News - COREDO - corporate finance


Challenges Faced by PSD2 and the Need for PSD3

On 28 June 2023, the European Commission presented a series of proposals comprising the Payment Services Directive 3 (PSD3)1 and the Payment Services Regulation (PSR). These new rules are the successors of the Payment Services Directive 2 (PSD2)2, which was introduced to transform the European Union payment market by enhancing user protection, fostering innovation and creating a fair environment for payment service providers (PSPs).

Evolution of European Payment Services Regulation PSD3 vs PSD2While PSD2 has brought notable improvements, it has faced particular challenges that have required updating the regulatory framework to adapt to the rapidly changing payment landscape.

Significant progress was made under PSD2. In particular, strong customer authentication (SCA) was introduced, which could be interpreted as a crucial step in the fight against fraud. In addition, PSD2 improved the efficiency, transparency and choice of payment instruments for users, offering them enhanced options and greater control over their payments.

However, PSD2 also faced difficulties in creating a level playing field for all PSPs. Non-bank PSPs often needed direct access to major payment systems, which created an imbalance between bank and non-bank PSPs. This imbalance hindered fair competition and innovation in the payment market.

Open Banking also faced challenges related to data access interfaces for service providers, and cross-border payment services expanded while payment systems remained centred in individual Member States. This led to differences in regulation and forum shopping3 between service providers, which further required regulatory changes.

PSD3’s main changes

Despite the excitement of the European Commission’s initial announcements about the need to reform European payment services legislation rather than radical changes, PSD3 introduces enhancements that are unlikely to require significant infrastructure changes but will improve security and service levels.

As digital innovation reshapes financial services, PSD3 becomes a critical step to strengthen customer protection and create a level playing field for non-bank payment service providers.

  1. Stricter requirements for strong customer authentication (SCA)

One of the key changes in PSD3 is more comprehensive requirements for strong customer authentication (SCA), which will add a layer of security to payment transactions. Additional proposed preventative measures include:

  • Require PSPs to verify that the payee’s name and unique identifier match before initiating credit transfers;
  • Providing a legal basis for PSPs to share fraud-related information;
  • Improved transaction monitoring;
  • Improve consumer rights;
  • Introducing an obligation for PSPs to inform their employees and customers about the risks and consequences of payment fraud.
  1. Increase consumer protection and trust in payments

Additional attention is being paid to combating fraud, including complex cases such as “spoofing4. Using IBANs and enhanced transaction monitoring represent new security measures to increase protection.

Open Banking, introduced by PSD2, will also change PSD3. New standards and more efficient data exchange mechanisms will be introduced to improve the concept further. In addition, consumer rights will be enhanced through more transparent communication and the provision of information on payment fees and delayed funds. Separately, more strictly obliging banks to provide bank account services to non-bank PSPs should be emphasised. With appropriate safeguards, this component of PSD3 gives these non-bank PSPs the right to have a bank account. This indicates a “levelling of the playing field” between banks and payment institutions.

  1. New opportunities for customers

PSD3 aims to increase the availability of cash by providing new methods, such as cashback without compulsory purchases in shops and incentivising an increase in the number of ATMs. New rules for managing temporarily held funds will ensure that unused funds are quickly returned to the customer.

Thus, PSD3 represents not only a change in legislation but also a strategic improvement of the payments system aimed at ensuring security, transparency and protection of the interests of all financial market participants in the EU. Nevertheless, in our view, the PSD3 innovations should not be considered “revolutionary” but rather “evolutionary” changes, representing a significant step towards a world of open finance.

What should we prepare for?

The potential effects of PSD3 on financial institutions, payment service providers, consumers, regulators and others falling within the scope of the Directive could be as follows:

  1. Increased competition in the financial market

In light of the fact that PSD3 emphasises the importance of providing PSPs with direct and indirect access to all EU payment systems, including bank accounts and digital banking schemes, and states that credit institutions will be obliged to provide PSPs with access to bank accounts in the future, the Directive essentially takes a position where full integration of PSPs into banking is required, giving them unrestricted access to financial instruments within the European Union.

  1. Changes in the banking landscape

Banks contemplating expansion in Europe or beyond are advised to explore the implementation of Open Banking. The possibility of more accessible access to payment systems may incentivise a bank looking to expand its global footprint to view itself as an electronic money institution (EMI) rather than obtaining a full banking licence.

  1. Improving the level of security of payment transactions

More burdensome payment security requirements will require payment service providers to implement advanced technologies for solid authentication, improve payer data verification systems, actively engage in fraud information sharing, implement more effective transaction monitoring mechanisms, and adapt to new regulations that expand consumers’ refund rights.

Implementation of PSD3 in the Legislation of the EU Member States

Evolution of European Payment Services Regulation PSD3 vs PSD2The implementation of PSD3 in the Member States of the European Union will follow a structured timetable similar to previous directives. The European Commission will publish the final text of PSD3, specifying its provisions and requirements. EU member states will have a set period to transpose the Directive into national legislation.

The timeframes for transposition may vary but usually range from one to two years after the publication of the final text.

During this period, each Member State must adapt its existing laws and regulations to align them with the provisions of PSD3, ensuring uniformity and consistency across the EU.

Implementing the PSD3 into national law is a pivotal step to ensure its effective implementation. It involves the relevant public authorities of each Member State taking the necessary legislative measures to implement the requirements of the PSD3 in their national jurisdictions. This process may require the amendment of existing laws or the adoption of new legislation to comply fully with the Directive’s provisions.

Entry into Force

The final implementation schedule for PSD3 and PSR has yet to be determined. Final versions should be available by the end of 2024. Typically, Member States are given a transition period of 18 months, which implies that PSD3 and PSR could enter into force around 2026.

In conclusion, all persons subject to the scope of the new rules require a clear strategy, risk assessment, and diligent execution to successfully manage the potential consequences of the entry of the regulations under PSD3 and PSR into force.

It is critical for financial institutions to remain informed of all changes affecting them and to clearly define the overall strategy and interim steps to achieve compliance with such changes.

COREDO’s team of experts can advise you on any of the above points and their potential impact on your business and help you better navigate the new regulatory landscape.

By Dmitry Vyalkov, LLM, lawyer at COREDO.

1 Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on payment services and electronic money services in the Internal Market amending Directive 98/26/EC and repealing Directives 2015/2366/EU and 2009/110/EC
2 Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (Text with EEA relevance)
3 “forum shopping” refers to the practice of selecting the more “appropriate” court that will view a lawsuit most favourably.
4 “Spoofing” is an impersonation fraud that blurs the distinction between unauthorised and authorised transactions because the consent given by the customer to authorise the transaction is subject to manipulative techniques by the fraudster, who, for example, uses the bank’s phone number or email address.

We are being approached by more and more clients who have bought/established a crypto-company in the Czech Republic but are not sure what all activities this company can perform or are not sure how to run their business in a way that does not violate the law.

Cooperation with COREDO eliminates these concerns. COREDO is headquartered in the Czech Republic, has a wide client base from all over the world, and most importantly has experienced staff that handles various situations related to the cryptocurrency business on a daily basis.

Information on how we work

  1. Already, during the registration of crypto-companies, we address whether the client also needs other authorisations for so-called accompanying services. That means that we deal with the individual business models of our clients. This approach is a good prevention against unauthorised provision of services (e.g. payment or investment services).

How to protect your business from chargeback claims

  1. We provide the option of renting an office that will not be treated as a virtual office – this can make all the difference when opening a bank account.
  1. We have a wide network of banking partners who are willing to open a bank account for our clients (not a payment account or e-wallet).
  1. Clients can make any changes within their crypto-company and deal with authorities or partners (contractual negotiations) through us. Their presence in the Czech Republic is thus not a condition for running their businesses.
  1. We enable comprehensive servicing of crypto companies, including AML, accounting, whistleblowing, data protection, preparation of contractual documents, etc.
  1. It doesn’t end with the sale/registration of the company for us. If you buy a crypto company directly from us, we will give you priority service when you contact us later with any problem or question.

We have published articles on cryptocurrency companies in the past that may help you find answers to your most common questions. Cryptocurrencies have long been an area of interest for us.

At COREDO, we also already know that no problem is so big that it can’t be solved! Your success is our priority.


In the world of cryptocurrencies and blockchain technologies, the classification of crypto assets plays a crucial role in defining their characteristics and legal status. The reflection of this classification in legislation is paramount for companies engaging in operations involving such assets. In this article, we will explore the widely accepted classification of crypto assets, their regulation at the European Union level, and the legal status of various crypto assets in the Czech Republic, with a particular emphasis on the role of the Czech VASP (Virtual Assets Service Provider) licence in this context.

What does Crypto Asset mean?

A crypto asset (token) is a digital representation of value or rights that can be transferred and stored electronically using distributed ledger technology (DLT) or similar technology.

According to the commonly accepted classification of crypto assets, tokens are differentiated as follows:

Classification of Crypto Assets

Fungible Tokens are tokens that are not identical and can be exchanged with one another. Fungible tokens are typically classified as follows:

  • Payment Tokens can serve as a means of exchange or payment;
  • Utility Tokens may provide access to a specific product or service;
  • Investment Tokens may represent financial claims against the issuer or grant governance rights to their holders (token-holders).

Non-Fungible Tokens (NFTs) tokens that cannot be interchangeable due to their uniqueness. Such a token is tied to specific information or an asset, such as a music track, video, or image.

How are Crypto Assets regulated at the European Union level?

The crypto-sphere is subject to regulation by the MiCA Regulation and MiFID II Directive. MiCA aims to establish uniform rules for crypto-assets in the European Union. In contrast, MiFID II focuses on financial instruments and the provision of investment services. MiCA’s provisions will come into effect from December 30, 2024. However, the final version of the Regulation has already been published and approved as of June 23, 2023. Moreover, specific token categories may also fall under the regulation of MiFID II.

The MiCA Regulation sets standards for identifying and classifying crypto-assets in the European Union. Based on the crypto-assets definition, MiCA differentiates individual tokens into three subcategories: utility tokens, asset-referenced tokens, and electronic money tokens.Classification of Crypto Assets

  • Utility Token (as per MiCA interpretation) is a digital token that provides access to goods or services through digital platforms. It lacks financial purposes and is associated with the token issuer. Unlike asset-referenced or electronic money tokens, a utility token is not tied to a specific asset. Its primary purpose is to facilitate the functional use of blockchain systems rather than creating future cash flows.
  • Asset-Referenced Token is a type of crypto-asset aimed at maintaining price stability by being pegged to multiple fiat currencies, commodities, or other crypto-assets. It can be used for payments and savings. For the public offering or trading such tokens, the issuer must obtain a licence from the competent authority of its EU member state. It is important to note that, unlike utility token issuers, issuers of asset-referenced tokens must submit a “White Paper” for approval to the competent authority of their EU member state. The “White Paper” is considered approved upon the issuer obtaining a licence for the public offering or trading of such tokens on a crypto platform. This requirement is introduced to enhance consumer protection and market integrity.
  • Electronic Money Token – a crypto-asset tied to a fiat currency and designed for stable payments. Unlike asset-referenced tokens, this token is primarily used for purchasing goods and services. The issuer of such a token must comply with a banking licence or electronic money provider licence requirements (depending on the situation) and publish its “White Paper.” Companies wishing to deal with this crypto-asset do not need a separate licence, as the issuance of this token is regulated by banking and electronic money laws. The issuer must also publish the “White Paper,” notifying the supervisory authority of its EU member state. However, similar to the utility token, the “White Paper” of an electronic money token does not necessarily require approval by the competent authorities of its EU member state.

However, despite the MiCA Regulation closing the existing regulatory gap regarding crypto-assets, it does not affect the regulation of crypto-assets already falling under the existing regulatory framework (e.g., MiFID II).

An interesting point

Notably, some non-fungible tokens (NFTs) remain outside the scope of MiCA Regulation. The Regulation explicitly states: “This Regulation should not apply to crypto-assets that are unique and not fungible with other crypto-assets, including digital art and collectables.”

Nevertheless, MiCA establishes that merely assigning a unique identifier to a token does not indicate its non-fungibility. According to the Regulation, tokens issued in large series may be deemed fungible, and, consequently, issuers and providers may need to obtain the necessary licence. At the same time, NFTs could hypothetically fall under the scope of MiFID II if the token exhibits characteristics of a financial instrument (e.g., representing a tokenized security or tokenized share).

Therefore, non-fungible tokens currently remain outside the realm of precise legal regulation at the EU level. In this regard, we strongly recommend issuers and providers to carefully examine the features and characteristics of each NFT they intend to work with to obtain the relevant licence if necessary and avoid penalties and criminal prosecution.

Considering the aspects reflected in the MiCA Regulation and MiFID Directive, the differentiation of crypto-assets can be illustrated as follows:

Classification of Crypto Assets

And what is the situation with the status of a crypto asset in the Czech Republic?

The status of crypto-assets in the Czech Republic involves a combination of European and Czech legal frameworks, each contributing its definitions and regulations for dealing with crypto-assets. Here are some clarifications based on Czech legislation.

In the Czech Anti-Money Laundering (AML) Act, the term “virtual asset” was established by the legislator. A virtual asset, as defined in the AML Act, is a unit stored or transmitted electronically capable of performing payment, exchange, or investment functions, except when it qualifies as a security, investment, or monetary instrument under the Payment System Act.

What are the Requirements for an FCA AuthorizationAccording to the AML Act, a virtual asset, in its broad sense, covers all types of crypto-assets described above, excluding tokens exhibiting characteristics of securities and qualifying as investment instruments under the Investment Company and Investment Funds Act.

The Czech National Bank asserts that although Czech legislation does not recognise digital securities (except for dematerialized securities held in central or separate custody), foreign crypto-assets may be considered securities under foreign law. Similarly, Czech or foreign crypto assets may be regarded as derivatives under Czech and foreign law.

From the above, it follows that tokens acting as investments may fall under the definition of an investment instrument under the Investment Company and Investment Funds Act. For instance, a security token could be such an investment instrument. Therefore, anyone wishing to provide services related to security tokens can engage in such activities only based on a licence issued by the Czech National Bank and in line with the Investment Company and Investment Funds Act. A Czech VASP licence would be sufficient in all other cases. Further details about its capabilities are provided in our article How we helped our client launch a cryptocurrency exchange in the Czech Republic?”

An exciting nuance

Due to the favourable climate in the cryptocurrency sphere in the Czech jurisdiction, individuals without a VASP licence in the Czech Republic are authorised to engage in the following activities:

  • Simply accepting virtual assets as payment for goods or services;
  • Managing a mining centre or mining pool;
  • Issuing in-game currency (i.e., when a computer game operator issues in-game currency, but it is not considered a virtual asset).

Thus, despite the incompleteness of the legal regulation of the crypto sphere, we observe how European legislators are gradually taking steps to fill gaps in the legal status of crypto assets and related activities.

The Czech Republic is keeping pace with overall European trends and is systematically and flexibly introducing new norms to regulate the cryptocurrency industry, creating a favourable landscape for individuals wishing to engage in crypto activities within the Republic.

However, in Czech legislation, like in other jurisdictions, there are specific nuances, especially considering that the MiCA Regulation still needs to be in effect. In such intricacies, the company COREDO can assist you. Understanding the classification of crypto assets and their regulation is crucial for successful business operations in the Czech Republic and the European Union as a whole.

By Dmitry Vyalkov, LLM, lawyer at COREDO

1 Please be advised that for the purposes of this article, the terms “crypto asset” and “token” are used synonymously.
Point 5 § 1 art. 3 of REGULATION (EU) 2023/1114 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 31 May 2023 on markets in crypto-assets, and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937 (hereinafter – “MiCA Regulation”). Date of access: 30.11.2023.
 Directive on Markets in Financial Instruments repealing Directive 2004/39/EC and amending Directive 2011/61/EU and Directive 2002/92/EC (MiFID II). Date of access: 30.11.2023
Art. 11 of the MiCA Regulation
Points 8 and 9 § 4 of  Zákon č. 253/2008 Sb. o některých opatřeních proti legalizaci výnosů z trestné činnosti a financování terorismu. Date of access: 30.11.2023
Zákon č. 240/2013 Sb. o investičních společnostech a investičních fondech (hereinafter “ZISIF”). Date of access: 30.11.2023

Legal regulation of crypto activities in the Czech Republic

In the Czech Republic, crypto activities are regulated by several legislative acts, including the Act on Certain Measures Against the Legalisation of Proceeds from Criminal Activities, the Financing of Terrorism and the Trade Licensing Act. Therefore, obtaining a licence for entrepreneurial activities related to cryptocurrency services (Virtual Assets Service Provider Licence) in the Czech Republic follows the above mentioned laws.

How to protect your business from chargeback claimsNotably, a company holding a VASP licence in the Czech Republic can offer its services to clients from other countries. However, if such services are provided in another European Union country (remotely, without establishing a branch), it can only be done temporarily and irregularly.

Additionally, the advantages of the Czech Republic include:

  • Transparency of the tax system;
  • Economic stability in a country located in the heart of Europe;
  • The ability to register a company for non-residents;
  • Registered capital starting from 1 CZK;
  • No need for personal presence during registration.

The situation

The client approached us with a request to launch a cryptocurrency exchange with the capability to exchange fiat for cryptocurrency and vice versa. The client’s primary requirement was working with both residents and non-residents of the EU. Due to time constraints, the client requested minimal involvement in the process. Additionally, the client asked for an evaluation of the legality and feasibility of his business model.

Tasks at hand

Our task was to assist the client in choosing the most suitable jurisdiction for his requirements.

We suggested considering the Czech Republic’s developed financial infrastructure and business-friendly environment. The client agreed with our reasoning, and we began implementing the project.

Firstly, we helped the client assess the feasibility of their business model and adapted it to Czech legislation. We then prepared all the necessary documentation for registration with regulatory authorities. After registering the legal entity, we obtained the required type of licence for the client and notified the Financial Analytical Office of the Czech Republic (FAU).

Furthermore, we utilised our comprehensive document base (drafts), essential for operating a cryptocurrency exchange (user agreement, cookie policy, internal documentation, and other crucial documents), significantly speeding up the business launch process.

The result

we helped our client launch a cryptocurrency exchange in the Czech RepublicThrough our efforts, we achieved the following:

  1. Identified the most suitable jurisdiction for the client’s needs;
  2. Adapted the client’s business model to Czech legislation;
  3. Registered the legal entity without the client’s physical presence;
  4. Opened a payment account in a European bank;
  5. Obtained the necessary licence (fiat/crypto and vice versa);
  6. Prepared all necessary internal documentation and policies for the website.

In conclusion, we helped our client launch his cryptocurrency exchange in the desired format.

Our main goal is to simplify our client’s lives and help them bring their ideas to life, leveraging our knowledge of the nuances and advantages of Czech jurisdiction due to our specialists’ presence in the Czech Republic. Suppose our clients need clarification or refinement of business models.

In that case, we are ready to assist them, drawing on our extensive experience and knowledge in obtaining cryptocurrency licences in the Czech Republic, launching cryptocurrency exchanges, and providing ongoing legal, financial, and AML (anti-money laundering) support.

By Dmitry Vyalkov, LLM, Lawyer at COREDO

Cryptocurrencies and crypto-business have become integral parts of the modern economy. Consequently, questions about obtaining cryptocurrency licences in different countries are becoming increasingly relevant. However, on this journey, one may encounter various myths and misconceptions that can lead to misunderstanding and delay the process. Let’s debunk 5 common myths about obtaining a cryptocurrency licence in the Czech Republic.

Myth 1: The licence is issued by the Czech National Bank (CNB)

Myths about obtaining a cryptocurrency licence in the Czech RepublicThe first myth is that many believe the Czech National Bank issues the licence for crypto-business.

In reality, the licensing of cryptocurrency activities in the Czech Republic is carried out by the Trade Licensing Office. Subsequently, the Financial Analytical Office of the Czech Republic, the main supervisory body for AML regulation concerning the activities of all cryptocurrency exchanges in the country, is informed about the company’s contact person.

Myth 2: A business plan is required for the regulatory authority

The second common myth is related to the regulatory authority’s need to provide a business plan.

In reality, the Trade Licensing Office does not require a business plan to obtain a cryptocurrency licence, making the licensing process simpler than in Estonia.

Myth 3: Only EU citizens can be directors

The third myth is that only European Union citizens can be directors of companies obtaining a cryptocurrency licence in the Czech Republic.

This is not true. Czech law allows foreign citizens to hold corporate leadership positions, including crypto-companies.

The critical condition is compliance with all necessary legal requirements and providing the required documentation when applying for a licence.

Myth 4: A bank account is required for company registration and capital contribution

Another common misconception is the requirement for a bank account for company registration and capital contribution.

In reality, there is an alternative method in the Czech Republic. You can contribute the statutory capital in cash to the administrator of the cash deposit, who can be the director of the registering company. You must only open a bank account after the company’s registration.

However, please be advised that there are limitations on the amount of statutory capital that can be paid in this way.

Myth 5: Personal presence is required for company registration and licensing

Yet another common myth is the belief that personal presence in the country is required for company registration.

However, this is not the case. The registration of a crypto-company in the Czech Republic can be done remotely, without physical presence in the country. All stages, including document collection and submission, interaction with registration authorities, notaries, and obtaining the necessary licences, can be done remotely through an authorised representative with power of attorney. However, consulting only qualified specialists with experience in this process is strongly recommended.

In conclusion, by adhering to all legal requirements and providing the necessary documentation, it is possible to successfully obtain a crypto licence in the Czech Republic and start your crypto business quickly. The COREDO team is ready to assist you at all stages of this process, providing maximum support and attention to detail.

By Dmitry Vyalkov, LLM, lawyer at COREDO

Who is eligible to register EU trademarks?

Any individual or legal entity, including public authorities, has the right to register an EU trademark.

Does the government authority independently verify the grounds for registration refusal (e.g., through searches)?

The EUIPO (European Union Intellectual Property Office) does not conduct ex officio (by virtue or because of an office, the position held by the public authority or body) checks for relative grounds for refusal. However, they perform an EU search and notify holders of earlier similar EU trademarks that have chosen to publish their applications. Applicants opting for this search will receive a list of relevant conflicting earlier marks. Upon request during filing, national search reports from select offices are available for a fee.

What are the deadlines for filing for priority eligibility?

The Regulation (EU) 2017/1001 of the European Parliament and of the Council of 14 June 2017 on the European Union trade mark (codification) defines a priority right of six months.

What is the opposition period for EU trademark applications?

Any interested party has three months from publishing a European Union trademark application to oppose it.

Can rejected applications be appealed, and what are the appeal procedures?

Any decision partially or entirely refusing (or revoking or else invalidating) an EU trademark application or registration can be appealed. The appellant must submit a written notice of appeal and pay the appeal fee within two months of receiving the contested decision. Further appeals can be pursued at the EU General Court and subsequently at the European Court of Justice.

The holder of an earlier EU trademark may oppose an application if they can demonstrate genuine use of the trademark in connection with the relevant goods or services during the five years prior to the filing date or priority date of the EU trademark application.

Can a trademark be cancelled for non-use?

Yes, any third party can initiate cancellation proceedings based on non-use if five years have elapsed since the EU trademark’s registration, and there is no need to demonstrate a legal interest.

Are there any legal protections available for unregistered trademarks at the EU level?

Trademarks in the EU and the Czech RepublicAt the EU level, there are no protections available for unregistered trademarks.

Is it acceptable to use ® or TM?

Anyone can utilise the TM symbol to indicate that a word, phrase, image, etc., is being used as a trademark, regardless of whether it is officially registered.

Conversely, using the ® symbol signifies that the brand or trademark is registered. It is considered a criminal offence to falsely claim that a brand is registered when it is not.

Thus, it is crucial to emphasise that the ® symbol should only be employed after the trademark brand has been formally registered and you possess the certificate as evidence of registration.

I want to protect my logo in various EU countries. Which is more advantageous, separate national trademark registrations or a single EU registration? What are the advantages and disadvantages of each option?

Trademark rights have a territorial scope, meaning they are only enforceable in the country where the trademark is registered. Suppose you intend to protect your mark across multiple EU countries. In that case, a practical choice is to apply for a European Union trademark (EUTM) registered by the European Union Intellectual Property Office (EUIPO). A single EUTM registration provides trademark protection in all current and future EU Member States. Conversely, national trademark registrations protect only within the countries where they are registered.

Is EUTM registration still valid in the UK after Brexit?

EUTMs are no longer protected in the UK following its exit from the EU. Previously registered EUTMs remain protected and enforceable within the UK. Consequently, individuals who own EUTMs registered prior to the end of the transition period (December 31, 2020) have automatically been granted an identical trademark within UK jurisdiction.

​​In order to apply for a new trademark after Brexit, it is now required to have a separate registration in the UK, in addition to an EUTM registration.

To obtain trademark protection in the UK, you can either file a specific application for trademark registration or utilise the Madrid System.

What is more beneficial: EU or national trademark registration?

Registering an EUTM may be cost-effective compared to registering numerous national trademarks (depending on the number of trademarks to be registered). If you plan to use your brand in several EU countries, we recommend considering an EUTM registration.

However, both EUTM and national trademark registrations can be revoked or cancelled for various reasons, including non-use within five years after registration or due to prior trademark rights. In such cases, EUTM revocations or cancellations affect all EU countries, while national trademark revocations or cancellations apply only to the relevant country. Therefore, it is advisable to register national trademarks in key EU jurisdictions, predominantly if your business operates in just a few EU countries.

Which is more cost-effective: EU registration or national registration in the Czech Republic?

National registrations are generally cheaper than a single EUTM registration. The official fee for registering an EUTM in one class of goods and services is EUR 850, with additional fees for additional classes.

In comparison, for example, national trademark registration fees in the Czech Republic are as follows:

  • 5,000 CZK for an application to register an individual trademark in three classes of goods or services.
  • 10,000 CZK for an application to register a collective or certification trademark in three classes of goods and services.
  • 500 CZK for each additional class of goods or services beyond three classes.

Initially, applying for national registrations may seem less costly, but costs increase as the number of national registrations grows. If your business operates across the EU, an EUTM registration may be more cost-effective.

Furthermore, if you use external trademark registration services, fees for multiple separate applications are likely to be higher than for a single EUTM application.

How can you protect your trademarks on products when exporting abroad? Does a trademark registered in the Czech Republic also apply abroad?

A trademark has territorial effects in the jurisdiction where it has been registered. To expand protection abroad, it is necessary to either file an international trademark application, an EU trademark application valid for all EU member states, or a national trademark application in the country where protection of the specific designation is sought.

Which is faster: the duration of EU registration compared to national registration in the Czech Republic?

Trademarks in the EU and the Czech RepublicThe speed of EUTM registration varies based on factors such as trademark complexity and potential opposition from other trademark owners. EUTM registration may take from four months to two years. However, registration typically takes approximately 4-4.5 months (if there are no objections).

In the Czech Republic, the average processing time (assuming no significant complications arise with conflicting trademarks or other industrial property rights) from filing a trademark application to its registration in the registry maintained by the Industrial Property Office takes approximately six months. Consequently, EUTM registration may be faster and more efficient in the long run.

Please be advised that trademark protection begins from the filing date, not the registration date (provided the registration is successful), making the registration speed less decisive in choosing the right trademark registration option (EU or national).

Do I need any business permits to own a trademark in the Czech Republic?

Since April 1, 2004, when the new Trademark Act of the Czech Republic came into effect, it is no longer necessary for the applicant or owner of a trademark to have a business permit (such as a trade licence) for products and/or services. Any such permits are no longer required.

What can be registered as an EUTM? Can I register a smell or a sound as an EUTM?

EUTMs can encompass various signs, including words (including personal names), designs, letters, numerals, colours, shapes of goods, packaging of goods, or sounds. However, marks must meet specific requirements, such as being distinctive and not describing registered goods and services. While registering smells has been technically possible since 2017, it remains fairly challenging.

How does the EUTM registration process work, and what are the features for non-EEA residents?

EUTM applications must be filed exclusively with the EUIPO. You can submit an application through online registration (FastTrack) or more traditional means (by post or particular courier service).

Suppose you are an EUTM applicant without a domicile, principal place of business, or an accurate and effective industrial or commercial establishment within the European Economic Area. In that case, you must appoint a representative before or after receiving a formal deficiency letter from the EUIPO regarding representation. This representative must be a legal practitioner qualified in one of the European Economic Area’s member states, including the EU countries, Iceland, Liechtenstein, and Norway or a professional representative listed by the EUIPO.

Is it necessary for EUTM registration to be based on a national trademark registration? Is there a time frame within which EU registration depends on the national one?

No, a national trademark registration is not required for EUTM applications. However, you may use your national registration to claim priority, granting your EUTM an earlier protection date matching your national trademark’s filing date. You must claim priority within six months after the first national trademark filing, and it must be done simultaneously with the EUTM application. Consequently, it would help if you promptly decided whether to claim priority for your national trademark when applying for an EUTM.

What happens to an EU application if it is rejected in one of the countries?

If your trademark meets all requirements, the EUIPO registers it. Only the EUIPO has the authority to grant EUTM registrations; unlike international trademark registrations, individual EU Member States cannot oppose EU trademark registration.

My entity has a company name and has successfully operated in the market for five years, but we have not registered a trademark. Another company has registered an EUTM with a similar name and now demands that my company change its name. Is it legitimate, and can my company continue its operations without changing its name?

Since your company’s name was registered prior to the trademark with an identical name, the brand owner cannot file a lawsuit to invalidate your company’s name. This holds regardless of the scale of your company’s business activities because your rights to the company name were acquired through registration before the trademark was registered. It means that even if you are prohibited from using the registered brand on your website, for instance, due to another company’s trademark in the EU, you will still have the right to retain and continue using your company name (but not as a trademark).

However, please be advised that from a practical standpoint, this can be challenging since the legal distinction between using a particular brand as a company name or as a trademark is not explicit. Therefore, if you lose the trademark dispute, you will likely have to change your company’s name.

May I request the invalidation of a trademark if I have been using the same name/logo as my company’s trade name for a long time and well before its registration?

Yes, you can attempt to invalidate the trademark, arguing that it was registered unlawfully because it contradicts your prior trade name for identical or similar services. However, for this argument to be successful, you must prove that your trade name holds “more than mere local significance” in the country where the trademark owner operates.

National trade marks continue to be necessary for those undertakings which do not want protection of their trade marks at Union level, or which are unable to obtain Union-wide protection while national protection does not face any obstacles. It should be left to each person seeking trade mark protection to decide whether the protection is sought only as a national trademark in one or more Member States, or only as an EU trade mark, or both.

Is it necessary to use the mark before registering it as an EUTM and provide proof of use?

No, there is no prerequisite to demonstrate prior use of the mark before registering it as an EUTM.

The first party filing for an EUTM registration gains exclusive trademark rights. Therefore, avoiding using a trademark before registration can be advisable to prevent others from filing before you.

How can I enforce EUTM registration, for instance, if I discover an infringement of my trademark rights in the Czech Republic?

Initially, determine if your trademark is being used for identical or similar goods or services for which it is registered. Additionally, assess whether your trademark qualifies as well-known or has a good reputation under trademark law, protecting the registered goods and services.

What are the Requirements for an FCA AuthorizationWe recommend assessing whether your trademark is actively employed for products or services that match or resemble those covered by your trademark registration. Alternatively, contemplate whether your trademark could be recognized as widely recognized or possess a favourable reputation according to the relevant trademark regulations. In such cases, your trademark would receive protection irrespective of the specific goods and services it’s officially registered for.

If your trademark rights are infringed, sending a cease-and-desist letter is a common initial step. If the infringer does not comply, you can seek remedies through national courts, including seizure of infringing goods, prohibition of further infringement, and compensation for damages.

In specific situations, you may involve the police in criminal or administrative proceedings against the infringer. While sending a cease-and-desist letter is not mandatory, it can lead to quicker and more cost-effective results.

Can the scope of EU registration be expanded to include, for instance, the USA?

Expanding EU registration to encompass the USA is not a viable option. To secure trademark protection in the USA, you must apply for state or federal registration or establish trademark rights under common law.

Nevertheless, you can leverage an EUTM as a foundation for international registration through the World Intellectual Property Organization (WIPO). To initiate an international trademark registration, you must have an existing trademark registered or applied for registration in a country or organisation that participates in the Madrid System (the primary international system for facilitating the registration of trademarks in multiple jurisdictions around the world). Given that the EU is now a member of the Madrid Protocol, an EUTM can serve as the basis for an international trademark registration that extends to various countries, including the USA.

The duration of an EUTM registration is indeed ten years. What is the cost of renewing a single EU registration compared to renewing a national registration in the Czech Republic?

The term of legal protection for an EUTM is ten years and can be renewed continuously for additional 10-year periods. The official renewal fee for an EUTM in one class of goods and services is EUR 850. An extra fee of EUR 50 applies for a second class, with EUR 150 for the third class onward.

In the Czech Republic, trademark registrations also require renewal every ten years.

Fees for an official renewal are as follows:

  • 2,500 CZK for an individual trade mark;
  • 5,000 CZK for renewal of the registration of a collective and certification trade mark;
  • 5,000 CZK for renewal of the registration of an individual trade mark filed upon the expiry of the protective period, but at the latest within six months from that date;
  • 10,000 CZK for renewal of the registration of a collective and certification trade mark filed upon the expiry of the protective period, but at the latest within six months from that date.

In conclusion, the process of trademark registration in the European Union (EU) and the Czech Republic involves various considerations and procedures. Whether you are interested in obtaining an EU trademark (EUTM) or a national trademark registration, it is crucial to understand the specific requirements and advantages associated with each option.

