Establishment of ICOs in Malta
The Virtual Financial Assets Act, was enacted on the 1st of November, 2018 and the subsequent chapters to the Virtual Financial Assets Rule Book were issued. In relation to Initial Coin Offerings (ICOs) the Malta Financial Services Authority published a specific chapter in relation to Issuers of Virtual Financial Assets.
Chapter 2 to the Rulebook specifically targets those seeks to raise finance through the issue of Virtual Financial Assets (ICOs) in or from Malta. The law states that an issuer must be a legal person, which is duly formed in Malta, and that it must adhere to the principles laid out in the law as well as the Rulebook. The law and Rulebook put a great emphasis on the fact that such issuers must at all times uphold the principles of market integrity, investor protection and financial soundness.
Malta ICO Setup
- Applicant to undertake the Financial Instrument Test – endorsement by VFA Agent;
- Issuer must appoint a VFA Agent;
- Drawing up of the Whitepaper & Smart Contract parameters;
Any Issuer must determine whether its token is a Utility Token, Security Token, E-money or a Virtual Financial Asset. Applicant cannot forge ahead if such Test has not been undertaken and VFA Agent endorses such determination
The Law stipulates that the Malta Financial Services Authority shall not directly engage with the Issuers and that such Issuers are to be at all times represented by an authorised VFA Agent. CSB Group has applied to obtain the VFA Agent licence.
The Issuer would need to form a legal entity in terms of the Laws of Malta and shall be directed by two (2) individuals. This requirement is enshrined to ensure the dual control principle. The individuals are responsible in ensuring that the Issuer complies with the laws, rules and regulations in relation to ICOs.
Such persons need to be both on a collective and individual basis of sufficiently knowledge of the business of the Issuer and also monitor the activities of the company if they form part of the Board of Administration (Board of Directors). If the BoA delegates any functions, it is holds ultimate responsibility.
An Issuer shall appoint and have at all times:
|Systems Auditor||The role of the Systems Auditor is to review and audit the Innovative Technology Arrangement of the Issuer including cyber security arrangements. The system auditor on an annual basis shall prepare a systems audit report in compliance with the Malta Digital Innovation Authority (MDIA) guidelines.|
|VFA Agent||The VFA Agent shall assist the Issuer throughout all the process and thereafter shall obtain from the BoA that the investors have been duly furnished with the relevant roadmap and milestones of the ICO as well as the financial projections & forecasts. The VFA Agent shall also submit the annual compliance report to the MFSA.|
|Auditor||Any legal entity on the Island of Malta needs to appoint a local auditor in order for it to be in a position to carry out an annual assessment on the financial performance of the company. Moreover in respect to ICOs, an auditor shall also draw up a report wherein it confirms that the ICO has proper Anti-Money Laundering, Know Your Client procedures & systems in place.|
|MLRO||The law requires that an Issuer of an ICO appoints an anti-Money Laundering Reporting Officer. Such individual must possess the necessary competence, experience and knowledge in the field as well as a similar good grasp in relation to traditional financial services legislation.|
|Custodian||Can be undertaken through the Innovative Technology Arrangement (ITA) for Virtual Financial Assets. Traditional FIAT currencies are to be held under custody by traditional banks, central banks, EMIs or money market funds.|
Before submitting an application, a meeting should be held with the MFSA. Following that the following documents are to be submitted to the MFSA:
- Whitepaper & supplementary documentation duly signed;
- Copy of VFA Test duly signed by Board and endorsed by VFA Agent;
- Confirmation from Systems Auditor regarding the Technology Arrangement in accordance with MDIA guidance;
- Copy of last three years audited financial statements;
- Consolidated Group account of last 3 years prepared in accordance to GAAP (if applicable);
- Certified copy of M&A (or similar);
- Application Fee.
The MFSA may request additional information and applications are accepted or rejected at its discretion and no Application accepted if not made with the consent of the Issuer. The MFSA shall rely on the determinations of the Issuer and VFA Agent, and shall not accept an Issuer’s determination without VFA Agent endorsement.
Limitations on Investment
An Issuer shall ensure that an investor who does not satisfy the requirements of being an experienced investor, shall not invest more than €5,000 in an Issuer’s ICO over a twelve (12) month period.
|White Paper Registration Fees||€8,000|
|Whitepaper Annual Supervisory Fee||€2,000|
The Issuer shall ensure that it is at all times satisfying the local anti-money laundering and counter financing of terrorisms requirements. The MLRO of the Issuer is to prepare such a statement on an annual basis and form part of the Compliance Statement to be submitted by the VFA Agent.
An Issuer shall on an Annual basis submit to the MFSA the following documentation:
- Audited Financial Statements;
- Auditors Report;
- Annual Compliance Statement.
The Issuer shall maintain records and documents for a period of not less than five (5) years and at the MFSA’s request may need to hold such for up to seven (7) years. Such documentation must be made readily available to the MFSA in its role to monitor the Issuer’s compliance.
The Information must be maintained in a medium which allows storage in an accessible manner and must allow:
- MFSA to access and reconstitute each key stage of a transaction;
- Corrections and amendments to be easily ascertained;
- The non-manipulation of records.
Issuers Technology Arrangements
The Issuers ITA shall at all times satisfy the guidelines issued by the MDIA. A confirmation to this effect shall be obtained from the Issuer’s System Auditor and included in the Compliance Statement to be submitted by the VFA Agent.
I.T. infrastructure must ensure (in accordance with GDPR):
- Integrity & security;
- Availability, traceability & accessibility;
- Privacy & confidentiality.
Infrastructure to be located in Malta or any EEA Member State or 3rd Country approved by MFSA. If not in Malta replication in real-time must be made in Malta.
- Regulated Information shall be submitted to MFSA at the same time that it is disclosed to the public at no fee to investors;
- Information must be published in the media in unedited full text, unless information given to the media makes reference to a website;
- Regulated information shall be communicated:
a. Clearly stating that it is Regulated Information;
b. Clearly identifies:
- The issuer;
- Subject matter;
- Time & Date of communication.
Penalties & Sanctions
A fine of up to €150,000 may apply for breaches by an Issuer or VFA Agent in relation to the Rules. The MFSA is granted to issue such a penalty and the Issuer or VFA Agent shall not have recourse in a court of law. Higher finds and penalties may be imposed if the matter is subject to a court of law.
For any assistance required please do not hesitate to contact our Fintech team on [email protected] or +356 2557 2557.