The Cayman Islands Monetary Authority (“CIMA”) has changed the application form for the registration of Virtual Asset Service Providers (VASPs) through the REEFS portal. Additionally, CIMA has issued an update to the Rule and Statement of...
Stuarts' Fintech, Blockchain and Digital Assets attorneys provide an overview of recent trends and developments in the Cayman Islands for Web3 and digital assets entities, and what you need to know about doing business in the jurisdiction.
The Cayman Islands
The Cayman Islands has been the leading offshore jurisdiction for the establishment of mutual funds and private funds for more than 30 years. Its’ phenomenal reputation has been due in part to the use of innovative legislation and the absence of taxation and exchange controls. This, together with the presence of sophisticated and professional service providers has resulted in the jurisdiction’s reputation for responsible supervision and regulation of funds. In addition, the Cayman Islands has introduced innovative legislation to regulate virtual asset service providers, opening the doors to this expanding market. It is no surprise therefore that when fund managers were looking for the best jurisdiction to establish new funds investing in cryptocurrencies and blockchain products, the Cayman Islands is the top jurisdiction of choice.
The Cayman Islands are home to both regulated mutual funds (open-ended) and regulated private funds (closed-ended) for which both are applicable to cryptocurrency and blockchain structures and are explained in more detail below.
The Cayman Islands has seen a significant rise in the number of fintech funds being established in recent years. Along with the establishment of special economic zones such as Cayman Enterprise City and the introduction of modern legislation such as the Special Economic Zones Act (as Revised) (“SEZ Act”) and regulations for virtual asset service providers such as the Virtual Asset Service Providers Act (as Revised) (“VASP Act”), the jurisdiction has emerged as a global hub for digital assets and in particular, for digital asset funds.
Mutual Funds
Mutual Funds are regulated under the Mutual Funds Act (as Revised) (the “MFA”). The MFA defines a mutual fund as a company, unit trust or partnership that issues equity interests, the purpose or effect of which is the pooling of investor funds with the aim of spreading investor risk and enabling investors to receive profits or gains from the acquisition, holding, management or disposal of investments. Equity interests are defined as a share, trust unit or partnership interest or any other representation of an interest that carries an entitlement to participate in the profits or gains of the company, unit trust or partnership, as the case may be, and which may be redeemed or repurchased at the option of the investor.
The MFA applies to all open-ended funds (funds in which the investors have the right to redeem their interests at their option), except those specifically excluded from regulation. Therefore, tokens which carry an entitlement to participate in the profits or gains of an entity will require registration under the MFA if they are redeemable at the option of the holder.
Types of Regulated Mutual Funds
There are at least six (6) types of mutual funds that are subject to regulation and supervision under the MFA by the Cayman Islands Monetary Authority (“CIMA”) but the one most popular for digital asset funds is the Registered Mutual Fund which has a streamlined registration procedure where:
- the initial minimum equity interest purchasable by an investor is US$100,000; or
- whose equity interests are listed on an approved stock exchange such as the Cayman Stock Exchange.
Requirements for all Registered Mutual Funds
All Regulated Mutual Funds are required to:
- submit to CIMA a current copy of the fund offering document. The offering document must describe the equity interests offered to investors in all material respects and must contain such information as is necessary to enable a prospective investor to make an informed decision as to whether or not to purchase the equity interests;
- submit to an annual audit and file accounts within six months of the end of the fund’s financial year. This will involve appointing an auditor in the Cayman Islands. All of the major accounting firms are represented in the Cayman Island;
- pay a prescribed annual registered fee;
- comply with all corporate governance and ongoing regulatory compliance.
Private Funds
Private Funds are regulated under the Private Funds Act (as Revised) (the “PFA”). The PFA defines a private fund as a company, unit trust or partnership that offers or issues or has issued investment interests, the purpose or effect of which is the pooling of investor funds with the aim of enabling investors to receive profits or gains from such entity’s acquisition, holding, management or disposal of investments, where:
- the holders of investment interests do not have day-to-day control over the acquisition, holding, management or disposal of the investments; and
- the investments are managed as a whole by or on behalf of the operator of the private fund, directly or indirectly,
- the PFA applies to all closed-ended funds (funds in which the investors do not have the right to redeem their interests at their option), except those specifically excluded from regulation.
