keep you posted on the resulting updates and developments.