The Autorité des marchés financiers (AMF) or Financial Markets Authority released the principles on Wednesday and therefore the guidelines on Thursday last week, opening up the chance for firms to use . the principles and guidelines expand upon France’s PACTE law, one among the primary crypto legislative packages passed in Europe. PACTE passed in May 2019.
To apply, each DASP has got to send the AMF a two-year business plan, an inventory of digital assets the firm goes to service, the list of geographies the firm will operate in and therefore the firm’s organizational chart among other things.
Licensed DASPs are required to possess professional indemnity insurance or a minimum amount of reserve funds, a minimum of one effective senior manager, resilient IT systems, an indoor system , a claims handling procedure, a corporation enabling it to avoid conflicts of interests and procedures to stop concealment and terrorist financing.
The license is optional for crypto firms operating in France, however. The French government only mandates that crypto custodians and any firm handling fiat-to-crypto or crypto-to-fiat services register with the AMF for anti-money laundering and anti-terrorist financing reasons.
The French regulator also released specific rules for crypto custodians, crypto exchanges, crypto broker-dealers, and crypto custodians.
“To the simplest of my knowledge it’s the primary time we’ve seen precisely how a custodian has got to maintain the key to assets on blockchain, and what's the role and liability of the custodian,” said Hubert de Vauplane, a partner at firm Kramer Levin Naftalis & Frankel.
The French government, with the assistance of the AMF, has defined crypto-asset custody service as “mastering” the “means of access” (cryptographic keys) for a 3rd party’s digital assets and keeping track of their positions, said Emilien Bernard-Alzias, a partner at firm Simmons & Simmons in Paris. New rules for licensed custodians under its general regulations include multi-validation for customers' transactions and compensating clients if the custodian cannot restore control of these assets.
In its guidelines, the AMF notes the safety risks that blockchain poses and asks crypto firms to supply the regulator with an in depth cybersecurity program that mitigates risks and complies with Europe’s general data protection regulation. Crypto firms are liable for the cybersecurity of the digital asset service they supply and must undergo regular technical audits.
“The AMF is trying to require crypto firms by the hand to assist them comply,” Bernard-Alzias said. “For other financial service providers there are requirements for a robust IT system, but the AMF guidance doesn't have many details for them as they are doing for crypto firms ... For this, the AMF has crypto firms explain at the start what they're getting to do, and this is often new for us in France.”