Requirements for all Regulated Private Funds
The PFA requires closed-ended private funds to register with CIMA. The PFA sets out a registration process for private funds which involves the filing of prescribed details with CIMA and payment of an annual fee.
See the following for more information on Cayman Islands Investment Funds.
Types of Entities Available
Segregated Portfolio Companies
There are many vehicles available in the Cayman Islands through which to operate a mutual fund or private fund but the one which has found the most traction for digital asset funds is the segregated portfolio company (“SPC”). An SPC is one legal entity with different “pots” or “pools” called “segregated portfolios” whose assets and liability are separated and protected (under Cayman Islands status) from the liability of all other segregated portfolios in the same SPC.
The principal advantage of an SPC over a standard exempted company is to protect the assets of one segregated portfolio from the liabilities of all other segregated portfolios. This has been particularly attractive for digital asset funds where many classes of assets are traded and some have significantly more risk than others. The fund managers naturally wish to isolate the risk of the different strategies and the SPC structure provides the mechanism for this.
The Companies Act (as Revised) of the Cayman Islands (the “Companies Act”) states that a creditor will only have recourse to assets from segregated portfolios with which it has contracted, and creditors will have no recourse to the assets of other segregated portfolios of the SPC which are protected under the Companies Act. The Articles of Association of the SPC will have provisions which reflect the Companies Act in this respect.
The benefit of SPCs highlighted above facilitates a more streamlined offering structure for certain mutual funds enabling SPC to be used to structure platforms from which multiple managers can be quickly onboarded into their own segregated portfolio in a structure that has all its service providers already selected and in place.
Digital Assets Investment Trends – Blockchain, Cryptocurrency and Web3 Entities
The Cayman Islands has made a number of legal and regulatory advancements that now make it a leading jurisdiction for blockchain, cryptocurrency and Web3 entities. Entities which are most common in the current marketplace include: Token Issuers, Virtual Trading Platforms, DAO’s, DeFi’s, IP Holding Companies and Exchanges.
The Virtual Asset Service Providers Act and Registration
Since the introduction of VASP Act, the Cayman Islands has seen a steady increase in the number of virtual asset service provider entities establishing businesses, exchanges, platforms, crypto-funds, protocols and innovative technology companies under the new regulatory regime.
These laws form part of a regulatory framework to promote the development and use of innovative financial services (the “Framework”). The Cayman Islands Ministry of Financial services has stated that the Framework seeks to provide regulatory certainty and a solid foundation for legitimate financial services innovators who are operating in or from within the Cayman Islands, whilst also complying with emerging global standards surrounding virtual assets.
The VASP Act applies to any persons or entities involved in providing one more of “virtual asset services. Under the VASP Act “virtual asset services” is defined as the issuance of virtual assets or the business of providing one or more of the following services or operations for or on behalf of a natural or legal person or legal arrangement:
- exchange between virtual assets and fiat currencies;
- exchange between one or more other forms of convertible virtual assets;
- transfer of virtual assets;
- virtual asset custody service; or
- participation in, and provision of, financial services related to a virtual asset issuance or the sale of a virtual asset.
Any organisation offering these “virtual asset services” (including an existing security token offeror), which does not require a licence (exchanges and custodians), will be required to register with CIMA and pay the required assessment and application fees.
Token Issuers and Developers
A token issuer can be set up as a standalone entity to issue tokens or NFT’s (the “Token Issuer”) or more commonly as a subsidiary of a second entity that develops the platform or protocol (the “Developer”) and in this way much of the regulatory liability of the Token Issuer is separated from the value built up in the Developer entity. Many Web3 and blockchain companies choose an exempted limited company as the tax neutral vehicle to be the Token Issuer but for the Developer there are a number of choices when it comes to which entity to use:
- an exempted limited company can be used for the Developer;
- a Cayman Islands Special Economic Zone Company ("SEZC") can be used, being a form of exempted limited company established within the Cayman Islands Special Economic Zone (“SEZ”) and which enjoy several special benefits due to that status;
- a Cayman Islands foundation company can be used for the Developer; and
- if the Developer or platform entity has already been formed in a jurisdiction outside the Cayman Islands then that company may be used.
