As stated in its Communication dated 8 February 2021, the Commission de Surveillance du Secteur Financier (CSSF) embraces the challenges raised by financial innovation such as virtual assets. As part of its mission, the CSSF is committed to promote an open, technology neutral and prudent risk-based regulatory approach.

Virtual assets have taken a multitude of different forms, have seen an exponential growth over the last few years and have generated a strong interest as a potential new asset class for professionals, as well as investors.

The new and evolving sector around virtual assets raises numerous questions from professionals under the supervision of the CSSF and professional associations as to the opportunities and concrete possibilities to engage in activities involving virtual assets in the broadest sense of the term. Many of these questions notably concern investments in virtual assets by investment funds, direct investments (as opposed to indirect investments using derivative instruments) in virtual assets or depository duties in the context of virtual assets.

The CSSF herewith publishes a guidance, composed of the present communication and FAQs (UCIs, credit institutions) that will be regularly updated, with the aim to provide professionals with concise answers to the main practical issues they are facing.

Virtual assets may indeed present potential benefits for professionals as they may constitute an alternative to diversify their portfolios with a variety of additional types of assets.

The very large diversity of virtual assets ranges indeed from digital representations of traditional assets with a simple return/risks rationale to more complex representations of rights that are more difficult to assess.

Although all tokens constitute a digital representation of value, that can be digitally traded, or transferred, and are provided by the same technology using DLT and cryptography, they also come with a variety of rights (non-exhaustive list):

- they may have different purposes or even multiple purposes (such as payment, investment or utility),

- they may come with an underlying or sophisticated stabilisation mechanisms designed to follow one or more baskets of assets (e.g. “custodial” stablecoins collateralised by fiat, gold, equity… or even by a cryptocurrency reserve assets) or simply constitute a new type of asset without underlying that does not exist outside of the DLT space (e.g. cryptocurrencies),

- although the majority of tokens is unregulated and thus does not fall under any existing legislation (such as cryptocurrencies for example), those that fulfill the conditions of financial instruments or e-money are subject to the relevant regulations,

- their characteristics may even be so specific and unique that they are not fungible and not interchangeable (such as NFTs),

- they may be created to finance a specific project (such as the creation of a new cryptocurrency or other in the context of an initial coin offering (ICO) or the tokenisation of real estate in the context of security token offering (STO)).

It is precisely the intrinsic characteristics and functions of the tokens that will determine their risks and possibilities for a professional of the financial sector to get involved in them. The annexed FAQs will therefore for ease of reference mention for each question the type of professional and type of virtual asset that is targeted.

Due diligence

Any activity involving virtual assets entails specific risks pertaining to their volatility, liquidity, technological risk, counterparty, custody or even reputation. Any entity under the prudential supervision of the CSSF interested in pursuing an activity involving virtual assets bears the responsibility to carry out a thorough due diligence and to carefully weigh up the risks and benefits associated with the proposed virtual assets activity with respect to the entity’s existing business model and risk appetite.

Internal governance arrangements

Internal governance must ensure a sound and prudent management of all the activities of the entity and the internal governance arrangements shall include a clear risk-taking process including a risk appetite that is formally and precisely defined in all the business areas and a rigorous decision-making process.

The management body of the entity is thus responsible for developing:

- A business strategy with respect to the activities involving virtual assets. The development and maintenance of a sustainable business model requires that all specific risks pertaining to virtual assets are properly considered.

- The risk strategy concerning virtual assets, including notably the definition of the risk appetite and the overall framework for risk-taking and risk management.

Regulatory updates

Entities are further reminded of the need to closely follow any regulatory developments and in particular those concerning the prudential treatment of virtual assets and the related practical implications for their investments and customers.

Professionals will remain obliged to carefully weigh up the risks and benefits associated with the proposed virtual assets activities considering current regulations. Professionals should also consider and adapt their business and operational arrangements activities to concrete foreseeable regulatory developments, as for example those under the upcoming European Markets in Cryptoasset Regulation (MICA) that will regulate certain virtual assets which until now have fallen outside of the scope of existing legislation.

Finally, professionals should proactively engage with the CSSF when planning any activity involving virtual assets.

Source : CSSF