The COREDO team is well-equipped to assist you in navigating the complexities of trademark registration. We offer expertise in EUTM and national trademark registrations, providing tailored solutions to enforce and protect your intellectual property effectively. Whether you need to secure trademark rights within the EU, the Czech Republic, or other jurisdictions, we can guide you through the process, from application to enforcement.

Do not hesitate to reach out to us for comprehensive trademark registration services and expert guidance on your specific trademark needs. Protecting your brand is essential for long-term success, and we are here to support you in every step of the way.

By Dmitry Vyalkov, LLM, lawyer at COREDO

Have you ever wondered how to protect confidential information when conducting business or negotiations? A Non-Disclosure Agreement (NDA) is a powerful tool that helps prevent leakage information and ensures confidentiality.

What is an NDA?

A non-disclosure agreement (NDA) is a legal contract in which one party provides confidential information about their business, products, or know-how to another party, and the other party commits not to disclose this information to anyone else and to keep it confidential for a specified period of time.

NDA is used to protect confidential information and intellectual property by detailing what information must remain confidential and what information can be shared or disclosed to the public.

When and why is it recommended to sign an NDA?

What is an NDA, and what should it contain?A Non-Disclosure Agreement is typically signed at the outset of business relationships, however, it can also be executed after entering into such relationships if there is a need to enhance the additional protection of confidential data.

Companies use an NDA in various situations. For instance, when an organisation enters into a partnership agreement, committing to perform tasks for a partner without compensation, the partner may become privy to the entity’s approaches to service delivery, trade secrets, patented processes, marketing strategies, or any other valuable business information.

Another example where an NDA is necessary is during the sale of a company. An enterprise looking to sell itself may require any potential buyer to sign an NDA to protect any confidential information that the company may disclose during sale negotiations.

Similarly, an organisation may enter into an NDA with potential investors or sellers/suppliers.

What are the benefits of signing an NDA?

  • Protection of confidential information. An NDA ensures a high level of confidentiality and helps prevent the leakage of important information, especially when sharing sensitive data or business strategies.
  • Legal protection. Signing an NDA establishes legally binding terms that govern the handling and disclosure of confidential information. In case of a breach, you have the right to seek legal recourse and compensation.
  • Preserving competitive advantage. An NDA allows you to share information with potential partners, investors, or employees without risking the loss of a competitive edge. You can provide access to critical data, knowing it will be securely protected.
  • Cooperation and partnership. An NDA can facilitate cooperation and partnership between counterparties. This enables the development of joint projects and resource sharing while maintaining confidentiality.
  • Attracting investments. Investors often require an NDA before providing funding. This provides them with added confidence in the security of their investments.
  • Building trust. Signing an NDA demonstrates your commitment to confidentiality and data protection, enhancing trust with partners, clients, and investors.
  • Compliance with regulations. In some cases, an NDA can help comply with data protection regulations, such as the General Data Protection Regulation (GDPR) in Europe.
  • Psychological deterrence. An NDA creates a psychological barrier for individuals considering breaching confidentiality, deterring potential violators.

What should an NDA include?

  • Parties. Specify the names of all parties involved, including the party providing confidential information (the disclosing party) and the party receiving such information (the receiving party).
  • Description of confidential information. In an NDA, it is essential to clearly and comprehensively define what information is deemed confidential. This may include technical data, business plans, customer lists, trade secrets, marketing strategies, etc. This section of the agreement is one of the key sections, as it is to its content that the affected party will appeal in case of data disclosure (leakage).
  • Obligations of the receiving party. Describe the obligations of the receiving party regarding confidential information. This section may include rules and procedures for using, handling, storing, disclosing to third parties, notifying the disclosing party of any breaches or leaks of confidential information, and other important aspects related to data protection. Additionally, we recommend including a provision that prohibits the receiving party from contacting any employees of the disclosing party regarding confidential data or making offers of cooperation for a specified period after an NDA’s termination.

What is an NDA, and what should it contain?

  • Exclusions. Specify cases where disclosure of information is permissible. For instance, data may be disclosed by court order or if it becomes publicly accessible.
  • Duration (term). Specify the duration (term) of the NDA. It can be for a limited period (e.g., 5 years), an indefinite period, or until the completion of a specific project or the primary contract to which an NDA is appended.
  • Return of confidential information. Outline the procedure for returning or disposing of confidential information.
  • Notices. Establish relevant communication channels to communicate with the counterparty, including notifications of data breaches. We advise exchanging messages via email, followed by mandatory postal mail delivery. This is the most effective and legally acceptable method.
  • Sanctions. Specify the consequences of violating an NDA, including potential legal effects. Establish the disclosing party’s right not to limit remedies to damages and to use all legal means of protection. We particularly recommend clearly defining penalties for disclosing confidential information.

In conclusion, more than simply informing the counterparty that confidential information is required to ensure robust protection.

To secure reliable protection, it is necessary to enter into an NDA that carefully defines the list of confidential information, sets restrictions on its use, outlines access procedures, and imposes sanctions for disclosure.

The COREDO team can assist you in drafting an optimal NDA tailored to your needs and guide any questions related to its application.

By Dmitry Vyalkov, LLM, lawyer at COREDO.

In the world of cryptocurrencies and blockchain, DAO (Decentralised Autonomous Organisation) has become one of the most important and innovative concepts in the blockchain world. It is an organisation where governance and decision-making occur based on smart contracts and voting by members (token holders). Nevertheless, in order to successfully launch and allure investors to a DAO project, one of the pivotal documents required is the White Paper.

What is a White Paper for DAO?

The White Paper is a presentation document that describes in detail the DAO project’s concept, goals, strategy and technological features. It is a business plan that helps potential investors and members understand the uniqueness of the project, its goals, and how it will be realised.

Why compile a White Paper for DAO?

  • Attracting potential investors. White Paper serves as a powerful auxiliary tool for attracting investments. Potential investors pay attention to a detailed description of the project, its prospects and development plans, which makes the project more transparent and attractive for financing.
  • Establishing trust. The White Paper demonstrates transparency and provides a thorough understanding of the project. This helps to establish trust both among investors, who can fully understand all the nuances of the project that interest them, and on the part of the registration authority, which sees all the organisational details of the project and its clear and honest intentions in the planned activities, which can have a positive impact on the registration procedure.
  • Definition of Objectives and Strategies. The White Paper details the project’s objectives, strategies, and steps to achieve them. This allows all participants to clearly understand what outcomes to expect and how the project will be implemented.
  • Informed decision-making. DAO participants, including token holders, can make informed decisions based on the contents of the White Paper. They can assess the project’s risks and potential, contributing to more informed and effective decisions.

What should a White Paper for a DAO include?

To create an informative and persuasive White Paper, it is recommended to include the following sections:

  1. Introduction
    • Purpose and overview. A brief introduction to the project, its objectives and general concept.
  1. Description of the project structure
    • Product/service description. Detailed description of technological solutions and products offered by the project.
    • Description of principles. Detailed description of the underlying principles on which the project will be built.
  1. Tokenomics
    • Token Architecture. Description of the token or cryptocurrency used in the DAO system and its functionality, enumeration of its advantages and description of its security mechanisms.
    • Token distribution. Information on how tokens (shares) will be distributed among various members (token holders).
    • Explanation of the technological aspects and techniques used.
    • Capitalisation. An explanation of how the value of a token will increase and what mechanisms ensure its stability.
  1. Governance
    • Description of governing/executive bodies and departments in the DAO structure, their functions, number of participants in this or that internal unit, their rights and responsibilities.
  1. Voting and decision-making
    • A description of the voting system and participant participation in project management.
    • Role of participants. Explanation of token holders’ roles and how they can influence internal decisions.
  1. Partners
    • Partners and advisors. Mention of external partners or advisors who support the project and/or provide the legal basis for any additional transactions/legal actions.
  1. Risks and responses
    • Risk map. Identification of possible risks associated with the project.
    • Plans to minimise the risks. A description of the steps that will be taken to manage the risks.
  1. Roadmap
    • Plans and strategy. A description of the steps the project intends to take in the future to achieve its objectives.
  1. Conclusion
    • General summary. A brief recap of the key points and factors that allow potential investors to be convinced of the success of the project.
  1. Communication and contacts
    • Contact Information. An indication of how to contact the project team and support.

The DAO White Paper is, therefore, an integral part of launching and successfully developing a project. It provides all the necessary information for potential investors and members, helping them to understand what the project is about and what opportunities it can offer. This is why a White Paper is an essential step on the way to creating a successful and sustainable DAO. Its quality and informative content will help attract support and investment in your decentralised autonomous organisation.

By Dmitry Vyalkov, LLM, lawyer at COREDO.

Dear valued community!

We have recently become aware of a group of fraudsters who are misusing the name of our esteemed company, COREDO, to deceive unsuspecting individuals. Their modus operandi involves cold-calling individuals, offering unknown fraudulent services, and attempting to extract money from them.

We would like to emphasize that COREDO does not engage in cold-calling practices. If you have never directly engaged with us or have never been our client before, rest assured, we will not contact you. Any unsolicited call claiming to be from COREDO should be treated with caution.

To protect yourself:

  • Never share personal or financial information over the phone.
  • Always verify the identity of the caller before proceeding with any transactions.
  • If in doubt, hang up and contact us directly through our official channels. Email us at or call us +420228886867.

Please note: The main channel of communication we use is email. Every employee of our company will exclusively communicate using the “” email domain.

Your safety and trust are paramount to us. Together, let’s stay vigilant and prevent these malicious actors from causing harm.

The cryptocurrency industry is steadily growing and developing in the Czech Republic, with an increasing number of companies providing virtual asset-related services entering the market annually. However, as the industry expands, the legal regulation of such companies becomes more complex and challenging, and cryptocurrency companies are face new tasks and challenges, particularly legal.

Compliance with various legal requirements of the Czech and European Union legal systems is among the most significant challenges for cryptocurrency companies. Such requirements include, among others, company registration in the commercial register, obtaining appropriate authorizations for providing virtual asset-related services, and ensuring compliance with anti-money laundering regulations.

Given the diversity and multitude of legal issues, cryptocurrency companies face while operating, the services of our firm, specialising in legal support and services for such companies, can be of invaluable assistance.

We offer a wide range of services, including cryptocurrency companies registration with the Czech Commercial Register, assistance with anti-money laundering requirements and obtaining the necessary authorisations to operate legally in the country, and drafting terms and conditions, as well as other rules and policies for the use of virtual asset-related services. Additionally, our services include analysing legislation and preparing legal opinions based on it, as well as drafting corporate and other legal documentation of the company.

Company registration

One of the initial steps in establishing a cryptocurrency company in the Czech Republic is registering it with the Commercial Register. The process of starting a company can be rather time-consuming, and it is crucial to ensure that all the necessary documents are correctly filled out and submitted for registration. We can guide you through this process and ensure that all documents are completed and submitted accurately.

Obtaining permits and authorisations

The next step after registering a company is obtaining the relevant authorisations to provide virtual asset-related services. The legal regulation of this activity in the Czech Republic is quite complex and comprehensive. Ensuring compliance with anti-money laundering requirements and obtaining the necessary permits and authorisations to operate legally are mandatory. We will advise you on the applicable requirements and assist in obtaining the necessary authorisations.

Drafting Terms & Conditions

Another crucial aspect for cryptocurrency companies operating in the Czech Republic is having appropriate terms and conditions for the use of the company’s services, which must be published on the company’s website. These terms of use, along with other company’s rules and policies, such as privacy and cookie policies, are necessary not only to protect the rights and legitimate interests of the company, but also to ensure that users clearly understand the terms governing the use of the cryptocurrency company’s services. In turn, this includes the need to respect consumer’s rights, as well as adhering the requirements regarding the processing of their personal data, which is highly regulated within the European Union.

We have considerable experience in dealing with such documents and can draft them for you in the shortest possible time, allowing you to start your activities promptly.

Our meticulous approach to every task, particularly to detail understanding of your business model, allows us to accurately reflect it in the documents we draft, ensuring maximum protection of your company’s interests.

Legislative analysis and legal opinions

The field of virtual asset-related services is not only well-regulated, but also constantly evolving. As a result, cryptocurrency companies often encounter various legal issues, that are crucial for their successful operation and development. With our extensive experience and highly professional staff, we can conduct a comprehensive analysis of the Czech legislation issues, relevant to your interests, and prepare the appropriate legal opinions to ensure that the company’s activities comply with the current regulatory requirements.

In conclusion, the Czech Republic offers great opportunities for cryptocurrency companies, however, providing services in the field of virtual assets involves certain legal complexities that can be resolved with specialised assistance. Our team of highly qualified professionals specialises in legal support for cryptocurrency companies and has extensive experience not only in the Czech Republic, but also globally in other EU countries and CIS countries. We will be happy to assist you with these issues.

In this article, we intend to make a compelling case regarding the current macroeconomic environment and its potential benefits for the banking sector. We strongly believe this is a golden opportunity for banking entrepreneurs to pursue their aspirations and apply for a banking license. The numbers show that the present economic climate is more conducive to the banking industry when compared to the past five years. Therefore, we urge you to seize this opportunity and turn your banking dreams into a reality! We will provide a succinct overview of the key metrics and underlying factors driving this opportunity so that you can make an informed decision. Let’s delve into the details together!

Table of Contents:

  1. Inflation, Interest Rates, and Bond Yields in 2022-2023
  2. The Benefits of Higher Interest Rates and Yields for Banks
    • 2.1 Recent Headlines
    • 2.2 Empirical Evidence
    • 2.3 The Case of Silicon Valley Bank (SVB)
  1. Correlation Between New Banking Licenses and Short-Term Rates: What Entrepreneurs Should Know
  2. How COREDO Can Assist You in Capitalizing on the Current Economic Climate

Inflation, Interest Rates, and Bond Yields in 2022-2023

The year 2022 was characterised by a turbulent landscape for interest rates. The increase in short-term interbank interest rates witnessed a coordinated move by the central banks of advanced economies, which was unprecedented since the 1970s. Previously, none of the major countries had implemented policies that would lead to an increase in their respective policy rates. However, this scenario shifted significantly, with 43 out of the 57 major countries (accounting for 75%) raising their policy rates (as indicated in the graph below).

The Top Reasons for you to get a banking license, 2023

Source: Bank of International Settlements, Central bank policy rates

In March 2021, the central banks of Brazil, Denmark, Russia, and Turkey initiated the trend of raising interest rates with an increase of 0.75%, 0.1%, 0.25%, and 2.0%, respectively. The next month, Iceland followed suit with a 0.25% increase, and in May 2021, the Czech Republic, Mexico, and Hungary increased their rates by 0.25%, 0.25%, and 0.3%, respectively. The trend continued with other central banks joining later. The Federal Reserve of the United States (USA) increased the Fed funds rate by 0.25% in March 2022, while the European Central Bank (ECB) raised the MRO rate for the first time with a 0.5% increase in July 2022. The policy rates for the ECB, the Federal Reserve, and the Bank of England are illustrated in the figure below.

The Top Reasons for you to get a banking license, 2023

Source: BIS, Policy rates

The reason behind the increase in short-term interest rates by central banks is the rise in consumer price index (CPI) inflation, which is usually countered by central banks in a countercyclical manner. This correlation is depicted in the graphs below. The first graph illustrates the percentage of countries with escalating inflation and tightening (increasing) policy rates. The correlation between the two is apparent.

The Top Reasons for you to get a banking license, 2023

Source: Bank of International Settlements, Central bank policy rates

The following two graphs depict the progression of the median policy rate shift among these 54 economies, as well as the median inflation change. Interestingly, it appears that in the most recent period (as indicated by the second graph), central banks are responding more to previous inflation rates rather than inflation responding to previous interest rate decisions made by central banks.

The Top Reasons for you to get a banking license, 2023

Source: Bank of International Settlements, Central bank policy rates

The surge in inflation has triggered a sharp rise in bond yields in several countries, as is typically observed. As of the end of March 2023, the yields on bonds from significant advanced economies, excluding Japan, hover in the range of 2-4%.

The Top Reasons for you to get a banking license, 2023

Source: Yardeni Research

The Benefits of Higher Interest Rates and Yields for Banks

The following sections present recent headlines and empirical evidence that support this claim.

Recent headlines

As evidenced by headlines in the financial news, the current rise in interest rates is proving to be beneficial for banks and those with banking licenses.

The ECB Financial Stability Review from November 2022 states that rising interest rates have improved the short-term profitability outlook of euro-area banks. In the United States, bank profits rose by 7.8% in the second quarter of 2022 from the previous quarter, with the growth attributed to the rise in interest rates and expansion of loan balances, as reported by Investopedia in September 2022. FitchRatings reported in June 2022 that the profitability of most UK banks is expected to strengthen due to the rising interest rates, with their funding costs expected to increase less than their lending rates. Deutsche Bank also reported a big jump in profit in October 2022, despite the slump in deal-making. However, as ABC News Australia reported in November 2022, rising interest rates are a double-edged sword, with potential risks to borrowers and banks alike.

According to the Global Banking Annual Review 2022 by McKinsey, bank profitability has reached its highest level in 14 years, with expected returns on equity ranging from 11.5% to 12.5%.

This growth is attributed to a significant increase in net margins, which in turn is due to the rise in interest rates that had remained at their lowest level for a considerable time. The report highlights that global revenue increased by $345 billion in the banking industry, indicating that the rise in interest rates has had a positive impact on the sector’s profitability.

According to research by Deutsche Bank in November 2022, the European banking sector is experiencing a period of positive impact, which is described as a “sweet spot”. This is due to interest rate increases by central banks in most advanced economies and strong credit growth, leading to increased revenues. Though loan loss provisions have started climbing, they remain relatively low.

While growth in administrative expenses, individual banks’ tax and litigation payments, as well as Russia-related losses have reduced net income, the industry is still expected to have a decent full-year result. The report also suggests that higher-for-longer interest rates may support banks’ business prospects in the medium term.

Empirical evidence

According to a study conducted by Kohlscheen, Murcia and Contreras in 2018, higher long-term yields and a steeper domestic yield curve have a positive impact on bank profitability in emerging markets. The domestic yield curve is the difference between long-term yields and short-term interest rates, and a steeper yield curve indicates that long-term interest rates are higher relative to short-term rates. This study supports the idea that higher interest rates can benefit banks by improving their profitability in emerging markets.

English et al. (2012) found that a 100 basis point increase in interest rates can increase the median bank’s net interest income relative to assets by nearly 9 basis points. This indicates that banks can benefit from higher interest rates, as it can increase the spread between the interest rates they pay on deposits and the interest rates they earn on loans, leading to higher profits.

Borio, Gambacorta, and Hofmann’s (2015) study found that there is a positive correlation between the level of short-term rates, the slope of the yield curve, and the banks’ return on assets (ROA). They discovered this by analysing data from 109 large international banks based in 14 major advanced economies from 1995 to 2012. Additionally, they concluded that banks’ profitability is negatively affected by unusually low short-term interest rates near zero or slightly negative, especially if combined with a flat yield curve.

According to an FDIC study, it is conventional wisdom that the median net interest margin (NIM) for the typical community bank tends to increase when short-term interest rates increase and decrease when short-term interest rates decrease. This finding supports the view that higher interest rates are good for bank profitability and those having banking licenses.

Claessens, Coleman, and Donnelly’s (2017) study, which analysed a sample of 3,385 banking license holders from 47 countries between 2005 and 2013, found that a 1% drop in interest rates leads to a decrease of 0.08% in net interest margin (NIM). The effect is more pronounced at low rates, with a 0.2% decrease in NIM. The authors also observed that low rates have an adverse impact on bank profitability but to varying degrees.

Meanwhile, a Bank for International Settlements (BIS) report (2018, p. 11) confirms the positive correlation and statistically significant relationship between banks’ NIM and the lagged variables of the three-month interest rate and the slope of the yield curve. Notably, the report also shows that the effect is small in the short term but significant in the long term. Additionally, Klein (2020) discovered that the short-term interest rate positively correlates with the retail margins of euro-area banks. However, she noted that the positive relationship between the short-term rate and NIM is only valid when the interest rate is less than 2%.

The Top Reasons for you to get a banking license, 2023

Source: Klein (2020)

Hoffman et al. (2018, p. 27) suggest that contrary to popular belief, approximately half of the banks in their study would actually benefit from a rise in interest rates in terms of both net worth and income. They attribute this phenomenon to a “reverse maturity transformation”, which occurs for banks that hold variable-rate assets funded by “sticky” sight deposits.

Foos et al. (2022) report that banks’ stock prices tend to benefit from positive level shifts and steepening, as well as stronger-curved yield curves, on average.

Paul (2022) discovered that most United States banks with a banking license have a positive income gap, representing the difference between assets and liabilities that mature or reprice within 12 months. This gap indicates how a bank’s net interest income reacts to fluctuations in interest rates. Many banks hold adjustable-rate loans, while their liabilities are non-maturing deposits, such as current or demand deposits and savings accounts, which have slow-to-adjust administered rates. Consequently, the positive income gap value results from this fact.

The Top Reasons for you to get a banking license, 2023

Source: Paul (2022)

The European Central Bank’s 2017 analysis of interest rate risk in the banking book (IRRBB) among 111 large euro area banking license holders provides further evidence. The analysis showed that in a scenario of both short- and long-term rates going up (“parallel up”), banks’ net interest margin (NIM) would improve, while in a scenario where both rates went down (“parallel down”), the net interest income (NII) would worsen.

The Top Reasons for you to get a banking license, 2023

Source: ECB sensitivity analysis of IRRBB — stress test 2017

Banking professionals are well aware of the positive effects of rising interest rates on their profitability, as evidenced by a survey conducted by the European Banking Authority (EBA) among 60 major euro-area banking license holders. The graph below shows the survey results, indicating that 77% of respondents estimated a “rather positive” impact on their profitability over the following 6-12 months, while 10% believed it would be “very positive”. Only 8% of respondents thought the impact would be “rather negative”. The positive-to-negative response ratio was 10.8-to-1, further highlighting the industry’s sentiment towards the relationship between rising interest rates and bank profitability.

The Top Reasons for you to get a banking license, 2023

Source: EBA Risk Dashboard, Risk Assessment Questionnaires (RAQs), Spring 2021, published Q1 2022

The reason why banks benefit from rising interest rates is quite simple. When short-term interest rates increase, the spread between the rate banks charge on loans and the rate banks pay on deposits also increases, which leads to an increase in net interest margin (NIM). As shown in the graph below, the spread is not constant, and it rises with short-term interest rates. This is a well-established fact in the banking industry, and it’s important to note that banking license holders have market power in retail deposit markets. This limited pass-through of market rates to deposit rates also contributes to the increase in NIM. (Hoffmann et al., 2018, p. 12; Kirti, 2017, p. 13).

The Top Reasons for you to get a banking license, 2023

The loan-deposit spread (LDS) can be calculated as the difference between the interest rates on loans and the interest rates on deposits. Specifically, for non-financial corporations, it is the difference between interest rates on loans of all maturities and the interest rates on overnight deposits held by non-financial corporations. For households, it is the difference between interest rates on loans for house purchases with an original maturity more significant than 10 years and interest rates on overnight deposits held by households. The data source for this calculation is the ECB Statistical Data Warehouse, MIR: MFI Interest Rate Statistics. Since fee and commission income accounts for less than 30% of the euro-area banking license holders’ revenue, changes in interest rates have a dominant impact on their profitability.

The Top Reasons for you to get a banking license, 2023

Source: ECB Statistical Data Warehouse, SUP: Supervisory Banking Statistics

The relationship between the rate charged on loans to non-financial corporations and the yield on euro area benchmark bonds is depicted below, showing a close correlation between the two. Hence, the same principles that apply to the loan-deposit spread (LDS) also apply to bond yields.

The Top Reasons for you to get a banking license, 2023

Just to clarify, “NFCs” is an acronym that stands for “non-financial corporations”.
The data referred to in the previous message are for the euro area, and the source is the ECB Statistical Data Warehouse.

The Case of Silicon Valley Bank (SVB)

It’s important to note that interest rate risk is relevant not only to traditional commercial banks but also to other financial institutions such as savings banks, cooperative banks, investment banks, and asset managers. All of these institutions can be impacted by changes in interest rates, as they hold assets and liabilities that are sensitive to interest rate movements.

As for Silicon Valley Bank (SVB), it’s an interesting case study of the importance of managing interest rate risk. It’s worth noting that the losses suffered by SVB were due to a mismatch between the maturities of its assets and liabilities rather than simply due to rising interest rates. The fixed-rate government bonds that SVB held were longer-term assets, while the variable-rate deposits used to fund them had shorter-term maturities. This meant that SVB was exposed to interest rate risk, as rising interest rates made its longer-term assets less valuable. When SVB was forced to sell its bond positions before their maturity date, it could not recoup the total value of those assets.

This highlights the importance of managing interest rate risk by carefully matching the maturities of assets and liabilities. It also underscores the need for financial institutions to have robust risk management practices in place to identify and mitigate potential risks.

Correlation Between New Banking Licenses and Short-Term Rates: What Entrepreneurs Should Know

Entrepreneurs who are interested in establishing new banks are likely to be well-informed about the impact of interest rates on the banking industry and may be more likely to seek new charters when interest rates are high. This is because rising interest rates create a more favorable environment for banks to generate profits, as they can increase their loan rates while keeping deposit rates low, which leads to a wider net interest margin. Conversely, when interest rates are low, banks may struggle to generate profits, which could discourage new entrants into the market.

Below is a graph illustrating the correlation between the number of new banking licenses granted in the United States and the Federal Reserve’s federal funds rate. Entrepreneurs perceive an increase in interest rates as a favourable economic environment to operate a profitable bank. The evidence supporting this is demonstrated in the graph by the spike in new banking licenses granted in 1981-1982, despite the fact that there were two consecutive recessions in the United States from 1980-1982. This spike occurred as the Federal Reserve’s Chairman, Paul Volcker, increased the federal funds rate to 20% in June 1981.

The Top Reasons for you to get a banking license, 2023

The data source for this graph is the Federal Deposit Insurance Corporation (FDIC) and the Federal Reserve Economic Data (FRED)

Jones, Myers, and Wilkinson (2022, p. 38) explain that the issuance of new banking licenses rises with increased interest rates since higher interest rates lead to a boost in banks’ net interest margins. This is the primary source of earnings for small banks. Conversely, the number of charters decreases when interest rates decline, which compresses net interest margins.

How COREDO Can Assist You in Capitalizing on the Current Economic Climate

It is widely known that obtaining a banking license and establishing a bank is a time-consuming and capital-intensive endeavor that requires a significant amount of documentation and knowledge of banking regulations. The process typically takes 18-24 months, requires at least €30mn in initial capital (including €2.5mn in start-up costs), and involves the preparation of over 2,000 pages of documentation, including compliance with regulations such as the CRR, CRD IV, and EBA Guidelines. It is also generally necessary to seek the assistance of specialised financial practitioners with experience in banking licensing and regulations.

At COREDO, we have a wealth of knowledge and experience in this area and can assist you in obtaining a banking license in most EEA+UK jurisdictions. We offer a free consultation to identify and analyse your options for obtaining a license and provide guidance on the regulatory requirements associated with the banking licensing process in the most appropriate jurisdiction for your needs. Contact us today to learn more.

As environmental, social, and governance (ESG) concerns take centre stage in the investment world, some investors consider Bitcoin (BTC) a potential ESG investment. While the cryptocurrency has been known for its high volatility, it has also gained a reputation for being a relatively low-carbon footprint investment. This has led some to speculate that Bitcoin may be the greatest ESG investment ever.

In recent years, Bitcoin mining has come under scrutiny for its energy consumption, with many critics arguing that the process of “mining” Bitcoin requires an unsustainable amount of energy, primarily derived from coal. However, recent studies have shown that Bitcoin mining may not be as energy-intensive as once thought. In fact, a significant proportion of BTC mining relies on off-grid energy sources, including zero-emission energy.

According to one study, over half of the Bitcoin network (52.2%) is powered by zero-emission energy sources. Some mining enterprises even use 90%-100% zero-emission energy, and a handful use emission-negative sources. These findings challenge the notion that Bitcoin mining relies solely on coal and suggest that the cryptocurrency may have a lower environmental impact than previously assumed.

But Bitcoin’s potential as an ESG investment goes beyond its environmental impact. The cryptocurrency has also had a significant positive impact on a global scale, particularly in underbanked regions where traditional banking systems are unreliable or non-existent. Bitcoin has enabled people in these regions to participate in the global economy, transfer money across borders, and access financial services that would otherwise be out of reach. This has the potential to improve financial inclusion and reduce poverty, making Bitcoin an attractive investment for socially conscious investors.

Of course, Bitcoin has risks, and investors should always conduct thorough due diligence before investing. But with its potential as a low-carbon, socially impactful investment, Bitcoin may be a game-changing ESG investment opportunity.

Despite the prevailing apprehensions regarding the cryptocurrency’s energy consumption, Bitcoin has yielded substantial returns for its investors and may also be deemed a commendable ESG (Environmental, Social, and Governance) investment.

If you possess a conventional finance background, you would be well-versed in the concept of ESG investment. The term ESG, an acronym for environmental, social, and governance, pertains to a set of criteria employed by conscientious investors to evaluate potential investments. Typically, investors interested in ESGs prioritise financial gains and endeavour to ensure that their investments positively contribute to the world.

After considering all of these factors, it seems reasonable to propose that Bitcoin (BTC) has the potential to be one of the most remarkable ESG (Environmental, Social, and Governance) investments of all time. Importantly, the digital currency has not only provided significant gains for its investors (currently, BTC has appreciated by seventy-one per cent (71%) in 2023, three hundred forty-two per cent (342%) over the previous three years, and an incredible forty-four thousand four hundred four per cent (44,404%) over the last decade), but it has also had a significant and positive impact on a global scale.

Higher bitcoin volume, lesser fossil fuels

If we were to increase our Bitcoin investment while simultaneously decreasing our reliance on fossil fuels, it could lead to a more sustainable and eco-friendly future.

Bitcoin seems to be among the limited industries, both nationally and internationally, that do not depend primarily on coal for its energy supply. According to a recent study, a significant proportion of BTC mining heavily relies on off-grid energy sources, with 52.2% of the Bitcoin network being powered by zero-emission energy.

At least 29 mining enterprises utilise 90%-100% zero-emission energy, and another 12 use emission-negative sources.

When compared to the primary electrical grid in the U.S., which derives only 36.7% of its energy from zero-emission sources, it becomes evident that almost every significant industry in the U.S. depends on a grid that is predominantly powered by fossil fuels. In contrast, Bitcoin mining operations are predominantly powered by zero-emission sources, making it an outlier in this regard.

Additionally, Bitcoin’s consistent demand for electricity stabilises the electrical grid by utilising any surplus energy produced, thereby enhancing the operational efficiency of power plants and reducing energy costs for consumers.

Is Bitcoin the new Game-changer in ESG Investment?


A Shoot up on Energy efficiency

Besides its predominant reliance on clean energy sources, the Bitcoin network is also notably more energy-efficient than traditional financial systems. Bitcoin mining accounts for less than 0.2% of global energy consumption and only 0.09% of the world’s CO2 emissions. Compared to gold mining, which is often compared to Bitcoin as a store of value, Bitcoin mining consumes less energy and does not produce heavy metal pollutants. Thus, adopting a Bitcoin standard as a replacement for the legacy financial system or gold could have a significantly positive impact on the environment.

Furthermore, the consistent demand for electricity by Bitcoin mining operations also has the potential to stabilise the electrical grid by absorbing any excess energy generated. As a result, the operational efficiency of power plants can be enhanced, leading to reduced energy prices for consumers.

Is Bitcoin the new Game-changer in ESG Investment?


A Boost on Innovation

By incentivising technological innovation, Bitcoin encourages the development of new clean energy solutions that could have broader applications beyond just the cryptocurrency industry. As more companies compete to offer the most energy-efficient mining operations, it could lead to significant advancements in clean energy technology, ultimately benefiting the environment and society as a whole.

The most significant environmental impact of Bitcoin could be its role in promoting the adoption and innovation of clean energy sources. The adverse effects of methane gas on the environment are 25 times worse than those of carbon dioxide (CO2). According to the Climate and Clean Air Coalition, reducing methane emissions is considered the most effective strategy to slow climate change over the next 25 years.

Interestingly, two of the largest methane producers are oil fields and landfills, and Bitcoin mining can contribute to mitigating these sources of pollution.

Vespene, a Bitcoin mining company, has introduced an innovative method of utilising the methane produced from landfills to power their mining rigs. This approach ensures that methane emissions are eliminated, thereby promoting environmental sustainability. Notably, Bitcoin mining with methane-vented power has proven to be more efficient in mitigating carbon emissions than any other renewable energy source currently available. The process of mining Bitcoin from vented methane has been found to remove 13 times more emissions from the environment than what coal puts into it.

With the increasing adoption of clean energy sources and the utilisation of innovative methods such as converting landfill methane into electricity, it is possible that the carbon emissions prevented by Bitcoin mining may eventually exceed the emissions produced by the electricity used to power the network. This could have a significant positive impact on the environment and further cement bitcoin’s position as a potentially great ESG investment. However, continued efforts and innovation in this area are necessary to achieve this goal.


In this article, we talk about money laundering – its three stages and what each means. We try to comprehend the detrimental effects it poses to businesses and the economy at large and grasp the methodologies that corporations can implement to safeguard themselves against such illicit activities.