Where a dual-entity structure is used, careful consideration should be given to the documentation of the commercial relationship between the entities. Licensing agreements, development agreements, service agreements or other commercial agreements are crucial as they ensure that it is clear – to investors, regulators, and other interested parties – what role each entity is undertaking within the structure.
For example, under the VASP Act, a "virtual asset" is defined as a digital representation of value that can be digitally traded or transferred and used for payment or investment purposes but does not include digital representations of fiat currencies. The Token Issuer will be required to register with CIMA under the VASP Act, careful agreements need to be drafted to ensure that the Developer is not also caught by the registration requirements of the VASP Act.
Platform Controlling Entities
An entity that controls a platform that only provides a forum where sellers and buyers may post bids and offers or, a forum where the parties trade in a separate platform or in a peer-to-peer manner will be exempted from the requirement to obtain a license from the CIMA under the VASP Act. This kind of platform controlling entity could be formed using any one of the previously described legal forms, but most commonly would use an exempted company.
Decentralised Autonomous Organisations (“DAO”)
Combining the limited liability protections of a corporate entity with the flexibility of a trust, the Cayman foundation company provides DAO projects with a very user-friendly option. Foundation companies, unlike trusts or partnerships, have separate legal personality, can hold assets, assume obligations, sue, and be sued. However, a key distinction of a foundation company is that it can be structured without shareholders, and so does not have a clear “owner”. In place of shareholders, the foundation company can be supervised by a supervisor (or even multiple supervisors if desired). A supervisor has no ownership or economic entitlement in the foundation company but simply acts as a steward, ensuring that the directors of the foundation company observe their obligations to the DAO pursuant to the foundation company's governing documents. Therefore, with no shareholders, all the officers of a foundation company simply have the objectives of the DAO as their priority – similar to trustees and enforcers carrying out the objectives of a trust. Foundation companies are covered further below.
For Web3 projects looking to issue virtual assets privately, the foundation company is also able to represent the DAO. The VASP Act only regulates the sale of virtual assets to the public. Private sales which are not advertised, and made available to a limited number of persons who are each selected prior to the sale by way of a private agreement, may well fall outside of scope. Furthermore, as the definition is limited to sales for consideration, airdrops and bonus issues should also be excluded.
Where the DAO wishes to carry on virtual asset services activities, one alternative is to create a wholly owned subsidiary of the foundation company in a virtual asset-friendly jurisdiction. The Cayman foundation company will then procure the subsidiary to carry on whichever activities it cannot perform from the Cayman Islands. Whilst this structure is more complex it allows projects to take full advantage of the benefits of the foundation company vehicle in a way that ensures compliance with the VASP Act.
The Special Economic Zone (SEZ)
The SEZ was established pursuant to the SEZ Act. A Special Economic Zone Company ("SEZC") is a special form of Cayman Islands exempted company which is licenced and permitted to operate from within the Cayman Islands’ SEZ and offers a streamlined process to establish a physical presence in the Cayman Islands quickly and efficiently. Of note for digital asset investors and entrepreneurs, the establishment of Cayman Technology City within the SEZ, allows technology companies looking to expand in the Cayman Islands the opportunity to avail of unique benefits that are not extended to other local companies such as:
- no requirement to maintain a trade and business licence;
- no requirement for Caymanian majority control of the business;
- no restrictions on the transfer of any investment in or by an SEZC within the SEZ;
- no restriction on investing in another SEZC;
- expedited grant of five-year work permits;
- expedited set up within ten days;
- exemption from direct or indirect taxes;
- exemption from certain import duties and fees.
Using Cayman Technology City and the benefits of the SEZ, companies can quickly and cost-effectively establish a genuine physical presence offshore with staffed offices within the SEZ. This has become a popular trend among technology companies establishing in the Cayman Islands and has contributed to the significant growth of the jurisdiction in the digital assets market.
See the following for more information on Cayman Special Economic Zone Companies.
