Here is described process setting up the company or a branch for VASP registration, banking account, having all policies, company documentation, accounting and capital in check for launching your VASP services.
We can also assist you in supervision of an ICO, recommend or place an ad for required personnel, introduce you to locally approved IT, AML\KYC screening and transaction monitoring, external audit and other service providers. We also provide in preparation for MiCA licensing process, which will occur by the end of 2024, beginning of 2025.
Requirements and recommendations
Shareholder integrity is not being checked at the moment (to change the end of 2024, with adoption of EU MiCA Regulation). The Board of Management is not necessary, but recommended to have three members already, as it will become mandatory soon. Hence, the shareholders, Director and Board Members need to have an clear criminal record (recommended to take out a criminal clearance record with apostille) and employ of a local MLRO and a Senior Manager (which can be 2 in 1, if he\she is also is a Director or Deputy). Local MLRO must be hired and reported to local FUI (FNTT) in 7 business days of VASP registration. Managing employees are prohibited from working for more than one VASP, unless several such entities belong to the same group of companies. The min. authorized capital is no less than 125.000 Eur. By August/September 2024, all VASP must provide evidence that the capital is in company’s bank account. Foreign companies setting up branches may have an insurance instead, covering at least 100.000 EUR for one client claim and EUR 500,000 for all client claims per year.
Financial Crime Investigation Service (FNTT) is the supervisory authority in Lithuania (FUI) for registration of such crypto related activities at the Company Register:
1) virtual currency exchange operator, and
2) custodian virtual currency wallet operator
By the end of 2024, the supervisory authority for none AML matters, will be the Bank of Lithuania, which will require all registered VASP to license. The process will be much like for payment institutions and additional policies will be required.
Regulation
ICO Management
Operators must perform customer identification and other security screening procedures. The main requirements for legal entities conducting the initial offering of virtual currency (ICO) are set out in Article 251 of the Money Laundering and Terrorist Financing Prevention Law of the Republic of Lithuania[1].
It should be noted that VASP registration does not allow to provide services related to investment in derivative financial instruments, which are associated with crypto-assets (futures and options), contracts for difference (CFD) or crypto-assets linked to securities. Such services must be licensed with the Bank of Lithuania separately. Hence, we can assist in preparation of an application and obtaining such license as well.
Security tokens may be publicly offered in the Republic of Lithuania only after their issuer draws up a prospectus on the securities and submits it to the Bank of Lithuania for approval and publication. The duty to draw up, approve and publish a prospectus shall not be applicable, if the total sales value of all offered security tokens in EU Member States is up to EUR 5,000,000 during a period of 12 months. Otherwise, we can assist you in preparation of a prospectus and submission to the Bank of Lithuania as well.
Reporting
The following must be reported to FNTT about suspicious transactions:
- upon receiving information that the client intends or will attempt to perform a suspicious transaction (immediately);
- about suspended suspicious monetary transactions and transactions carried out by the client (within 3 business hours);
- if it is known or suspected that property of any value is directly or indirectly obtained from a criminal act or participation in such an act, as well as if it is known or suspected that this property is intended to support one or several terrorists or a terrorist organization (within 1 business day).
Policies
VASP must establish appropriate internal policies and internal control procedures related to:
- identification and verification of customers and beneficiaries;
- risk assessment, risk management, taking into account the identified types of risk;
- organizing the monitoring of business relations and/or operations;
- implementation of international financial sanctions, restrictive measures;
- providing notifications and information to FNTT;
- managing registration logs;
- storage of information specified in the law;
- updating customer and beneficiary identification information;
- organization of training for employees in order to properly acquaint them with the requirements for the prevention of money laundering and/or terrorist financing
KYC and Transaction Monitoring
It is mandatory to establish and verify the identity of the client and the beneficiary before starting a business relationship.
From January 1, 2023, it is mandatory to establish and verify the identity of the customer before performing virtual currency exchange operations or transactions in virtual currency with funds equal to or exceeding 700 Eur or an equivalent amount in foreign or virtual currency, or before depositing in the virtual currency depository currency wallet or by withdrawing from it virtual currency, the amount of which is equal to or exceeds 700 Eur or an amount corresponding to it in foreign or virtual currency, regardless of whether the transaction is concluded by performing one or several interconnected operations (the value of the virtual currency is determined at the time of performing the monetary transaction or concluding the transaction), except in cases where the identity of the client and beneficiary has already been established.
