The BMA has released part II of its consultation paper on the regulatory framework for licensing digital identity service providers (DISP). Part II of the consultation paper emphasizes that the proposed licensing regime is designed to encourage confidence in the sector.

The BMA’s move towards the regulation of DISPs is a logical development in Bermuda’s digital regulatory evolution and will help maintain Bermuda’s position as a trusted market leading digital hub.

Under the proposed regime companies that provide digital identity services will be regulated under a new Digital Identity Service Provider Business Act (Act) and will be required to be licensed and supervised by the BMA.

Scope of Licensing

Under the Act, the provision of both of the following digital identity service activities in or from Bermuda would be considered in scope and require a license from the BMA.

  1. identity proofing and enrolment with initial binding and credentialing; and
  2. authentication and life-cycle management of those digital identities once they are issued.

Similar to the supervisory regime for digital asset businesses, the BMA is proposing a three-tiered licensing regime. This is designed to encourage innovation in the industry whilst protecting consumers through customized supervision. The proposed licensing classifications are as follows:

  • Class T – a defined period license granted for beta testing and piloting;
  • Class M – a modified license granted to entities which have moved past testing and are transitioning to a full license allowing the licensee to conduct all DISP activities for a defined period; and
  • Class F – full license allowing the licensee to conduct all DISP activities.

Key Regulatory Features

The proposed regulatory framework is expected to align with other regulated sectors in Bermuda which (amongst other requirements) will see DISPs required to:

  • maintain a principal place of business in Bermuda and appoint a Bermuda based senior representative;
  • maintain a minimum level of net assets which is expected to range from $10,000 (Class T) to $100,000 (Class M and Class F);
  • notify the BMA of (i) changes in directors and officers, (ii) changes in shareholder controller ownership, (iii) the removal of controllers and officers, and (iv) material changes to the business activities; and
  • implement and maintain robust systems and cyber security policies to protect client information from data breaches and unauthorized access.

Enforcement

In addition to the powers granted to the BMA to restrict, suspend and revoke a license of a DISP for failure to comply with the provisions of the Act, it is proposed that the BMA will also have the power to impose civil penalties of up to $10,000,000. The proposed powers emphasize that accountability is considered a key factor in maintaining security, integrity and trust in the industry.

Next Steps

Part II of the consultation paper seeks to gather further feedback from key stakeholders including in respect of potential uses for digital identity services and any perceived shortcomings. The BMA continues to demonstrate its commitment to developing a framework which is technically sound and practically viable and the more feedback it receives from the industry the sooner this will be can be achieved. The deadline for stakeholder submissions is 2 September 2025.

Share
X.com LinkedIn Email Save as PDF
More Publications
Technology and Innovation
25 Sep 2025

IT Enables Global Business Alignment

In Bermuda, many — if not most — of our international businesses are part of a multinational ent...

Appleby_preview_Bermuda_1
23 Sep 2025

Continuous Compliance: Building Confidence, Reducing Risk

Over the past decade, Bermuda businesses have faced a steady rise in regulatory and legal obligation...

Bermuda-1024x576-1
11 Sep 2025

A guide to selling your Bermuda home

Bermuda homeowners should protect their interests by enlisting expert advice when they decide to sel...

Bermuda-1024x576-1
10 Sep 2025

Discipline Now Key as Pressures on Reinsurers Mount

The reinsurance market is in a strong position after two years of profits and covering its cost of c...

Appleby-Website-Insurance-and-Reinsurance
10 Sep 2025

Education and Acceptance Fuel Wave of New Sponsors in Cat Bond Market

With the catastrophe bond market seeing eleven new sponsors enter the space so far this year, the tr...

Appleby-Website-Insurance-and-Reinsurance
9 Sep 2025

Built on Governance, Driven by Innovation: The Bermuda Advantage

Holding 85% of the cat bond market, Bermuda’s edge in alternative capital is no accident. “Re...

Appleby-Website-Employment-and-Immigration
26 Aug 2025

Walking the Tightrope of Restrictive Covenants

Restrictive covenants in employment agreements can often be a tightrope for employers. Ideally, thos...

ICLG Fintech 21 cover
26 Aug 2025

Insights from the BMA’s Discussion Paper on Responsible Use of Artificial Intelligence in Bermuda’s Financial Sector

The Bermuda Monetary Authority (BMA) recently published a discussion paper on 30 July, 2025: The Res...

Appleby-Website-Insurance-and-Reinsurance
25 Aug 2025

Bermuda – Influential Women in Hamilton: Melinda Mayne

Insurance companies in Bermuda are more open to discussions on diversity and inclusion, though there...

Technology and Innovation
24 Jul 2025

Contracts to Manage AI Risk: Part Two (Bermuda)

In part one of this two-part series about artificial intelligence contracts, I discussed the ways th...