In various forms these terms are used throughout Bermuda’s legislative framework with regard to digital assets, including in the Act — and in the Code of Practice and the Digital Asset Custody Code of Practice, which were made pursuant to the Act.

This column focuses on the concept of the “proportionality principle” described in the above codes, together referred to as the “Codes”.

As the island’s financial regulator, the Bermuda Monetary Authority supervises, regulates and inspects financial institutions operating in the jurisdiction.

The BMA has developed a risk-based financial regulation that it applies to the supervision of the island’s banks, trust companies, investment businesses, investment funds, fund administrators, digital asset businesses, money service businesses, corporate service providers and insurance companies.

Part of the regulator’s role in this regard is the publication of codes of practice that provide guidance on how licence applications will be evaluated, and the standards and practices expected of a licensed institution.

The Code of Practice outlines the requirements, procedures and standards to be observed by persons carrying on digital asset business while the Digital Asset Custody Code of Practice outlines the standards that the BMA considers to be the acceptable level of care when safeguarding clients’ digital assets.

The codes both apply the proportionality principle when considering the appropriate level of regulation to place on digital asset businesses.

The principle considers the impact of the nature, scale and complexity of an organisation’s business activities on its risk profile, which informs its compliance with each provision of the codes.

For example, a digital asset business that is part of an interdependent group of companies across multiple jurisdictions, offering leverage trading and custody services to millions of individuals in dozens of jurisdictions will have a higher risk profile.

Conversely, a business offering a spot trading exchange that is restricted to Bitcoin, and that is only offered to institutional clients in a single jurisdiction, should have a significantly lower risk profile.

Accordingly, when assessing compliance with the codes, the BMA would not expect the above businesses to have identical governance procedures and risk management frameworks.

The requirement to conduct business in a prudent manner is fundamental to the regulatory regime established by the Act, and the codes state that the BMA will, in assessing the existence of sound and prudent business conduct, have regard for both its prudential objectives and the appropriateness of each provision of the codes for the digital asset business, taking into account that organisation’s nature, scale and complexity.

Although the Act does not define “nature, scale and complexity”, the description of the proportionality principle in the codes describes the terms as follows:

  • Nature includes the relationship between clients and the digital asset business or characteristics of the service provided
  • Scale includes size aspects such as volume of the business conducted or the size of the balance sheet in conjunction with materiality considerations
  • Complexity includes items such as organisational structures and product design

To understand how the terms are applied in practice, it is helpful to look at an example from the codes.

With respect to the protection of clients’ assets, the Code of Practice states that the digital asset business may place client assets in a trust with a qualified custodian, have a surety bond or indemnity insurance, or implement other arrangements to ensure that clients’ assets can be returned to them.

It is clear that this requirement is not intended to apply uniformly to all digital asset businesses and that the nature, scale and complexity of the business in question will inform its application.

For instance, the nature of an organisation’s business may mean that obtaining third-party insurance to cover the value of the assets that it holds in custody is challenging or unaffordable.

However, the same organisation may be able to rely on the scale of its business and its position within a larger group organisation to obtain a surety bond that satisfies the requirement.

As you can see, understanding the nature, scale and complexity of its business in order to comply appropriately with the codes will prove valuable to the regulatory success of a digital asset business.

First Published in The Royal Gazette, Legally Speaking column, March 2023

Twitter LinkedIn Email Save as PDF
More Publications
23 May 2024

Regulatory oversight is key for Bermuda’s insurance sector

Bermuda’s thriving insurance and reinsurance sector requires effective regulatory oversight if it ...

9 May 2024

It is all about the data

All successful enterprises have a voracious appetite for data. The advanced abilities of IT systems ...

3 May 2024

Best Practices for Conducting Investigations into Employee Grievances

Grievance procedures are very important, but often overlooked, procedures that all employers should ...

25 Apr 2024

Trusts, and how they came to be

What traces its history through Ancient Rome and the Crusades, can have many de facto owners, none a...

8 Apr 2024

Electronic dissemination of corporate communications by Hong Kong listed issuers from an offshore perspective

In June 2023, The Stock Exchange of Hong Kong Limited published consultation conclusions to its cons...

3 Apr 2024

Bermuda: Lack of New Players Is Supporting Strong Interest in ILS

All signs point to another very strong year for the catastrophe bond and related insurance-linked se...

2 Apr 2024

Choosing the right structure for your business in Bermuda

Anyone seeking to set up a business in Bermuda has a variety of options, depending on the nature of ...

25 Mar 2024

PIPA Compliance is Not Just a Domestic Affair

As organizations in Bermuda prepare for the full application of the Personal Information Protection ...

25 Mar 2024

How Bermuda trusts can help with worldwide estate planning

Trusts still have an important role to play in onshore tax planning, as acknowledged by the British ...

14 Mar 2024

Privacy Rights Extend Outside Bermuda

As Bermuda prepares for the full application of the Personal Information Protection Act 2016 on Janu...