After amending the list of accountable institutions in Schedule 1 to the Financial Intelligence Centre Act (FICA), the Financial Intelligence Centre (FIC) has published the final guidance for crypto asset services providers (CASPs) in Public Compliance Communication no. 57 (PCC 57).
CASPs are listed in item 22 of Schedule 1 of FICA as accountable institutions because of the risk that crypto assets may be used to facilitate money laundering and terrorist financing. The FIC said crypto assets are vulnerable to abuse by criminals due to their potential use in cross-border transactions, the pseudonymous nature of ownership of crypto assets and because transactions can occur seamlessly without being in-person.
In considering whether a person is a CASP, the FIC has clarified that the emphasis will be placed on the economic activities or operations undertaken, rather than the technology, platform or type of crypto asset used for the transaction.
Some of the guidance provided in PCC 57 includes an interpretation of the terminology used in item 22. It is important to note that a person will be a CASP if they carry on the business of one or more of the five activities or operations listed in term 22.
The activities or operations must be performed for a profit or commercial gain, as a regular feature of the business undertaken by the person for or on behalf of a client. Individuals that perform crypto asset activities in their personal capacity are excluded from item 22.
PCC 57 also gives examples of activities that will fall under each of the five activities scoped under item 22:
- exchanging a crypto asset for a fiat currency or vice versa;
An example of this activity would be where a client exchanges crypto assets for rands with the assistance of a CASP, or where a client purchases crypto assets from a CASP whose business is the buying or selling crypto assets.
- exchanging one form of crypto asset for another;
An example would be where a client requests a CASP to take a certain crypto asset in exchange for other crypto assets. The CASP is providing the services to the client at a cost as part of the CASP’s business.
- conducting a transaction that moves a crypto asset from one crypt asset address of account to another;
This arises when a client wishes to move crypto assets from one digital wallet to another and uses the CASP to do so.
- safekeeping or administration of a crypto asset or an instrument enabling control over a crypto asset; and
The CASP in this instance offers safe holding of crypto assets or the private keys to the crypto asset for or on behalf of its clients.
- participation in and provision of financial services related to an issuer’s offer or sale of a crypto asset.
For example, a business determines that there will be an initial coin offering*. The business offers its clients and prospective customers financial services (advice or intermediary services) related to the initial coin offering.
Once it is deemed as an accountable institution, a CASP must register with the FIC. It is important to maintain a risk-based approach when assessing whether a person qualifies as a CASP.
PCC 57 is also useful for all accountable institutions, even those that do not fall under item 22. It describes risk factors that all accountable institutions should take into account when they engage in crypto transactions. If an accountable institution decides not to onboard a certain class of clients, it must be able to demonstrate the application of a risk-based approach. The FIC takes the view that an accountable institution would have to demonstrate why the risk is so high or severe that the accountable institution does not have the appetite to onboard a CASP.
On the international front
The Financial Action Task Force (FATF) in June 2023 published a Targeted Update on Implementation of the FATF Standards on Virtual Assets and Virtual Asset Service Providers (VASPs). Its standards require countries to assess and mitigate their risks associated with virtual asset financial activities and providers. The FATF drew virtual assets into its purview in 2019. In 2021, updated guidance was published which highlighted six key areas:
- clarification of the definitions of virtual assets and VASPs;
- guidance on how the FATF Standards apply to stablecoins;
- additional guidance on the risks and tools available to countries to address the money laundering and terrorist financing risks in peer-to-peer transactions;
- updated guidance on the licensing and registration of VASPs;
- additional guidance for the public and private sectors on the implementation of the “Travel Rule”, and
- principles of information-sharing and co-operation among VASP supervisors.
The 2023 Target Update focuses on the implementation of the 2019 guidance. The FATF assessed the implementation of the 2019 guidance against the 98 jurisdiction that were under mutual evaluation. Based on the 98 FATF mutual evaluation and follow-up reports conducted, 75% of jurisdictions were found to be only partially or not compliant with the FATF’s requirements. The FATF has stressed that jurisdictions need to implement the Travel Rule, as it found that jurisdictions have made insufficient progress on implementing this rule. The FATF Travel Rule is found in Recommendation 16 of the FATF Recommendations. It requires VASPs to obtain details of the sender and recipient of a virtual asset transfer to counterparty VASPs or financial institutions, either during or prior to the transaction. Effectively, the rule requires VASPS to know who is initiating the transfer and who receives it.
The FATF is encouraging all member countries to rapidly implement its Standards on virtual assets and VASPs, including the Travel Rule.
By Lerato Lamola-Oguntoye, Consultant & Analisa Ndebele, Associate from Webber Wentzel