The act of money laundering (ML) inflicts significant harm upon businesses, the investment climate, and the broader economic landscape. It significantly promotes crime and corruption and triggers a considerable decline in the effectiveness of the real sector of the economy. As a result, this criminal activity manifests many other consequential outcomes.

The magnitude of this unlawful conduct on a global scale is staggering. The United Nations Office on Drugs and Crime (UNODC) reports that each year, between 2 to 5% of the world’s gross domestic product (GDP) is subjected to money laundering, amounting to an estimated sum of between $754 billion to $2 trillion.

In most countries’ jurisdictions, the act of money laundering constitutes a grave offence, punishable by imprisonment and/or substantial fines. For instance, in the United States of America, the severity of the penalty for complicity in money laundering may escalate to $250,000 and extend to a maximum imprisonment term of five years.

Numerous enterprises may remain oblivious to the reality of being utilised for money laundering. Even though not all commercial entities may be held accountable for the illicit activities carried out through them, entities obligated to comply with Anti-Money Laundering (AML) regulations, including banks, are held to a different standard. The consequences can be colossal if the illicit conduct is discovered during an audit process. As an illustration, Danske Bank was recently subject to a €470 million ($495 million) fine owing to its involvement in an international money laundering scandal.

To safeguard your business from criminals and the imposition of regulatory fines, it is imperative to delve into the intricacies of money laundering, including the prevalent schemes that are commonly employed and the measures that can be taken to prevent this.

What is money laundering (ML) and why it matters

In its most basic definition, the act of money laundering is characterised by the intentional concealment or distortion of the source of proceeds that have been illicitly obtained to create the impression that the funds were derived from lawful sources. Money laundering (ML) entails a course of action whereby funds originating from unlawful activities such as drug trafficking, bribery, or fraud are obscured from their source.

Actions to combat money laundering (ML) are frequently associated with the battle against terrorism financing (TF), as both ML and TF entail the rechanneling of funds.

As per the Financial Action Task Force (FATF) findings, a staggering amount of $1.6 trillion is laundered annually from countries with lower-income levels, with the proceeds typically emanating from political corruption. In such areas, corruption exacerbates poverty, exacerbating environmental destruction and causing economic stagnation. Due to the intricate connection between money laundering and corruption, any initiatives aimed at curbing the proliferation of illicit funds also assume a crucial role in reducing corruption on a global scale.

Activities such as illegal arms sales, smuggling, and organised crime, including drug trafficking and prostitution rings, can produce significant sums of money. Similarly, embezzlement, insider trading, bribery, and computer fraud schemes can generate substantial profits and create the incentive to “legitimise” the unlawfully obtained gains through money laundering.

When a criminal endeavour results in sizeable profits, the involved parties must find a way to maintain control of the funds without drawing attention to the underlying activity or the individuals implicated. Criminals do so by disguising the source of the funds, altering their form, or relocating the funds to a location where they are less likely to attract scrutiny.

In light of growing apprehension regarding money laundering, the Financial Action Task Force on money laundering (FATF) was established by the G-7 Summit in Paris in 1989 to formulate a cohesive international response. One of the FATF’s primary objectives was to develop a set of 40 Recommendations, which outlined the measures that national governments should adopt to implement effective anti-money laundering programs.

How much money is laundered per year?

By its very nature, money laundering is an illicit activity perpetrated by criminals that operate outside the standard range of economic and financial data. In conjunction with other facets of subterranean economic activity, approximations have been posited to offer a glimpse into the scale of the issue at hand.

What are the three stages of money laundering and their impact on businessesThe United Nations Office on Drugs and Crime (UNODC) conducted a comprehensive analysis to ascertain the extent of illegitimate funds generated by drug trafficking and organised crimes and the degree to which these funds are laundered. The UNODC report approximates that in 2009, criminal profits constituted 3.6% of the global gross domestic product (GDP), with 2.7% (equivalent to USD 1.6 trillion) of those proceeds being laundered.

This falls within the ambit of the widely cited estimate by the International Monetary Fund (IMF), which stated in 1998 that the overall scope of money laundering across the world could be situated between two and five percent of the world’s GDP. Using the statistics of 1998, these percentages would suggest that the phenomenon of money laundering ranged between USD 590 billion and USD 1.5 trillion. At that juncture, the lower figure was roughly commensurate with the total output value of an economy comparable in size to that of Spain.

However, it is imperative to exercise caution while considering the above estimates. They are merely meant to approximate the magnitude of money laundering. Due to the clandestine nature of the transactions involved, precise statistical data is unavailable, making it impossible to produce a definitive estimate of the global amount of money laundered each year. Therefore, the Financial Action Task Force (FATF) abstains from publishing any figures in this regard.

The three main stages of money laundering

The placement stage

Illicit funds can be integrated into the financial system either directly or indirectly. In the placement stage, the most common technique used is the fragmentation of large sums of money into smaller, less conspicuous amounts, which can be deposited into one or multiple bank accounts using the ‘smurfing’ technique. Money service businesses are often utilised to execute smurfing.

Other placement methods include:

  • False invoicing involves creating invoices for non-existing goods or services to overcharge or charge for services that were never provided. The difference between the actual cost of goods or services and the overcharged amount is then transferred as laundered money.
  • Blending illegal money with legitimate money – involves depositing cash obtained through illegal activities into bank accounts with legitimately earned funds, making it difficult for law enforcement agencies to trace the illegal funds.
  • Buying foreign currency – involves converting large amounts of illegal money into a different currency, which can then be deposited into foreign bank accounts or used to purchase assets in other countries.
  • Purchasing securities or insurance using cash – involves buying stocks, bonds, or insurance policies with cash, which can later be sold for clean money.
  • Gambling and betting on sports events – can be used to launder money by placing bets with cash obtained through illegal activities and then collecting the winnings as clean money.

The layering stage

The process known as “layering” denotes the complex set of actions aimed at severing the illicit origin of money and further masking its source by creating multiple “layers” of transactions to obfuscate the trail of an audit. This sophisticated practice serves the purpose of concealing the provenance of illegally gained assets by confounding their detection and tracking.

Undertaking the layering phase constitutes the most intricate stage of this fraudulent operation. It entails a series of elaborate financial transactions, which often cross national borders via international money transfers. To execute the layering strategy, the funds can be directed through purchasing and selling various types of investments or via a chain of accounts held in different financial institutions across multiple jurisdictions. Such illicitly obtained capital is frequently diverted to countries with permissive anti-money laundering (AML) regulations or those that do not cooperate with AML investigations.

The integration stage

Once the illicit money has been successfully placed and layered, the next stage for criminals is to reintegrate, or “return,” the money to themselves in a way that obscures its illegitimate origin, rendering it “clean.” Upon completing this stage, the funds become part of the legitimate financial system and can be utilised freely by the perpetrators.

The central goal of this stage is to integrate the money into the economy without raising suspicion or drawing the attention of law enforcement agencies. To accomplish this objective, criminals may acquire assets such as real estate, artwork, precious jewellery, or high-end vehicles, among other possibilities. These types of assets can serve to legitimise the previously illicitly obtained capital, as they can be perceived as having been acquired through lawful means.

How money laundering impacts businesses and the economy

Money laundering poses a significant threat to businesses, resulting in a host of adverse consequences such as revenue loss, damage to reputation, and regulatory penalties in the millions of dollars or suspension of licenses.

Furthermore, the socio-economic repercussions of ML are far-reaching and damaging, with global effects such as the perpetuation of corruption, an escalation in criminal activity, erosion of foreign investor confidence, widening income inequality, and a slowdown in economic growth. These effects are particularly concerning as they can compound and exacerbate pre-existing economic and social issues, creating further destabilisation and harm.

The perceived functioning of the banking and financial services marketplace within a framework of elevated legal, professional, and ethical standards is integral to preserving its integrity. A financial institution’s reputation for integrity is among its most valuable assets.

What are the three stages of money laundering and their impact on businessesSuppose a particular institution is susceptible to processing funds generated by criminal activities, either due to the bribery of its employees or directors or by turning a blind eye to the illicit nature of such funds. In that case, it risks becoming actively complicit with criminals and thereby part of the criminal network itself. Any evidence of such complicity is bound to hurt the perceptions of other financial intermediaries and regulatory authorities, in addition to ordinary customers.

Unchecked money laundering also carries the potential for negative macroeconomic consequences, such as inexplicable changes in the demand for money, prudential risks to the soundness of banks, contamination effects on legitimate financial transactions, and increased volatility of international capital flows and exchange rates due to unforeseen cross-border asset transfers. Furthermore, successful money laundering rewards corruption and crime, damaging the integrity of society as a whole, undermining democracy, and compromising the rule of law.

Money launderers are constantly searching for new avenues to launder their ill-gotten gains. Economies with expanding or emerging financial centres, yet inadequate safeguards, are especially vulnerable, as countries with well-established financial centres implement extensive anti-money laundering protocols.

Launderers will exploit the differences in national anti-money laundering systems, relocating their networks to nations and financial systems with weak or ineffective countermeasures. Some may argue that developing economies cannot be too discriminating when it comes to attracting capital. However, postponing action is risky. The more action is delayed, the more entrenched organised crime can become.

Similar to the compromised integrity of a particular financial institution, the presence of organized crime controlling and influencing a country’s commercial and financial sectors hurts foreign direct investment.

Thus, combatting money laundering and terrorist financing is crucial in creating a business-friendly environment, which is a prerequisite for sustainable economic development.

The potential social and political repercussions of unaddressed or poorly managed money laundering are grave. Organised crime can penetrate financial institutions, seize control of significant portions of the economy through investment, or bribe public officials and even governments.

The economic and political sway of criminal organisations can erode the social fabric, shared ethical norms, and, ultimately, the democratic institutions of society. In nations transitioning to democratic systems, criminal influence can undermine the transition. At its core, money laundering is inextricably linked to the criminal activity that spawned it. By laundering funds, criminal activity is allowed to persist.

How to detect and prevent money laundering

To ensure the safety of businesses and prevent financial crime, a comprehensive Anti-Money Laundering (AML) compliance program must be implemented. Such a program should clearly define the procedures for detecting, assessing, and reporting suspicious financial activities. The following measures are key components of an effective AML program:

  • Customer Due Diligence (CDD): Before a customer is allowed to use the services of a company, they must undergo a rigorous Customer Due Diligence check. This process involves obtaining and verifying customer information, such as their identification documents, and evaluating whether they pose any potential risk of being involved in criminal activities.
  • Enhanced Due Diligence (EDD): In cases where there is a higher risk of money laundering, companies are required to implement Enhanced Due Diligence measures. One of the most critical elements of EDD is to scrutinise clients’ sources of funds to ensure they are not derived from illegal activities.
  • Ongoing customer monitoring: This is an additional layer of risk management that involves continuously monitoring customer transactions and conducting periodic checks to identify and assess any suspicious activity.
  • Independent AML audits: These audits allow businesses to identify and rectify any deficiencies and shortcomings in their AML compliance strategies before regulatory inspections to prevent penalties or fines.
  • KYT or transaction monitoring: Transaction monitoring is a continuous security process that enables businesses to detect and prevent suspicious transactions. A reliable KYT software platform can identify unusual patterns, scrutinise dubious transfers, and monitor digital or fiat currency transactions. This helps to prevent and detect money laundering activities and other financial crimes.


Blockchain has completely transformed how we interact online. In this article, we discussed the most secure types of blockchain and the most common challenges against it.

Recap on blockchain definition

Blockchain is a digital, decentralised database that enables the secure storage and transmission of data, including records of completed transactions. Due to its unique features, it has gained widespread adoption across numerous industries, including finance and healthcare.

In a blockchain, data is stored in blocks that are linked together by special cryptographic keys, forming an unalterable chain of information. Each new block contains data about the previous one, providing a tamper-proof and secure platform for storing and transmitting information.

Blockchain technology was created in response to the vulnerabilities and issues associated with Web 2.0, the current version of the Internet. Centralised databases used in Web 2.0 are susceptible to hacks, leading to the loss of users’ data and the potential for fraud and manipulation.

Web 3.0, the next iteration of the internet, is being built on blockchain technology to address these issues. It aims to create a peer-to-peer network that is distributed across multiple devices, from personal computers to company servers. By storing information on a decentralised network, Web 3.0 will provide a more secure and transparent platform for the storage and transmission of data.

The use of blockchain technology is not limited to specific industries. Any service that requires a secure, distributed database with a high level of integrity can benefit from the advantages of blockchain. By establishing trust between participants, blockchain can offer a transparent, tamper-proof platform for storing and transmitting data.

Industries that stand to benefit from blockchain include banking and finance, where the technology can be used for secure and efficient transactions. Digital identity is another area where blockchain can significantly impact, providing a secure and transparent way to store and verify identities.

Other areas where blockchain technology can be applied include supply chain management, healthcare, real estate, and government services. With its decentralised and transparent nature, blockchain has the potential to revolutionise various industries and transform the way we store, share, and verify data.

Security in blockchain

Blockchain technology is known for its inherent security based on several key features.

A detailed guide on blockchain securityFirstly, it uses a decentralised, distributed ledger system consisting of interconnected blocks that cannot be broken or altered. Each participant can download and verify the entire chain, ensuring that no unauthorised changes have been made.

In addition, blockchain technology is based on cryptography, which provides a secure means of storing and transmitting data. Hashing algorithms convert data into a digital fingerprint or hash, which can be used to verify the authenticity and integrity of the data without the need for a direct exchange of information. The hash can be published publicly, allowing anyone to verify that the data has not been altered.

Another key security feature of blockchain technology is its resistance to hacking and other forms of malicious activity. Because the ledger is distributed across multiple nodes, it is extremely difficult for attackers to compromise the network or alter its stored data.

However, it should be noted that not all blockchain implementations are created equal, and some may offer higher levels of security than others. Factors such as the consensus mechanism, encryption methods, and governance structure can all impact the overall security of a blockchain network.

Types of blockchains

1. Public blockchain

Public blockchains, being permissionless, allow anyone to participate in creating and validating new blocks of data. These blockchains are widely used for mining cryptocurrency, with Bitcoin and Ethereum being the most notable examples. The nodes on the network compete to solve complex cryptographic equations that verify and add transaction records to the blockchain. Successful completion of these equations results in the miner earning cryptocurrency tokens that can be used in various ways, such as on an NFT or crypto exchange.

The decentralised nature of the ledger technology on public blockchains is generally considered secure, but there are still potential risks from malicious actors. A 51% attack, for instance, is a scenario where an attacker gains control of most of the nodes on the network and can manipulate the data on the blockchain. Despite this, the benefits of public blockchains in terms of transparency and immutability continue to drive their adoption and use in various industries.

2. Private blockchains

Private blockchains represent a distributed ledger technology (DLT) category that operates within an accessed network managed by a single organisation (node). This particular node takes on the responsibility of storing, tracking, and managing digital data while controlling network access.

Private blockchains are known:

  • for their superior efficiency, stemming from their smaller network size and the absence of competition for network resources.
  • considered to be more secure than public blockchains since only approved members are granted access to the network and digital assets stored on it. To ensure network safety, members of a private blockchain follow rigorous cryptography and consensus mechanisms.
  • generally considered to be less secure than consortium or hybrid blockchains, primarily due to their centralised nature. Should the governing body be compromised, the entire network is at risk of damage.

Several prominent examples of private blockchains include KitChain, MELLODDY Project, and

3. Consortium blockchains

Consortium blockchains, or federated blockchains, represent a subset of distributed ledger technology operating within an accessed network. While they share this characteristic with private blockchains, they differ because they have multiple selected participants (organisations) who jointly control the network. This contrast with private blockchains, where there is only one controlling node, creates a more decentralised network that results in higher levels of security.

Federated blockchains are especially useful in scenarios where multiple parties must reach a consensus regarding a shared data set. For example, consortium blockchains can be used in finance, supply chain management, or Internet of Things (IoT) scenarios, where various parties must agree on transactions, deliveries, or data-sharing.

4. Hybrid blockchains

Hybrid blockchains combine aspects of both public and private blockchains to create a flexible network that can be tailored to specific use cases.

In a hybrid blockchain, a private network is established, and the data is shared only among a select group of participants who have permission to access it. However, the network also has a public-facing component, typically a public blockchain, which performs certain functions, such as validating transactions or providing transparency and auditability.

The public blockchain acts as a bridge between the private network and the outside world, providing the benefits of a public blockchain, such as decentralised validation, while still maintaining the security and privacy of a private network. An example of a hybrid blockchain is the IBM Blockchain Platform, which allows enterprises to build and deploy blockchain applications using a combination of both public and private components.

Common blockchain challenges

It is essential to acknowledge that all blockchain networks can become the target of cyberattacks, both at the level of the blockchain code itself and at the level of the protocols that run on top of it. Notable examples of this include the Ethereum DAO hack, which ultimately resulted in the hard fork of the Ethereum network, and the recent Binance Smart Chain (BSC) hard fork.

Nevertheless, it is worth noting that in the event of a widespread attack, the blockchain community may be able to take swift and decisive measures to minimise the negative impact of such an attack.

Through collective efforts and by leveraging various security mechanisms, it may be possible to mitigate the consequences of such an event and ultimately ensure the continued stability and security of the network.

The most common blockchain attacks are below:

  1. 51% attacks

The immutability of blockchain, which is one of its most prominent features, can be compromised if a consensus of 51% of all nodes in the network is reached to alter the chain. In such an event, malicious actors could potentially collude and establish a majority exceeding the 51% threshold, enabling them to execute nefarious activities. Nevertheless, countermeasures exist to thwart such assaults and remediate any harm inflicted on the network. Private blockchains, unlike public ones, are immune to this type of attack.

  1. Sybil attacks

A Sybil attack refers to the attempt by a perpetrator to commandeer a blockchain network by leveraging multiple accounts, nodes, or computers. This tactic is akin to the 51% attack but differs in that a single individual assumes the guise of several distinct entities to undermine the network’s security.

  1. DDoS attacks

Distributed denial of service (DDoS) attacks involve a coordinated effort by multiple interconnected devices, or a botnet, to inundate a targeted website or network with spurious traffic. While executing DDoS attacks on a blockchain can be challenging, it is not impossible.

A detailed guide on blockchain securityIn a DDoS attack against a blockchain, malefactors aim to incapacitate the server by overloading its processing capabilities with multiple requests from online devices. The objective is to sever the connections between the blockchain’s network and its mining pools, cryptocurrency exchanges, wallets, and other entities.

  1. Eclipse attacks

An eclipse attack is an exploit involving the takeover of numerous IP addresses or the use of a distributed botnet by attackers. In this scheme, the attacker alters the addresses of the victim node and awaits the victim node’s restart. Following the restart, all outgoing connections from the target node are redirected to the IP addresses under the attacker’s control. The attacker may also employ a distributed denial of service (DDoS) attack to compel the victim to reconnect to the network.

  1. Race attacks

A race attack is a method hackers employ to attempt to double-spend funds by creating two transactions of identical amounts simultaneously. The attacker aims to replace the first transaction with a subsequent one that returns the funds to a wallet they control before the initial transaction is confirmed and written onto the blockchain.

  1. Finney attacks

A Finney attack is an exploit that entails a miner pre-mining a transaction into a block from one wallet to another. The attacker then employs the first wallet to initiate a second transaction and broadcasts the pre-mined block containing the first transaction. To execute this attack, a specific sequence of steps must be followed. It is only feasible if the transaction’s recipient accepts an unconfirmed transaction.

  1. Vector76 attacks

Hackers can deploy this combination of race and Finney attacks to execute an exploit. In this scheme, the attackers create two transactions simultaneously and disseminate them to disparate areas of the network. The first transaction, which is of substantial value, is directed to the attacker’s address, while the second transaction is of minor worth. The attackers receive credit for the sizable sum, while the second transaction supplants the first transaction and ultimately gains the network’s final acceptance.

  1. Phishing

Phishing is a prevalent type of fraudulent activity aimed at obtaining users’ login credentials, including the keys to their cryptocurrency wallets. This scheme often involves disseminating deceptive emails containing malicious links intended to compromise users’ credentials.

  1. Honeypot scams

A cryptocurrency honeypot scam is a type of fraudulent activity that involves the creation of counterfeit crypto wallets or tokens to deceive unsuspecting victims into sending, investing, or trading their cryptocurrency tokens. The scam perpetrator typically masquerades as a legitimate enterprise and entices their targets with promises of lucrative rewards or services. However, the true objective of the scam is to steal cryptocurrency from the victim.

  1. Scam tokens

A scam token is a type of cryptocurrency that is designed explicitly to deceive investors and steal their funds. Typically, these fraudulent tokens are established on an existing blockchain platform, such as Ethereum, Polygon, or Solana, as it is easier for cybercriminals to do so than to create an entirely new blockchain.

As new crypto tokens continue to emerge, it is essential to exercise caution and discernment.

Although some tokens are legitimate, many are outright scams that are operated by criminals. There are several methods for identifying scam tokens, such as researching the developers and checking the token’s price history.

Best practices for blockchain security

The following are some best practices to ensure security when dealing with blockchains:

  • Keep your login credentials confidential, including the mnemonic phrase and private key. Losing these may result in the permanent loss of access to the account.
  • Check if your protocol has undergone auditing to ascertain the contract owners’ concern for security.
  • Before submitting transactions to the blockchain, verify their results.
  • Use transaction endorsement, which mandates multiple parties to sign off on each transaction.
  • Remain vigilant for phishing attempts by utilising link checker tools and verifying community reviews of unfamiliar websites.
  • Utilise a secure Virtual Private Network (VPN).
  • Utilise a secure crypto wallet such as MetaMask (web/mobile), TrustWallet (mobile), or Ledger (physical device).
  • Do not employ tokens with an unclear origin, as they may result in a loss of control over your wallet.
  • If something appears to be a honeypot, it most likely is. Do not trust it.
  • Expect cyber threats at every turn.

If you are encountering difficulties in mitigating false transaction claims, there are various approaches that you can employ to prevent such fraudulent activities and safeguard your enterprise. In the following passages, we will outline some of these methods, which can be instrumental in curtailing such occurrences and protecting the financial integrity of your business.

Chargebacks can have a detrimental impact on businesses, resulting in expensive fees, lost shipping revenue, transaction processing costs, and valuable time spent resolving disputes.

In addition, a high volume of chargebacks can potentially inflict reputational harm on a company or even prompt the termination of a merchant account. This comprehensive guide aims to equip businesses with the knowledge and tools necessary to effectively manage and mitigate the negative consequences of chargebacks.

What are chargebacks?

Chargebacks, which are also commonly referred to as “disputed transactions,” occur when customers dispute credit card charges and request refunds. Such disputes may arise from a range of factors, such as a genuine mistake on the part of the user or fraudulent activity by individuals seeking to manipulate the system for their benefit. In either case, chargebacks can result in significant financial losses for businesses, which underscores the importance of developing effective strategies for preventing and managing them.

There are three primary types of chargebacks that businesses may encounter:

  1. Criminal fraud chargebacks stem from transactions made using stolen credit card information. In these cases, the actual cardholder initiates a chargeback claim after discovering unauthorised charges on their account.
  2. Company error chargebacks result from mistakes a business makes during the transaction process. This may include errors such as incorrect transaction amounts or billing errors.
  3. Friendly fraud chargebacks occur when a cardholder falsely claims that a transaction was fraudulent despite having made the purchase themselves. For instance, an individual may purchase an iPhone 14 on Amazon, receive the product, and then falsely claim that they did not authorise the transaction.

All businesses are vulnerable to these three chargeback types, which can lead to costly fees and significant time spent resolving disputes. Therefore, companies must take proactive measures to prevent and manage these risks.

What is chargeback fraud and how does it impact businesses?

Chargeback fraud occurs when a customer intentionally provides false information about the status of a purchase, usually to obtain a refund while retaining the purchased item. Common tactics used by fraudulent customers include falsely claiming that they never received the order or that they did not authorise the transaction. This type of fraud can be highly detrimental to businesses, resulting in financial losses and damaging the company’s reputation. As such, businesses must remain vigilant and implement effective measures to prevent and mitigate the risk of chargeback fraud.

How to protect your business from chargeback claimsThe impact of chargeback claims on eCommerce businesses is significant and cannot be ignored. The number of such claims has recently increased exponentially, a trend that the COVID-19 pandemic has exacerbated.

Reports indicate that in 2021, as many as 75% of eCommerce companies experienced a surge in fraud attempts. This clearly indicates the growing risk that businesses face in this regard. Looking ahead, it is estimated that merchants will be confronted with chargeback claims worth as much as $100 billion by 2023. These figures underscore the need for businesses to take proactive steps to protect themselves from fraudulent chargeback claims and to implement robust strategies to manage such risks.

Businesses that experience chargeback claims are often required to pay a significantly higher price than just the cost of the disputed product. Including additional hidden expenses means that businesses may have to pay up to four times the product’s original price.

Looking ahead to 2023, the average cost of a single chargeback claim is estimated to rise to $190. This includes various expenses such as fees charged by credit card issuers and payment processors and costs associated with the investigation and resolution of the claim. The financial impact of chargeback claims on businesses is significant, and companies must take appropriate measures to minimise such costs and protect their bottom line.

In addition to its financial impacts, chargeback claims can also result in significant reputational damage for businesses.

Suppose payment processors observe a high ratio of chargebacks. In that case, they may mitigate risk, such as limiting the merchant’s monthly payment volume, terminating their account, or placing them on a Terminated Merchant File (TMF) list, identifying them as high-risk customers. Being placed on a TMF list can have serious consequences for a business, as it may force them to work with high-risk payment processors or even create a new legal entity to continue operations. This can be time-consuming and expensive and may damage the company’s reputation, resulting in a loss of customer trust. It is, therefore, essential for businesses to implement effective strategies to prevent chargeback claims and protect their reputation.

How to mitigate chargebacks?

Given the complexity of chargeback claims, businesses must use various tools to combat them effectively. Below, we outline the four primary methodologies that businesses can take to address this problem:

METHOD #1: Manual Process of Verifying payment method

To ensure that the customer making the payment is the legitimate owner of the payment card and prevent fraudulent activities such as using stolen cards to make multiple transactions, a selfie with the bank card is required from the customer when making their first payment. This procedure involves taking a picture of the customer holding the payment card, which allows for the verification of the customer’s identity and the authenticity of the payment card being used. By implementing this measure, businesses can reduce the risk of chargeback claims resulting from fraudulent transactions and provide customers a secure and trustworthy payment environment.

Despite the benefits of requiring a selfie with the bank card when making a payment, this method has limitations as it relies on humans to determine the authenticity of the payment card and the customer’s identity.

There is always the risk of human error or the possibility that a sophisticated fraudster may be able to deceive the verification process. Furthermore, this additional verification step can slow down payment processing as it requires transaction managers to manually review and verify each suspicious payment, which can result in delays and inconvenience for customers.

As such, businesses need to weigh the benefits and limitations of this verification method and consider implementing additional measures, such as using automated fraud detection software, to enhance the security and efficiency of their payment processing.

While requiring a selfie with a bank card can be effective for small companies processing a limited number of transactions, it may not be a viable option for large corporations that process thousands of transactions daily. The manual verification of every customer’s identity and payment card ownership would be impractical and time-consuming, leading to significant delays and potential errors.

Furthermore, the cost of implementing such a manual verification process can be prohibitive, requiring a larger workforce to carry out the checks and resulting in significant expenses for the company. Companies with a high volume of transactions should consider implementing automated fraud detection and prevention systems that can efficiently identify and prevent fraudulent transactions while minimising the risk of chargeback claims and reputational damage.

METHOD #2: Automated Review Process

Automated chargeback reviews can be an effective way to prevent fraudulent chargeback claims. By requiring users to pass a Know Your Transaction (KYT) procedure, companies can detect suspicious transactions by identifying unusual patterns, dubious transfers, and transactions made in digital or fiat currencies. An automated KYT solution can streamline this process by using advanced algorithms and machine learning to identify potential fraud more efficiently and accurately than manual reviews. This can save companies time and money and reduce the risk of chargeback claims and reputational damage.

Automated KYT solutions can also provide real-time monitoring of transactions, which can help companies identify and prevent fraudulent activity before it leads to a chargeback claim.

Using KYT solutions can help companies detect various criminal activities beyond chargebacks, including money laundering, terrorist financing, fraud, identity theft, drug trafficking, corruption, and bribery. By monitoring transactions for unusual patterns and suspicious activity, companies can identify potential criminal behaviour and take action to prevent it. In addition to protecting their business, implementing KYT solutions can help companies comply with anti-money laundering (AML) and counter-terrorism financing (CTF) regulations, which are required by law in many jurisdictions.

Automated KYT solutions are designed to detect abnormal patterns in customer transactions. These patterns can include:

  1. Transactions with Unusual Amounts
  2. Transactions with Unusual series,
  3. Transactions with unusual destinations or origin of a payment,
  4. Transactions with known threats or typologies.

By analysing large amounts of data and using advanced algorithms, automated KYT solutions can quickly and accurately identify potentially fraudulent or criminal activity, allowing businesses to take action to prevent losses and protect themselves and their customers.

How to protect your business from chargeback claimsIn addition to the above-mentioned suspicious patterns, automated KYT solutions may also detect other anomalies, such as:

  1. Transactions made from high-risk countries or regions
  2. Transactions that involve high-risk industries or products
  3. Transactions that fall outside the usual time or location patterns of a customer’s typical behaviour
  4. Transactions made using compromised or stolen payment credentials
  5. Transactions that are split into multiple smaller amounts to avoid detection
  6. Transactions that involve customers with a history of fraud or chargebacks.

METHOD #3: Data and Pattern Analysis

To authenticate the accuracy of personal information, businesses may resort to utilising the practice of big data analysis to identify and deter any potential fraudulent attempts.

This approach involves utilising a diverse range of tools to systematically collect data from checkout flows, card networks, and bank records to detect any anomalies and predict the likelihood of fraudulent activity.

Typically, such data can be accessed via various databases that specialise in tracking fraudulent behaviour, which may be hosted locally, thus mitigating any potential network delays and enabling the integration of such tools into a company’s existing workflow. By leveraging this method, businesses can enhance their ability to identify instances of chargeback fraud expeditiously.

  • IP geolocation and device location 

By leveraging the data generated by a device’s IP address, or other location-based information, it is possible to accurately identify the geographic location where a given purchase was made and identify any anomalous patterns or behaviours. This information can be utilised to enhance compliance efforts by enabling the exclusion of IP addresses identified as belonging to proxies, concealed users, or other types of anonymisers. This approach helps to ensure the data’s accuracy and integrity, which is a key factor in maintaining effective compliance practices.

  • Device fingerprinting

An analysis of a device’s distinct attributes, such as its operating system, web browser type and version, language settings, and IP address, can accurately identify the device in question. This unique device, “fingerprint”, is a crucial tool in identifying and flagging repeat fraudulent requests, providing concrete evidence that the requests in question originate from the same device. This information can be leveraged to enhance the accuracy and efficacy of fraud detection efforts, allowing for more targeted and effective responses to instances of fraudulent activity.

  • Negative database 

Conduct checks on the history of cardholders to determine if they have a previous record of engaging in fraudulent behaviour. To this end, businesses may leverage negative databases, which provide access to comprehensive lists of suspicious IPs, mailing addresses, and email addresses on a global scale. These databases are updated in real-time whenever instances of fraud are detected, allowing businesses to remain informed regarding whether any of their existing users have been identified as fraudulent actors.

By utilising these databases as a tool for fraud detection, businesses can enhance their ability to identify and prevent instances of fraudulent activity, ultimately improving the overall security and integrity of their operations.

  • Social network data analysis 

Engage in investigations of individuals, relationships, and other social structures to identify any links to fraudulent behaviour. In cases where customers exhibit suspicious behavioural patterns, such as frequent and rapid location changes over time, the system may flag these patterns as potential signals of fraudulent activity. By utilising this approach, businesses can more effectively identify and deter instances of fraud while also helping to safeguard their operations and protect the interests of their customers.

  • Fraud scoring services

Rank all transactions according to a fraud score or rating, which reflects the level of risk that each transaction poses to the business. Additionally, many such services can customise and adjust their fraud scoring models to better align with a company’s specific risk level, further enhancing the accuracy and effectiveness of their fraud detection efforts. By utilising these services to rank and evaluate transactions in real-time, businesses can more effectively identify and prevent instances of fraudulent activity while also minimising any negative impact on the customer experience.

METHOD #4: Built and Implement a Refund Policy

While the previous steps outlined are designed to minimise the risk of criminal fraud, it is essential to note that the possibility of friendly fraud still exists. Although businesses may be able to dispute instances of friendly fraud in court, this can be a costly and time-consuming process. As such, it is often more efficient and effective to take steps to prevent chargebacks from occurring in the first place. By proactively monitoring transactions and implementing tools and techniques to identify and address potential sources of friendly fraud, businesses can minimise the risk of chargebacks while also enhancing the overall security and integrity of their operations.

When customers are dissatisfied with a purchase and may be considering initiating a chargeback, businesses can take proactive steps to encourage these customers to apply for a refund instead. While refunds may still represent a financial loss for the business (e.g. shipping costs, etc.), they are typically less financially and reputationally damaging than chargebacks, which can result in losses several times greater than the original cost of the purchase.

By actively engaging with customers and working to resolve any issues or concerns that may arise, businesses can build stronger relationships with their customers while also minimising the financial impact of chargebacks and other forms of fraudulent or problematic behaviour.

To minimise the risk of chargebacks, businesses should consider implementing a clear and easily accessible refund policy for their customers. This policy should be designed to be relatively strict while still being understandable and transparent to customers.

