Crypto in Seychelles: lawless frontier or opportunity awaits?

The global crypto-asset regulatory landscape is developing at an unparalleled rate as the world quickly learns and adapts to digital currencies and blockchain technology. 

Based in the Indian Ocean, Seychelles is known for its stunning environmental beauty, which attracts tourists from all over the world. But beneath the spectacular scenery and pure blue waters hides a booming crypto-economy with no official regulations or supervision.

While countries are struggling to deal with crypto-assets issues, the small island nation of Seychelles finds itself in a singular position – it stands out for not having a comprehensive regulation of crypto-assets.This article gives you an overview of the specifics of crypto regulation in this jurisdiction.

Current situation with regard to the cryptoregulation in Seychelles 

It should first be noted that Seychelles law, namely the AML and CFT Act, 2020 (consolidated to 19th May, 2022), enshrines the definition of virtual asset (“VAs”) that means a digital representation of value that can be digitally traded or transferred and can be used for payment or investment purposes and does not include digital representation of fiat currencies, securities and other financial assets.

In Seychelles, legal tender is considered as cash and non-cash payment methods. Under Part V of the Central Bank of Seychelle (“CBS”) Act, 2004, notes and coins issued by the Central Bank shall be legal tender in Seychelles by cheques, payment orders, collection orders, bank cards and other payment instruments as defined in part VII of the Act. Payment instruments outside of this scope are deemed to be illegal. VA falls outside the range of CBS’s defined legal tender payment instruments and is not recognised as a means of payment in the country. Nor has the government of Seychelles or the CBS provided an avenue for using VA as legal tender. Internally, Seychelles has no lawful means for using VA as legal tender, and it is also not captured under Foreign Exchange Act 2009 as foreign currency.

It is necessary to mention that currently there is no legal framework in Seychelles regarding the regulation of virtual assets related activities. Thus, this jurisdiction does not have a Virtual Asset Service Provider (“VASP”) licensing law and there is no VASP supervision and the existing countering the financing of terrorism (“AML/CFT”) and financial services legislative framework is out of step with the rapid transactional activities happening in the VAs space and digital financial transformation.

No guidance on VA and VASPs has been issued in Seychelles to enable potential VASPs to understand and act upon the regulator’s expectations and ML/TF risks associated with VA and related activities, as well as compliance requirements. Due to the lack of legislation, no active engagement with the sector has been undertaken for this purpose.

The general conclusion is that all VASPs domicile or operating from Seychelles are unregistered, unlicensed, unregulated, and unsupervised for AML/CFT purposes.

To confirm the above, on January 10, 2023 Financial Services Authority (“FSA”) has issued “Advisory on Virtual Asset Service Providers alleged to be licensed and regulated by the Financial Services Authority”, in which informs that the FSA does not and has not licensed international business companies (“IBCs”) for the conduct of services linked to any type of VA, virtual currency exchange platforms and other related or similar services. As is the norm for any company, an IBC is required to seek and possess the appropriate authorisation to carry out specific activities in its jurisdiction of operation. Therefore, the FSA recommends that individuals wishing to use the services of any entities claiming to provide services as part of such activities should first conduct their own due diligence and due diligence on those entities, which may or may not be IBCs, and carefully consider the risks, such as loss of funds and potential difficulties in recovering them, in dealing with such services and entities before engagements.

However, it must be stated that Seychelles is in the process of developing a national policy VAs in order to deal with the increasing number of claims about cryptocurrency activities. Naadir Hassan, the country’s finance minister, said the move was pushed by a report on a national risk assessment (“NRA”) conducted by the FSA. As he explained, the financial sector worldwide has undergone a transformation in the last five to seven years in the way it does business, especially when it comes to payment methods.

The aim of the policy will be to establish a legal framework for a better regulation of VA related activities in Seychelles and to keep the public safe. Therefore, the policy will seek to establish legal rules for the registration of VA businesses and issue licenses according to the types of activities permitted in the country.

AML and CFT situation concerning virtual assets and VASPs

Recommendation 15 (REC15) of the Financial Action Task Force (FATF) in relation to New Technologies requires VASPs be regulated for AML/CFT purposes, licensed or registered and subject to effective systems for monitoring or supervision.

But the Seychelles Mutual Evaluation Report stated the following: Seychelles was deemed as being non‐compliant with regards to REC15.

Observing the growing popularity of VA use over a short period of time and the potential for misuse due to the lack of a specific regulatory and legislative framework, the FSA commissioned the Government of Seychelles to conduct an ML/TF risk assessment to cover all sectors that may be affected by VA and VASP activities in the country.

In summer 2022, the National AML and CFT Committee (“NAC”) received the endorsement of the Cabinet of Ministers for the adoption and publication of the National Risk Assessment Report on Virtual Assets and Virtual Assets Service Providers. The VA/VASP NRA was conducted over the first half of 2022 with the primary aim of aiding NAC and its constituent competent and supervisory authorities to assess the ML and TF risks associated with the existing activities within this area and the risks associated with having a VA/VASP regime in the Seychelles.

Based on the findings of the NRA, the exposure to ML/tTF risks in relation to VA/VASPs is very high due to the lack of a regulatory framework. 

The very high level of ML/TF threats to VAs and VASPs in Seychelles in particular is due to the nature of the products and financial secrecy prevalent in international business. Despite the removal of Seychelles from the European Union’s official blacklist of tax havens, the inherent threat remains, as it still lacks reliable financial and human resources, adequate training, and sophisticated technological systems to address the ML/TF risks associated with VA and VASP.

Important key findings of the NRA:

  1. Inherent cross-border risk – many unlicensed VASPs operate in Seychelles with different varieties of VA and offer enhanced anonymity facilities. 
  2. Regulatory arbitrage – patchy and scanty VA and VASP regulatory development globally is creating opportunities for regulatory arbitrage, and Seychelles may be exposed due to a lack of VA and VASP legal framework to regulate the activities of VASPs. Also, the absence of clarification of the taxation legislation on VA may allow tax dodgers to be domiciled in Seychelles
  3. Due Diligence – the fiduciary service and the capital and collective investment providers need to do more on KYC and KYCC information to identify IBCs operating as VASPs.
  4. VASP-related suspicious transaction reportings (“STRs”) – the number of STRs does not reflect the higher number of VASPs involved in the Law Enforcement Agencies enquiries, regulatory notices, and adverse media.
  5. NFT and stablecoins – a significant number of the VASPs are offering NFT, which may be for payment purposes, and stablecoins pegged with currency from unknown sources and consideration of financial risk is also unknown to the NRA. As regulation and supervision of NFTs and stablecoins are nascent or non-existent in many jurisdictions, Seychelles could be emerging as a hub for these activities.

As conclusion

Finally, the lack of cryptoregulation in Seychelles has both opportunities and risks. The authorities must properly take into account the potential benefits of fostering blockchain innovation and business attraction and the risks related to inadequate investor protection and the facilitation of illegal activities. Also, it’s essential to note that the crypto regulatory landscape can develop rapidly and new changes can be made at any time.

The content of this article is intended to provide a general guide to the subject matter, not to be considered as a legal consultation.

photo source

Risk Scoring of Travel Agencies

With the development of the financial monitoring system, money launderers are also improving and coming up with new ways to legalize illegal proceeds.

Tourism and money laundering are seemingly two unrelated subjects. However, the tourism sector has become almost one of the main fields for money laundering by criminals. It is not for nothing that criminals choose unscrupulous travel companies as an intermediary to integrate illegal funds into the financial system.

As is well known, money laundering occurs in three stages: placement, layering, and integration. The nature of travel agencies allows them to be used in all three stages. That is why VASPs and other obligated entities should carefully think about the risk scoring of travel agencies; do not rush to assign them a low or even medium risk level.