Decentralised Finance (“DeFi”)
The Cayman Islands has long been a jurisdiction of choice for a variety of financial products and its flexible regulatory environment makes it ideal to use the exempted company or foundations to accommodate the latest shift towards a variety of DeFi products. For DeFi projects the foundation company can provide a legal ‘wrapper’ with corporate personality. In this role the foundation company can undertake many of the real-world activities required by the DeFi project.
For example, the foundation company can act as a service provider for DeFi projects by signing documents and engaging developers or consultants on behalf of the project. It can also act as a fundraising vehicle for early stage and VC private funding (something expressly provided for by the VASP Act) or it can hold a DeFi project’s treasury assets to pay for services that are needed on an ongoing basis. The foundation can also act as the entity that opens and operates a bank account for fiat currency if this is required.
This can also provide a vehicle for airdrops, which can be an effective way to promote decentralisation, and grants to support those interested in helping a project. The company can also provide marketing and development services for NFTs, P2E games and metaverse projects.
A foundation company also provides a corporate parent or holding entity for subsidiaries, potentially formed in other jurisdictions, to be formed. These subsidiaries can then carry out functional activities for the project if they better suited to the particular circumstance of that activity. DeFi products are subject to compliance with the VASP Act.
Intellectual Property Holding Companies
In addition to either the token and coin offering structures and sometimes as a complementary entity to a DAO, some clients wish to incorporate a separate entity to separate IP holding companies or separate software operators in addition to the above. This choice is often driven by the preferences of each business, its risk appetite and its tax considerations.
The preferred vehicle for an entity established to hold Web 3.0 intellectual property is an exempted limited company. Any vehicle established for the sole purpose of holding, exploiting or receiving income from intellectual property assets will not be required to register with CIMA under the VASP Act, but it will be required to satisfy an extended economic substance test under the International Tax Co-operation (Economic Substance) Act (as Revised) (the “ES Act”). If the satisfaction of the extended economic substance test under the ES Act would be too onerous or cause problems, then it may be more beneficial to use a foundation company for this purpose, as foundation companies are specifically excluded from the ES Act.
AML and Corporate Governance in the Cayman Islands – An Evolving Landscape
The Cayman Islands have emerged as a prominent offshore financial center, attracting a myriad of international businesses and investment funds. To maintain its reputation as a transparent and well-regulated jurisdiction, the Cayman Islands have established a robust regulatory framework that encompasses both Anti-Money Laundering (“AML”) and corporate governance. These regulations are crucial in ensuring the integrity and stability of the financial sector, while also complying with global standards set by international bodies such as the Financial Action Task Force (“FATF”) and the Organisation for Economic Co-operation and Development (“OECD”). In this dynamic regulatory landscape, businesses operating in the Cayman Islands must adhere to stringent AML requirements and corporate governance practices, making it essential for companies to navigate these complexities effectively to thrive in this jurisdiction.
AML Obligations and Officers
The Cayman Islands AML Regime requires that a financial service provider (“FSP”), such as regulated mutual funds and private funds, must appoint an AML Compliance Officer (“AMLCO”), Money Laundering
Reporting Officer (“MLRO”) and Deputy Money Laundering Money Laundering Officer (“DMLRO”) and each of those persons must comply with their specific roles and responsibilities. The AMLCO is required to oversee the compliance function of the FSP. An FSP is required to appoint an AMLCO at the management level, who shall be the point of contact with the supervisory and other competent authorities. AMLCOs are required to have the authority and ability to oversee the effectiveness of FSPs’ anti-money laundering/countering the financing of terrorism (“AML/CTF”) systems, compliance with applicable AML/CTF legislation and guidance and the day-to-day operation of the AML/CTF policies and procedures.
Each FSP must also designate a suitably qualified and experiences person as MLRO at management level, to whom suspicious activity reports (“SARs”) must be made by staff. FSPs must also designate a DMLRO, who should be a staff member of similar status and experience to the MLRO. An FSP may designate its ALMCO to act as MLRO or vice versa as far as the person is competent and has sufficient time to perform both roles efficiently. Where an individual is both MLRO and AMLCO, that person should understand the roles and responsibilities.