In the case of several interconnected monetary transactions, the identity of the customer must be established immediately after it is determined that several monetary transactions are interconnected. Several monetary transactions are considered to be related to each other, if the customer performs several virtual currency exchange operations or transactions in virtual currency with funds equal to or greater than 700 Eur or an equivalent amount in foreign or virtual currency per day, or performs several virtual currency deposits into the depository of virtual currency per day currency wallet or withdrawal operations from it, the amount of which is equal to or exceeds 700 Eur or the equivalent amount in foreign or virtual currency.
It is mandatory to provide FNTT customer identification data and information about performed virtual currency exchange operations or transactions in virtual currency, if the value of such monetary operation or transaction is equal to or exceeds 15.000 Eur or the equivalent amount in foreign or virtual currency, regardless of whether the transaction is concluded by one, or several interrelated monetary transactions. For the purposes of this article, several interrelated monetary transactions are considered to be several virtual currency exchange transactions or transactions in virtual currency in funds performed during the day, when the total amount of transactions and transactions in funds is equal to or exceeds 15.000 Eur or an equivalent amount in foreign or virtual currency.
From January 1, 2025, the operator of the virtual currency exchange or the operator of depository virtual currency wallets initiating the operation shall collect, store and transmit the instruction to perform the transaction to recipient operators or financial institution of the recipient, together with such information below. Otherwise, transactions should not be accepted.
1) information about the initiator of the transaction - a natural person:
a) name(s), surname(s);
b) unique transaction code;
c) payment account or deposit virtual currency wallet identification codes;
d) type of identity document, its number;
e) personal identification number (foreigner's date of birth, if any, personal identification number or other unique sequence of characters assigned to this person to identify the person) and citizenship (if the person is stateless, indicate the country that issued the document confirming the personal identity);
f) residential address.
2) information about the initiator of the transaction - a legal entity:
a) name;
b) unique transaction code;
c) payment account or deposit virtual currency wallet identification codes;
d) the code (if the code is not provided, the registration statement);
e) registered office address.
3) information about the recipient of the transaction - a natural person:
a) name(s), surname(s);
b) personal code (foreigner's date of birth, if any, personal code or other unique sequence of characters assigned to this person to identify the person);
c) payment account or deposit virtual currency wallet identification codes.
4) information about the recipient of the transaction – a legal entity:
a) name;
b) the code (if the code is provided);
c) identification codes of payment accounts or deposit virtual currency wallets.
Operators are prohibited from opening anonymous accounts or accounts under obviously fictitious names, as well as from opening accounts or otherwise starting business relations without requesting data confirming the identity of the client or if there is a reasonable suspicion that the data recorded in these documents is fake or falsified.
Requirements for Conducting Initial Offerings of Virtual Currency (ICO):
1. The persons carrying out the initial offering of virtual currency (ICO) must determine and verify the identity of the person purchasing the virtual currency and the beneficiary in accordance with the procedure set forth in Articles 9-15 of this law before performing single or multiple interrelated monetary transactions or virtual currency transactions or entering into transactions, the amount of which is equal to or exceeds 3,000 euros or an equivalent amount in virtual currency (the value of the virtual currency is determined at the time of execution of the transaction or the conclusion of the transaction), regardless of whether the transaction is concluded in the course of one or several interconnected monetary transactions, as well as to take the necessary measures for assets and funds, relating to a business relationship or transaction to identify the source.
2. The persons carrying out the initial offering of virtual currency (ICO) must, at the request of the Financial Crimes Investigation Service, provide the requested information within 7 working days from the moment of receiving the request. If a shorter deadline for the submission of information is determined in the requirement of the Financial Crimes Investigation Service to provide the requested information, the persons carrying out the initial virtual currency offering (ICO) must submit this information within the deadline of the information submission set in the requirement of the Financial Crimes Investigation Service to provide the requested information.
3. The persons carrying out the initial offering of virtual currency (ICO) and their employees are prohibited from informing the client or other persons that information about the client's financial transactions or transactions or any other information has been submitted to the Financial Crimes Investigation Service or another supervisory authority.
4. Persons carrying out the initial offering of virtual currency (ICO) copies of the documents confirming the identity of the persons referred to in paragraph 2 of this article, the beneficiary's identity data, live video transmission (live video broadcast) records, other data obtained during the identification of the person purchasing the virtual currency , account and/or contract documents (original documents) and monetary transactions, virtual currency transactions or transaction confirmation documents and data or other legally valid documents and data related to the performance of monetary transactions, virtual currency transactions or the conclusion of transactions must be kept 8 one year from the day of the end of the transaction with the person purchasing the virtual currency.
Further info:
Valters Gencs, info@gencs.eu, Whatsapp/Telegram/Viber 371-292543441