Additionally, any potential additional charges or fees associated with the refund process should be communicated to customers upfront to avoid any misunderstandings or confusion that could potentially lead to a chargeback. By providing customers with a clear and consistent refund policy, businesses can help build trust and establish a positive reputation while minimising the likelihood of disputes and chargebacks.

While it may be impossible to eliminate the risk of fraud, taking proactive steps to address potential sources of fraudulent activity can significantly reduce the risks businesses face.

By implementing the steps discussed in this article, businesses can more effectively identify and prevent criminal and friendly fraud while improving their overall risk management strategies.

However, before taking any specific action, it is important for businesses to accurately identify and understand the type of chargeback they are facing, to develop an appropriate and effective response plan. By leveraging a combination of technology, analytics, and proactive engagement strategies, businesses can better protect themselves and their customers from the negative impacts of fraudulent activity.

Conference Ecom21: impressions and resultsThe conference Ecom21 was held in Riga, Latvia from 12 to 14 April 2023. This is the largest international e-commerce event in the Baltic States.

Since 2012 financial industry professionals have been regularly gathering here to get acquainted with new global trends and developments, share experiences, and discuss problems.

COREDO representatives could not miss the opportunity to take part in the Ecom21 conference, gain new knowledge, meet interesting people and potential partners, and find new promising areas of work.

This year the conference impressed with its scale and scope: more than 550 participants from 24 countries, representing more than 200 companies, took part in it.

Numerous panel discussions were held featuring more than 55 speakers: industry leaders, experts and analysts. In addition, the program also included a number of specialized workshops and exhibitions.

Among the most interesting and useful events for us at this conference, we can single out:

  • Presentation “Revolutionizing Financial Services – The Power of Digital Banking Platforms”, presented by Aivars Belis, Chief Technology Officer of “DECTA”. The speaker spoke about the development prospects of the payment business and technologies, about innovations in this area. This information turned out to be knowledgeable in terms of understanding the trends and directions of the market development.
  • Presentation “Fraud Prevention in The 21st Century — Why Financial Literacy Is Not Enough” by Lev Bass, CBDO and Co-Founder in Huntli. The speaker presented descriptions of AML/KYC software solutions for financial companies.
  • Presentation “Exploring NFTs — The Future of Digital Asset Ownership” presented by Reinis Znotins, Executive Director of “LBAA” and Matt Jackson, Blochchain&Crypto Marketing Lead in Blue Train Marketing. The speakers talked about the potential of using NFT tokens in various areas, such as airlines, gastronomy, etc. Since the COREDO company is engaged in the provision of services in the cryptocurrency market, this information was useful to us.
  • Presentation “From Hype to Reality — The Practical Applications of Cryptocurrency in E-Commerce”, presented by Egor Avetisov, Head of Strategic Partnerships at Binance. The author spoke about innovations in the field of e-commerce, about the increasing introduction of cryptocurrencies into everyday life.

Conference Ecom21: impressions and results

Participation in these workshops also brought useful and interesting experience:

  • “Business-Speed-Networking”. It was an engaging experience that allowed me to quickly get to know many of the conference participants and determine with whom it is most important to have time to communicate closer.
  • “Get To Know Compliance — 10 Munite Insights With Huntli, Finance, Finchecker, SigningServices”. An interesting exercise that allowed me to learn about interesting products and software used in the AML/KYC direction.
  • “Mastercard Fintech and Impact-tech Engagement — Local and Global”. The session allowed to learn more about innovative products and services that cover the needs of modern digital consumers.

The Ecom21 conference once again confirmed that the lack of continuous development can be fatal for the participants of the financial industry. To be on a roll, it is necessary to constantly be aware of rapidly changing trends that affect the development of the economy and determine the future of the entire financial sector. Participation in the conference gave us a lot of food for thought.

We thank the conference organizers — Decta and Mastercard, and look forward to the upcoming events.


Indubitably, it is permissible to engage in cryptocurrency transactions within the borders of the Netherlands, and the threshold for entry into the market as a virtual asset service provider (VASP) is notably low. Nonetheless, it is imperative to remember that this jurisdiction is governed by particular legislative peculiarities that warrant careful consideration.

In the year 2020, the European Union (EU) implemented the 5th Anti-Money Laundering Directive (AMLD5), compelling the Netherlands to revise its Money Laundering and Terrorist Financing Prevention Act (also known as Wwft – Wet ter voorkoming van witwassen en financieren van terrorisme). Consequently, the previously ambiguous legal standing of the cryptocurrency industry has been clarified, and entities operating within this sector are now mandated to comply with several stipulated conditions to be authorised to offer services to customers in the Netherlands.

The following guide aims to assist you in navigating the intricate web of Dutch cryptocurrency regulations, ensuring compliance with applicable laws and regulations, and avoiding the imposition of potentially significant financial penalties.

Who is impacted?

The cryptocurrency regulations in the Netherlands and the associated compliance obligations apply to a broad range of entities and individuals. This includes natural persons and legal entities offering professional or commercial services for the exchange of virtual currency and fiat currency, those providing professional or commercial custodial wallet services, and any service providers involved in Initial Coin Offerings that may be classified as a security or unit in a collective investment scheme. In short, anyone who is involved in cryptocurrency-related activities within the Netherlands must be cognizant of the applicable regulations and take steps to ensure compliance with the relevant laws and regulations.

Following the provisions outlined in the Money Laundering and Terrorist Financing Prevention Act, the following cryptocurrency service providers are subject to regulation within the Netherlands:
The cryptocurrency regulations in the Netherlands

  • Any natural persons or legal entities that engage in the provision of professional or commercial services for the exchange of virtual currency and fiat currency;
  • Any natural persons or legal entities that provide professional or commercial custodial wallet services.

However, it should be noted that service providers offering crypto-to-crypto exchanges remain unregulated.

It is also important to note that Initial Coin Offerings (ICO) are not subject to financial supervision in the Netherlands unless they are classified as a security. ICOs are digital tokens that are issued via a blockchain.

Suppose the tokens offered within the ICO represent a share in a specific project or start-up or guarantee future returns. In that case, they may be considered a security or a unit in a collective investment scheme (such as an investment fund), as defined under the Wwft. In such instances, the ICO falls within the ambit of the Financial Supervision Act and is subject to regulation by the Financial Markets Authority.

Who is the primary authority?

De Nederlandsche Bank (DNB) is the primary regulator for cryptocurrency-related activities under the purview of the Anti-Money Laundering and Anti-Terrorist Financing Act (Wwft) is De Nederlandsche Bank (DNB), which is also known as the Dutch National Bank. In particular, DNB is responsible for supervising crypto-fiat exchanges and custodian wallet providers within the Netherlands.

However, as mentioned above, Initial Coin Offerings (ICOs) are only subject to financial supervision if they are deemed to be securities or units in an investment fund. In such cases, the Financial Markets Authority (Autoriteit Financiële Markten or AFM) is the regulatory body responsible for supervising and enforcing compliance with relevant laws and regulations.

What are the crypto regulations in Netherlands?

The Money Laundering and Terrorist Financing Prevention Act (Wwft) outlines the principal cryptocurrency regulations in the Netherlands. In 2020, the Wwft was updated to incorporate provisions from the 5th Anti-Money Laundering Directive (AMLD5), which requires crypto companies to comply with anti-money laundering and counter-terrorism financing standards.

While AMLD5 provides general guidelines for European states, each state can determine how the requirements should be implemented. Therefore, it is essential to note the following when operating in the Dutch cryptocurrency market:

 1. Mandatory Registration with the DNB (Dutch National Bank)

It is mandatory for any individual or entity providing professional or commercial services related to the exchange of virtual currencies and fiat currencies or custodian wallets within or from the Netherlands to register with the Dutch National Bank (DNB), as outlined in the Wwft. Failure to register with the DNB may result in penalties and fines.

  • Provision of services in the Netherlands from the European Economic Area

Various factors are considered when assessing whether an entity provides services in the Netherlands. These include, but are not limited to:

  1. The expressed intention to engage in commercial relations with consumers in the country.
  2. Payments made to search engine services for displaying advertisements targeted at the Dutch market.
  3. Displaying reviews from customers in the Netherlands on the entity’s website.

It is important to note that even if an entity is already registered in another European Union (EU) or European Economic Area (EEA) member state, it must still register with the DNB if it provides services to clients in the Netherlands.

  • Provision of services to Dutch clients from foreign countries

The Wwft strictly prohibits the provision of regulated services from a third country that is neither an EU member state nor an EEA country.

To be eligible for registration with the DNB, a company must establish its presence in the Netherlands or any European Union/European Economic Area member state. However, the Minister of Finance may consider making exceptions for residents, established businesses, or offices in certain third countries. It is important to note that the list of such countries has not yet been announced.

  • Provision of services from the Netherlands to foreign customers

Crypto companies must meet specific requirements to demonstrate compliance with the Wwft and the Sw when applying for registration with the DNB. These requirements include implementing effective customer due diligence (CDD) procedures, appointing a compliance officer, and reporting unusual transactions to the Financial Intelligence Unit (FIU).

Crypto companies must also have adequate risk management systems in place and conduct regular internal audits to assess the effectiveness of their compliance measures. In addition, they must ensure that their employees are trained to identify and report suspicious transactions.

To comply with the Sw, crypto companies must screen their clients and their transactions against national and international sanctions lists. They must also report suspicious transactions to the FIU, including those related to sanctioned countries or individuals.

Meeting these requirements is critical for successful registration with the DNB and ongoing compliance with Dutch crypto regulations.

2. Compliance with Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT)

Crypto providers must have a risk-based approach when conducting customer due diligence, which means that they must assess and manage the risk associated with each customer on a case-by-case basis. This includes assessing the customer’s source of funds, transaction patterns, and potential involvement in illegal activities.

Furthermore, crypto providers must also establish procedures for the ongoing monitoring of customer transactions and the detection of suspicious activities. This includes regularly reviewing customer information and transactions to identify any unusual activity.

Failure to comply with these requirements can result in significant fines, penalties, and reputational damage. It is therefore essential for crypto providers operating in the Netherlands to have robust AML/CFT compliance measures in place.

  • What’s the difference between Licensing and Registration?

It should be noted that while both registration and licensing enable business activity in sectors that require state supervision, the two have essential differences. Expressly, a license is granted for a specific period, such as one, five, or ten years, and entails periodic supervision for matters such as license renewal or violations. In contrast, registration involves ongoing state supervision of a company’s activities following registration and does not have a fixed expiration date.

  • What is the FATF’s Travel Rule?

As a member of the esteemed global financial watchdog known as the Financial Action Task Force (FATF), The Netherlands dutifully adheres to the rigorous standards established by this regulatory body, including those specifically designed for Virtual Asset Service Providers (VASPs).

The cryptocurrency regulations in the NetherlandsThe guidelines outlined in Recommendation 16, commonly called the Travel Rule, compel VASPs, such as cryptocurrencies, exchanges, banks, hosted wallets, and other financial institutions, to divulge select identifying information regarding the parties involved in cryptocurrency transactions valued at over USD/EUR 1000. Notably, while the Crypto Travel Rule has yet to be formally imposed within the Netherlands, this may change in the future as global regulations in this area continue to evolve.

  • How much would be the Registration Fees with the DNB?

First and foremost, a registration fee encompassing fit and proper assessments is mandatory for all interested parties and totals EUR 5,000.

Additionally, the calculation of the regular supervision fee imposed by the Dutch Central Bank (DNB) is determined annually following the Financial Supervision Funding Decree.

The fee amount is based on various factors, including the nature and scope of the services provided by the institution, its size and complexity, and the level of risk posed by its activities. The DNB utilises a risk-based approach to determine the appropriate level of supervision required for each institution and adjusts the fee accordingly.

Furthermore, the DNB takes into account any costs incurred in the course of supervision, such as on-site inspections and reviews, when calculating the amount of the fee. The exact sum of the regular supervision fee is specified in the Regulation on the Funding of Financial Supervision.

  • What are the Deadlines for registration?

To ensure the timely and efficient processing of all submitted requests, the Dutch Central Bank (DNB) has established a strict two-month deadline for service providers to receive a response. However, it is essential to note that this deadline may be extended if necessary documents are missing from the request. Furthermore, as a prerequisite for registration, all policymakers and co-policymakers must undergo a rigorous assessment to determine their fitness and propriety, a requirement that must be met even if it results in the deadline being suspended.

According to Section 4:15 of the General Administrative Law Act (Algemene wet bestuursrecht—Awb), if any pertinent information is missing, the DNB may suspend the period in which it is required to render a decision on the request until the request is supplemented or until the deadline for supplementation has expired unused.

During the processing period, cryptocurrency operators are strictly prohibited from offering any services to customers. It is important to note that insufficient documentation may result in the DNB refusing registration altogether.

  • What are the Sanctions?

The potential sanctions for non-compliance with the Dutch Anti-Money Laundering and Counter-Terrorist Financing Act (Wet ter voorkoming van witwassen en financiering van terrorisme—Wwft) include a range of penalties, depending on the nature and severity of the violation.

The Dutch Central Bank (DNB) is authorised to impose fines that may extend to millions of euros. Other possible penalties may include temporary or permanent suspension of business operations, revocation of operating licenses, and criminal prosecution. The specific sanction or combination of sanctions applied will depend on the circumstances of each case, as determined by the relevant authorities.

Additionally, under relevant national law, other penalties may also be imposed at the discretion of the relevant authorities.


  • The Dutch cryptocurrency sector saw a significant change in 2020 when the European Directive was implemented into Dutch legislation.
  • Since then, local cryptocurrency regulations have remained unchanged.
  • Registered providers of cryptocurrency-to-fiat exchanges and custodian wallet services are allowed to conduct business in the Netherlands. However, other types of crypto companies, such as those offering crypto-to-crypto exchange services, remain unregulated.
  • ICOs generally do not fall under financial supervision unless they are classified as securities.
  • The FATF Travel Rule is not mandatory in the Netherlands, despite the country being a member of the FATF.

Explore the world of Money Service Businesses (MSBs), also known as Money or Value Transfer Services (MVTS), and how these companies can mitigate the risks of money laundering, fraud, and substantial penalties from regulatory agencies.

Money Service Businesses (MSBs) offer a speedy and anonymous way to transfer and exchange small amounts of cash. Despite their convenience, MSBs are also susceptible to money laundering (ML) and heightened scrutiny from regulatory bodies. A notable example of this vulnerability occurred when Western Union, the largest MSB globally, was fined $586 million and confessed to neglecting to detect criminal use of its services for ML and fraud.

This article provides valuable insights into how MSBs can protect themselves from fraud and costly penalties across various countries.

What is a money service business?

A money service business (MSB) is a non-bank financial institution that transfers, converts, or exchanges currency. Depending on the jurisdiction, such businesses may also be known as money transfer businesses, money transfer dealers, or remittance service providers.

MSBs typically facilitate funds transfer between individuals and/or businesses and are subject to various regulatory requirements, including compliance with anti-money laundering (AML) regulations.

Money Service Businesses (MSBs) can be either companies or individuals offering a range of financial services, including but not limited to money transfers, currency exchange, remittance services, cashing of cheques, money orders, or stored value cards, and payment services like tax or utility payments.

MSBs may also provide Alternate Financial Services (AFS), such as payday lending and overdrafts, or more sophisticated financing options like microloans, crowdfunding, car loans, or online marketplaces.

Additionally, New Payment Method (NPM) or peer-to-peer (P2P) lending platforms may also fall under the MSB category. MSBs are subject to various regulatory requirements, depending on the jurisdiction, and must adhere to anti-money laundering (AML) regulations to combat the risk of financial crimes.

MSBs and anti-money laundering (AML)

Money Service Businesses (MSBs) are considered particularly vulnerable to the risks of money laundering due to various factors.

  • Firstly, they often deal in cash and various types of money transfers, which can be challenging to trace and regulate.
  • Secondly, they may involve third parties and intermediaries, increasing the potential for illicit activities.
  • Thirdly, the increasing use of digital platforms has opened up new avenues for money laundering.
  • Additionally, customer anonymity and using undisclosed sources of funds further exacerbate the risks associated with MSBs.

To combat these risks, MSBs must comply with various regulatory frameworks and adhere to anti-money laundering (AML) regulations to ensure they are not exploited for criminal purposes.

Money Service Businesses (MSBs) can be exploited by criminals seeking to move illicit cash into the financial system. These individuals may attempt to achieve this by transferring funds to overseas locations, or by converting illegal cash into high denomination notes, such as the €200 or €500 note. Alternatively, they may convert cheques derived from illicit activity into cash or business and salary cheques into cash for tax evasion purposes. MSBs are therefore at risk of being used as a conduit for illicit financial activities, which could have serious consequences for the financial system and the broader economy.

As such, MSBs must comply with relevant regulations and implement robust anti-money laundering (AML) measures to prevent criminals from abusing their services.

Money Service Businesses (MSBs) are subject to close regulatory scrutiny due to the potential for their services to be used for illicit purposes. In 2016, the Financial Action Task Force (FATF) drew global attention to the risks associated with MSBs, prompting most jurisdictions to require these firms to adopt a risk-based approach to Know Your Customer (KYC) and transaction monitoring procedures. Implementing these measures is essential to ensure that MSBs are not exploited by criminals to move illicit funds across borders, which could have far-reaching consequences for the financial system’s stability. As such, MSBs must remain vigilant and committed to complying with regulatory requirements to mitigate the risks associated with their operations.

How to regulate MSBs based on various countries’ regulations


In the United States, Money Service Businesses (MSBs) are subject to the regulatory oversight of the Financial Crimes Enforcement Network (FinCEN) under the Bank Secrecy Act (BSA). As such, MSBs must register with FinCEN and comply with a range of regulatory requirements, including developing and implementing an Anti-Money Laundering (AML) program and reporting currency transactions over a certain threshold, and filing Suspicious Activity Reports (SARs) where necessary.

Specifically, the MSBs’ owner or controlling person must complete and sign FinCEN Form 107, “Registration of Money Services Businesses,” within 180 days of establishment and renew their registration every two years. Failure to comply with MSB registration requirements may result in significant civil penalties of up to $5,000 for each violation and for each day a registration violation continues, according to 31 U.S.C. 5330 and 31 C.F.R. § 103.41(e).


In the United Kingdom, MSBs are subject to the Money Laundering Regulations and must register with the country’s tax authority, Her Majesty’s Revenue and Customs (HMRC). MSBs must conduct risk assessments, establish an effective anti-money laundering program, and appoint a designated officer to oversee compliance with regulations.

Discovering the Risks of Money Laundering for Money Service BusinessesThe HMRC also requires MSBs to perform due diligence on their customers and monitor their transactions for suspicious activities.

Non-compliance with these regulations may result in substantial financial penalties. For instance, in 2021, the HMRC imposed a fine of $32.4 million on MT Global, a UK-based MSB, for failing to comply with anti-money laundering regulations.


MSBs in Canada are subject to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), which requires a compliance program to detect and prevent money laundering and terrorist financing activities. MSBs must register with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) and report certain transactions, suspicious activities, and terrorist property. Companies can check if they must register with FINTRAC on its website.

Non-compliance with the PCMLTFA may result in significant penalties, including fines of up to 2 million CAD ($1.5 million) and/or up to five years imprisonment.

Hong Kong

In Hong Kong, individuals or businesses intending to operate money services must apply for a license from the Customs and Excise Department under the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (Cap. 615) (AMLO). The licensing process involves a fit-and-proper test, and the applicant must demonstrate that they have appropriate systems and controls in place to manage ML/TF risks. Failure to obtain a license may result in fines of up to HKD 100,000 ($12,820) and imprisonment for up to six months. Additionally, operators who do not comply with the AMLO may face fines of up to HKD 5 million ($641,000) and imprisonment for up to seven years.


MSBs in Singapore are subject to the oversight of the Monetary Authority of Singapore (MAS). This regulatory authority covers a wide range of payment services, including account issuance services, domestic and cross-border money transfer services, merchant acquisition services, e-money issuance services, digital payment token services, and money-changing services. To operate a payment service in Singapore, businesses must apply for one of three licenses from the MAS: a money-changing license, a standard payment institution license, or a major payment institution license under Section 6 of the Singapore Payment Services Act 2019.

Each license carries specific requirements and obligations, and businesses must comply with strict anti-money laundering and countering the financing of terrorism regulations.


In Australia, businesses that accept instructions from clients to transfer money or property to a recipient are considered Remittance Service Providers (RSPs), or MSBs, and must register with the Australian Transaction Reports and Analysis Centre (AUSTRAC) in accordance with local AML regulations. Failure to comply may result in significant fines.

To comply with AML regulations, MSBs must establish and maintain a robust AML compliance program that includes risk assessment, employee training, and more. In addition, MSBs are required to conduct the KYC process as part of Customer Due Diligence, implement transaction monitoring, and adopt a risk-based approach.

For more guidance and advice, you may reach our team at с

The emirate has recently unveiled an ambitious framework that aims to address a wide range of assets and activities, all geared toward attracting companies that are searching for regulatory clarity. This comprehensive plan signals a strong commitment from the emirate’s leadership to create a favourable business environment that caters to the needs of global corporations. The focus on regulatory transparency and consistency will undoubtedly position the emirate as an attractive destination for firms looking to establish a solid regional presence.

The cryptocurrency industry in Dubai is abuzz with excitement following the recent unveiling of the jurisdiction’s regulatory framework for digital assets. This development provides a much-needed licensing regime for both digital asset issuers and service providers, which has been long-awaited by industry players in the region. The regulatory clarity offered by the new framework is expected to spur growth in the local crypto industry and attract more investors to the emirate. This move is a testament to Dubai’s commitment to fostering innovation and its readiness to embrace emerging technologies.

The release of Dubai’s crypto regulatory framework comes on the heels of a tumultuous year for cryptocurrency markets in 2022, prompting regulators worldwide to ramp up efforts to establish and enforce safeguards for the industry.

Amid the heightened regulatory scrutiny, many companies and investors have been left feeling uncertain about the future of cryptocurrencies.

However, Dubai’s proactive approach to introducing a clear regulatory framework for digital assets signals its commitment to ensuring a safe and stable environment for crypto-related activities. This move is expected to instil confidence among industry players and investors and position Dubai as a leading hub for cryptocurrency innovation and investment in the region.

Dubai's Crypto Business Appreciates New Licensing FrameworkDubai’s newly introduced regulatory framework for cryptocurrencies requires all entities looking to provide crypto-related services in the jurisdiction to obtain the necessary licenses and authorisations. The framework consists of four compulsory rulebooks for service providers, along with seven activity-based rulebooks that outline specific requirements depending on the type of service offered.

This innovative approach has garnered praise from industry experts, with Talal Tabbaa, the founder of regional crypto exchange CoinMENA, describing the framework as “elegantly designed”. The clear and comprehensive regulatory framework is expected to foster a secure and well-regulated environment for cryptocurrency-related activities in Dubai and encourage the growth of the local crypto industry.

Dubai, one of the seven emirates of the United Arab Emirates (UAE), has set its sights on becoming a leading global hub for cryptocurrency and blockchain-related activities. The emirate has been actively courting companies to establish a presence in the region long before introducing its regulatory framework for the sector. With the release of the new rules, Dubai has further solidified its commitment to promoting innovation and growth in the cryptocurrency industry. The emirate’s strategic location, coupled with its supportive regulatory environment, makes it an attractive destination for companies looking to tap into the region’s rapidly expanding crypto market. This move is expected to position Dubai as a key player in the global crypto ecosystem and reinforce its reputation as a business-friendly hub for emerging technologies.

Following the publication of Dubai’s new regulatory framework for cryptocurrencies, institutional crypto custody provider, Hex Trust, has become one of the first companies to receive an operational go-ahead from the emirate’s regulatory body, the Virtual Asset Regulatory Authority (VARA). The swift approval process is a testament to the effectiveness of Dubai’s new regulatory framework, which has been designed to foster innovation while ensuring that all activities related to digital assets are conducted safely and securely. The approval granted to Hex Trust highlights the emirate’s readiness to support businesses and embrace emerging technologies, cementing its reputation as a leading destination for companies looking to enter the rapidly growing crypto market in the region.

Mohamed Reda El Shiekh, head of compliance for Middle East and North Africa (MENA) at Hex Trust, expressed his satisfaction with introducing Dubai’s cryptocurrency licensing framework. “We were waiting for a licensing framework. We were waiting for somebody with interest to take the responsibility,” said El Shiekh, referring to the period before the establishment of the Virtual Asset Regulatory Authority (VARA) in 2022. With the introduction of the new regulatory framework, El Shiekh is optimistic about the future of the crypto industry in Dubai, citing the clarity and certainty that the regulations provide to companies looking to operate in the jurisdiction.

The regulatory framework is expected to attract more businesses to the emirate and cement its position as a global hub for emerging technologies.

While Dubai’s new regulatory framework for cryptocurrencies has been widely welcomed by industry participants, it remains a work in progress. The comprehensive nature of the rules means that there is scope for further development and refinement over time, as the authorities continue to monitor the evolving crypto landscape. However, the framework’s thoroughness could pose challenges for smaller companies looking to set up shop in the emirate, as compliance costs are likely to be a significant barrier to entry. Nonetheless, the regulatory clarity and certainty provided by the new rules are expected to attract more significant, more established players to the region, further strengthening Dubai’s position as a leading hub for cryptocurrency and blockchain-related activities. As the industry continues to mature and evolve, the regulatory framework will likely undergo further changes to ensure that it remains effective and relevant.

Although Talal Tabbaa, founder of regional crypto exchange CoinMENA, described Dubai’s licensing costs for crypto-related services as “peanuts” compared to other operating expenses like hiring workers or maintaining offices locally, he did acknowledge that some of the fees could be considered relatively expensive. While compliance costs are not typically the primary focus of crypto companies when considering market entry, they can still be a significant factor in the decision-making process.

Despite this, the regulatory clarity provided by Dubai’s new framework is expected to outweigh the costs, particularly for larger, more established players in the industry. As the emirate continues to establish itself as a leading hub for cryptocurrency and blockchain-related activities, regulatory fees and compliance costs will likely remain an important consideration for companies looking to operate in the jurisdiction.

Dubai's Crypto Business Appreciates New Licensing FrameworkDubai’s new regulatory framework for cryptocurrency and blockchain-related activities includes a detailed fee schedule for companies seeking to offer exchange services or other crypto-related services in the jurisdiction. According to the framework, companies that wish to offer exchange services must pay a non-refundable application fee of 100,000 UAE dirham (US$27,200) and an annual supervision fee of double that amount.

However, payment of the application fee does not guarantee approval, and companies that wish to offer additional services like custody, lending, or payments must apply for additional licenses (at a 50% discount on application fees) and cover additional supervision fees. While some industry participants have noted that the fees may be relatively high, particularly for smaller companies, the regulatory certainty and clarity provided by the framework are expected to outweigh the costs for many larger players in the industry.

As Dubai continues to establish itself as a leading hub for crypto-related activities, the fees and licensing requirements will likely continue to evolve and adapt to the needs of the rapidly evolving industry.

By comparison, Abu Dhabi charges a lower application fee and annual supervision fee than Dubai. According to the Abu Dhabi Global Market (ADGM), the emirate’s financial centre, companies seeking to offer crypto-related services in Abu Dhabi must pay a $20,000 application fee and a $15,000 annual supervision fee. However, these fees can increase if the companies want to offer other types of assets, the ADGM said in a report. While the fees charged by Abu Dhabi may seem more reasonable to some, it remains to be seen how this will affect the emirate’s competitiveness in attracting crypto firms compared to Dubai, which has already established itself as a major hub for crypto and blockchain activities.

According to the Abu Dhabi Global Market (ADGM), any crypto exchange operating a spot or derivative market concerning virtual assets, including cryptocurrencies such as bitcoin and ether, must apply for a Multilateral Trading Facility (MTF) license, except for tokenised securities. As per the regulations, companies seeking to open MTFs in Abu Dhabi must pay a $125,000 application fee and a $60,000 annual supervision fee.

While the fees charged by the ADGM are higher than those charged by Dubai, it’s worth noting that the regulatory requirements also differ, with the ADGM mandating MTF licenses for crypto exchanges.

In Singapore, crypto exchanges that do not deal with fiat currencies typically apply for a Major Payment Institution license, which includes digital payment token services and requires an annual fee of 10,000 Singapore dollars ($7,500). On the other hand, New York’s BitLicense, which permits crypto-related activities, carries a $5,000 application fee. However, several companies have reported incurring costs of approximately $100,000 for legal and compliance fees and time allocation. These costs may vary depending on the jurisdiction and regulatory requirements in place.

According to a crypto lawyer in the UAE, Irina Heaver, while the fees set by Dubai’s new framework may be reasonable for larger companies, they may not be sustainable for startups. However, Heaver agrees that Dubai needed to regulate the crypto industry as it had become a breeding ground for scammers. The hope is that these regulations will help weed out bad actors. In January, UAE Minister for Digital Economy Omar bin Sultan Al Olama faced questions regarding why Dubai attracts disgraced crypto founders like Terra’s Do Kwon. Al Olama responded that VARA’s regulations would not be a “light touch.”

Not talking about the fees

Although the licensing fees in Dubai may be steep, the MENA region is a highly lucrative market that is worth the investment, according to Talal Tabbaa, the founder of regional crypto exchange CoinMENA. He emphasises that compliance costs are not typically a significant factor for crypto companies when evaluating market entry and that the fees in Dubai are manageable in the grand scheme of things. Furthermore, Mohammed AlKaff AlHashmi, co-founder of Dubai-based Islamic Coin, asserts that the high compliance costs will not pose a problem for “good projects” and may even help filter out “unwanted projects.” By instituting stringent regulations, Dubai is positioning itself as a serious player in the global crypto and blockchain landscape, with the potential to become a leading hub in the industry.

According to Irina Heaver, a crypto lawyer based in the UAE, the issue with Dubai’s regulations is not about the fees, as companies can raise the capital needed to cover the costs. Instead, she believes that the regulations may be too prescriptive, making it difficult for the Virtual Asset Regulatory Authority (VARA) to supervise compliance effectively. Heaver noted that while she supports the sentiment behind the regulations, they could be too restrictive in practice. The comprehensive nature of the regulations could create additional challenges for VARA, particularly when enforcing compliance requirements, she added.

Irina Heaver, a crypto lawyer based in the UAE, has raised concerns about Dubai’s regulations being too prescriptive and possibly hindering enforcement. She suggests that the requirement to obtain licenses for specific crypto activities may make it challenging for VARA’s supervisory personnel to ensure compliance with their regulations. In contrast, Heaver praises Switzerland’s principles-based regulations, which issue broad guidelines on how existing regulations apply to certain activities. Unlike Dubai, Switzerland does not have specific or separate rulebooks for crypto. Instead, its financial regulator issued guidelines in 2017 and 2018 on how banking, securities, and anti-money laundering rules apply to initial coin offerings (ICO), a popular crypto fundraising method.

Dubai's Crypto Business Appreciates New Licensing FrameworkKristi Swartz, a partner at the law firm DLA Piper, which was the exclusive global legal advisor for VARA in creating the regulatory package, believes that while Dubai’s framework can be viewed as rules-based, it is not overly prescriptive.

Swartz stated that VARA’s regulatory package follows international best practices for cryptocurrency regulation, with clear and specific requirements for different types of crypto activities. The framework aims to promote a secure and transparent environment for digital assets while enabling innovation and growth in the crypto industry.

According to Kristi Swartz, a partner at the law firm DLA Piper, which was VARA’s exclusive global legal advisor in developing the regulatory framework, Dubai’s approach can be viewed as “slightly” rules-based, but it is not prescriptive. Swartz explained that flexibility is necessary for the fast-paced and rapidly evolving crypto industry. She also noted that DLA Piper had been monitoring Dubai’s regulation of the sector even before officially partnering with VARA and that the firm had worked on the regulatory package for nine months.

Alex Chehade, the general manager at Binance Dubai, acknowledges the different regulatory approaches taken by various jurisdictions and regulatory bodies towards digital assets. He emphasises that the regulations offered by VARA provide clarity and increased security for industry players, users, and investors in the Emirate. While Binance received a Minimal Viable Product (MVP) license from VARA in September 2022, Chehade says that the exchange is only partway through the four-stage approval process. The MVP license allows Binance to offer products and services only to qualified and/or institutional investors, with retail consumers strictly prohibited until VARA decides to approve a full operation license for companies eventually. Presently, no entity holds a full license from VARA.

Stable Crypto Coins and Blockchain – enabled assets

While Dubai’s new crypto regulation framework is comprehensive, some critics argue that it could benefit from more specificity. In particular, Irina Heaver, a UAE-based crypto lawyer, noted that the regulations do not specifically address payments-focused cryptocurrencies, such as stablecoins, which are pegged to the value of other assets. This contrasts with jurisdictions like the UK and the European Union, which have focused more heavily on stablecoin regulation. For instance, the EU recently introduced its cross-jurisdictional crypto regulation framework known as MiCA, which includes specific provisions for stablecoins.

VARA’s regulations seem to address stablecoins to some extent, specifically in the rulebook for companies. In this rulebook, VARA outlines the liquid asset reserve requirements for firms, including virtual assets that are linked to the value of sovereign currencies. However, this is not explicitly addressed in the rulebook for token issuance.

According to Kristi Swartz, a partner at the law firm DLA Piper, the focus of VARA’s rulebook for issuance is primarily on tokenised assets, including non-fungible tokens (NFTs). However, the company rulebook addresses stablecoins to a certain extent, outlining liquid asset reserve requirements for firms that include virtual assets linked to the value of sovereign currencies. This reserve requirement aligns with those of other jurisdictions, such as Hong Kong and Israel, which are planning stablecoin regulations. According to Winson Lau, fintech and digital asset lawyer at DLA Piper, who worked on the regulatory regime with Swartz, VARA receives daily inquiries on token issuance.

