Cryptocurrencies and distributed ledger technologies (DLTs) continue to change the world. We are at the stage of forming complex concepts of regulation for cryptocurrencies and blockchain. Therefore, today it is extremely important to understand all the intricacies of regulation from the usage of crypto assets.

Grant Thornton Cyprus is constantly monitoring all the regulations regarding digital assets globally, as to cater for its international clientele, when it comes to distributed ledger technologies. Our multidisciplinary team covers all aspects of digital asset professional services and is ready to accommodate customized solutions according to your needs. In an effort to raise awareness and educate the general public we have launched a series of articles covering the most important updates from the DLT world. Recently, we had several updates resulting from the wiliness of the Republic of Cyprus to accommodate the use of the technology under its National Strategy for Blockchain. In this article, we summarize the most recent updates in relation to the regulation for crypto assets, DLT and CASP (Crypto Asset Service Providers), as opposed to the definition Virtual Asset Service Providers (VASPs) used by the Financial Action Task Force.


Cyprus DLT Bill on public consultation

The Ministry of Finance of Cyprus is preparing to implement a national strategy for the implementation and use of blockchain technology, and for this reason, the Ministry has prepared a draft bill, which was published for public consultation on the 6th of September 2021.

The DLT Bill was drafted based on the direction set by the National Strategy on Blockchain and DLTs. International experts and Cypriot lawyers contributed towards the conceptualization of the DLT Bill. In summary, the DLT Bill aims to:

- the development of a conceptual framework for DLTs.

- a framework for legally assessing "smart contracts" and their usage as court evidence.

- provide a direction towards the development of a legal framework for the supervision of persons providing services in the field of financial services with the use of virtual assets.

- to safeguard consumers and potential investors.

The purpose of the draft DLT Bill, issued by the Ministry of Finance of Cyprus, is to regulate the status of various records and transactions carried out on services supported using DLTs. Furthermore, the Bill provides a definition for smart contracts and sees them as legally binding and valid contracts that can be used in legal courts. It is unlikely that Chapter 149 of the Cyprus Contract Law will include smart contracts as valid contracts unless they abide by the provisions of the law regarding the formation of legally valid and binding contracts, i.e. offer and acceptance, consideration, intention to create legal relations and capacity. Overall, the Bill aims to facilitate the use of distributed ledger technology including blockchain technology. Thus, a balance should be achieved between the need to promote innovative technologies, their correct use, stimulation of innovation and the measures against money laundering, as well as, an adequate level of protection for investors and consumers.

As the DLT Bill is still in a draft form and out for public consultation, we will refrain from publishing our specific comments in public, but will address them to the Ministry through the recognized industry Body, the Cyprus Blockchain Technologies Think-Tank of which we are founding members.

As a general comment however, we feel that the DLT bill still needs to clarify:

  • How would it enable Cyprus to distinguish itself as a leading, innovative, and sustainable location for DLT projects?
  • How will it ensure credibility and provide the legal certainty to users wishing to make use of a DLT platform?
  • How innovation would be fostered within this legal framework?



Furthermore, on September 13th, the Cyprus Securities and Exchange Commission (“CySEC”) issued a Policy Statement on the Registration and Operations of Crypto Asset Services Providers (“CASP”) – to outline its position for CASPs (crypto asset services providers) under the Prevention and Suppression of Money Laundering and Terrorist Financing Law of 2007 (the “AML/CFT Law”).

According to the updated policy, an individual who provides or carries out services or activities related to crypto assets must immediately inform CySEC. The service provider is obliged to register with CySEC if the validity of its registration is expired or if its entry in the register is modified. Moreover, if the service provider registered multiple entities in a Member State of the EU (European Union), it must provide all registration details to the Commission.

CASPs must comply under the AML/CFT Law and must therefore fully abide by the obligations stemming from the Cumulative CASP Rules, which include:

  • performing Know Your Client (KYC) and other client Due Diligence measures
  • drawing the Economic Profile of their clients
  • identifying the Source of Funds of their clients
  • monitoring the clients’ crypto asset transactions and wallet addresses
  • identifying and reporting suspicious transactions.

Apart from these compulsory rules, CySEC amended Paragraph 5, where it expects CASPs to maintain a register of crypto wallet addresses of their clients and maintain all filing data related to crypto asset services they provide. Furthermore, CySEC must be made aware of the geographical location of the customers and whether CASPs enable customers to make crypto payments.

Over time, CySEC is expected to publish additional directives for CASP filing requirements. In addition, relevant directives describing organizational and functional requirements and any other obligation to ensure that the crypto asset Service Provider complies with all relevant laws are expected.


CySEC classifies Crypto-Asset Service Providers into three classes

Class 1: includes CASPs that provide investment advice with an initial capital of 50,000 EUR.   

Class 2: CASPs that provide any of the following services, with an initial capital of 125,000 EUR:

  • reception & transmission of client orders
  • execution of orders on behalf of clients
  • exchange between crypto assets and fiat currency
  • exchange between crypto assets
  • participation and/or provision of financial services related to the distribution, offering and/or sale of crypto assets, including the initial offering
  • placement of crypto assets without firm commitment
  • portfolio management.

Class 3: includes service providers of Class 1 or Class 2 with an initial capital of 150,000 EUR that expand the scope of their activities to:

  • administration, transfer of ownership, transfer of site, holding, and or/safekeeping, including custody of crypto assets
  • underwriting and/or placement of crypto assets with firm commitment
  • operation of a multilateral system, which brings together multiple third-party buying and selling interests in crypto assets in a way that results in a transaction

As a final comment, there seems to be an overlap between the CASP/CySEC reference and the 269/2021 Directive, while it is still unknown how the Central Bank of Cyprus will treat crypto assets, as there is no official guideline.


We’re here to help

Grant Thornton’s specialized team on Distributed Ledger Technology has thoroughly analyzed the recent DLT guidelines as to provide the most up to date information on regulatory matters relating to crypto assets. If you have any questions on the topics discussed, feel free to contact us directly to find out more details. Our team of experts is ready to assist and help you understand the specifics of legal and regulatory requirements, and to concretely consult you in exploring a whole new world of opportunities arising by adopting this innovative technology.


CySEC 269/2021 Directive:

CySEC Policy Statement:


DLT Bill – Call for consultation:

Cyprus contract Law:

FATF Public Consultation on VASPs: