The Intergovernmental Fintech Working Group (IFWG) has released its long-awaited position paper on Crypto Assets (the Position Paper) following the initial consultation paper published in 2019. The IFWG was established in 2018 and is made up of regulators representing different South African regulatory regimes, from financial services and banking regulators such as the Financial Sector Conduct Authority and the South African Reserve Bank, to the South African Revenue Service as the regulator of taxation regulation.
The IFWG's initial exploration of the South African crypto asset market culminated in the 2019 consultation paper (the Consultation Paper) which provided an overview of the regulatory and market risks and benefits associated with the emerging crypto assets industry. The Position Paper published in 2020 builds on the observations set out in Consultation Paper, and has provided the industry with an outline of the potential regulatory framework for the South African crypto assets industry.
The Position Paper suggests that crypto assets be accommodated within the existing South African regulatory framework, whilst ensuring that sufficient safeguards be implemented. The Position Paper proposes thirty recommendations to address the key operational, market and consumer risks identified by the regulators as well as to enable South Africa to participate safely in the global crypto assets market.
We set out some of the most pertinent recommendations below.
- The regulation of crypto asset service providers (CASPs). The focus of the Position Paper is not on the regulation of crypto assets themselves but rather on the regulation of services rendered regarding crypto assets and the regulation of CASPs. To this end, the Position Paper provides a list of specifically identified CASPs, including trading platforms, the buying and selling of crypto assets, crypto asset fund providers and wallet providers.
- CASPs will be required to register as "accountable institutions" under the Financial Intelligence Centre Act, 2001 (FICA). The provisions of FICA, as South Africa's primary anti-money laundering regulatory framework will become applicable to CASPs, as a result of South Africa's obligation to adhere to FATF Recommendation 15 which now requires CASPs to be subjected to formal anti-money laundering (AML) regulation. In accordance with FICA, CASPs will be required to "KYC" their customer using a process that best aligns to the risks of the particular CASP. However, there remains uncertainty, both nationally and internationally, as to how AML risk should be identified and assessed in the crypto asset industry.
- Crypto assets remain without legal tender status and will not be recognised as e-money. However, crypto assets may be used as a medium of exchange where merchants choose to accept crypto assets as a payment method.
- The FSCA should become the responsible authority for the regulation of services related to buying and selling of crypto assets. Crypto assets may take many forms including that of an investment instrument, a digital representation of a consumer service, or utility distributed through a blockchain. However, due the wide definition of "crypto assets" provided in the Policy Paper, regardless of the type or purpose of the crypto asset, it will subject to financial service regulation.
The Position Paper is welcomed as it provides greater certainty than the Consultation Paper around the risks of crypto assets and the regulatory regime which is best suited to house them. Notably, however, the Position Paper fails to propose recommendations around data protection. It is most unfortunate, as the digital environment in which CASPs operate have the potential to inflict some serious infringement to a person's or an organisation's privacy rights. In addition, although cybercrime is mentioned as a threat to crypto asset trading platforms, and the Position Paper states that CASPs should ensure that they meet the international cybersecurity standards for the safeguarding of crypto assets, the Position Paper arguably does not go far enough to protect against the growing cybercrime threat which is so prevalent in this 4th Industrial Revolution.