Guidance Notes issued in Mauritius for Security Token Offerings and Security Token Trading Systems

Some key takeaways are:

Definition of Security Token

“Security Tokens” fall within the definition of “securities” of the Securities Act 2005 of Mauritius (Securities Act).

The following non-exhaustive list illustrates what can be considered to be a Security Token:

• a share, where it confers or represents ownership or economic rights of the holder of the security token in a corporation;
• a debenture, where it constitutes or evidences the indebtedness of the issuer of the Security Token in respect of any money lent to the issuer by a holder of the Security Token;
• a derivative, whether on securities or commodities; or
• a unit in a collective investment scheme (CIS), where it represents a right or interest in a CIS including an option to acquire a right or interest in a CIS.

The offering and issue of Security Tokens

The offering of Security Tokens will be subject to the Securities Act and to any Regulations or FSC Rules issued thereunder including the requirement for a prospectus, as may be applicable. An offer of Security Tokens will be subject to the same regulatory regime as a traditional offer of securities under the Securities Act and will thus be subject to the requirements under Part V of the Securities Act, including the requirement that an offer of Security Tokens cannot be made to the public unless the offer is made in a prospectus (save for the specified circumstances where a prospectus will not be required.

Who may issue Security Tokens?

1. Entities registered as Reporting Issuers defined under section 86(1) of the Securities Act as an issuer:

• • who by way of a prospectus, has made an offer of securities either before or after the commencement of the Securities Act;
  • who has made a takeover offer by way of an exchange of securities or similar procedure;
  • whose securities are listed on a securities exchange in Mauritius; or
  • who has not less than 100 shareholders;

2. Collective Investment Schemes authorised as Expert Funds or Professional Collective Investment Schemes;
3. Any such other issuer as may be deemed appropriate by the FSC.

Security Token trading systems

The FSC shall license Security Token trading systems. Thus, any person wishing to establish, maintain or operate a system for the trading of Security Tokens in Mauritius shall apply for a Trading Securities System (TSS) licence.

A TSS may, in accordance with the Securities Act and with all other applicable law, make rules for or with respect to the operation of the TSS. Prior to the granting of the licence, the FSC shall ensure that the rules of the TSS include the following:

• The types of Security Tokens that will be traded on the TSS;
• The client on boarding process including customer due diligence checks, admission criteria and other procedures to trade on the TSS;

• The listing process and the minimum listing requirements;
• The order execution rules;
• The arrangements put in place for the safekeeping of the Security Tokens and fiat currency;
• Details regarding whether access to trading information is equitable for all investors;

• Post trade reporting and publication;
• Compliance with prudential and other requirements designed to support the operations of the TSS and reduce the risk of non-completion of transactions;
• Procedures in cases of trading disruptions;
• The arrangements made by the TSS for the monitoring, surveillance and supervision of the TSS to ensure fairness, efficiency, transparency and investor protection as well as compliance with the Securities Act;
• Governance, internal controls and risk management procedures put in place;

• Cybersecurity measures put in place;
• AML/CTF systems in place; and
• Arrangements to ensure compliance with applicable laws and regulations of the jurisdiction in which the Security Tokens will be offered for trading, where appropriate.

Other requirements for setting up a TSS

• a minimum stated unimpaired capital of 35 million rupees or an equivalent amount held in fiat currency;
• subscription to an adequate professional indemnity insurance policy which shall indemnify the TSS, its employees and any person acting on its behalf against liability for any act, error or omission in the conduct of its operations.
• compliance with all legal requirements, including the relevant and applicable Principles for Financial Market Infrastructures issued by the Committee on Payments and Market Infrastructures of the International Organization of Securities Commissions;
• management and control in Mauritius;
• adequate office premises and IT infrastructure from which the TSS’s core functions will be performed in Mauritius;
• Management by a Board of directors of which at least 30% will be independent directors and at least one director will be resident in Mauritius;
• appointment of an external and independent competent third party to undertake an audit of the TSS’s IT systems and processes at least once every year;
• development and application of proper safeguards to ensure that the TSS’s systems and networks are fully protected, consequently limiting or containing the impact of a possible cybersecurity breach;
• appointment of a Chief Technology Officer responsible for establishing, maintaining and overseeing the internal cybersecurity architecture of the TSS, including a self-assessment, at least once every year, to examine the probability of a cyber-attack, and other threats affecting the cyber security of the TSS as well as the impact or magnitude of such attack;
• appointment of duly licensed custodians to hold both the Security Tokens and fiat currency.