Financial Crimes Enforcement Network (“FinCEN”) turned its attention to travel agencies back in 2003. On February 24, 2003, an Anti-Money Laundering Program for Travel Agencies was issued, where FinCEN for the first time drew attention to the risks that travel agencies pose and offered recommendations for their risk management.

What is the danger of travel agencies? The dimension to which particular attention should be paid is that travel agencies are not financial institutions. Accordingly, in most countries, travel agencies are not required to follow anti-money laundering legislation and conduct due diligence on their clients. For example, the Money Laundering and Terrorist Financing Prevention Act of Estonia in Paragraph 2 lists the obligated entities that are subject to the requirement to verify clients, report suspicious transactions to the FIU, etc, however, this paragraph does not include travel agencies, and it makes them a perfect target for money launderers.

The travel agency is a cash-intensive business that offers travel and tourism-related services to the public as a result of agency agreements with airlines, cruise lines, hotels, and other suppliers of travel-related services. Thus, travel agencies can be used by money launderers to mix illegal funds with clean money to make the illegal funds appear legitimate, by providing a reason to purchase high-priced airline tickets, hotels, and other vacation expenses.

After purchasing expensive services, clients might change their mind or feel buyer’s remorse. In these cases, clients usually ask for a chargeback. For example, expensive travel arrangements can be paid for in cash or by third parties and later refunded by known airlines or hotel chains in wire transfers. This transfer of funds would raise minimal suspicion at the recipient’s financial entity. 

Chargebacks are another reason to think about risk assignment of travel agencies since they most often have an elevated level of chargebacks and are highly susceptible to fraud.

In addition, travel agencies reportedly have been used to transfer value through the provision of in-kind services. A travel agent sending groups to a foreign country, for example, can make an offsetting payment in a foreign entity’s EU or other account and instruct that entity to cover the costs of the group during their trip. This method is one way that businesses involved in informal value transfer systems, such as hawala, can transfer funds between entities in various countries. 

Travel agencies can also be created and used as a cover for the terrorist organization. For example, terrorists can use travel agencies to address logistical challenges, such as planning travel and entering false identities into travel arrangements, all while limiting the risk of detection. 

There is already a known case when Islamic State of Iraq and Syria (“ISIS”) created the travel agency in Indonesia to facilitate safe travel for terrorists and avoid detection. In 2015, Indonesian militant suspect Gigih Rahmat Dewe opened a travel agency on Bintan Island, Indonesia. The agency was initially funded by $2,800 provided by Dewe’s handler, Bahrun Naim, an ISIS operative in Syria who was known to have been involved in several terrorist plots in Indonesia. The travel agency’s mission was to facilitate the safe travel of terrorists to their assignments, provide a legitimate cover for money laundering, and generate revenue to fund terrorist attacks. The plan only worked for a few months before the Indonesian National Police’s counter-terrorism squad arrested Dewe and his accomplices for planning an attack on the Marina Bay Sands, a luxury hotel in Singapore.

So, summing up the results of travel agencies’ risk assessment, the following key takeaways can be defined:

  • travel agencies are cash-intensive businesses;
  • travel agencies can be used to solve logistics problems for terrorists;
  • travel agencies can allow the use of false identities;
  • travel agencies can be used in all three stages of money laundering.

Therefore, it is recommended to assign a high-risk level to travel agencies. However, it is also necessary to consider that risk assessment is an ongoing process and if the business relationship with the travel agency does not show signs of suspicious activity, the risk can be reduced to medium.

The content of this article is intended to provide a general guide to the subject matter, not to be considered as a legal consultation.

photo source

Lithuania AML Act application on blockchain and fintech business

Unlike the traditional financial system, digital currencies are particularly interesting for cybercriminals for anonymity and ease of cross border fund transfers.

Thanks to its potential role in the monetary future, the regulative measures should match the emerging nature of virtual assets and risks that need to be mitigated.

