FSCA Update on Licensing and Supervision of Crypto Asset Service Providers

Key Developments

The Financial Sector Conduct Authority (FSCA) has released an update on the licensing and supervision of Crypto Asset Service Providers (CASPs) under the Financial Advisory and Intermediary Services Act, 2002 (FAIS Act). Since the CASP licensing regime took effect on 1 June 2023, the FSCA has received 512 licence applications, of which 300 have been approved, 14 declined and 121 withdrawn following engagement with the regulator. The balance remains under review.

 

Regulation of Crypto Assets

Under the FAIS Act, the FSCA issued General Notice 1350 on 19 October 2022, which officially declared crypto assets to be financial products.

A “crypto asset” is defined as a digital representation of value that is not issued by a central bank but can be traded, transferred or stored electronically and makes use of cryptographic techniques and distributed ledger technology (for example, blockchain).

This classification meant that the provision of financial services related to crypto assets became subject to FAIS regulation and oversight, which brought them in line with other, more traditional, financial products and ensuring greater consumer protection and market integrity. Accordingly, any business offering crypto-related services such as trading platforms, wallet providers or investment advisers must be licensed as a CASP under the FAIS Act.

Although certain activities fall within the definition of a crypto asset service, the FSCA has clarified that, at this stage, the following participants are not required to apply for a CASP licence:

• Crypto asset miners and node operators: These participants enable and support blockchain infrastructure but do not interact directly with consumers and therefore fall outside the current licensing requirements.
• Service providers involved with non‑fungible tokens (NFTs): NFTs are unique digital tokens created through code. While they can be traded, the FSCA views them as presenting a lower risk than fungible crypto assets. There is ongoing debate in the market as to whether NFTs should be treated in the same way as other crypto assets. As a result, future amendments to the FAIS Act may expand the licensing requirement to include certain NFT‑related activities.
• Providers offering financial services relating to crypto‑asset derivatives: These products are classified as securities under the Financial Markets Act, 2012 (FMA). As such, providers should already be appropriately licensed under the FAIS framework or be compliant with the relevant requirements of the FMA.

 

Reasons for Declining of Applications

Applications for a CASP licence have been primarily declined by the FSCA due to failure to meet fit and proper requirements, including but not limited to:

• inadequate operational ability of an applicant (lack of clear business plans and operational frameworks); and
• insufficient competency of an applicant (lack of knowledge and practical experience in crypto assets).

 

Compliance Strategies for CASPs

To ensure strong compliance foundations and operational resilience, CASPs should adopt several key practices. First, CASPs should conduct comprehensive regulatory mapping and risk assessments to identify all applicable regulatory obligations and to monitor business risks on an ongoing basis, including those relating to anti-money laundering, counter-financing-of-terrorism and counter-proliferation financing exposures.

It is also important for CASPs to strengthen their governance structures and internal controls by establishing clear oversight frameworks and implementing compliance programmes that align with the requirements of the FAIS Act and the Financial Intelligence Centre Act, 2001. In addition, CASPs should enhance their operational and competency standards by developing detailed business plans and ensuring that all key individuals complete the necessary regulatory examinations.

From a legal standpoint, CASPs should put in place robust documentation and protections, including well‑drafted indemnities and custody arrangements that comply with local legal requirements. Maintaining ongoing engagement with the FSCA is also essential. CASPs are encouraged to participate in regulatory forums and keep open lines of communication with the regulator.

Given the cross‑border nature of crypto assets, CASPs must ensure that they comply with applicable international regulatory requirements and prepare appropriate wind‑down plans for jurisdictions where compliance cannot be achieved. Finally, CASPs should adopt a proactive approach to anti-money laundering, counter-financing-of-terrorism and counter-proliferation financing compliance by implementing strong customer due‑diligence measures, rigorous transaction‑monitoring processes, and effective mechanisms for identifying and reporting suspicious activities.

 

Enforcement Actions

The FSCA is actively investigating unlicensed CASP activities. To date, 81 investigations have been initiated, with 56 ongoing. Enforcement action will be taken against any entity conducting CASP-related activities without a licence.

Should you have any questions or require assistance with CASPs registrations or the FAIS Act in general, please do not hesitate to reach out to our offices.