Initial Coin Offering in Malta

Initial Coin Offerings (ICOs) is a method where a company looking to raise capital can sell cryptocurrency to investors in the form of tokens. CSB Fintech provide expert advice on ICO Regulations and Compliance matters and assist clients who wish to launch a token sale.

Establishment of ICOs in Malta

The Virtual Financial Assets Act, was enacted on the 1st November 2018 and the subsequent chapters to the Virtual Financial Assets Rule Book were issued. In relation to Initial Coin Offerings (ICOs) the Malta Financial Services Authority published a specific chapter in relation to Issuers of Virtual Financial Assets, establishing Malta as one of the pioneers of ICO Regulations.

The ICO Requirements

Chapter 2 to the Rulebook specifically targets those who seek to raise finance through the issue of Virtual Financial Assets (ICOs) in or from Malta. The law states that an issuer must be a legal person, which is duly formed in Malta, and that it must adhere to the principles laid out in the law as well as the Rulebook. The law and Rulebook put a great emphasis on the fact that such issuers must at all times uphold the principles of market integrity, investor protection, and financial soundness.

Malta ICO Setup

1. Applicant to undertake the Financial Instrument Test – endorsement by VFA Agent;
2. Issuer must appoint a VFA Agent;
3. Drawing up of the Whitepaper & Smart Contract parameters;

Any Issuer must determine whether its token is a Utility Token, Security Token, E-money or a Virtual Financial Asset. Applicant cannot forge ahead if such Test has not been undertaken and VFA Agent endorses such determination

The Law stipulates that the Malta Financial Services Authority shall not directly engage with the Issuers and that such Issuers are to be at all times represented by an authorised VFA Agent. CSB Group has obtained the VFA Agent licence.

The Issuer would need to form a legal entity in terms of the Laws of Malta and shall be directed by two (2) individuals. This requirement is enshrined to ensure the dual control principle. The individuals are responsible in ensuring that the Issuer complies with the laws and rules, abiding by all ICO regulations.

Such persons need to be both on a collective and individual basis of sufficient knowledge of the business of the Issuer and also monitor the activities of the company if they form part of the Board of Administration (Board of Directors). If the BoA delegates any functions, it holds ultimate responsibility.

An Issuer shall appoint and have at all times:

• Systems Auditor
• VFA Agent
• Auditor
• MLRO
• Custodian

Systems Auditor

The role of the Systems Auditor is to review and audit the Innovative Technology Arrangement of the Issuer including cyber security arrangements. The system auditor on an annual basis shall prepare a systems audit report in compliance with the Malta Digital Innovation Authority (MDIA) guidelines.

VFA Agent

The VFA Agent shall assist the Issuer throughout all the process and thereafter shall obtain from the BoA that the investors have been duly furnished with the relevant roadmap and milestones of the ICO as well as the financial projections & forecasts. The VFA Agent shall also submit the annual compliance report to the MFSA.

Auditor

Any legal entity on the Island of Malta needs to appoint a local Auditor in order for it to be in a position to carry out an annual assessment on the financial performance of the company. Moreover, in respect to ICOs, an auditor shall also draw up a report wherein it confirms that the ICO has proper Anti-Money Laundering, Know Your Client Procedures & Systems in place.

MLRO

The law requires that an Issuer of an ICO appoints an anti-Money Laundering Reporting Officer. Such individual must possess the necessary competence, experience and knowledge in the field as well as a similar good grasp in relation to traditional financial services legislation.

Custodian

Can be undertaken through the Innovative Technology Arrangement (ITA) for Virtual Financial Assets. Traditional FIAT currencies are to be held under custody by traditional banks, central banks, EMIs or money market funds.

Application Documents

Before submitting an application, a meeting should be held with the MFSA. Following that the below listed documents are to be submitted to the MFSA:

1. Whitepaper & supplementary documentation duly signed;
2. Copy of VFA Test duly signed by Board and endorsed by VFA Agent;
3. Confirmation from Systems Auditor regarding the Technology Arrangement in accordance with MDIA guidance;
4. Copy of last three years audited financial statements;
5. Consolidated Group account of last 3 years prepared in accordance to GAAP (if applicable);
6. Certified copy of M&A (or similar);
7. Application Fee.

The MFSA may request additional information and applications are accepted or rejected at its discretion. No Application is accepted if not made with the consent of the Issuer. The MFSA shall rely on the determinations of the Issuer and VFA Agent, and shall not accept an Issuer’s determination without VFA Agent endorsement.

Limitations on Investment

An Issuer will ensure that an investor who does not satisfy the requirements of being an Experienced Investor shall not invest more than €5,000 in an Issuer’s ICO over a twelve (12) month period.

MFSA Fees

Ongoing Requirements

AML Requirements

The Issuer shall ensure that it is at all times satisfying the local Anti-Money Laundering and Counter-Financing of Terrorism requirements. The MLRO of the Issuer is to prepare such a statement on an annual basis and form part of the Compliance Statement to be submitted by the VFA Agent.

Annual Filings

An Issuer shall on an Annual basis submit to the MFSA the following documentation:

1. Audited Financial Statements;
2. Auditors Report;
3. Annual Compliance Statement.

Document Maintenance

The Issuer shall maintain records and documents for a period of not less than five (5) years and at the MFSA’s request may need to hold such for up to seven (7) years. Such documentation must be made readily available to the MFSA in its role to monitor the Issuer’s compliance.

The Information must be maintained in a medium which allows storage in an accessible manner and must allow:

1. MFSA to access and reconstitute each key stage of a transaction;
2. Corrections and amendments to be easily ascertained;
3. The non-manipulation of records.

Innovative Technology Arrangements

The Innovative Technology Arrangements shall at all times satisfy the guidelines issued by the MDIA. A confirmation to this effect shall be obtained from the Issuer’s System Auditor and included in the Compliance Statement to be submitted by the VFA Agent.

I.T. Infrastructure

I.T. infrastructure must ensure (in accordance with GDPR):

1. Integrity & security;
2. Availability, traceability & accessibility;
3. Privacy & confidentiality.

Infrastructure to be located in Malta or any EEA Member State or Third Country approved by MFSA. If not in Malta, replication in real-time must be made in Malta.

Regulated Information

1. 1. Regulated Information shall be submitted to MFSA at the same time that it is disclosed to the public at no fee to investors;
   2. Information must be published in the media in unedited full text, unless information given to the media makes reference to a website;
   3. Regulated Information shall be communicated:
      
      

   a. Clearly stating that it is Regulated Information;

   b. Clearly identifies:

   • The issuer;
   • Subject matter;
   • Time & Date of communication.

Penalties & Sanctions

A fine of up to €150,000 may apply for breaches by an Issuer or VFA Agent in relation to the Rules. The MFSA is granted to issue such a penalty and the Issuer or VFA Agent shall not have recourse in a court of law. Higher fines and penalties may be imposed if the matter is subject to a court of law.