The rulebook for issuance covers tokenised assets and guides industry participants on registering and obtaining regulatory approval for their projects. Winson Lau, fintech and digital asset lawyer at DLA Piper, who worked on the regulatory regime with Kristi Swartz, said that VARA receives daily inquiries on token issuance, ranging from plain-vanilla NFTs to complex projects such as tokenisation of real estate or financial instruments. According to Lau, the issuance rulebook focuses on what should be included in the white paper that needs to be registered with VARA and publicly disclosed.

Do coins have privacy?

The ban on anonymity-enhanced cryptocurrencies has sparked controversy, with some experts questioning its impact on privacy. Kristin Smith, executive director of the Blockchain Association, a trade group representing blockchain and cryptocurrency companies, said, “It’s concerning when any government seeks to limit the ability of people to use privacy-enhancing technology, which is why we have been opposed to similar efforts in the United States and Europe.” She added that anonymity-enhanced cryptocurrencies could be used for legitimate purposes, such as protecting financial privacy, and that policymakers should instead focus on targeting illicit uses of the technology.

What is Risk Management?

The risk management process involves identifying, evaluating, and controlling risks to a company’s resources and profits. These dangers can be caused by many things, such as monetary risk, legal obligations, technological problems, strategic management blunders, accidents, and natural calamities.

A practical risk management approach aids a business in taking into account all potential hazards. Risk management also examines the link involving threats and the potential adverse cascade effects on an organisation’s planned objectives.

Because it concentrates on predicting and comprehending risk across a business, this all-encompassing approach to risk management is occasionally called enterprise risk management. Enterprise risk management (ERM), in addition to concentrating on internal and external threats, highlights the need to manage positive risk. Positive risks are chances that, if taken, might boost a company’s worth or, alternatively, hurt it. Every risk management program’s goal is, in fact, to protect and enhance corporate value by taking calculated risks rather than completely eradicating all risks.

What is the Importance of Risk Management?

How Federal Regulators Treat Crypto and BanksProbably never before has risk management been more crucial than it is right now. Because of the quickening speed of globalisation, the dangers that contemporary companies confront have gotten more complicated. The widespread usage of digital technology nowadays has led to the ongoing emergence of new threats. Environmental pollution or Climate Change has been labelled a “danger multiplier” by risk specialists.

Corporations and their governance bodies are reevaluating their risk management plans as the globe grapples with these crises. They are re-evaluating their exposure to risk and investigating the risk-taking process. The group that ought to be engaged in risk management is being re-evaluated.

The possibilities of a more proactive strategy to risk management are being considered by businesses that now employ a reactive strategy, protecting against prior hazards and altering processes when a new challenge causes harm. Supporting sustainability, resilience, and corporate agility is becoming increasingly popular. Businesses also investigate how advanced governance, risk, and compliance (GRC) systems and artificial intelligence technology may enhance risk management.

Risk Management in Banking Industry

Risk management is a vital and quickly changing aspect of a bank’s operations. Risk management basically is calculating the likelihood that an adverse event will result from a specific course of action. It is also crucial in the world of business. A business can never expand or turn a profit if it doesn’t take risks.

Although they can change, the risks that banks typically manage are:

  • credit risks;
  • market risks;
  • operational risks, including reporting risks and risks associated with data governance;
  • liquidation risks;
  • risks associated with technology and information, including; and
  • strategic risks.

However, banks are subject to risks coming from external circumstances over which they have no direct influence, including such global warming risks.

Why do banks control risk?

Banks manage risks for a variety of reasons, including:

  • avoid loss;
  • guarantee survival;
  • keep their reputation intact;
  • preserve the interests of stakeholders;
  • abide by the rules and regulations; and
  • safeguard the bank’s credit standing.

Nonetheless, seeing as banks and the financial system are so crucial to both the domestic and global economies, inadequate risk management has far-reaching effects. This was made clear during the financial crisis of 2007–2008, when authorities had to band together to rescue banks.

Because a bank’s operation revolves around the generation of money, it may limit or even halt lending if it runs into problems, even on a relatively small scale. This impacts how readily available money is to businesses and inhibits economic growth.

For this reason, both domestically and globally, financial organisations and banks are controlled.

Risk Management in Cryptocurrency Industry

Typically, cryptocurrency enthusiasts are impatient to start trading and generating money and neglect to think about the size of their portfolios or how to handle their money. New traders frequently risk in search of a big win while paying little attention to strategies that promote sustainability. If you recognise yourself in that description, it is worth looking at specific risk management techniques that, when properly implemented, can safeguard you and allow you to continue in the industry without emptying your savings.

There can be no question that bad things will happen to you when trading cryptocurrencies. Terrible experiences include trades that result in the opposite of what you wanted, odd price surges, errors, and numerous other undesirable occurrences. Each trader who deals in cryptocurrencies does so at some level of risk. Since they frequently leverage, cryptocurrency futures traders tend to assume more risks. Your trading balance is impacted, and you might lose all of your cash, if proper risk management procedures are not followed.

Risk management strategies record how you intend to control your threat when investing. They safeguard you against the negatives of your transactions and maintain you in command of your expenses. When the proper crypto trading techniques are already in place, the guidelines will keep you safe and assist you in getting the desired outcome.

8 Principles for Crypto Risk Management:

  1. Have a Good Trading Strategy
  2. Just make investments you can manage to lose.
  3. Measure how much you risk per trade
  4. Restrict Your Leverage Usage
  5. Regularly Determine Your Risk-to-Reward Ratio
  6. Employ stop-loss orders
  7. Protect Your Profit With Take Profit
  8. Possess reasonable expectations

Risk management is crucial for successful trading. Therefore, new and struggling traders should take it seriously. Despite how basic they may appear, failing to implement them might cause you to experience trading difficulties.

Banks are involved in risk management. Regulators appear to ignore this in their efforts to severely curtail the banking sector’s activities related to cryptocurrencies, acting instead on the presumption that “any risk is a bad risk.” It is true that the cryptocurrency market has gone through a very difficult period and that some banks have been hurt. Yet, according to two experts, authorities should ensure that banks take the proper risks.

They claim that the current approach may lead to an increase in risk over time.

The Comptroller’s Office, the Federal Reserve, and the Federal Deposit Insurance Corp. released a succinct public declaration in the first few days of 2023 outlining dangers to banks resulting from activity connected to crypto-assets.

How Federal Regulators Treat Crypto and BanksThe declaration reassures readers that financial institutions “are neither forbidden nor discouraged from providing banking services to consumers of any specified class or kind, as authorised by law or regulation,” as is customary these times for authorities.

Nevertheless, the regulatory authorities mention that they remain in the process of evaluating “whether and how” virtual currency operations can be carried out in accordance with “safety and soundness, consumer protection, legal permissibility, and compliance with applicable laws and regulations,” which is only further supported by more current behaviour by the Federal Reserve.

By dumping any links with companies that deal with cryptocurrencies, regulators require banks to “de-risk”, according to those who are keeping an eye on the changing attitudes and behaviours towards cryptocurrency.

In “Operation Chokepoint,” an intra-agency initiative orchestrated by the Justice Department with help from federal bank authorities, we have witnessed this scenario.

The objective is to stress financial institutions to break off relationships with accepted but unfavourable companies that are thought to increase the risk of fraud and money laundering. The advertising received harsh criticism and was ultimately condemned even by the authorities. Nonetheless, the overall result was to steer respected companies into less trustworthy and open firms that provided financial services.

Keeping Statutory Déjà Vu at Bay:

In the aftermath of the cryptocurrency disasters we saw in 2022, the temptation to circle the financial sector is reasonable, but it is ill-advised. In the near term, retaining innovative, complex technology beyond the governmental purview could feel more secure. Yet over time, then that will increase the danger.

Risk management has historically been an objective of the banking industry

The modern monetary companies that securely store and transmit money and other valuables primarily depend on banks and other regulated financial entities. The technology employed to do specific tasks has significantly advanced from previous times. This will carry on. Thus, reputable, controlled financial institutions must be able to respond to new risks of all kinds and keep supporting the economy.

It is nonetheless far too premature to predict if cryptocurrency will fulfil its aspirations or whether conventional cards and other payment systems or other platforms, will out-innovate cryptocurrency channels, reports from the “crypto winter” aside. Authorities and other federal authorities, however, must avoid prejudging the results. Furthermore, they shouldn’t limit banks’ ability to compete by limiting them to a select few crypto-related markets.

Any other options than Banks?

Banks are knowledgeable actors that have experience running banking systems and managing risks. Do we genuinely desire to exclude all crypto transactions from a sector that possesses the knowledge and responsibility necessary to learn how to perform these things correctly?

Authorities who prevent banking institutions from experimenting safely will limit their contributions, raising the possibility that the system will become divided and financial institutions will be unable to participate in what may turn out to be a crucial component of the current global financial architecture.

Ring-fencing banks from cryptocurrency are not only unneeded, but it is also foolish. Banks are in the business of taking risks, even if these risks might occasionally have very negative consequences. Think about the past as well as the present:

  • Financial institutions have been destroyed by mortgage loans and investments tied to mortgages.
  • Peer-to-peer transactions, real-time settlement, and digital payments all involve a considerable potential for theft, cons, and operational blunders.
  • Presently, there is a lot of uncertainty surrounding commercial real estate financing, a “go-to” for many banks as we assess the effects of the shift from offices to work-from-home and hybrid setups.
  • When credit card and buy-now, pay-later balances increase and customers are already pushed thin by inflation, consumer credit raises the risk curve.
  • Using machine learning effectively has enormous potential for enhancing risk management and customer service, but it takes considerable ability to do so.

Regulatory authorities are not really advocating for banking institutions to be isolated from those operations, though. They anticipate that they will be vigilant in controlling risks.

The True Threat: Crypto? Or Is That Simply the Standard Concentration Risk?

We must admit that the cryptocurrency failures of last year actually managed to have a negative effect on a limited number of institutions. Legislators are likely to consider those occurrences as supporting their strategy. In fact, authorities have already noted previous difficulties at certain banks with a focus on cryptocurrencies as proof that such operations present risks that may be impossible to handle wisely.

How Federal Regulators Treat Crypto and BanksWithout discussing the details, we believe that these instances have less to do with cryptocurrencies as technology and more to do with managing traditional banking risks (such as concentrations and liquidity problems).

Risk Was Not Invented by Crypto:

Unsafe risk concentration has already been an ongoing challenge for the banking industry. It’s also essential to comprehend and continuously monitor structural threats. These problems are complex and not exclusive to cryptocurrencies.

Regulatory authorities should really not concentrate on mitigating risk while supervising cryptocurrency and banks’ engagement in it, as they ought not to in any of these other sectors. Making ensuring banks take suitable risks ought to constitute the goal.

“Appropriate risks” might mean many different things. We interpret this to suggest that individuals should not even incur dangers they do not fully grasp or cannot measure. They cannot handle those risks by necessity.

For the remaining risks, the emphasis should be on limiting excessive risk-taking compared with the strength of a particular institution or the soundness of the financial sector in its entirety.

Several Regulations Prevent Banks from Investing in Bitcoin

Authorities now appear to emphasise that any danger is a risky investment related to crypto-related operations. The most recent intergovernmental advisory is merely the most current in several authorities’ moves indicating banks should avoid cryptocurrency. They consist of:

  • Putting up barriers to stop banks from working on anything related to cryptocurrency without first receiving regulatory clearance or a supervisory nod;
  • Providing accounting guidelines that essentially prevent banks from providing cryptocurrency custodial rights;
  • Implementing international capital requirements that will also subject cryptocurrency-related operations to prohibitive capital costs and limit cryptocurrency commitments to 1% of Tier 1 capital;
  • Providing rigorous requirements for using facilities and master entities at the Federal Reserve Bank;
  • Prohibiting entry on proposed bank charters that include cryptocurrency-related business ambitions; and
  • Neglecting to keep their word after releasing a plan in late 2021 that they would provide more detailed guidelines throughout the duration of 2022 to set more explicit rules of the road for banks.

As 2023 approaches, authorities must be more explicit about the practices that banking institutions can participate in connected to cryptocurrencies and how they can manage the risks. Authorities “simply saying no” to everything related to cryptocurrencies won’t assist banks, the banking industry, or financial stability, as Federal Reserve Board Governor Michelle Bowman acknowledged in a speech. The business requires a balance between what is worthwhile and what doing it “well” actually looks like to accomplish this properly.

Cryptocurrency Taxes

Most cryptocurrencies are convertible digital currencies, as defined by the Internal Revenue Service (IRS). They can therefore be used in place of real money and serve as a trading instrument, a reserve of worth, an account denomination, and a valuation unit.

Additionally, it implies that any earnings or revenue derived from your cryptocurrencies are taxed. But, there is a lot to understand about how virtual currency is taxed because, depending on the circumstances, you might or might not owe taxes.

Knowing when you will be taxed is crucial when you possess or use cryptocurrencies so that you are not taken aback when the IRS arrives to collect your taxes.

Some points to ponder on this subject are the following:

  • Similar to selling a stock in a company, if you make money selling bitcoin, you must incur capital gains taxes on that earnings.
  • You must pay taxes on the distinction between what you paid for the cryptocurrency and its valuation at the moment you used it if you used it to spend on products or services.
  • You must declare bitcoin revenue if you acquire it in exchange for products or services.
  • The worth of your cryptocurrency at the moment it was generated counts as revenue if you mine cryptocurrencies.

In General, When Is Cryptocurrency Taxed?

You do not need to pay taxes to own a cryptocurrency; they are tax-free on their own. For taxation reasons, the IRS views cryptocurrency as ownership, which implies:

  • If you trade in or use bitcoin in a transaction, you must pay taxes. This is due to the fact that if its market price has changed, you will incur capital profits or losses.
  • Cryptocurrency payments made for business purposes are subject to taxation as business revenue.

All the above information is general, but let us take Texas as a specific case.

How Texas handles Crypto Taxes

The Texas legislature just needs to meet in odd-numbered years, so the political representatives really have to take immediate action before the potential to take the initiative is lost.

What is the Big Change in Texas’ Crypto IndustryA proposed bill before the Texas legislature calls for “a master plan for the expansion of the blockchain industry,” which could turn the state into the nation’s cryptocurrency capital by having to introduce tax-free purchasing with bitcoin, amongst many other proposed changes.

Notwithstanding the bill’s uninspired label, it has innovative and intriguing concepts for virtual currencies. The legislature might come up with something slightly more catchy the next time around than “Relating to the founding of a workgroup on blockchain concerns concerning this state.”

Putting aside the jargon of the government, Carla Reyes, an assistant professor of law at SMU Dedman School of Law, presided over the working group and produced some insightful ideas. The study, which offered innovative and exciting suggestions for digital assets, was delivered to the legislature in November.

Texas residents will reap the rewards of a state setting the pace in the blockchain and cryptocurrency industries if the suggestions are implemented during this legislative session. The elected officials must act fast to seize the initiative before it is lost because the Texas legislature only meets in odd-numbered years.

Texas Sales Tax Holiday

A two-year retail sales tax break would be granted for bitcoin purchases received at the point of sale. Everyone likes to save money when they purchase, so this would encourage both customers and retailers to look into digital currencies and set up the appropriate equipment.

Texas businesses that are planning strategically are advancing right now rather than waiting to potentially save money on sales taxes. Since August 2022, the NFL football franchise Houston Texans has accepted cryptocurrencies such as Bitcoin and others as payment for single-game box suites. The Texans are collaborating with a digital banking partner so that they may instantly convert cryptocurrency payments into dollars, but they are not immediately hanging this onto digital assets.

Perhaps businesses would be encouraged to keep onto the bitcoin and use it for their product specifications if Texas did implement the sales tax holiday. This could be the impetus cryptocurrency requires to take off and become a widely used payment method.

Bitcoin as a State Investment In Texas

The group of experts advocated allowing the state of Texas to make direct bitcoin investments to continue the concept of incorporating bitcoin with the state’s payment activities.

Innovatively allowing Texas to retain bitcoin on its balance sheet and using that bitcoin for payments would probably continue to encourage the growth of the state’s virtual currency infrastructures.

Government Mining of Bitcoin

In 2022, three sponsored Ant Miner S9 bitcoin mining rigs were given to the City of Fort Worth Information Technology Department, and the city launched a pilot program. The three machines were upgraded over the year by more potent and energy-efficient Ant Miner S19 units as the effort became significant enough. Carlo Capua, the city’s director of strategy and development, suggested that mining operations continue at the municipal level. Capua did point out that the program was a chance to learn more about the implications and prospects of mining rather than an opportunity for day trading or investing in bitcoin. Due to their endeavour, the working group may have learned more about the possible benefits of bitcoin mining and the energy industry.

Texas’ Tax Incentives for Bitcoin Mining

The suggestions have included a tax break on natural gas that has historically been flared and will be utilised to mine bitcoins as well as a tax break on the sale of energy to significant flexible demands like bitcoin miners.

This win-win proposed solution keeps changing the tax benefits from flaring gas to consuming gas when that gas may be utilised on-site and, therefore, will introduce employment and economic activity to country areas of Texas. The severance tax exemption claims to support an ecologically responsible transformation from flaring gas to using gas on-site in a generation system.

Electricity government subsidies are meant to be a component of the plan for building a robust and resilient system. The suggestion is for the miners to cooperate with ERCOT, which manages the electrical grid in Texas, using a manageable or easily countered load methodology.

Education system of Blockchain in Texas

The Texas Work Group additionally suggested creating a manpower programme that will also help students learn technical knowledge of connectivity, hardware, software, electronic systems, and heating and cooling requirements to equip them to contribute to the expanding bitcoin mining environment.

Texas State Technical College has adopted the workforce program, which plans to have its first genesis class in Q1 2023. The University of Texas A&M has also stepped up to offer a course called “The Bitcoin Protocol” in its 2023 spring semester, focusing more on programming than mining.

The State Of Texas’ Future

Texas is establishing a precedent in the market for digital assets and has no plans to back down. The state’s population will significantly benefit from the sector’s accelerated advancement due to its wide-ranging effects.

It is important to congratulate the tireless contributions of Senator Angela Paxton, Senator Tan Parker, and Congressman Giovanni Capriglione in passing House Bill 1576 and forming a Study Group to figure out how Texas can lead in this regard. As they attempt to get every one of the twenty-five proposals accepted during the current Texas legislature session, Texans and the rest of the world will be monitoring.

Maintaining the cutting edge of technology requires knowledge and abilities beyond the technology teams. It helps to have participants from different business lines participate in the development process, as well as those who left banks for fintech and wish to return. A good question to ask yourself: is your transformation journey hindered by an approach focused solely on technology?

How Citibank, BofA, and JP Morgan Chase Sets Examples in Digital TransformationToday’s banking sector demands agile development of innovative financial products as well as advances in concept and design. According to a Bank of America executive, the fact that “rapid agile” is giving way to “hyper agile” in the planning process at the megabanks, is a sign of the growing urgency.

The change can be seen in how these banks are increasingly taking the lead in the development process in novel ways, with lines of business playing a more critical role than in the past, to reduce the time it takes from identifying a market need to meeting it.

For instance, at Bank of America (BofA), innovation and development projects have been pushed way down to different business organisations, with employees from different functions joining the pool of potential developers.

At JP Morgan Chase, Roman Eisenberg, managing director and the company’s head of technology for digital banking, mentioned that “controlled autonomy” is the bank’s development mantra. With this strategy, lines of business can independently develop their own technologies and fast bring them to market.

Hari Gopalkrishnan, current managing director and head of retail, preferred, small business, and wealth technology at Bank of America believes that a “hyper agile” transformation approach will be the norm of banking in the near future. In this state, he mentioned that anybody in the company could initiate and work on an idea, be able to propose it, test a proof of concept, and integrate that into a business roadmap.

According to Nick Nadgauda, managing director and Global Head of Technology for Citibank’s Treasury and Trade Solutions, the evolving perspective on how and where technological progress should emerge corresponds to the nature of the banking industry itself. He claims that giant financial institutions are highly regulated powerhouses. Given this, they have a closer relationship with nonbank businesses thanks to embedded banking and other new technologies. Offering payment services for a ride-sharing or food delivery app may also involve managing the payment for the gig workers who deliver or drive.

Nick Nadgauda highlighted that this is the seeding point on where the banking industry’s growth was rooted in the past few years, pointing out that it heavily contributes to the pressure banks experience to match the development speed that fintech can provide.

Last December 2022, the three bank executives (Citibank, Bank of America, and JPMorgan Chase) participated in the Tearsheet’s end-of-the-year celebration called The Big Bank Theory Conference. This conference highlighted the exploration of the changing face of the financial institution by bringing the industry’s top decision and opinion-makers to one virtual space. This is where the leading banks, credit unions, challenger banks, and payment firms come to wrap up the past year and get inspired and educated toward the coming year.

How JPMorgan Chase Democraties Tech Development

During the Big Bank Theory Conference, Roman Eisenberg from JPMorgan Chase spoke extensively on its mobile and web applications, which are utilised by more than 60 million customers, and how there were 20 million to 35 million active sessions each day. According to Eisenberg, this includes an “ecosystem” comprising more than 100 items and services, all of which must be able to cooperate. He mentioned that the company’s objective is to provide its consumers with accessible, quick, secure, always-available experiences that fit in the palm of their hands from a complex and risk-averse ecosystem.

How Citibank, BofA, and JP Morgan Chase Sets Examples in Digital TransformationEisenberg highlighted that the company assesses its technological processes in how the consumers utilise them rather than how the company is organised. He mentioned that the ultimate guiding principle that JPMorgan Chase follows for technological advancement is to focus that business on its products.

Usually, the IT department has been a major roadblock for business units trying to launch a new product or thwart a competitor’s strategy. However, this trend dates back decades.

Eisenberg claims that his department’s digital technology unit is aware of the need to avoid becoming a “bottleneck,” as he puts it, that delays necessary reform.

He says that with “controlled autonomy”, the company’s technological mantra, office staff can initiate innovations independently. They do not have to wait for any actions from the digital technology team to do things and move into action. This is necessary due to the demand and pressure to innovate processes and change banking procedures.

“Controlled autonomy” refers to the ability of lines of business to create and deploy new functions and services tailored to their niche markets that integrate with Chase’s whole IT infrastructure. It is a mindset that enables the units to independently launch the most recent iterations of these technologies.

However, setting up technological requirements to be met is necessary to make that happen without producing disruption.

According to Eisenberg, the standards contain a testing approach to ensure the new procedures and services function properly. This expedites the release of software without sacrificing its quality or availability.

To understand the challenge, consider that Chase has 400 engineers for consumer banking products alone, many working independently, across 95 teams. Eisenberg highlighted that this is how the bank can update and add to its mobile capabilities every two weeks, enabling process continuity.

It takes much experimenting, frequently with live experiments, to make new ideas work. According to Eisenberg, these are constructed, employing practices like A/B tests, to give concepts a respectable live tryout. These studies allow the company to swiftly identify ineffective features and roll them back, he added.

Why Bank of America Developed the Erica Chatbot

According to Bank of America’s Hari Gopalkrishnan, the concept of “omnichannel” must be redefined. Today, it has come to mean that, depending on the consumer’s needs, a transaction initiated in one channel, such as online banking, can be easily resumed later whether online or in a branch. Gopalkrishnan believes this is out of date. Customers are no longer drawn to branches as frequently as they formerly were by online functionality friction. Processes can therefore be managed entirely digitally or in a hybrid way.

He mentioned that although consumers could view human interaction as the default option, there is no reason why it can’t be seamless. Because of this, “Erica”, Bank of America’s natural language chatbot, was made to enable the entry of a human agent into a transaction when necessary, but also to enable the return of the consumer to the chatbot dialogue following their intervention. This is comparable to having a live supervisor step in to answer a call centre employee’s query before leaving to let the employee continue speaking with the customer.

Gopalkrishnan claims that Erica is advancing beyond routine banking to help clients with more challenging activities, such as responding to inquiries about things like individual retirement accounts.

He highlighted that every BofA department now has a role in digital transformation. More broadly, seeking out innovation inputs across the company has become increasingly important in developing this capability and the other technological advancements he described.

In Gopalkrishnan’s own words: “We don’t have a set of people sitting in an office in Palo Alto who are the smart people who come up with all the ideas and then tell everybody else what to do.”

He added that BofA holds many patents on concepts rooted outside its technical departments. He claims that the bank conducts “sprint cycles” every quarter, involving up to 1,500 employees globally. In this program, each team has 48 hours to develop an idea and a vote session determines which of the more than 100 addressed have the greatest promise for viability and return on investment.

BofA understood that having technologists alone poses the risk of leaving out crucial components of the process under review, thus participation was expanded. Gopalkrishnan believes that commercialising an idea means including everybody else.

How Citibank Benefits from Fintech Crash

Many financial institutions, both large and small, have found that fintech alliances are essential to their efforts at innovation. Previously, innovation groups inside Citibank’s divisions were responsible for identifying collaboration possibilities and locating the best companies to engage with.

How Citibank, BofA, and JP Morgan Chase Sets Examples in Digital TransformationHowever, as highlighted by Nadgauda, Fintech collaborations lack many breadths, although they have worked to a certain extent.

As a result, Citibank ensures that these initiatives will involve employees from relevant business lines. This process allows the company to produce more innovative ideas and increase exposure to more new partners.

Producing cross-pollination is another concern that most Fintech companies face challenges. Nadgauda claims that many former workers of Citiank are starting to return to the company after being let off from the fintech employment they had previously departed for.

“They’re saying, ‘It looked good. I took a chance. It didn’t work out. Can I come back?’” says Nadgauda. He mentioned that this has been happening for many of their employees and that the company created a special program branding them “returners”.

Nadgauda believes that for many reasons, returning employees from fintech companies are beneficial to the company. “You get people who know the institution, but they now have a little bit of a different perspective and they can bring that perspective with them when they come back”, he added.

On November 11, 2022, FTX, formerly a $32 billion cryptocurrency exchange, filed for bankruptcy. Meanwhile, Sam Bankman-Fried, the company’s former CEO and founder were detained on December 12 in the Bahamas and extradited to the United States. There, he was charged with eight crimes, including wire fraud and conspiracy to defraud investors, for which he pleaded not guilty.

This collapse of FTX has wide-ranging effects on the whole cryptocurrency market as exchanges and cryptocurrencies with exposure to FTX or its native token, FTT, see declining pricing and other financial difficulties.

Up until now, market players have had trouble gauging the extent of its impact and how it will change the sector in the years to come.

What happened to FTX?

The downfall of FTX happened over several days span in November 2022. The turning point came on November 2, when crypto news website CoinDesk published a report that Bankman-Fried’s trading company, Alameda Research, had a $5 billion position in FTT, the FTX native token.

According to the report, Alameda’s investment foundation used FTT, a token created by its sister firm, rather than fiat money or cryptocurrency. That raised questions about Bankman-Fried’s enterprises’ unreported leverage and solvency throughout the cryptocurrency sector.

Below are the key points of the FTX Collapse Timeline:

November 2 to 8: Coindesk Reports and Sell-Offs

  • Sam Bankman-Fried launched the now-defunct FTX cryptocurrency exchange in 2019. He presided as CEO from January 1, 2019, to November 11, 2022. As of November 9, the exchange, which had its own token called FTT, was the fourth-largest cryptocurrency exchange by volume.

What Happened to FTX and How it Can Change the Crypto Industry

  • On November 2, Coindesk released a report regarding Alameda Research, a cryptocurrency trading company that Bankman-Fried also started, and its questionable balance sheet. According to the research, it has FTT is worth billions of dollars as its biggest asset.
  • Changpeng Zhao, popularly known as CZ, the CEO of rival exchange Binance, tweeted on November 6 that he intended to sell out Binance’s stockpile of FTT due to “recent revelations that have come to light”, alluding to the CoinDesk article from November 2 about FTX and Alameda’s muddled money. The collapse of TerraUSD and LUNA in 2022, which wrecked the cryptocurrency market and cost investors billions of dollars, was likened to FTX’s predicament by the speaker. However, such actions usually aren’t made public.
  • Zhao’s revelation caused a sharp drop in the value of FTT during the following day as concerns developed that FTX lacked the liquidity required to support transactions and remain afloat. Other coins, like BTC and ETH, also saw a dip in value as Bitcoin hit a two-year low. In a tweet on November 10, Bankman-Fried reported that $5 billion had been withdrawn from the platform on November 6.

November 8 to 11: Deals and Withdrawals

  • Zhao and Bankman-Fried negotiated an agreement for Binance to buy FTX’s international division. On November 8, the CEOs of the exchanges agreed to a non-binding letter of intent, basically pledging to save the faltering exchange and avert a further market catastrophe.
  • On November 8, FTX stopped all withdrawals from non-fiat customers. FTX’s liquidity problems were explained in a series of tweets by Bankman-Fried, who also promised greater transparency.
  • Binance pulled out of the deal. Zhao said on Twitter on November 9 that Binance has finished its “corporate due diligence” and will not be purchasing FTX. Zhao said in a tweet that his choice was influenced by news stories about “mishandled customer monies” and “possible U.S. government probes.” In a mysterious tweet that ended with the words “Well played; you won,” Bankman-Fried seemed to be alluding to Zhao’s impact on FTX’s decline.

November 11: Bankruptcy Filings and Hacked Reports

  • On November 11, FTX made the voluntary Chapter 11 bankruptcy filing for FTX, FTX.US, and Alameda. In contrast to Chapter 7 bankruptcy, which involves liquidating assets, Chapter 11 bankruptcy enables businesses to restructure their debt and carry on with operations.
  • FTX.US temporarily stopped accepting withdrawals on November 11 when FTX announced its bankruptcy, despite earlier assurances that FTX.US was unaffected by FTX’s liquidity issues. Later, withdrawals were reopened.
  • In an apparent hack, both FTX and FTX.US wallets were emptied on the evening of November 11. According to CoinDesk, more than $600 million was stolen from the wallets. On its help page on the messaging app Telegram, FTX announced the hack, writing, “FTX has been hacked. FTX apps are malware. Delete them. Chat is open. Don’t go on the FTX site as it might download Trojans.” Trojan horses are malware that poses as trustworthy programs.
  • According to a Twitter user, hackers were reportedly attempting to gain access to FTX-related bank accounts. The US. Plaid, a company that links consumer bank accounts with financial applications, blocked FTX’s access to its goods in response to “concerning public reports,” even though they didn’t see any evidence that its tools had been misused illegally.
  • The same evening, FTX general counsel Ryne Miller announced on Twitter that due to the “unauthorised transactions,” or the apparent breach, the business would swiftly move any remaining assets to cold storage

November 12 to Present: The Repercussions

  • The Financial Times released FTX’s balance sheet on November 10; it showed $9 billion in liabilities and $900 million in easily marketable assets. It contained a jumble of entries, one of which was a “secret, erroneously named ‘fiat@’ account” with a negative $8 billion balance.
  • FTX is currently the subject of a criminal investigation in the Bahamas, where the exchange is situated. According to CoinDesk, Bankman-Fried resided there with nine coworkers and romantic partners who assisted him in managing his businesses. Former FTX employees who were questioned by CoinDesk claimed that only this inner circle was aware of the complicated financial situations involving the companies.

What Happened to FTX and How it Can Change the Crypto Industry

  • In a court document submitted to the District of Delaware’s U.S. Bankruptcy Court on November 17, FTX’s new CEO, Ray, gave a pessimistic view of the company’s financial situation. According to him, FTX failed to maintain “proper books or records, or security controls, with respect to its digital assets.”
  • There is “credible evidence,” according to an emergency motion attached to the FTX bankruptcy filing on November 17, that Bahamian regulators gave Bankman-Fried instructions to access FTX monies “unauthorizedly” and transfer them to the Bahamian government. These transactions would have occurred around the same time as the hack, so it’s unknown if or when they occurred. These reports appear to be supported by a news release from the Bahamas Securities Commission.
  • Authorities in the Bahamas detained Bankman-Fried on December 12 in response to a request from the United States government for his extradition because of eight criminal offences, including wire fraud and a conspiracy to deceive investors. The House Financial Services Committee had scheduled a hearing with Bankman-Fried for the next day.
  • Instead of Bankman-Fried, FTX CEO John J. Ray III gave testimony to the House committee on December 13. He stated to MPs that FTX had no record-keeping.
  • Federal prosecutors stated that on December 19, former Alameda Research CEO Caroline Ellison and co-founder of FTX Gary Wang entered pleas of guilty to “charges arising from their participation in schemes to defraud FTX’s clients and investors, and related crimes.” In the FTX case, the two are assisting the government.
  • Bankman-Fried appeared in a New York court on January 3 and entered a not-guilty plea to all of the accusations levelled against him. Due to Bankman-determination Fried’s to dispute the accusations, a criminal trial may occur.

Five lessons the industry must learn from the FTX crisis

The collapse of FTX caused consumers and investors to lose billions of dollars. Still, it also had significant long-term effects, including declining public confidence in the cryptocurrency sector. Entrepreneurs and other people must then inquire how this occurred and what can be done to stop it from happening again. While continuing to explore the limits of Web3, we must commit to addressing dishonest or negligent operators.

Here are the five things that we think the blockchain industry must learn from this crisis:


We need a legal system that can both safeguard users and encourage innovation. The current system of enforcement-based regulation must change. To produce legislation similar to the 1996 Telecommunication Act, which established the circumstances for innovation to flourish responsibly, policymakers and business leaders must collaborate. Any new regulations must distinguish between the technology and the businesses that create the services built on top of it.