EU Regulators demand financial institutions to execute identity checks to verify their clients and to ascertain that they are not dealing with money laundering or terrorist financing. To implement EU Money Laundering Directive into it’s legislation, the government of Lithuania has amended its statutory regulations and by laws, specifically:

  • on 23 July 2020, the Board of the Bank of Lithuania adopted Resolution No 03-106 on the requirements for electronic money institutions and payment institutions regarding internal control, risk management and safeguarding of received funds;
  • on december 17, 2020, the amended provisions of article 10 and 11 of the Law on the Prevention of Money Laundering and Terrorist Financing, (hereinafter –”LPMLTF”) which established client due-diligence norms for both face-to-face and non-face to face identification requirements;
  • on December 30, 2020, the Director of the Financial Crime Investigation Service (hereinafter –”FCIS”) adopted Order No V215 on the approval of technical requirements to perform the client’s due diligence process remotely using electronic means allowing to directly transmit the image.

Under LPMLTF, businesses are required to have the following mitigation measures in place:

  • proper internal policies and control procedures to regularly identify, assess and manage the risk of money laundering and terrorist financing and monitor the competency of control processes;
  • appointment of compliance manager to organise the implementation of anti-money laundering/countering financing of terrorism (AML/CFT) measures and to cooperate with the FCIS;
  • employee awareness raising measures on the AML/CFT policies and valid legal provisions;
  • implementation of company-wide AML/CFT policies.

Client due-diligence

Moreover, the financial operators dealing with virtual currencies should ensure appropriate “Know Your Customer” compliance procedures when physical presence is not feasible. Only in the following instances the financial service providers are allowed to non-face-to-face identification (to establish identity remotely) of the customer and/or beneficial owner:

  • when using a personal data of the customer/beneficiary person from third parties;
  • when using electronic identification schemes issued in EU with high or substantial assurance levels;
  • when personal identification data is verified with a qualified e-signature affixed by a qualified signature certificate;
  • enabling live video streaming by electronic means in either of two ways:
  1. original Identification papers is being recorded during direct video footage and the customer’s identity is confirmed via advanced e-signature;
  2. the image of the customer’s face and original ID presented by the customer is videotaped in the course of direct video streaming;

Entities administering Initial Coin Offering shall determine and verify the identity of the individual who is acquiring virtual currencies and beneficial owners, before conducting monetary operations in the amount of EUR 3,000 or more. Entities must also take appropriate steps to identify the origin of the property and money associated with business affairs or the transaction.

Virtual currency exchange operators should take necessary measures for identification of the customer and the beneficial owner and verification of their identity before conducting digital currency exchange operations and transfer of funds equal to EUR 1 000 or more (even if the transaction is executed in a single operation or for several times as long as these operations seem to be interconnected), except for the cases when the identity has already been established.

Notification requirement

Under LPMLTF, entities engaged in financial services are bound by notification requirements, and timely monitoring shady and unusual monetary transactions that FCIS should be informed about.

Virtual currency exchange operators must notify FCIS when there is a financial operation equal or in excess of 15 000 EUR, or equal amount in foreign or digital currency, whether the financial transaction is executed in single or several linked operations.

Legal entities which have started or ended business activities of a virtual currency exchange operator or custodian wallet operator are required to notify the data processor of the register of legal entities within a period not later than 5 working days on the commencement and termination of their activities. Thereby, virtual currency exchange operators and custodian virtual currency wallet operators confirm that they and their management team are compliant with statutory requirements of AML/CFT policies.

As the business is going global, thanks to technological advancements, payments are now made 24/7. Our team advises on the progressive areas of e-transactions, blockchain and digital currency to help companies and new market participants to maintain regulatory compliance, implement best AML/CFT practices, governance arrangements and mitigation tools to address those risky areas of financial service.

Our team helps your business in the following matters:

  • incorporate your company and establish financial entities;
  • assistance in obtaining operating licenses from FCIS (payment institutions, electronic money, virtual currency exchange operator);
  • open an account in a payment system or in a banking institution.

Manimama strives for excellence in every case to meet customer’s expectations.

The content of this article is intended to provide a general guide to the subject matter, not be considered as a legal consultation.

photo source