Outsourcing of AML Obligations
FSPs are permitted to delegate/outsource the performance of certain AML obligations on the basis that they:
- maintain the requisite outsourcing policies and procedures;
- assess the associated risks (including the country risk) prior to entering into the proposed outsourcing arrangement;
- conduct due diligence on the proposes outsourcing service provider (“OSP”) and also ensure that the OSP is fit and proper to perform the activity that is being outsourced;
- ensure that the outsourcing agreement clearly states the obligations of both parties including a timeframe that the OSP reports regularly to the FSP, access to all the information or documents relevant to the outsourced activity maintained by the OSP is provided to the FSP, the OSP is required to file a SAR FSP in case of suspicions arising in the course of performing the outsourced activity
- ensure, where the outsourcing arrangement allows for sub-contracting, that while sub-contracting, the OSP follows the outsourcing standards equivalent to that of the FSP;
- develop a contingency plan and a strategy to exit the arrangement in the event that the OSP fails to perform the outsourced activity; and
- ensure that where the OSP operates from a country outside of the Cayman Island sin which the standards are lower when compared to the Cayman Islands, then the OSP should adopt the Cayman Islands’ standards. The same approach should be adopted in case of sub-contracting, Where the sub-contractor is from a country whose standards are lower when compared to the Cayman Islands, the subcontractor should adopt the standards of the Cayman Islands.
See the following for more information on Stuarts' AML and Regulatory Services.
Corporate Governance Updates
In an effort to maintain the Cayman Islands’ regulatory framework standard to that of FATF and the OECD, CIMA has brought into force its new ‘Corporate Governance Rule’ and ‘Internal Controls rule and Statement of Guidance’. These rules will apply to all CIMA regulated entities, introducing binding obligations and the potential for fines and regulatory action in case of breaches. The following information explains the key provisions of these new rules, highlighting their implications and outlining the requirements that entities must meet to ensure compliance.
Corporate Governance Rule
The Corporate Governance Rule mandates that the corporate governance framework of CIMA entities should be proportionate to their size, complexity, structure, nature of business, and risk profile. This rule places a strong emphasis on proper management oversight and the protection of relevant stakeholders' interests.
Key provisions of the Corporate Governance Rule include:
- Governing Body Meetings: Regulated entities are required to convene governing body meetings at least once a year. These meetings are expected to discuss the composition of the governing body and the entity's policies and objectives.
- Outsourcing Oversight: Even when outsourcing occurs, responsibility remains with the governing body. They must designate a person responsible for reporting on all compliance matters. Depending on the business structure, this requirement may be delegated via reports.
Internal Controls Rule and SOG
The Internal Controls Rule and SOG aim to secure assets, maintain precise records, and yield dependable financial, operational, and regulatory reports. This rule consists of two parts.
Part I: General Rules and Guidelines: Part I sets principles applicable to all regulated entities. It highlights five fundamental aspects of internal control, including Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring Activities.
Part II: Sector-Specific Rules and Guidelines: Part II focuses on distinct sectors, such as trust companies, company managers, corporate services providers, and securities investment businesses. This segment provides sector specific regulations and guidelines to ensure each part of regulated entity's adherence.
CIMA acknowledges that regulated entities may outsource functions or be part of larger groups. In such instances, they can rely on service providers or group controls, subject to certain conditions. The governing body must prove to CIMA that the service provider's internal control system aligns with the Internal Controls Rule and SOG. This may necessitate confirmation from the service provider and a gap analysis to ensure compliance with local requirements. Entities within a group may depend on the group's internal control system. However, the governing body must ensure that the group's controls are harmonized with the structure of the regulated entity.
To comply with the new CIMA rules, regulated entities must prioritize the following:
- Documentation: Maintain well-documented internal control systems to monitor and prove compliance.
- Training: Regularly update staff training to align with policies, procedures, and legal requirements.
- Committees: Establish compliance and audit committees to oversee governance and controls.
- Outsourcing: Ensure service providers meet internal control and SOG requirements through gap analysis.
- Risk Assessment: Identify and mitigate material risks by developing effective control activities in line with policies.
If you would like more information on any of the topics discussed in this article, please reach out to one of Stuarts’ expert attorneys below or email info@stuartslaw.com.
This article can be read in PDF here.