Consider the Internet as a model wherein neither network time nor HTTP is governed by anyone. However, we do try to oversee companies like Amazon, Internet service providers like Comcast, and platforms like PayPal that use those protocols.

Policymakers need to realise that excessive centralisation in crypto business intermediaries, which hide their decision-making and financial health from the public, is the real problem in the case of catastrophes like FTX, not decentralisation.

Inclusive Innovation

Let’s not lose sight of what makes blockchain technology revolutionary and concentrate our efforts on creating goods and services that capitalise on its advantages, such as the ability for anyone, anywhere to transfer stores, and manage their assets with one another. Let’s encourage the companies who are attempting to create a better Web and a more open and accessible financial system for everyone. Similar to how the Internet was the first digital informational medium, blockchains are the first digital medium for value.

A digital native asset class is required for payments, savings, and other financial instruments in our digital economy. Instead of complex trading platforms and obscure financial instruments, the next generation of entrepreneurs in this field should concentrate on developing straightforward, user-friendly Web3 applications that appeal to a wide audience and address more real-world issues. Create items that common folks can comprehend and will want and need.


We need to stop idolising the centralised company leaders who founded cryptocurrencies. The truth is that middleware like FTX does not necessarily need to rule the market. The fact that Web3 is open-source and decentralised, allowing anybody, anywhere, to own digital assets, manage them peer to peer, and participate in their governance, is ultimately what makes it so appealing. This was first made possible by Bitcoin, and it has since been greatly accelerated by Ethereum and DeFi applications.

To be truthful, FTX provided a fantastic user interface and experience, but it lacked enough control, improved risk management, and greater transparency. Businesses like FTX have provided crucial on-ramps to this asset class and the larger Web3 market, and they may continue to do so. An industry, however, must not be defined by its entry points. Currently, Binance is responsible for 50% of all volumes in crypto assets. Even while we may praise it today for having survived, everyone should be concerned about concentration like this.

Transition to Public Blockchains

Businesses that thrive to use Public blockchains for Web3 development need more support from the industry. Many large businesses are prepared to switch to Ethereum and other public infrastructure after years of experimenting with closed systems like permissioned blockchains and other closed systems. Although such platforms were unable to add value, they did allow those businesses to become familiar with the technology. Now let’s construct more onramps so they may utilise this public infrastructure for practical, commercial uses.

NFTs are a wonderful place to start because they can “red-pill” a large company on Web3 and pave the way for other developments.

More corporate innovation in this area will benefit Web3 users and developers, but investors will also gain from it. After all, if hundreds of businesses use this technology, they’ll probably need to own the underlying asset as well in order to maintain a node and pay for gas fees, and other costs.

Trust and User Experience

Although self-custody is a feature for certain individuals, we must acknowledge that it is a big barrier to Web3 adoption for others. This indicates that people still require dependable service providers in this area. Many users have a valid fear of holding their assets because the technology tools of Web3 are not intuitive to everyone.

What Happened to FTX and How it Can Change the Crypto IndustryRoneil Rumburg, the founder of Web3 music platform Audius, acknowledges that a self-sovereign crypto user nowadays is possible. However, the accessibility for doing so is still so significant that it’s out of reach for many mainstream users. However, he highlighted that the FTX issue should lead to more time and resources spent on improving the usability of fully self-sovereign, decentralised digital asset management processes.

Web3 developers are creating technologies that are more accessible, but people and businesses, in particular, will still require reliable agents and partners. Behind enforcing industry norms like proof-of-reserve requirements, reasonable laws, and social consensus and collaboration, we may encourage good actors. In other words, we should expose malicious activities when they emerge and stand by those who speak the truth to power.

The goal of Web3 was to eliminate “too big to fail” intermediaries. FTX is exactly what Satoshi Nakamoto, Bitcoin’s creator, was trying to avoid: a centralised organisation that utilised its power to take unreasonably high risks in an unregulated market. Retail ultimately paid the highest price. We need to leave this crisis with a revitalised commitment to regulating centrally controlled financial intermediaries, regardless of the technology they employ, and to create safe, straightforward, decentralised tools using open protocols.

What is FCA?

The Financial Conduct Authority (FCA), which oversees the financial services sector in the United Kingdom, ensures that the financial markets there operate smoothly. Ensuring honest and fair markets for people, corporations, and the economy as a whole is the organisation’s mission. This is accomplished by the Authority through consumer protection, financial market protection, and competition promotion. The United Kingdom Treasury and Parliament have jurisdiction over the FCA.

What does FCA do?

To achieve its strategic goal of protecting consumers and enhancing UK integrity, the Financial Conduct Authority (FCA) has set three operational goals. In the customers’ best interests, genuine competition amongst financial services providers should be encouraged. The FCA was founded on April 1st of 2013, and it took over the Financial Services Authority’s responsibilities for conduct and pertinent prudential regulation. The Financial Services and Markets Act of 2000 established the legislative goals of the FCA, which the Financial Services Act of 2012 altered.

The Act of 2012, which was implemented to guarantee that the financial industry manages and limits risks more effectively in the wake of the financial crisis, significantly altered how financial services businesses are regulated in the United Kingdom.

The FCA website states that the organisation controls the behaviour of 59,000 financial services companies and financial markets in the UK. For people, companies of all sizes, and the economy as a whole, honest and fair markets are the desired outcome. The Authority achieves this by fostering competition, defending the financial markets, and defending consumers. The British Parliament and Treasury are in charge of the FCA.

What can FCA do?

The FCA has broad authority to carry out its mission, including making rules and conducting investigations and enforcement actions. Since the FCA is an independent organisation without government backing, it must be able to increase fees. As a result, the FCA levies fees on approved businesses that engage in activities governed by the FCA and other organizations, such as recognised stock exchanges.

What you need to do to secure FCA  Approval?

At financial services companies, significant responsibilities include heads of compliance [SMF16] and money laundering reporting officers (MLROs) [SMF17]. Many businesses must have senior management function (SMF) holders who have received FCA approval; for example, see SMF16 and SMF17 in The FCA Handbook.

Anyone playing the part of the SMF16 and SMF17 will require the abilities and expertise from training and experience to succeed. Their expertise and skill levels must be commensurate with the firm’s size and risk of harm.

The FCA looks for these qualities to determine a person’s competency before your business submits an application to authorise them for one of these jobs.

Required pieces of training and Qualifications by FCA

The majority of successful candidates will have finished the necessary training before applying. When applicants submit their applications, the FCA is less likely to accept them (even if one intends to after they become authorised).

Essential training entails taking classes that:What are the Requirements for an FCA Authorization

  • applicable to the company’s line of employment for which the applicant is applying
  • recent and current, that is, knowledgeable of the regulations in effect today and what is expected of them
  • Where training occurred years ago, The FCA may inquire if the candidate has since added continuous professional development (CPD) courses to their training.
  • brief “introductory” courses, on their own, do not contain sufficient content or depth to be effective for a head of compliance or MLRO, including the smallest organisations. Detailed enough to provide the person with the expertise to do the function.

The FCA does not support or advocate any training programs or service providers, nor does it specify the format training should take, including traditional classroom instruction, web-based learning, or instructional textbooks and resources. The FCA has discovered that programs that include a test or evaluation are superior for proving that a student has learned pertinent information. If you inquire, we can adequately advise you or, for some courses, set up and conduct training sessions for you.

What can your experience contribute as an applicant?

The Financial Conduct Authority (FCA) is aware of several ways to demonstrate an applicant’s professional experience as an SMF16 and SMF17. Candidates that have previously been hired have a variety of experiences and backgrounds, including work with regulatory and legal departments, attorneys, accounting professionals, and consulting firms.

Although applicants are not required to have previously held the head of compliance or MLRO positions, it might be advantageous if you have held more junior compliance positions, such as regulatory manager or deputy MLRO. The FCA may not approve them. However, it can assist if you have had a position that has previously been approved that is comparable to this one.

Candidates who have only held front-line positions in the past and who have had less exposure and training typically lack the abilities and expertise necessary to hold a governance committee. It could be reasonable and appropriate for the owner or chief executive to do these duties in some small and medium businesses. To guarantee that their company complies with their firm’s pertinent regulations and laws, the FCA still expects those people to have the necessary training and expertise.

Assistance from outside sources, such as regulatory consulting professionals or attorneys

Firms occasionally work with outside counsel, such as attorneys or compliance experts, to help their compliance efforts. These consultants may assist with their application or maintaining their compliance function. Although not required, several businesses find that it facilitates their internal arrangements.

Nevertheless, the FCA will undoubtedly reject one’s application if this kind of outside assistance is the only source of compliance for the company. Any employee at your company who is in charge of a compliance or MLRO role has to be knowledgeable and experienced enough to make judgments about compliance that are pertinent to the corporation, know when to ask for guidance, and know how to put that advice into practice.

How does an applicant’s capacity affect FCA’s Approval process?

Anyone who handles regulation or MLRO duties must devote enough time to them. Those who plan to work on it a few hours a week usually aren’t accepted.

Many companies employ full-time employees to do these tasks. Smaller businesses may suggest that a person performs the function part-time, and the FCA has occasionally agreed; nevertheless, their dedication to the function must be reasonable and adequate.

The FCA will also want to understand potential conflicts of interest if the proposed head of compliance or MLRO has additional responsibilities inside or outside the company. For instance, because one of their duties will be supervising the client-facing business, successful applicants typically exhibit independence from this company area.

The FCA also takes into account the following:

  • Where the candidate will be working; ideally, they will do so from the company’s main office in the UK.
  • Whether the applicant is a top leader inside the organisation, such as a corporate director, since if they aren’t, the FCA may challenge if they possess the incentives or power required to be competent in these jobs, even if they have expertise and skills.
  • The FCA still might seek an interview even if a candidate feels they have the required education or experience.

Please get in touch with us at if you decide to proceed with your application for authorisation or registration.

Financial technology’s success differs significantly, but it has shifted from the periphery of European finance to its centre. The economic gains would be significant if all nations could compete with the best of the best in the area.

The mentioned industry has been severely impacted by the deteriorating macroeconomic situation in Europe and throughout the world, with valuations decreasing and access to capital becoming increasingly challenging. However, when examined over the long run, financial technology companies in Europe continue to grow in power and importance to consumers and the economy. At a minimum, one fintech company is among the top five banks in each of the seven main European nations in terms of gross domestic product (GDP).

Powerful financial institutions provide clients with additional options and flexibility.

In numerous European nations, the financial industry environment is already being modernised with huge kudos to the competition they offer to bank institutions. We concentrate on three crucial facets of Europe’s fintech industry in this piece and the comprehensive research that goes along with it: starting, funding, and scaling, or the ability of fintech to get started, how simple it is for them to obtain finance, and how effectively they can expand and succeed.

Research shows that fintech activity is expanding across all of Europe. However, we also uncover significant discrepancies between the top one-third and the bottom two-thirds of fintech ecosystems in terms of maturity and performance (Figure 1). The United Kingdom and Sweden, in particular, stood out for their outstanding financial technology ecosystem performance.


What are the Opportunities for FinTech in Europe

The advantages might be significant if financial services institutions across all of Europe were able to function at the same level as the finest in the area. Financial technology employment in Europe would increase by a factor of 2.7 to around 364,000, and financing will nearly double to almost EUR 150 billion from EUR 63 billion. Further, valuations would increase by approximately 2.3 to almost EUR 1 trillion — most likely twice the market price of the top ten European banks as of June 2022.

Fintech companies are indeed the driving force behind client happiness, innovation, and development in Europe’s financial services industry.

The financial technology industry in Europe has swiftly advanced from the periphery of the continent’s financial landscape to its centre. There is currently at least one fintech among the top five financial institutions in each of the seven major European nations by Gross Domestic Product (GDP) — France, Germany, Italy, the Netherlands, Spain, Switzerland, and the United Kingdom. Fintechs are defined as financial services organizations (except direct banks) primarily driven by digital technology, were founded after 2000, have received capital since 12 years ago, and have still not attained their full maturity.

The benefits that European fintech provides to clients, the country’s entire financial industry, the continent’s general economy, and civilization as a whole underpin this tremendous rise.

  1. How is it for the customers?

Fintechs are becoming increasingly popular since they provide value by providing improved service at reduced rates. For instance, using financial technology services to perform foreign transfers and stock transactions can result in costs that are only ten per cent (10%) of what traditional banking institutions charge. In seven major European nations, a new retail banking customer study indicated that thirty-two per cent (32%) of participants named cost as their top motivation for using fintech or virtual banks, which is the same number as those who mentioned accessibility (Figure 2).

Figure 2.

What are the Opportunities for FinTech in Europe

Fintech companies often provide clients with financial options they might not have had access to otherwise, such as asset classes like infrastructure funds, private equity funds, and venture capital investments that were previously solely allocated to institutions. Several digital banking companies, such as small and medium-sized businesses, concentrate on historically underserved clientele.

  1. How is it for the financial industry?

Fintechs act as a driver for development and innovative disruption. Fintech companies, with their speed and strength, are well suited to handle numerous emerging financial industry innovations, such as distributed ledger technology (DLT) and integrated finance. With an estimated two to six months marketing time compared to incumbent banks’ 12 to 18 months, they frequently provide new goods and services significantly more quickly. Fintechs are also persistent innovators and leaders in delivering a distinctive client experience and lean banking procedures. Nowadays, several top-tier banks in Europe depend on numerous fintech alliances in various sectors, including operational terms and payment transactions.

  1. How is it for the economy, as a whole?

Fintech firms are significant potential development drivers. Furthermore, in Europe, the industry ramped up its recruiting sector dramatically at a time when incumbent banks in Europe have been cutting their workforces, creating over 134,000 opportunities throughout the continent. Six (6) active start-up hotspots like Amsterdam, Berlin, London, Lisbon, Madrid, and Paris draw international talent. From a value generation standpoint, financial technologies in Europe are estimated to be worth over EUR 430 billion as of June 2022. That exceeds the market value of the seven publicly multinational banks in Europe as of June, 2022.

Financial technology behaviour differs greatly throughout Europe

An analysis reveals significant differences among the financial technology environments in Europe. For instance, Sweden and the United Kingdom (UK) consistently outplay their European counterparts in all important performance categories. A comparison of the success of the fintech ecosystems in the European Union – twenty-seven (27) nations, the United Kingdom, and Switzerland throughout the three growth stages of starting, fundraising, and scaling were conducted in order to analyse overall performance. They were assessed using the five Key Performance Indicators (KPIs). The formation rate using the number of fintech companies per million people in 2021 was calculated.

Two KPIs were used to measure financing: the number of agreements per million people in 2021 and financial technology funding per capita in euros in that year.

The size of the fintech workforce as a percentage of the entire workforce in 2021 and the number of fintech unicorns8 per capita were the final scaling factors the researchers looked at. It was understood that these KPIs do not represent a thorough examination of all elements that may affect performance as a whole. They nevertheless reveal the main advantages and disadvantages of fintech performance.

Figure 3 summarises the performance of the fintech industry using these measures. It indicates a second tier of nations with powerful financial technology industries across most of the dimensions we study, including Switzerland, Ireland, the Netherlands, and Denmark, in addition to clearly demonstrating leadership across all dimensions by the United Kingdom and Sweden. They comprise the top third of fintech performances in Europe and the top-ranked nations.

Figure 3.

What are the Opportunities for FinTech in EuropeEach stage — founding, fundraising, and scaling — shows performance discrepancies.

On completing the pipeline for fintech. There is a sizable discrepancy in the number of fintech companies per million people in a little more than fifty per cent of the European nations. In comparison, Ireland and Switzerland have thirty (30) fintech per million people, while the United Kingdom has 26 fintechs (Exhibit 4). The top five nations (those with GDPs under USD 100 billion) have twenty-five (25) fintechs per million citizens on average.

Figure 4.

What are the Opportunities for FinTech in EuropeOn financing innovation. The largest funding per capita is seen in the European nations that do the best (Figure 5). Per capita financing is significantly lower in underperforming nations like Greece, Poland, and Romania. Hungary, Italy, Poland, and Portugal remain largely underneath their counterparts substantially because the overall amount of money is still inadequate, despite the fact that some nations have been able to boost per capita investment by as much as a factor of six over the previous three years.

Figure 5.

What are the Opportunities for FinTech in Europe

Compared to markets like the Netherlands and France, the financial technology investment growth rate in certain nations – like Germany, Greece, and Ireland — has slowed or declined in recent years. Combining earlier-stage (seed and series A) and late-stage (series B+) per capita investment is dominated by the United Kingdom (Figure 6). With a combined volume of over EUR 1.3 billion for early-stage fundraising and EUR 8.3 billion for delayed financing in 2021, the United Kingdom dominated the European marketing population. This accomplishment compares favourably to other nations, particularly the United States, whose gross domestic product is only approximately four times that of the United Kingdom while being almost ten (10) times larger overall.

Figure 6.

What are the Opportunities for FinTech in EuropeOn Scaling Financial Technology. The incidence of fintech unicorns was examined as a measure to assess the capacity of European nations to develop their fintech ecosystems. With thirty-two (32) unicorns combined — four times more than France and the Netherlands, the next-highest number of unicorn-producing nations — the United Kingdom has the finest scaling record.

Europe versus America: A FinTech Comparison

Comparing Europe and the United States by employing the same three life cycle elements of creation, funding, and scaling is beneficial (Figure 7). With strong representation in the contribution of the United States fintech companies to the economy and workforce, the United States outperforms the European average in all three components and places in the top three across all KPIs.

Figure 7.

What are the Opportunities for FinTech in EuropeSeveral elements might justify why the United States is stronger than the average in Europe. As an illustration, the United States has a sizable domestic market but only one official language and generally unified financial regulations. Taking the venture capitalist (VC) community in general, particularly in the IT sector, improving financing processes from first seed investment up to IPOs, market maturity is also stronger than in several European nations. Accessibility to financing may also be made simpler since institutional investors and US pension funds can give venture capital in prohibited methods in several European countries.

However, our data shows that certain nations, such as the United Kingdom, do better than the United States at the financing stage.

Several variations in ecosystem success across Europe can be attributed to nation-specific market circumstances.

Examining the issues preventing the sector’s performance is necessary to reduce the disparity between leading European nations and those located in the lowest or middle third of the rankings. Here, we concentrate on six variables that might affect the ecosystem and for which changes in approach can have an influence both now and in the future.

  1. On the market’s structural and maturity aspects. These factors may be influenced by historical, cultural, and language dimensions. For instance, having a universally used language, a single currency, and unified regulations might be beneficial. How lengthy a financial technology or larger startup environment has been is one defining feature since markets evolve and adapt with time. The degree by which a newer generation of entrepreneurial founders is blossoming, who can draw on them as instructors, followers, consultants, or financiers, might be another determining factor.
  1. On capital’s accessibility. Financial technology financing in Europe has dramatically grown throughout the past five years, but not consistently. Only about 20% of the funds raised are used for early-stage funding. A third or more of the nations in Europe, most located in Eastern Europe, lacked delayed (series B) funding. Due to stricter laws than in the United States, significant European money pools like retirement funds and life insurance tend not to be fully utilised.
  1. On legal and regulatory environments. France and the Netherlands are two European nations that view their regulatory bodies as crucial development facilitators. However, there is still potential for advancement in the current regulatory frameworks that encourage the creation, expansion, and value of fintech companies. Fintech firms may find new business prospects due to European payment processing system directives for information sharing in the financial sectors. Fintechs will be able to access consumer data from all European financial players thanks to these rules, which will lead to the emergence of new approaches to business. This has occurred in the UK, a pioneer in using public information for finance.
  1. On acquisition and mobility. Not only for fintech companies, but Europe also has significant competency gaps that must be filled. In addition to a general lack of talent, several nations’ complex work permit procedures and visa regulations can also make it difficult to hire talent.
  1. On scaling and internationalisation requirements. Financial technology companies in Europe must be capable of expanding outside of their native markets in order to scale. Language barriers can exist even within one internal market like the European Union due to cultural, legal, and even monetary disparities.
  1. On customer transparency. The spread of fintech companies may be constrained by disparate degrees of virtual maturity, a shortage of internet connections, and other systemic issues in certain nations. Consumers might not fully comprehend concerns, such as those related to data security. Due to their greater degree of public trust than fintech firms, such problems work to the benefit of traditional financial institutions’ benefit. Administrative variations may also play a role in this. For instance, some nations have stricter rules governing consumer protection laws than others.

Finding the positive: the financial technology potential in Europe offers more employment, more finance, and greater values.

What benefits may European financial technology experience if the region’s poorer-performing nations catch up to the top three and if the upper third catches up to the United Kingdom? We have developed a framework for predicting what would emerge to financial technology employment, financing, and assessments if all of Europe’s nations reached the highest per capita levels.

The outcome of this theoretical activity is shown in Figure 8. The total number of employed people might expand by a factor of 2.7 to greater than 364,000, and the countries that are lagging behind the leaders — the “supporter” countries — could see a six-fold boost in employment. With an additional EUR 84 billion worth of investments, the amount of potential funding would increase by a ratio of nearly 2.3. The spending allocation for the upper third of European nations would increase four-fold if raised to the United Kingdom’s threshold, demonstrating the competitive intensity of the United Kingdom. Europe’s total values might increase by around 2.3 times, reaching EUR 981 billion.

Figure 8.

What are the Opportunities for FinTech in Europe

  • A concentrated effort across six major action categories might assist European nations in catching up to giants in the fintech industry.

To catch up with the leaders, middle and low-performing nations will need a clearly defined programming objective. We wrap up by looking at a few of the strategic alternatives that European fintech companies and their shareholders might consider as they expand and strengthen the industry.

  • Encourage the European Union’s economic models to align

In the European Union, progress is already toward the general simplicity and standardisation of scattered local legal rules, enabling financial technology to comprehend fundamental constitutional concepts and concentrate on local particulars. International cultural interaction may help financial companies better grasp important client demands outside of their native markets. Consumers may eventually catch up to an increasingly fully digitised way of life in the meantime.

  • Promote more varied, “homegrown” investment

Policymakers and localised prominent politicians have a significant influence in determining the limitations on investment banks’ accessibility to capital investment. For instance, compared to investing in loans, they could generate larger opportunities for private equity and venture capital securities. It could help to loosen limits on the accumulation of capital organisations’ capacity to invest. For instance, only around ten per cent (10%) of transactions by German insurance companies are presently made in investment options like venturing or independent capital. Still, this proportion is over thirty per cent (30%) in the United Kingdom.

  • Encourage rules and regulations with a creative outlook

The objective is to establish a legal structure that promotes the development and gives businesses the tools they need to succeed both locally and abroad, all while assuring consistency and safeguarding both capitalists and consumers. In this setting, an algorithmic collaboration intended at bolstering fintech ecosystems is particularly crucial. For fintech companies, this might particularly imply reducing the organisational complexity and costs related, adjusting regulatory standards as needed, and improving operational customer-friendliness.

  • Being a draw for international talent

Banks and other financial technology institutions may contribute by providing desirable positions with great growth potential. They can also make a commitment to developing a contemporary workplace culture that caters to a variety of requirements and experiences. For many potential workers, being able to work from home without having to physically visit an office might be a great perk. Politicians and authorities may also promote contemporary business practices in their nations and improve the tax system to attract top international talent.

  • Enabling the success of fintech companies in key markets

Whether all interested parties – from investors and established financial institutions to public players and government entities have their knowledge of foreign markets with the corresponding foreign laws and industry prerequisites in one centralised location, fintechs might be able to make more informed choices about their prospective customer segments.

  • Expand consumer options and accessibility

Fintech companies may be capable of avoiding some compliance issues early on if they place the same emphasis on product security and stability as they do on customer experience. For instance, before investing, they might be more open about investments and the associated risk to clients, going further above current data and customer protection regulations. A Europe-wide effort might be created by political actors and policymakers to make it simpler for fintech businesses to prove their legitimacy to clients.

Financial technology has significantly altered the financial environment in Europe and is now at the centre of it. Customers will profit from the expanded options, and monetary institutions will gain from the greater competition and modernisation. This is however only the beginning; even though just a few nations will already have established themselves as European leaders in the fintech sector, the area as a whole has significant development potential. The benefits for the economy and fintechs themselves might be enormous if nations were to improve to the standard of the area’s top performers. In the upcoming months and even years, it will become crucial for all parties involved — public organisations, well-established actors in the financial institutions, and financial technology pool their resources by creating the institutional framework.

Case Description

COREDO employees were contacted by a client who, for the sake of anonymity, will further be referred to as “Client A”. This client is an electronic money institution authorized to provide payment services, which at the time of applying to COREDO, had not yet started its activities and was interested in developing a complete AML system that would meet all the requirements of regulators and perform its main function — to protect the client’s company from the risk that its services will be used for illegal purposes.

Since Client A did not have any previously configured AML processes or policies, COREDO employees created a complete and effective AML system from scratch.

Risk assessment of the client’s activities and risks associated with the client’s users

The fundamental approach to countering the risks associated with ML/TF is the so-called “risk-based approach”. The main idea is that the competent authorities and financial institutions should identify and assess the ML/TF risks to which they are exposed and take measures appropriate to these risks. In other words, risks are prioritized. This approach helps to reasonably allocate available resources and avoid damage associated with the most likely risks to which the organisation is exposed.

Developing an AML system for Client A, we were guided by a risk-based approach, and therefore, firstly, we carried out a detailed risk assessment. It consisted of the following stages:AML system development from scratch

  1. Determining the scope and structure of the client’s activities.

At this stage, we have received from Client A a detailed description of his business, organisational structure and services that he provides.

  1. Assessment of potential risks inherent in the client’s activities.

We conducted an assessment of the client’s business based on the information received from him, as well as on the materials collected during our research. This assessment included the following:

  • identification of risk factors for the use of products and services of the Client A for ML/TF purposes,
  • identification of risk factors borne by users of Client A’s products and services,
  • determination of the risk appetite, that is, the acceptable level of risk that Client A is ready to take on to achieve his strategic goals.
  1. Determination of risk monitoring and prevention mechanisms.

This stage included identifying and planning the main measures for countering the identified risks and establishing effective protection mechanisms. Taking into account the previously stated wishes of Client A, we offered him the following:

  • To customize the onboarding process, including a methodology for conducting user identification, due diligence, and user risk assessment.
  • To develop a process for monitoring users and their activities during the provision of products and services by Client A.
  • To build a system of interaction between employees of Client A in accordance with the three Lines of Defense model, as well as develop a methodology for training and assessing the knowledge of these employees.
  • To set up methods of external and internal audits, as well as reporting for effective administration by the company’s management.
  • To develop internal AML procedures and policies for Client A to apply the previously listed methods effectively.
  1. Approval of the assigned strategy.

After clarifying all the nuances, the client got acquainted with the results of the risk assessment and approved the proposed strategy for developing the AML system.

Setting up the onboarding process

Onboarding is the process prior to establishing a business relationship with a customer or providing products or services that interest him. During the onboarding process, the organisation has two main tasks: to acquaint the client with the desired product and to “get to know” the client. In the context of the AML field, the primary goal is precisely the second task, that is, getting to know the client using the “Know Your Client” principle.

We set up the onboarding process so that Client A could clearly understand who the user of his product is and what he does, what risks this user may pose for Client A, how and for what purpose he will use the desired product, and where the funds to finance the transaction come.

Collaboration with Client A included the following steps:

  1. Establishment of the methods and tools for user identification.

Since Client A needed to receive detailed information about users, we developed a KYC questionnaire, which is one of the most effective methods for collecting structured data.

We recommend to our customers those identification methods allowed regarding of the AML law in the jurisdiction where their business is registered. In this case, the client was offered a choice of three identification methods: “face-to-face” identification, remote identification and identification using technologies. Client A has decided to use all three methods of identifying users, so we have defined a procedure for each method.

Next, it was necessary to determine which sources of information would be considered valid for confirming the identity of the users, so we compiled a list of requirements for the requested documents.

It is worth highlighting a very important stage of user identification — screening for sanctions restrictions or having the status of a politically exposed person (PEP). Although AML laws usually do not restrict organisations to any specific screening method, we recommend that our clients use special services that significantly speed up and automate the screening process. Therefore, in this case, we offered Client A several services to choose from.

  1. Development of customer due diligence measures.

Due diligence is a set of measures aimed at conducting a comprehensive check of clients for potential risks in terms of ML/TF.

The due diligence methodology for Client A was created in accordance with the risk-based approach, when the higher the potential risk of the user is, the more thorough the check will be and the more documents and information you need to receive. That is, we have developed measures for regular due diligence for low- and medium-risk ML/TF users and enhanced due diligence for high-risk users.

Also, Client A was offered the following due diligence tools:

  • A compliance officer must fill out a questionnaire that serves as
  • a checklist for information about a particular user. It helps to structure the data and conduct a general study of what Client A knows about the user, including a detailed analysis of his activities and sources of funding for these activities. It’s also a great way to archive information for later review.
  • A list of documents must be requested when confirming the available data about the user, as well as a list of other sources of information that can be considered valid for these purposes.
  • Ways to assess the reputation of the users by analyzing various independent sources of information, as well as specialized services for monitoring public information.
  • Web compliance checklist, which contains clear requirements for users’ Internet platforms and helps to assess the compliance of these platforms.
  1. Development of a user risk assessment system.

As mentioned earlier, the choice of due diligence measures is based on a risk-based approach. Therefore, we developed a risk assessment system for individual users .

We proposed to assess risks using a specialized questionnaire that automatically calculates the risk profile of the users depending on the number of points scored. This questionnaire takes into account such risk factors as, for example:

  • the location of the user or the geographical area in which his activities are conducted;
  • type of the activity and turnover of the user;
  • whether the user is a politically exposed person or a sanctioned person;
  • the complexity of the control and ownership structure if the user is a corporate body;
  • the complexity of the distribution channel, etc.

The higher the number of risk factors inherent in the user, the higher his score will be. Further, depending on this score, his risk profile is determined: low, medium and high, or the so-called “reject” — a risk profile upon receipt of which Client A does not a set business relationship with the user and does not provide him with any products or services.

Development of the monitoring methods

The monitoring process consists of two components: monitoring the information about the organisation’s customers, performed through continuous due diligence, and transaction monitoring.

We have provided Client A with outlines of certain scenarios that may arise during a business relationship and the types of checks that should be carried out if they occur. That is, to put it simply, Client A must apply the measures that have been developed if:

  • the user reports a change in the previously declared identification information;
  • the user declares a change in the previously stated activity;
  • the user reports changes in his control or ownership structure;
  • the user shows signs of suspicious behavior, etc.

We have also created a basic set of measures that Client A will use when conducting mandatory continuous customer due diligence following the requirements of the regulators, which must be carried out at regular intervals to update information about the users.

AML system development from scratchAs described above, the second component of continuous user monitoring is transaction monitoring, which includes manual or automated scanning of the transactions based on predefined parameters and scenarios, as well as taking into account certain triggers.

This monitoring aims to determine whether the user’s actual activity matches what is known about him and respond promptly if the client shows signs of suspicious activity.

At the request of Client A, we set up precisely the automated type of monitoring, as well as the corresponding trigger system. Since developing the own monitoring software requires a lot of investment, we suggested that the client uses the services of an existing service that was more accessible to him.

The benefit of this service is that the technical base for monitoring is already ready, but the help of our specialists was still needed in setting up scenarios and triggers that would correctly serve users’ activities, taking into account individual characteristics.

Distribution of the duties and training of the employees

To effectively counter ML/TF, all employees directly or indirectly responsible for compliance with established measures must clearly understand their roles and responsibilities.

We assigned the roles of the Client A employees in accordance with the “Three Lines Model”, or “Three Lines of Defence Model”, which helps organisations coordinate the risk management processes through a clear distribution of their roles and responsibilities. This approach not only improves work efficiency but also helps avoid conflicts of interest, which is one of the most common internal risk factors in AML.

An equally important element is a competent approach to employee training, so Client A was offered a system for training and evaluating new staff, considering their activities and structure. In accordance with local AML law, training must be carried out at least once a year. Therefore, we also offered the client the opportunity to take an annual course with the subsequent certification from COREDO.

Setting up a system of external and internal reporting

A necessary component of any AML system is setting up the organisation’s external and internal reporting. External reporting usually consists of filing a Suspicious Activity Report (SAR) — a notification of suspicious user activity, which is sent to the relevant government authorities.

To fulfill this obligation correctly, organisations need to set up an effective transaction monitoring system and develop adequate procedures that will detail the SAR filing process and, most importantly, signs of suspicious user activity. Therefore, we have incorporated the required information into Client A’s AML policy and included a methodology for identifying suspicious activity and filing SARs in the employee training program. The training included, among other things, the analysis of individual cases from the practice of COREDO employees.

Internal reporting implies the submission of reports on the results of operational activities in the AML area to the organisation’s management. The goal is to inform top management about the current situation to introduce further improvements and, if necessary, eliminate existing shortcomings.

Since there are a several requirements for such reports, the client was offered a template for compiling such reports, and rules that regulate the detail and regularity of reporting were introduced into the AML policy of the company.

Setup of the control system

The basic tools for monitoring the operation of the AML system are external and internal audits that support the organisation’s third line of defence. Internal audit is often carried out by the top management of the organisation (if there is no separate position of an auditor in the company), and external — by an independent auditor. An external audit is necessary to avoid the previously mentioned conflict of interest.

We have created a methodology for conducting internal audits and a template for documenting the results of audits for the client’s management. Also, the client was offered assistance in passing future external audits, including support in passing the check with the regulator.

