Crypto Regulatory Obligations for Risk Management

January 31, 2024

2 min read·Jan 31, 2024

David Melnick, CEO Ledger Works

For Crypto Regulatory Geeks. I have been reading various laws. The big dog will be the EU. Specifically if your interested in the requirements around Risk and Controls, you might find the following excerpts interesting. I always like reading that actual regs from time to time. Let me know your thoughts?

This 166 page regulation requires all EU Countries to implement laws that at a minimum meet these requirements. This addresses both (1) CRYPTO-ASSETS OTHER THAN ASSET-REFERENCED TOKENS OR E-MONEY TOKENS including those that offer and trade in them as well as (2) ASSET-REFERENCED TOKENS including Tokenised Real-World Assets (RWA) as well as Stablecoins.

By way of sum illustrative relevant clauses driving risk and controls see below. Fines can be from 700k to $5m to 3–12.5% of annual revenues for failures

Article 14
Obligations of offerors and persons seeking admission to trading of crypto-assets other than asset-referenced tokens or e-money tokens
Section 1. (d) maintain all of their systems and security access protocols in conformity with the appropriate Union standards.

Article 34
Governance arrangements
Section 8. Issuers of asset-referenced tokens shall identify sources of operational risk and minimise those risks through the development of appropriate systems, controls and procedures.

Article 76
Operation of a trading platform for crypto-assets
Section 7. Crypto-asset service providers operating a trading platform for crypto-assets shall have in place effective systems, procedures and arrangements to ensure that their trading systems:
(a) are resilient;
(b) have sufficient capacity to deal with peak order and message volumes;
© are able to ensure orderly trading under conditions of severe market stress;
(d) are able to reject orders that exceed pre-determined volume and price thresholds or are clearly erroneous;
(e) are fully tested to ensure that the conditions under points (a) to (d) are met;
(f) are subject to effective business continuity arrangements to ensure the continuity of their services if there is any failure of the trading system;
(g) are able to prevent or detect market abuse;
(h) are sufficiently robust to prevent their abuse for the purposes of money laundering or terrorist financing.

Article 92
Prevention and detection of market abuse
Section 1. Any person professionally arranging or executing transactions in crypto-assets shall have in place effective arrangements, systems and procedures to prevent and detect market abuse. That person shall be subject to the rules of notification of the Member State…