Development of AML policies and record-keeping methods

The AML policy is a document describing the internal control rules regarding money laundering and terrorist financing and is mandatory for every company whose activities are regulated by AML law. This document is intended as a practical guide for employees of an organisation, so it is often required that the instructions comply with the AML law and describe the procedures established by law. At the same time, the instructions must have the form of an understandable, practical guide. That is, the AML policy is not a formal document.

AML system development from scratchOrganisations often underestimate the role of regulations and develop a template document, which is just an abbreviated citation of legislative acts, without a detailed description of the AML procedures applied. Unfortunately, this approach is incorrect since the prescriptions simply do not fulfill their function.

For Client A, we have created the prescriptions that describe the main elements and processes of the formed AML system and the risk assessment methodology. In addition, we have developed several manuals that regulated individual processes in more detail and had the character of applied instructions for each company employee.

An equally important requirement for the AML systems is the correct record-keeping following the principle of retrospective recoverability — that is, all processes must be documented and stored in such a way that even after a certain period, the reasons for the occurrence and the progress of the process would be clear, it must be understandable which resources were involved, who were the responsible persons, what conclusions were drawn, etc. The more detailed the recreation of the course of certain events can be, the better it is from the point of view of the AML area.

That is why the development of an AML system for Client A included, among other things, setting up a record-keeping system, namely the form of storage (printed, electronic, on cloud storage, etc.), setting up access to this information to avoid disclosure of the personal data, storage period and methods of systematization of the information.

The Client A’s cooperation

A key element in creating a truly effective AML system was the desire of Client A to implement all the proposed processes per our recommendations and subsequent compliance with the established procedures. From the beginning of the cooperation, the client provided us with all the requested information and later actively provided additional information when needed.

After the previously proposed processes were approved, Client A was provided with support in their implementation. We held a series of consultations for the compliance employees, where we analyzed in detail all the steps for interacting with the client at the onboarding stage, in particular:

  • what information and documentation must be obtained from users for correct identification;
  • how to use user screening services concerning sanctions or PEP status;
  • what information and documentation should be obtained during due diligence and how to process this request;
  • how to fill out a due diligence questionnaire, a web compliance checklist and a questionnaire to determine the client’s risk profile;
  • how the above procedures change in case of continuous controls;
  • what is the protocol of actions in non-standard situations, for example, when the user receives the “Reject” status based on the results of the risk assessment, does not want to cooperate, or the information declared earlier turned out to be false, etc.;
  • where and how to keep records of user files.

Also, at the stage of setting up the transaction monitoring system, as mentioned earlier, our specialists offered Client A some options for scenarios and triggers that would signal suspicious activity. During their development, we considered the individual characteristics of the client’s activity and his potential users. During the setup, Client A made his wishes and suggestions, which we always took into account. Then the system went through a series of tests until both the client and our employees were satisfied with the result. After that, staff training was conducted again.

During the implementation of the “Three Lines Model”, all client employees were assigned their job responsibilities and the positions they occupy in certain lines of defence, as well as the functions of these lines. Client A was interested in the effective implementation of this model, so we developed a separate guide for workers to understand its basic principles.

After the launch of the AML system, we actively helped the client’s employees and held regular consultations.

Since the customized processes were implemented in accordance with our recommendations, we provided assistance only with training at first. However, over time, due to external factors, it was necessary to update some processes, so we continued to cooperate with Client A on a long-term basis, gradually updating and supplementing the AML system.

We especially note that the processes developed for Client A turned out to be so effective, among other things, because all our recommendations were fully followed, and the client continues to adhere to them.


Thanks to the fruitful collaboration, the company, which had no previous experience interacting with AML processes or policies, received the full-fledged AML system that includes all the necessary elements. A KYC questionnaire and special methods for monitoring information about clients and their activities were developed and implemented, a system of external and internal reporting, as well as a data storage system, were set up, and all relevant AML policies were developed.

Client A has been cooperating with us for more than two years. Over the years, his business has expanded, and more than a dozen employees have gained knowledge and skills in the AML field. They managed to improve the quality of work and increase the security of the services provided. Thanks to a thoughtful approach, the roles and responsibilities of the staff are clearly defined, which eliminates internal conflicts and increases work efficiency.

Productive cooperation with Client A continues at this time. The constant updating and extension of the AML system allow the company to fully comply with the changing requirements of the regulator to fulfill all AML/CFT requirements and tasks with the greatest speed, efficiency and accuracy.

An employment agreement is a legally binding document that outlines the terms and conditions of an employment relationship between an employer and an employee. It is a crucial document that sets out both parties’ expectations and responsibilities and helps minimise misunderstandings and potential disputes.

In this article, we will provide a step-by-step guide on how to write a good employment agreement, including what to include and how to structure the document.

Step 1: Determine the type of employment relationship

Before you start drafting the employment agreement, it is essential to determine the employment relationship between the employer and the employee. This will largely depend on the nature of the work being performed and the length of the employment term.

Some common types of employment relationships include:

  • Full-time: A full-time employee typically works a set number of hours per week (e.g., 40 hours) and is entitled to benefits such as vacation time and healthcare.
  • Part-time: A part-time employee typically works fewer hours per week than a full-time employee and may not be entitled to the same benefits.
  • Temporary: A temporary employee is hired on a short-term basis to fill a specific need or to cover for an absent employee. They are generally not entitled to the same benefits as full-time or part-time employees.

Step 2: Identify the parties involved

The next step is to identify the parties involved in the employment agreement. This includes the employer (i.e., the company or organisation offering the job) and the employee (i.e., the person hired to perform the work).

It is important to clearly state the names and contact information of both parties in the agreement and any relevant legal entities (such as a parent company or subsidiary).

Step 3: Establish the term of the employment

The term of employment refers to the duration of the employment relationship. This can be a specific period (e.g., one year), or it can be ongoing until terminated by one of the parties.

In addition to specifying the term of the employment, it is also important to include provisions for renewing or terminating the employment. For example, you may want a clause that allows either party to terminate the employment with a certain amount of notice (e.g., 30 days).

Step 4: Outline the job duties and responsibilities

It is essential to clearly define the job duties and responsibilities of the employee in the employment agreement. This includes the specific tasks or responsibilities the employee will be expected to perform and any reporting or supervision requirements.

How to write a good Employment agreementIt is also a good idea to include any relevant job titles or descriptions in the agreement, as this can help to clarify the employee’s role and responsibilities.

Step 5: Specify the compensation and benefits

The employment agreement should include provisions outlining the employee’s compensation and benefits. This might include:

  • The employee’s salary or hourly wage
  • Any bonuses or commissions
  • Any benefits (such as healthcare or retirement plans)
  • Any paid time off (such as vacation time or sick leave)

Specifying the terms of compensation and benefits clearly in the agreement, including how and when they will be paid or provided, is important.

Step 6: Address any potential liabilities

An employment agreement should include provisions addressing any potential liabilities due to the employment relationship. This might include a clause outlining the employer’s liability for any damages or losses resulting from the employee’s actions or stating that the employee assumes all risk for any damages or losses.

Step 7: Include any relevant terms and conditions

There may be additional terms and conditions specific to the employment relationship or necessary to protect the interests of one or both parties. These can be included in a separate agreement section or incorporated into the document’s main body.

Some standard terms and conditions that might be included in an employment agreement include the following:

  • Confidentiality provisions outline the obligations of both party business information confidential.
  • Intellectual property rights: These provisions outline who owns any intellectual property (such as patents, trademarks, or copyrighted material) that is created or used during the employment.
  • Non-compete clauses: A non-compete clause prohibits the employee from working for a competitor or starting a competing business during or after the employment relationship.
  • Governing law: This clause specifies which jurisdiction’s laws will govern the interpretation and enforcement of the agreement.

Step 8: Review and revise the draft agreement

Once you have drafted the employment agreement, it is essential to review and revise the document to ensure that it accurately reflects the terms and conditions of the employment relationship. This might involve soliciting input from legal counsel or other stakeholders or reviewing the agreement against industry best practices or standards.

Step 9: Have the agreement reviewed by legal counsel

It is generally a good idea to have an employment agreement reviewed by legal counsel before finalising it. A lawyer can help to ensure that the contract is legally enforceable and protects the interests of both parties.

Step 10: Finalize and execute the agreement

Once the employment agreement has been reviewed and revised, it is time to finalise and execute the document. This typically involves both parties signing and dating the agreement and possibly exchanging copies or original signed copies.


An employment agreement is a crucial document that outlines the terms and conditions of an employment relationship between an employer and an employee. Following the steps outlined in this article ensures that your agreement is clear, comprehensive, and legally enforceable.

We hope this article has helped provide a comprehensive guide on how to write a good employment agreement. Let us know if you have any additional questions or need further clarification on any of the points covered.

How can COREDO help you?

If you require professional advice in the field, we have the appropriate consultants to help. You may view the services that we can offer through this link: 

There is a high risk of cryptocurrency money laundering because it is no secret that criminals are constantly searching for new ways to tidy up shady cash.

As a way of value transfer, it conspicuously rose to be exploited for wrongdoings. Nonetheless, those were the time of care-free trading when there were absolutely zero rules and regulations, and no duties were forced on virtual asset service providers or also called as VASPs.

Advancing to the year 2022 where there are already established overseers such as Financial Action Task Force (FATF) which is an independent inter-governmental body that aims to protect global financial systems against money launderers, European Union’s (EU’s) Anti-Money Laundering Directive 5 (AMLD5) currently the 6th but the 5th put cryptocurrency under control for anti-money laundering (AML) counter-terrorist financing (CTF) purposes.

Additionally, the EU’s MiCA initiative mandates registration for AML supervision with the FCA in the UK. As you can see, the industry is seeing significant upheaval from various sources. As you can see, the industry is seeing substantial upheaval from various sources.

The use of cryptocurrency is spreading, and more people are using it for various purposes, including illicit ones. According to recent estimates, fraudsters are increasingly using cryptocurrencies for money laundering. According to Chainanalysis, this usage has grown by 30% annually.

Cryptocurrency has come a long way toward demonstrating that it is here to stay in some capacity, but some problems still require attention. Let’s start a conversation on the risk of crypto money laundering!

What are the risks of money laundering using cryptocurrencies?

To ensure that everyone is on the same page and understands the concept of legalising proceeds of crime, I will provide some background information. The three money laundering processes are typically placement, layering, and integration. Each stage specifies a potential action and how frequently money is cleaned. Each stage is illustrated below, along with a brief description:

  • Step 1 – The money is deposited into the system.
  • Step 2 – Transactions are carried out to conceal the source.
  • Step 3 – The money is reintroduced into the economy.

Above all, whereas other value transfer methods are more suited to certain aspects of the process than others, crypto performs equally well across the board. Now, we’ll go through each step in more detail and describe how either one might be carried out.

Step 1 – Placing crypto to launder money

Risk of cryptocurrency being used to launder money: The greatest breakdown of a three-step procedureIn a conventional meaning, placing refers to placing illegal funds into the financial system.

This phase is a little different if we’re talking about cryptocurrencies because they are neither money nor do they fit into the traditional financial system. Criminals often buy one cryptocurrency to begin money laundering by converting unlawfully obtained fiat currency.

Alternately, random payments can be made directly in crypto, including those obtained from hacking exchanges, defrauding people, and any other type of cybercrime you can think of.

The fact that the initial store of value was gained by unlawful means is crucial in this context. Once crypto assets have been bought, it allows criminals to do additional transactions and exchanges on track to clean their shady money further.

It’s important to note that the person who enabled placement will still have access to the dirty money if this stage uses fiat cash. Therefore, different plans for cleaning it will need to be made. We won’t explain the concurrent process involving fiat coins in this article because we will just be discussing the crypto aspect of things. Just remember that these procedures can happen concurrently.

Step 2 – Layering Crypto

Suppose placement enables criminals to enter cryptocurrency derived from illegal conduct into the crypto sphere. In that case, layering enables them to hide their connection to the proceeds of the original crime and erase their traces. Traditionally, it was accomplished by making many transfers between various wallet addresses. However, since the majority of blockchains are public, this strategy could be more effective because transactions can be easily tracked with the aid of software, so more creative methods are increasingly being chosen. These “ill-witted” criminals often hire services that include private entities such as online casinos, P2P exchanges, centralized exchanges with lax protocols, and many others. The said services make it more difficult to follow the trail that proves that the crypto assets came from unlawful acts.

Step 3 – Integration back into the economic system

Cryptocurrencies can be reintroduced into the system when their origin is obscured. This can be accomplished in a number of ways, beginning with exchanging crypto for fiat currency and concluding with making a black-market purchase. The final step’s main idea is that the criminal can profit from their criminal behaviour. These criminals benefit regardless of how the money is reinvested in the economy, which gives them additional incentive to commit new crimes.

What are the operational details of cryptocurrency money laundering?

Let’s examine a hypothetical example that can potentially be extremely real to show how crypto money laundering actually functions. Consider the scenario if Mark Johnson deceived people by offering a 200% return on investment in exchange for their cryptocurrency, which he would then reinvest in upcoming cryptocurrencies about which he had inside knowledge. Having visibility on social media gave his character more legitimacy. He approached his targets using this channel and posted about his opulent lifestyle. However, it was eventually discovered that there was no such individual and that his persona was clearly a phoney front to entice prospective “investors”. In essence, our criminal collected cryptocurrencies from unscrupulous individuals who were being duped by a con artist named not even Mark but Ian.

Risk of cryptocurrency being used to launder money: The greatest breakdown of a three-step procedureIan’s deception was fruitful; he collected a total of five Bitcoin from different people he conned, but still, he is in a bit of a pickle; Ian cannot use them because he might be found out and be caught by authorities. Being a mischievous-minded person, Ian is aware of how to hide his tracks and decides to start money laundering with cryptocurrencies.

He accomplishes this by transferring laundered crypto assets from his unlisted wallet to a number of wallets he opened using an exchange with a loose know-your-customer policy that only requires an email address to open a wallet for transfers under 20,000 EUR.

When it is finished, he moves the money to five private wallets integrated with mixers to continue his illegal scheme. Naturally, he decides to use the mixer’s capabilities and further obscures Bitcoin’s source (which we all know was laundered from his victims).

Additionally, he performs a payout in five separate batches, equally distributing his laundered assets to the un-hosted wallets. At this point, he decides that he wants to withdraw some of the money. He sends one bitcoin to an exchange with a fiat connection, where he has already completed the know-your-customer and registration processes by providing documents of a friend to whom he paid 1,000 EUR to provide his document and pose for the camera while the checks were being done. Thus, Ian now transfers money to his cryptocurrency-friendly service provider, with which he has an account made in the name of another nominee and uses a card to make any purchases without being concerned that he will be discovered.

What happens if you are caught using cryptocurrencies to launder money?

Ian has cheated others into investing money in his illegal scheme, which is a criminal offence in and of itself. If he is discovered, he will suffer severe consequences. We shall use some examples from the actual world to show it.

For instance, in 2022, Spanish authorities, with assistance from EUROPOL and EUROJUST, acted against a criminal gang that was laundering illicit funds associated with the Magnitsky case, a 219 million EUR corruption case in Russia. Millions of euros are thought to have been transferred via European bank accounts by this money laundering operation before being sent to Spain to buy real estate. The person at the centre of this operation to launder money has been taken into custody in the Canary Islands. Seventy-five properties in total, worth a total of 25 million euros, have so far been confiscated across Spain. Along with the seized properties, those apprehended are now facing heavy persecution.

Close to our crypto topic, another conman in the name of Roman Sterlingov was arrested; he is accused of being the creator of the cryptocurrency mixing service Bitcoin Fog. If proven guilty, he could spend at least ten years in prison.

Similar circumstances can be applied to Larry Harmon, who admitted guilt to a conspiracy to launder money and now faces a maximum sentence of 20 years in prison for running Helix, a Darknet-based bitcoin money laundering firm.

These are all examples of what offenders can anticipate when they are apprehended.

How might COREDO assist you in reducing the danger of bitcoin money laundering?

Money laundering using cryptocurrencies is a serious problem that requires effective solutions to reduce its risks. Such procedures must include duly educated staff people and software programs that improve client screening and activity monitoring. Please contact us if you have any questions about the subject or would like our help putting a money laundering prevention policy in place at your company.

Anti-money laundering (AML) services involve the use of processes and systems to detect and prevent the illicit use of the financial system for the purpose of money laundering or financing terrorism. These services are critical for financial institutions, as well as other organizations that may be at risk for money laundering activities.

Anti-money laundry service outsourcingOne benefit of outsourcing AML services is cost savings. Hiring an external service provider to handle AML tasks can often be more cost-effective than hiring in-house staff or using a traditional consulting firm. This is because outsourcing companies can take advantage of economies of scale and often have lower overhead costs, which can result in lower fees for clients.

In addition to cost savings, outsourcing AML services can also provide access to specialized expertise. Many AML service providers have teams of highly trained and experienced professionals who can provide specialized knowledge and skills in AML compliance and risk management. This can be particularly useful for clients who may not have the resources to hire specialists in-house or who have complex AML needs that require specialized expertise.

Outsourcing AML services can also help to improve efficiency and speed up processes. By outsourcing tasks such as risk assessments and compliance reviews, clients can free up time and resources to focus on more high-value tasks, such as strategy and business development. This can help to increase productivity and improve overall efficiency.

Despite the many benefits of outsourcing AML services, there are also some potential drawbacks and challenges for clients to consider. One concern is the risk of losing control over the quality of work being performed. It is important for clients to carefully select and manage their outsourcing partners to ensure that the work being performed meets their standards and the needs of their business.

Another potential challenge is the issue of confidentiality and data protection. It is important for clients to carefully consider the legal and ethical implications of outsourcing work, particularly when it comes to handling sensitive or confidential information. This may require the use of strict confidentiality agreements and other measures to protect client data.

Overall, outsourcing AML services can be a valuable tool for clients looking to improve efficiency, reduce costs, and access specialized expertise. However, it is important to carefully consider the potential risks and challenges and take steps to manage them effectively.

How can COREDO help you?

If you require professional advice in the field, we have the appropriate consultants for you who can help. You may view the services that we can offer through this link: 

An enterprise service agreement (ESA) is a legally binding document that outlines the terms and conditions of a service provided by a company to another business or organisation. It is a crucial document that sets out both parties’ expectations and responsibilities, and helps minimize misunderstandings and potential disputes.

In this article, we will provide a step-by-step guide on how to write a good enterprise service agreement, including what to include and how to structure the document.

Step 1: Determine the scope of the service

Before you start drafting the ESA, it is crucial to clearly define the scope of the service being provided. This includes the specific tasks or services that will be performed and any limitations or exclusions.

For example, if you are providing IT support services, the scope of the service might include troubleshooting hardware and software issues, installing and configuring new equipment, and providing user training. It might also exclude certain types of support, such as custom software development or data migration.

Step 2: Identify the parties involved

The next step is to identify the parties involved in the agreement. This includes the service provider (i.e., the company offering the service) and the service recipient (i.e., the business or organisation receiving the service).

It is essential to clearly state the names and contact information of both parties in the agreement and any relevant legal entities (such as a parent company or subsidiary).

Step 3: Establish the term of the agreement

The term of the agreement refers to the service’s duration. This can be a specific period (e.g., one year), or it can be ongoing until terminated by one of the parties.

How to write a good Enterprise service agreementIn addition to specifying the term of the agreement, it is also important to include provisions for renewing or terminating the contract. For example, you may want to have a clause that allows either party to terminate the agreement with a certain amount of notice (e.g., 30 days).

Step 4: Outline the payment terms

Payment terms are a vital part of any service agreement, as they outline how and when the service recipient will pay for the services provided.

Some standard payment terms include:

  • Fixed fee: A fixed fee is a one-time payment for the entire scope of work outlined in the agreement.
  • Hourly rate: An hourly rate is based on the number of hours worked by the service provider.
  • Monthly retainer: A monthly retainer is a predetermined amount paid each month for a certain number of service hours.

Specifying the payment terms clearly in the agreement, including the rate or fee being charged and any applicable taxes or fees is important.

Step 5: Include any applicable warranties or guarantees

A warranty is a promise made by the service provider that the services will meet specific standards or specifications. A guarantee promises that the service provider will take specific actions if the services do not meet the agreed-upon standards.

It is essential to include any applicable warranties or guarantees in the agreement, as this helps to protect both parties in case there are any issues with the services being provided.

Step 6: Address any potential liabilities

An enterprise service agreement should include provisions addressing any potential liabilities that may arise as a result of the services being provided. This might include a clause outlining the service provider’s liability for any damages or losses resulting from the services or stating that the service recipient assumes all risk for any damages or losses.

Step 7: Include any relevant terms and conditions

There may be additional terms and conditions specific to the services being provided or necessary to protect the interests of one or both parties. These can be included in a separate section of the agreement or incorporated into the document’s main body.

Some standard terms and conditions that might be included in an enterprise service agreement include the following:

  • Confidentiality provisions outline the obligations of both parties to keep certain information (such as trade secrets or business information) confidential.
  • Intellectual property rights: These provisions outline who owns any intellectual property (such as patents, trademarks, or copyrighted material) that is created or used in the course of providing the services.
  • Force majeure: A force majeure clause protects both parties from liability if the services cannot be provided due to circumstances beyond their control (such as a natural disaster or pandemic).
  • Governing law: This clause specifies which jurisdiction’s laws will govern the interpretation and enforcement of the agreement.

Step 8: Review and revise the draft agreement

Once you have drafted the enterprise service agreement, it is essential to review and revise the document to ensure that it accurately reflects the terms and conditions of the service being provided. This might involve soliciting input from legal counsel or other stakeholders or reviewing the agreement against industry best practices or standards.

Step 9: Have the agreement reviewed by legal counsel

It is generally a good idea to review an enterprise service agreement by legal counsel before finalising it. A lawyer can help to ensure that the agreement is legally enforceable and protects the interests of both parties.

Step 10: Finalize and execute the agreement

Once the enterprise service agreement has been reviewed and revised, it is time to finalise and execute the document. This typically involves both parties signing and dating the agreement and possibly exchanging copies or original signed copies.


An enterprise service agreement is a crucial document that outlines the terms and conditions of a service provided by one business to another. Following the steps outlined in this article ensures that your agreement is clear, comprehensive, and legally enforceable.

We hope this article has provided a comprehensive guide on how to write a good enterprise service agreement. Let us know if you have any additional questions or need further clarification on any of the points covered.

How can COREDO help you?

If you require professional advice in the field, we have the appropriate consultants to help. You may view the services that we can offer through this link: 

Memorandum of Understanding (MOU). A Memorandum of Understanding is a document that outlines the terms and details of a working relationship between two parties. It is often used in business and government to establish agreements for collaboration or outline a partnership’s terms.

Here are some steps you can follow to write a good Memorandum of Understanding:

  1. Determine the purpose of the MOU: The first step in writing an MOU is to determine its purpose. What are the two parties looking to achieve through this agreement? Are they looking to collaborate on a project, establish a partnership, or outline the terms of a working relationship? Clearly defining the purpose of the MOU will help you identify the key points that need to be included in the document.
  1. Identify the parties involved: The MOU should clearly identify the two parties involved in the agreement. This includes their names, addresses, and any relevant contact information. Including a brief description of each party’s role or responsibilities in the agreement is also a good idea.
  1. Outline the terms of the agreement: The MOU should outline the terms of the agreement in detail. This includes the scope of the agreement, any specific tasks or responsibilities that each party will have, and any resources or support that will be provided. It is essential to be as specific as possible when outlining the terms of the agreement to avoid misunderstandings or ambiguities.

  1. Define the duration of the agreement: The MOU should specify the duration of the contract, including the start date and end date (if applicable). It is also a good idea to include provisions for renewing or terminating the agreement, if necessary.
  1. Include any legal provisions: Depending on the nature of the agreement, you may need to include specific legal provisions in the MOU. For example, you may need to include liability, confidentiality, or indemnification provisions. It is a good idea to consult with an attorney to ensure that you are including all necessary legal provisions in the MOU.
  1. Include a signature section: The MOU should have a signature section where both parties can sign and date the document. It is also a good idea to include a section for each party to keep a copy of the MOU for their records.
  1. Review and revise the MOU: Before finalising the MOU, it is essential to review the document carefully to ensure that it accurately reflects the terms of the agreement and that it is straightforward and easy to understand. You may need to revise the MOU to address any ambiguities or to include any additional provisions that were not included in the initial draft.
  1. Consider using a template: There are many MOU templates available online or through legal resources that can provide a useful starting point for drafting your MOU. These templates often include the standard clauses and provisions commonly included in MOUs, which can save time and ensure that you are not missing any important elements. However, it is essential to customize the template to fit your agreement’s specific needs and terms.
  1.  Use clear and concise language: The MOU should be written in clear, concise language that is easy to understand. Avoid using legal jargon or technical terms unfamiliar to the reader.
  1. Be specific and detailed: It is important to be specific and clear when outlining the terms of the agreement in the MOU. This helps avoid misunderstandings or ambiguities that could lead to later disputes or disagreements. For example, if the MOU includes provisions for the use of shared resources or equipment, be sure to specify who is responsible for maintenance and repair and any usage restrictions or limitations.
  1.  Address potential conflicts of interest: If there is a potential for conflicts of interest between the two parties, it is crucial to address this in the MOU. For example, suppose one party is providing funding for the project. In that case, there may be a conflict of interest if the other party is also responsible for evaluating the project’s progress or success. In such cases, it may be necessary to include provisions in the MOU to address these potential conflicts of interest.
  1. Consider including a dispute resolution clause: Disputes and misunderstandings can sometimes arise even when both parties have entered into an agreement in good faith. To minimise the risk of disputes, it may be helpful to include a dispute resolution clause in the MOU. This clause should outline the steps that will be taken to resolve any disputes that may arise, such as mediation or arbitration.
  1. Review the MOU with legal counsel: Before finalising the MOU, it is a good idea to review the document with legal counsel to ensure that it is legally enforceable and meets both parties’ needs. An attorney can also help identify potential legal issues or liabilities arising from the agreement.
  1. Obtain approval from relevant parties: Depending on the nature of the agreement, it may be necessary to obtain approval from relevant parties before finalising the MOU. For example, suppose the MOU is being entered by a government agency or a non-profit organisation. In that case, obtaining approval from the board of directors or other governing bodies may be necessary.

In conclusion, a Memorandum of Understanding is useful for establishing a working relationship or partnership between two parties. By following the steps outlined above, you can write a good MOU that clearly outlines the terms of the agreement and helps ensure a smooth and successful collaboration.

How can COREDO help you?

If you require professional advice in the field, we have the appropriate consultants to help. You may view the services that we can offer through this link: 

Legal outsourcing, also known as legal process outsourcing (LPO), is the practice of hiring an external service provider to handle certain legal tasks and processes. This can include research, document review, drafting contracts and legal documents, and even litigation support.

Benefits and problematic of legal outsourcingFor clients, the benefits of legal outsourcing can be significant. One major benefit is cost savings. Outsourcing legal work can often be more cost-effective than hiring in-house counsel or using a traditional law firm. This is because outsourcing companies can take advantage of economies of scale and often have lower overhead costs, which can result in lower fees for clients.

In addition to cost savings, legal outsourcing can also provide access to specialized expertise. Many LPO providers have teams of highly trained and experienced legal professionals who can provide specialized knowledge and skills in specific areas of law. This can be particularly useful for clients who may not have the resources to hire specialists in-house or who have complex legal needs that require specialized expertise.

Legal outsourcing can also help to improve efficiency and speed up legal processes. By outsourcing tasks such as research and document review, clients can free up time and resources to focus on more high-value tasks, such as strategy and business development. This can help to increase productivity and improve overall efficiency.

Despite the many benefits of legal outsourcing, there are also some potential drawbacks and challenges for clients to consider.
One concern is the risk of losing control over the quality of work being performed. It is important for clients to carefully select and manage their outsourcing partners to ensure that the work being performed meets their standards and the needs of their business.

Another potential challenge is the issue of confidentiality and data protection. It is important for clients to carefully consider the legal and ethical implications of outsourcing work, particularly when it comes to handling sensitive or confidential information. This may require the use of strict confidentiality agreements and other measures to protect client data.

Overall, legal outsourcing can be a valuable tool for clients looking to improve efficiency, reduce costs, and access specialized expertise. However, it is important to carefully consider the potential risks and challenges and take steps to manage them effectively.

How can COREDO help you?

If you require professional advice in the field, we have the appropriate consultants for you who can help. You may view the services that we can offer through this link: 

A Non-Disclosure Agreement (NDA) or Confidentiality Agreement is a legally binding document that aims to protect sensitive and confidential information from being disclosed to third parties. NDAs are commonly used in business relationships, employment situations, and developing and protecting new products or ideas.

Creating a good NDA is essential to ensure that all parties involved understand the terms and obligations of the agreement and to protect against any potential legal issues.

Here are some key steps to follow when writing an NDA:

  1. Identify the purpose of the NDA: It is essential to clearly define the purpose of the NDA and the specific information that needs to be protected. This can include trade secrets, business plans, proprietary technology, financial information, and other sensitive information. It is helpful to create a list of the specific types of information that will be covered under the NDA, as this will help define the scope of the agreement.
  1. Determine the scope of the NDA: The scope of the NDA should clearly define the parties involved, the duration of the agreement, and any exclusions or limitations. For example, suppose the NDA is being used in an employment context. In that case, it may specify that the employee is not allowed to disclose company secrets to competitors or use the information for personal gain. The scope should also specify exceptions to the agreement, such as information already known to the recipient or information obtained from a third party without the recipient’s knowledge or consent. Determining whether the NDA covers verbal and written communication and electronic communication such as email or text messages is also essential.
  1. Define the terms of the NDA: The terms of the NDA should outline the obligations of the parties involved, including any restrictions on the use and disclosure of confidential information. It is important to clearly define what constitutes a breach of the NDA and the consequences of such a breach. This could include damages, injunctive relief, or other legal remedies. The terms should also specify the agreement’s jurisdiction, governing law, and dispute resolution provisions. If the NDA is being used in an international context, it may be necessary to specify which country’s laws will govern the agreement in case of a dispute.

  1. Consider any legal implications: It is essential to consider any legal implications of the NDA, including issues related to intellectual property, antitrust laws, and employment laws. It is recommended to seek legal counsel to ensure that the NDA complies with relevant laws and regulations. This is especially important when the NDA is being used internationally, as different countries have different laws and regulations governing confidentiality agreements. It is also important to consider any potential conflicts with other agreements or obligations that the parties involved may have. For example, suppose an employee is signing an NDA as part of their employment contract. In that case, ensuring that the NDA does not conflict with any non-disclosure or non-compete provisions in the employment contract is essential.
  1. Make sure the NDA is clear and concise: A NDA should be written in clear and concise language that is easy for all parties to understand. It is important to avoid using legal jargon or ambiguous terms that could be open to interpretation. It is also helpful to use bullet points or numbered lists to break up the text and make it easier to read and understand. It is a good idea to have the NDA reviewed by legal counsel to ensure that it is clear and understandable for all parties involved.
  1. Please include any additional provisions: Depending on the specific needs of the parties involved, it may be necessary to include additional provisions in the NDA. For example, an NDA may include provisions related to the handling of physical copies of confidential documents or the destruction of such documents upon the termination of the agreement. Other common provisions include provisions related to the return or destruction of confidential materials upon request and provisions related to the confidentiality of the NDA itself. It is also a good idea to include provisions related to the confidentiality of any discussions or negotiations related to the NDA and the use of confidential information to evaluate a business opportunity or potential partnership.
  1. Have the NDA reviewed and signed: Before the NDA becomes legally binding, it is essential to have the agreement reviewed by legal counsel and signed by all parties involved. It is also a good idea to keep a copy of the signed NDA on file for reference. In some cases, it may be necessary to have the NDA notarised or witnessed to provide additional legal protection.

It is also a good idea to review and update the NDA on a regular basis, particularly if there are any changes in the business relationship or the confidential information is protected. This can help to ensure that the NDA remains effective and up-to-date.

In conclusion, a Non-Disclosure Agreement (NDA) or Confidentiality Agreement is a crucial tool for protecting sensitive and confidential information in business relationships and other situations. By following these steps and seeking legal counsel as needed, you can create a strong and effective NDA that serves the needs of all parties involved.

By clearly defining the purpose and scope of the NDA, outlining the terms and obligations of the parties involved, and considering any legal implications, you can create a document that effectively protects the confidential information being shared.

So, having a well-written NDA in place is crucial to protect your sensitive information and avoid potential legal issues.

How can COREDO help you?

If you require professional advice in the field, we have the appropriate consultants to help. You may view the services that we can offer through this link: 

Starting a new business can be an exciting and rewarding experience, but it is also a complex process that requires careful planning and preparation. One of the first steps in starting a business is registering the company with the appropriate authorities. Here is a step-by-step guide on how to register a company, along with some of the benefits and potential challenges to consider.

Step 1: Choose the type of business structure

Before you can register your company, you need to decide on the type of business structure that best fits your needs. Some common business structures include sole proprietorship, partnership, corporation, and limited liability company (LLC). Each type of business structure has its own legal and tax implications, so it is important to consider your specific needs and goals before making a decision.

Step 2: Choose a business name

Once you have chosen a business structure, you will need to select a business name. This should be a unique name that reflects the nature of your business and distinguishes it from other companies. You may need to conduct a name search to ensure that the name you have chosen is not already in use.

Step 3: Register your business name

After you have chosen a business name, you will need to register it with the appropriate authorities. This may involve filing articles of incorporation or a business registration form, depending on your business structure and the requirements of your state or jurisdiction.

Step 4: Obtain any necessary licenses and permits

Depending on the nature of your business, you may need to obtain certain licenses and permits in order to operate legally. This could include a business license, a sales tax permit, or a professional license, among others. It is important to research the specific requirements for your business and obtain any necessary licenses or permits before you start operating.

Step 5: Set up a business bank account

Once your business is registered, it is a good idea to set up a separate business bank account. This will help you to keep your personal and business finances separate, which can make it easier to track expenses and manage your finances.

There are many benefits to registering a company, including legal protection, tax benefits, and increased credibility. By registering your business, you can establish a clear legal structure and protect your personal assets in case of legal action. In addition, registering a business can also make it easier to raise capital, as investors and lenders may be more willing to work with a legally registered company.

However, there are also some potential drawbacks and challenges to consider when registering a company. One challenge is the cost and effort involved in the process. Registering a company can be time-consuming and may require the assistance of a lawyer or other professional. In addition, there may be ongoing costs associated with maintaining a registered company, such as filing annual reports and paying fees.

Overall, registering a company is an important step in starting a new business. By following the steps outlined above, you can establish a legal structure, protect your personal assets, and increase your credibility and competitiveness. However, it is important to carefully consider the potential risks and challenges and take steps to manage them effectively.

How can COREDO help you?

If you require professional advice in the field, we have the appropriate consultants for you who can help. You may view the services that we can offer through this link: 

A sales and purchase agreement (SPA) is a legally binding document that outlines the terms and conditions of a sale and purchase transaction. It is an essential tool for protecting the interests of both the buyer and the seller and ensuring that both parties understand their rights and obligations.

Here are some key points to consider when writing a good sales and purchase agreement:

  1. Identify the parties involved: The SPA should clearly identify the buyer and the seller and any agents or intermediaries involved in the transaction. Including full contact information for all parties, including names, addresses, and phone numbers, is important.
  1. Describe the property or goods being sold: The SPA should include a detailed description of the property or goods being sold, including any serial numbers or identifying features. If the property being sold is real estate, the SPA should include the address and any relevant legal descriptions. If the goods sold are physical items, the SPA should include detailed descriptions of the items, including make, model, and relevant specifications. It is essential to be as specific as possible to avoid confusion or misunderstandings.

How to write a good Sales and Purchase Agreement

  1. Specify the purchase price: The SPA should clearly state the purchase price for the sold property or goods. This should include any applicable taxes or fees. If the purchase price is subject to contingencies, such as the completion of inspections or the receipt of financing, this should be clearly stated in the SPA.
  1. Outline the payment terms: The SPA should specify how the purchase price will be paid, including any deposit or down payment that is required. It should also define any payment deadlines or other payment-related terms, such as whether the payment will be made in instalments or in a lump sum.
  1. Include any contingencies: Contingencies are conditions that must be met before the sale can be completed. The SPA should specify any contingencies relevant to the transaction, such as the completion of inspections or the receipt of financing. It is important to specify what will happen if the contingencies are not met, such as whether the buyer will forfeit their deposit or whether the seller will have the right to terminate the agreement.
  1. Specify any warranties or guarantees: The SPA should specify any warranties or guarantees that the seller is offering and any limitations or exclusions. For example, the seller might offer a warranty on the property or goods being sold, or they might offer a title guarantee. It is essential to be clear about the terms of any warranties or guarantees to avoid any misunderstandings.
  1. Include provisions for disputes: The SPA should include provisions for how disputes will be resolved, such as through mediation or arbitration. This is important in case any issues arise during the sale and purchase process.
  1. Seek legal review: It is generally a good idea to have a lawyer review your sales and purchase agreement to ensure that it is legally enforceable and meets your needs. A lawyer can help you identify any potential issues or weaknesses in the agreement and advise you on how to address them.

In summary, writing a good sales and purchase agreement involves identifying the parties involved, describing the property or goods being sold, specifying the purchase price, outlining the terms of payment, including any contingencies, specifying any warranties or guarantees, and including provisions for disputes. It is also a good idea to seek legal review to ensure that the agreement is legally enforceable.

By following these steps, you can create a clear and comprehensive agreement that protects the interests of both the buyer and the seller.

How can COREDO help you?

If you require professional advice in the field, we have the appropriate consultants to help. You may view the services that we can offer through this link: 

Benefits and problematic of ISO certificationISO certification is a process by which a company or organization demonstrates that it meets international standards for quality, environmental performance, health and safety, and other areas. There are many benefits to obtaining ISO certification, both for the organization itself and for its customers, stakeholders, and the wider community.

One major benefit of ISO certification is improved efficiency. By implementing the processes and systems required for ISO certification, an organization can streamline its operations and reduce waste, leading to cost savings and increased competitiveness. This can also help the organization to meet regulatory requirements and reduce the risk of non-compliance.

Another benefit of ISO certification is increased customer satisfaction. By demonstrating its commitment to quality, environmental performance, and other areas, an organization can build trust and credibility with its customers, which can lead to increased sales and customer loyalty. This can also help the organization to stand out from its competitors and attract new business.

In addition to these benefits, ISO certification can also have a positive impact on the wider community. For example, an organization that is certified to ISO 14001, the international standard for environmental management, may be able to reduce its environmental impact and make a positive contribution to sustainability.

Despite the many benefits of ISO certification, there are also some potential drawbacks and challenges to consider. One concern is the cost and effort involved in obtaining and maintaining certification. This can be particularly challenging for small and medium-sized organizations, which may not have the resources or expertise to meet the requirements of ISO certification.

Another potential challenge is the risk of non-compliance. An organization that is certified to an ISO standard must demonstrate ongoing compliance with the standard’s requirements. If it fails to do so, it may lose its certification, which can have negative consequences for the organization’s reputation and business.

Overall, ISO certification can provide a range of benefits for organizations, including improved efficiency, increased customer satisfaction, and a positive impact on the wider community. However, it is important for organizations to carefully consider the potential risks and challenges and take steps to manage them effectively.

How can COREDO help you?

If you require professional advice in the field, we have the appropriate consultants for you who can help. You may view the services that we can offer through this link: 

Recent developments in business intelligence and financial technology have significantly altered and enhanced the delivery, accessibility, and range of financial services. Most of these advancements are the result of financial technology companies, or Fintechs, who have pushed traditional businesses to improve how they interact with their clients and communities. However, a lack of regulatory clarity can stifle good ideas and prevent the appropriate safeguards from being implemented to safeguard customers and the financial industry.

Most of the time, authorities have not incorporated technologies into their own regulatory and supervision frameworks, making them less equipped to monitor businesses and practices that are becoming more inventive, inhibiting their efficacy and efficiency. One of the best examples of regulators that embraced and leveraged modern technologies is the FCA.

What is the FCA?

Although it has only been around since 2013, the Financial Conduct Authority in the U.K. (FCA) is often regarded as a global innovator. The agency’s success in pushing innovation has been made possible by a combination of circumstances – a federal initiative to develop London as a thriving fintech hub, a young agency founded in the aftermath of the 2008 economic meltdown with a brand-new and untested mission to encourage financial competition and the concurrent anticipation to advance breakthroughs, a highly focused banking system and dynamic financial technology community, a simple and direct twin peaks economic, regulatory structure, and sustained executive-level support for increasing the agency’s capacity to foster interdisciplinary collaboration.

The FCA and its plans for the fintech industryWhen taken as a whole, these factors allow the FCA to progress its purpose by taking measured risks and pushing the boundaries of regulation.

However, without the FCA employees who collaborated to develop the innovation framework with sincerity, inquisitiveness, boldness, cooperation, and esteem that have illustrated the institution’s innovation practices and have mainly been responsible for advancing it, the agency would not be where it is currently – enabling, and in some cases driving, advancement in the industry and evolving its own potential to monitor and control by using technology and advanced analytics.

Most recently, the FCA’s dedication to financial innovation was highlighted by creating a distinct, autonomous innovation division with over 120 personnel and an additional 40 data engineers integrated with other departments across the organisation.

Project Innovate and the new regulatory Sandbox, as well as the regtech program and its ground-breaking TechSprints, were started and supported by two small, agile start-up teams, and in less than six years, they have grown into the expanding Innovation Division. The group directed 140 businesses through its regulatory Sandbox, provided guidance and active assistance to roughly 700 companies through the Innovation Hub, and formed an international association of regulatory agencies interested in fostering innovation in the public’s interest throughout that time.

The FCA has started incorporating emerging technologies and cutting-edge business intelligence into its own operations using the expertise gathered via a partnership with market players and other stakeholders over the past few years. The agency now has immediate access to a wide range of technical talent and experience that it could not otherwise afford to reproduce, as well as the assurance and motivation to advance on its own, thanks to this close collaboration. Additionally, sandboxes and TechSprints, two collaborative tools the FCA invented to promote and hasten invention, are also being imitated globally.

Aside from these technological advancements, the FCA has also focused on cyber risk reduction, operational resilience, and customer protection.

As the U.K.’s financial industry watchdog, the FCA has also taken over the Financial Services Authority’s responsibility to develop and implement rules as the regulatory body for financial services companies in the region.

In order to achieve its strategic purpose, the Financial Conduct Authority (FCA) has three operational goals: safeguarding consumer interests, preserving and enhancing the integrity of the British financial system, and fostering healthy competition among financial services providers. The agency has broad authority to carry out its mission, including making rules and conducting investigations and enforcement actions. Since the FCA is an independent organisation without government backing, it must be able to increase fees. As a result, the agency levies fees on approved businesses that engage in activities that it governs.

Throughout the years, rules and regulations set by the FCA have tremendously evolved. Recently, the industry has seen huge transitions into more proactive practices.

The transition from reactive to proactive

Although the difference between a reactive and proactive regulator is not formally acknowledged, we can contrast the FCA with other regulators. In a nutshell, a proactive regulator can be perceived with aggressive interventions which check the activities of the businesses it regulates by undertaking different kinds of investigations to avoid anything terrible from occurring, as opposed to a reactive regulator that mainly acts after something negative has already happened.

The FCA and its plans for the fintech industrySuch inspections can take various forms, such as being entirely documentary (where the authority requires the submission of specific reports, information, or documents), on-site visits to assess detailed documentation, processes, or systems, interviewing key employees, or a mix of the two.

Operating a company in a region where the authority is less proactive is considerably more comfortable. For instance, Lithuanian Financial institutions frequently claim that the Bank of Lithuania conducts too many examinations. Non-bank PSPs in Cyprus are required to renew their licenses yearly by submitting specific papers and receiving approval from the Central Bank of Cyprus.

In the U.K., where there are substantially more financial companies regulated than in Lithuania and Cyprus put combined, the FCA had rarely taken an aggressive stance up until these recent years. It is clear that the FCA changed its approach when it began actively writing “Dear CEO Letters” back in 2020 and asking the payment service actors to disclose more information at the onset of the COVID-19 pandemic.

From this, the agency notes that the quality of the documents and data provided by the companies was disappointing. The FCA then kept in touch with even more businesses and conducted more inspections.

Just this 2021, the FCA announced that in contrast to many other more reactive authorities, the FCA agency would adopt more proactive approaches. The FCA then began criminal procedures under its anti-money laundering jurisdiction for the first time in the previous eight years. It was also the first time the agency revoked temporary licenses to stop four E.U. investment firms from selling CFDs to U.K. retail customers and used a freezing injunction to secure several million pounds worth of assets on behalf of customers with final salary pension plans.

Five things to expect from the transition

І. Few businesses are to receive FCA authorisation

According to the FCA’s Business Plan, enhanced digital applications and simpler-to-use forms will make the application process more user-friendly. However, due to a more thorough evaluation and increased inspection of the applicant’s financial and business models, the standards to which the FCA benchmarks the application will increase. Moreover, examinations of the individuals in charge of managing P.I.s/EMIs, which were unfathomable only a few years ago, may start to become the standard. Currently, the FCA frequently undertakes interviews on a case-by-case principle to better examine the important persons than a written communication exchange between the case officer and the applicant business.

The Financial Conduct Authority makes it clear that it anticipates rejecting additional applications for authorisation. When a company is authorised, it requires at least three times more FCA resources to revoke its permits than if the company had never been granted permission. “We will expect denial, withdrawal, and rejection rates to grow initially as we make the gateway more resilient,” the FCA writes in their business plan.

The FCA’s chief executive, Nikhil Rathi, recently appointed Emily Shepperd as the new executive director of authorisations and was given orders to hire about 100 more staff to handle authorisations. As a result, corporations should receive case officers more quickly than they already do, which frequently surpasses three months.

ІІ. Increased intervention and stricter oversight

The FCA plans to intervene more frequently in real time to protect customers and market integrity. In 2021-2022, the FCA was expected to take more supervisory and enforcement actions. Mr Rathi asserts that the FCA will never return to a light-touch, reactive approach.

The FCA acknowledges that the payment industry has transformed rapidly since implementing the Payment Service Directive and the Electronic Money Directive.

While EMIs and P.I.s have advantages for both consumers and businesses, the FCA is worried about the pandemic’s effect on PSPs’ financial power. The FCA’s oversight work will ensure that PI/s and EMIs are financially secure, and it will define companies at risk and contact them proactively. From 31 March 2022 to 31 March 2025, the FCA will evaluate whether payments businesses are willing to keep within their impact tolerances (the maximum permissible amount of interruption to a critical business service) to determine how effective the FCA’s task to optimise the operational resilience of the finance industry has been.

Besides this, there will be greater oversight for newly permitted companies, which the FCA calls ‘a regulatory nursery’ to identify any potential damage to the industry. A firm must submit a business plan when applying for a license. However, a program of operations and a business plan can transform. The FCA aims to ensure that businesses stick to their original plans and that if there is a modification, the FCA is immediately informed and can examine any detrimental impacts. This is a general rule for accredited PSPs, but not many of them were aware that such changes require an alert to the authorities, even though it does as part of the reporting requirements under Principle 11 of PRIN.

ІІІ. Increased requirements and additional supervision

The FCA has consistently raised specifications for non-bank payment service providers in the past few years. The agency ensures FinTech companies maintain operational resilience and customer protection.

The FCA and its plans for the fintech industryIn 2019, for instance, the FCA ensured that the Principles and Chapter 2 of the BCOBS apply to EMIs and P.I.s. It at least implies that P.I.s/EMIs and financial institutions are subject to the same marketing guidelines. The FCA is currently considering creating a “new Consumer Duty,” which would apply equally to a bank and non-bank institutions and would impose additional responsibilities on EMIs/P.I.s to customers.

Registered enterprises must have sufficient funds, liquidity, and reserves to pay pending redress responsibilities, and the FCA wants to ensure the businesses it oversees only shut down on time. The FCA mandated non-bank PSPs to have a wind-down strategy. In March 2021, the FCA announced final guidelines on operation resilience designed to enhance and improve companies’ operational resilience.

The FCA releases more and more recommendations for diverse kinds of businesses. During the pandemic, it released recommendations for payment and e-money firms to bolster firms’ prudential risk management and mechanisms for securing customers’ monies. The agency recently instructed PayTechs to clarify the distinction between preserving e-money accounts and FSCS coverage to clients. It vowed to increase protection and wind-down planning standards through targeted messaging, monitoring EMIs/P.I.s’ arrangements and safeguarding audits.

After its call for feedback in 2020 as part of its Payments Landscape Review, the FCA keeps creating rules and guidelines for payments businesses, and we should expect more and more regulatory standards geared to PSPs.

IV. Cancellation of licenses

The FCA anticipates a short-term growth in the number of companies whose permission will be curtailed by being more aggressive and improving its capacity to detect signals of misbehaviour and act swiftly by suspending or completely revoking licenses.

The agency will target dormant businesses in addition to unscrupulous operators.

There are lots of businesses that do not use their licenses for different reasons. In the best-case scenario, it arises because a firm works as a distributor of an e-money institution or an operator of a payment institution, and, in fact, it does not use its own license. In the worst-case scenario, a corporation employs a “halo effect’ of regulation by leveraging its license to ensure that its uncontrolled activities appear more trustworthy.

The FCA will be more proactive in pursuing a ‘use it or lose it’ strategy by terminating licenses of regulated enterprises that have not begun to carry out regulated practices within 12 months of approval.

V. More transparency from Businesses

The FCA aims to share more information on businesses it regulates, ensure that customers have adequate data to support educated decisions, and reward businesses to enhance their behaviour. The information should include regulatory data previously unavailable to the public, including Financial Ombudsman Service claims and sustain rates. It should be anticipated that FinTech will need to increase its transparency. For example, banks, even neobanks such as Monzo and Starling, are currently forced to share their complaints information, and these requirements are to be applied to P.I.s and EMIs.

Cyber risk is among the most prominent concerns facing the financial services industry today. Following high-profile events like the Equifax leak and the WannaCry ransomware outbreak, G20 finance ministers and central bank governors recognised in March 2017 that cyber risk could potentially disrupt the financial system on a global scale.

As a response, authorities focused on how cybersecurity affects operational resilience. A working group on operational resilience was established by the Basel Committee on Banking Supervision in 2018 with the ultimate aim of “contributing, among other things, to the worldwide effort linked to cyber-risk management.”

The U.K. Financial Conduct Authority (FCA) launched a consultation on several ideas in December 2019, intending to enhance operational resilience within the U.K. finance industry. A couple of months after, the COVID-19 pandemic struck, putting operational resilience under unprecedented stress as cybercrimes in the financial industry rose by 238%.

On March 31, 2022, new FCA rules on operational resilience finally went into effect after a protracted period of consultation, input, and writing. The decision was made at the perfect time, given the growing risk that the cyber threat poses. But it didn’t seem to receive much attention from industry experts, which suggests that many businesses might still be unprepared for the transition.

Now, what does this new regulation cover, and what are the steps that businesses can take to comply with it?


The new Operational Resilience Framework covers banks, investment firms, insurers, building societies, Electronic Money License, Small Electronic Money Institutions, Payment Institutions, Small Payment Institutions, Payment Initiation Service Providers (PISPs) and Account Information Service Providers (AISPs) in the United Kingdom.

As per this regulatory framework, businesses must have finished several tasks, such as identifying “important business services,” establishing “impact tolerances for the maximum tolerable disruption to these services,” and performing “mapping and testing to a level of sophistication necessary to identify important business services, set impact tolerances, and identify any vulnerabilities in its operational resilience” before March 31, 2022. They have three years from that point to guarantee they will always stay within their impact tolerances. After this date, companies seeking authorisation should be prepared with the FCA Operational Resilience Framework Assessment. The deadline for ensuring they stay within their impact limits is March 31, 2025.

In order to build a compliant framework and conduct a resilience assessment, you can follow below simple steps outlined by breaking down the FCA operational resilience framework requirements.

STEP #1. Identify Key Business Services To Ensure Operational Resilience

Regulated companies must recognise crucial business services in the context of their business models per the operational resilience framework FCA criteria. To accomplish this, establish a list of all your services and mark those that must never be interrupted because doing so could affect your clients in intolerable ways or even the U.K. financial system as a whole.

You should consider what might happen to your customers in the short term if the service is unavailable in order to comprehend the levels of harm to consumers that you cannot allow.

For instance, if you offer e-money services to customers who rely on your company as their major provider of payment services, their agony may be greater if the company’s payment card is unavailable than if the currency exchange service is unavailable. It’s crucial to determine whether a particular customer base is more vulnerable than the other, so you should consider this when assessing your customer base. Similarly, you should consider which services may be disrupted and whether doing so could endanger the U.K. financial system’s soundness, stability, or resilience or the efficient functioning of the financial markets.

STEP #2. Recognize How Business Services Can Fail

When a consumer cannot access it or utilise it properly, it is not operational (i.e., it fails). You should make a list of all the processes and potential failure areas that apply to a particular service in order to understand better how it can go wrong. In order for the service to be operational, you also need to determine the human, financial, informational, and technological resources required.

For instance, you have determined that the business service of making payment transfers—e.g. GBP transfers through Faster Payments—causes consumers unacceptable damage if it fails. This service could fail in a variety of ways, some of which are within your control and others of which are not. You might, for example, lose access to a PSP’s API that gives you access to Faster Payments. Another scenario is when your customers cannot access their payment accounts to place a payment order if you solely offer digital payment services. If you only have a smartphone application, it’s possible that your service won’t function if the software (which might be an Android or Apple app) is unavailable because it acts as a single point of failure. However, if your web app is active, it might imply that your payment transfer service is still functional.

STEP #3. Set Impact Tolerance Level

You should pinpoint the stage at which a significant service failure would negatively impact customers in a way that could not be modified or impair the integrity of the U.K. financial industry. As a result, you should know how long you can put up with the service being unavailable.

For instance, a PSP that does not offer a payment card service may believe that if its payment processing service is unavailable for longer than six hours, the harm to its clients is unacceptable, whereas a non-bank PSP that provides a payment card service may believe that if its money transfer service is unavailable for longer than 24 hours, the damage to customers is significant.

Consider the quantity and types (such as vulnerable clients) of your customers who are impacted, their monetary damage, consequences for their lives, their information impacted, your monetary and reputational losses, as well as your impact tolerance when determining what constitutes intolerable damage to customers (critical if your losses might 9impact your ability to provide services or negatively affect the U.K. financial market).

STEP #4. Maintain A List of Methods That Should Be Followed to Prevent, Adapt, And Handle Business Interruptions

After considering numerous failure scenarios for your critical business service, you must decide what steps to prevent each one from occurring. Consider the steps you may take to correct the failure and adjust to it as well. To repair them, you must recognise the human, financial, informational, and technological resources required.

The U.K. FCA operational resilience requirementsRemember to check that your response and recovery scenarios match reality. Note that the only company that can successfully manage service interruptions is prepared in advance. In principle, you could accept payment instructions over the phone if your money-transfer software isn’t working. However, in reality, if you do not even equip your staff on how to take payment instructions over the phone, they won’t be able to do it in case of a service interruption.

Ensure that your company can always stay within the impact tolerance limit by completing the FCA Operational Resilience Framework Assessment. If the FCA audits your company and the tolerance level for money transfer service is six hours, you must demonstrate to the FCA how you plan to ensure that, in the event of an outage, customers won’t be impacted for longer than six hours.

As a result, you or a hired third party should test out circumstances as well as your preventative, adaptability, and problem-solving strategies. As stated in the FCA Operation Resilience Framework policy statement, remember that your resilience must be demonstrated in actuality, not only in concept. Real-world simulations frequently reveal residual hazards and resilience gaps that you may solve.

Important to note that you are entirely accountable for any third parties you use to deliver your services (such as an EMD Agent) and that your operational resilience planning must consider this. Dependent on your interactions with these third parties, you can need them to carry out their own FCA Operational Resilience Framework Assessment or to be considered for inclusion in your firm’s assessment.

STEP #5. Establish Communication Strategies

To lessen the damage inflicted by critical business service failures, you must have internal and external communication methods that can be implemented swiftly and efficiently. You must be prepared to contact the appropriate parties and use the appropriate channels during operational disruption. A thorough escalation procedure and a call tree should also be in place. The FCA also advises considering vulnerable consumers in advance and determining whether you need unique communication techniques to meet their needs.

STEP #6. Develop A Procedure That Enables You to Gain Knowledge From Mistakes And Enhance Your FCA Operational Resilience Framework

In addition to testing your FCA Operational Resilience Framework, a procedure should be in place to ensure that after an operational risk materialises, you would assess your FCA Operational Resilience Framework, taking into account how your company was able to respond to disruption and update the framework.

STEP #7. Do Your Own Research and Review the FCA Operational Resilience Framework

You should review the operational resilience framework you developed at least once a year to see if anything was missed and to take into account any changes to your business model, such as the addition of new services, the use of new software or any other third parties to whom you may outsource specific tasks, the substantial modification of your current service, or alterations to the characteristics of your clientele (e.g., during the last year you could onboard more vulnerable customers).

How can COREDO help you?

If you are in need of professional advice in developing businesses and ensuring regulatory requirements compliance, we have the appropriate consultants for you who can help. You may view the services that we can offer through this link: 

Is the inadequacy or unavailability of any plausible progress in achieving a fundamental agreement with the European Union before the conclusion of the transitional phase on December 31st, 2020, the primary challenge in the United Kingdom’s financial industry? Without a second thought, ever since Brexit, the pandemic caused by CoronaVirus has hindered the development and expansion of Financial technology in London, United Kingdom.

Out of all the European nations, London, which has long been a favourite for the formation of potential Financial technology unicorns, has continued to suffer the most.

Research and studies were conducted on recently authorised and operational payment systems and electronic money institutions (or EMI), small Application Programming Interfaces (or APIs), small EMIs, and Account information services (AIS). Payment initiation services (PIS) authorised institutions in the European Union (EU) from August 2017 up until August 2020 to learn more about what is currently taking shape in the industry.

A EUCLID database, or European Centralised Infrastructure for Supervisory Data, was used for the research. In the mentioned database, the strategy is for the platform to interpret data developed and utilised by the European Banking Authority (EBA) to collect and analyse various financial companies’ regulatory sets of information. It was therefore concluded that in 2017-2018 there were one thousand two hundred twenty-two (1,022 ) ultimately authorised enterprises; in 2018-2019, there were one thousand one hundred and eight (1,108) freshly certified corporations; and in 2019-2020, the number plummeted to five hundred and seventy-eight (578), a shocking forty-three percentage (43 %) decline for licenses and permits of financial technology in the European Union.

Summary of the data on the evaluation and approval of FinTech institutions in the United Kingdom and the European Union both before and after Brexit

Number of newly authorised/registered and operational PSPs in Europe

Fintech, London and Brexit. Is London about to lose its place as the capital of FinTech in Europe

The pandemic brought by CoronaVirus caused a sharp decline in the Gross domestic product (GDP) across Europe, and the pressure on the payment systems industry with a number of emerging payment and electronic money institutions duly authorised historically in 2017 to 2019 were the leading causes of such a significant decrease in new authorisations in 2019 until 2020.

These figures on FinTech authorisations in Europe clearly show that the United Kingdom is the biggest loser. From 2019 to 2020, there were approximately fifty-four percent (54 %) fewer new authorisations in the United Kingdom than there were in the rest of the EU. It was observed that the UK’s share of new authorisations within the EU decreased from fifty-six (56 %) in 2017 to 2018 to thirty-four percent (34 %) in 2019-2020, when we started to look at the percentage of new payments and electronic money institutions legally authorised in 2018 to 2020. There is no absolute doubt that this was not due to CoronaVirus.

United Kingdom’s share of freshly authorised and active EU PSPs

Fintech, London and Brexit. Is London about to lose its place as the capital of FinTech in Europe

Only after the UK represented approximately half, or about fifty percent (50%) of all payment and electronic money (and several other forms of PSP) institutions licensed in the country, however as of August 2020, the United Kingdom’s share is just 31.59% out of 3,843 authorised PSPs. There has been a definite trajectory of a decrease in the UK proportion of incoming licenses and permits of Financial technology institutions throughout Europe. In three years, London’s contribution has plummeted by a staggering thirty-nine percent (39 %).

Time to discuss Brexit and London FinTech

With the unsatisfactory UK-EU trading negotiations findings, something off cliff Brexit is becoming increasingly likely with each passing day, and apart from the inevitable loss of foreign passporting rights, there are other essential aspects to consider:

  • There are nevertheless serious worries that UK financial intermediaries, payment organisations, and electronic money institutions could very well end up losing their involvement in SEPA clearing of SCT, SCT Instant, and SDD even though European Payment Counsel informed its UK participants in the spring of 2019 that they could continue participating in SEPA regardless of what happens of the Brexit agreement on trade-related negotiations.
  • The popular Temporary Permission Regime, which allows European businesses to register and request short-term permission to conduct business in the United Kingdom, will re-open on September 30th, 2020, according to Financial Conduct Authority (FCA). It is still unknown whether the European Union or specific EU member states will implement a similar temporary permission regime for London Financial institutions following Brexit. As of the date of this posting, a few participating countries (such as Poland, Germany, Sweden, France, and Italy) have each passed legislation at the government level that permits access to the common market of specific financial offerings (predominantly wholesale, like making trades in derivatives), though in the occasion of an unfavourable Brexit.
  • United Kingdom’s opinion on the matter after the transitional deal sides makes one wonder. Data security is one of the significant risks, and the Court of Justice of the European countries recently ruled that the United States’ data security standards are not comparable to those of Europe. This decision prohibited information exchange from Europe to America based on the EU-US Privacy Shield. It will actually impact, for example, a European Union firm delivering services in the country beneath the Temporary Permission Regime, given that it will be controlled all at the same by the native country supervisory authority and the FCA. Numerous financial technology enterprises depend on United States IT giants supplying information technology services. In this scenario, which data security framework (EU, UK, or both) should apply to these corporations’ UK consumers’?
  • Will the EBA’s current Strong Customer Authentication and other regulatory technical specifications remain applicable to European businesses operating in the United Kingdom under the Temporary Permission Regime and UK-authorized companies?
  • Regarding the bilateral agreement, the EU attempts to prevent any accord requiring confirmation by the legislative bodies of participating countries. A comprehensive joint venture transaction could be controlled, guaranteeing that certification will be necessary just by the European Parliament and United Kingdom Government. The conclusion of October 2020 is anticipated to be the most likely target date for reaching this consensus. Unless this is accomplished, it is highly improbable that it will be signed into law in time for December 31st, 2020. Nonetheless, in any instance, quite an arrangement would not immediately enable single market access for enterprises that are delivering customer-centric financial services. A whole other alternative choice for the finance industry may be the commission’s particular circumstance mechanism under the known “equivalence regime” (which makes it look at the purpose and impact of the laws and regulation of non-participating states instead of literal imitating) having allowed for the stipulation of some of these offerings to the EU from non-EU countries and vice – versa. Nevertheless, for the similarity to be valid, such a provision must be included in the European legislation governing the specific category of offerings. In this respect, the UK will try to convince the EU Parliament to change just several guidelines for them to allow for the use of equivalence as a basis for argument. Even this final option has limitations because the equivalence determination may be revoked at any time and because, like the trading relationship, it is likely to be unsuccessful for retail financial institutions.

Effects on the FinTech industry in the EU and the UK

It is apparent that significant financial technology enterprises both in the United Kingdom and European Union have already secured additional authorisations, whether in the EU or UK correspondingly. Unfortunately, most medium-sized and small-sized payment and electronic money institutions across the UK and EU countries have still not attained the off-the-cliff Brexit.

Fintech, London and Brexit. Is London about to lose its place as the capital of FinTech in EuropeThe timetable of the trade deal negotiations sounded ambitious back in the year 2017, and able to look back now from Covid – 19 toughest-hit European countries; it seems most unrealistic today. The sectors of the economy of the UK and the EU are so intertwined and dependent on one another that it seems impossible to dismantle what has been built over nearly fifty (50) years in an orderly fashion.

Payment and electronic money institutions in the UK and the EU should obtain the necessary rulings and regulatory authorisations in either the EU or the UK as an endorsement of the transitional phase beyond December 31st 2020, is highly improbable. This will help these institutions avoid political uncertainty and regulatory restrictions and maintain compliance throughout these challenging times for the industry.

You can schedule a free initial consultation with COREDO experts to get guidance on regulatory licenses and permits in either the EU or UK if you are a FinTech company beginning to wonder how to remain in business in either the EU or the UK (London) after Brexit while remaining compliant with the regulatory requirements.

Since its introduction in late parts of 1990, the utilization of electronic money, or e-money was seen to increase with an exponential growth. This is evident on Figure 1 below:

Beneath the Surface of Banks versus Electronic Money Institutions

One particular scenario was in the United Kingdom, having four percent (4%) of the country’s adult customers to use e-money as a payment method. Statistically, this is a three-percent (3%) increase as evaluated by the Financial Conduct Authority (FCA). Although this is a growth in nature, evidence shows and suggests that it is possible that most of these users do not really know that they are paying through electronic money, and they have minimal knowledge in differentiating e-money and deposits – and that of Electronic Money Institution (EMI) versus Bank, as a whole – regarding the security they are privileged with when it comes to the issuer’s inability to pay off debts.

The Financial Conduct Authority noticed this not long ago, and realized that they needed to publish an official letter to the Chief Executive Officers (CEOs) of existing EMIs requiring them to be straightforward in educating their customers and clients about the difference between the mentioned methods.

Because of this issue, it is just right to provide more information about the topic and that is through this article. We will provide clarifications on the difference between deposits and electronic money from the customers’ point of view considering how traditional banking institutions and EMIs utilize and protect the customers’ funds and where these funds are being kept. Now, we can say that the EMI versus bank difference in terms of their balance sheets may be the deciding factor between e-money and deposits.

For those who have deposits and electronic money funds, and the EMIs, both established and new players in the e-money market, should find this article to be enlightening.

Who are the issuers of deposits and e-money?

The creation of an obligation (such as a debt) on the issuer’s balance sheet is the common understanding of issuance. Similar to how an institution that issues corporate bonds has a debt obligation on its balance sheet, an individual can have a mortgage loan liability, or a debt to the bank comes twenty to thirty years in time, whether they are aware of it or not. Deposits and electronic money are issued by the same entities that issue all other financial products.

Further, deposit issuance, frequently known as “acceptance,” is a tightly controlled operation mostly limited to financial institutions. According to the study by the European Banking Authority (EBA) in 2014 entitled “Report to the European Commission on the perimeter of credit institutions established in the Member States”, understanding that just a number of credit companies provide deposits are essential, and the same goes with the concept that just a number of credit companies issue deposits.

Regarding the first conception, certain credit companies are considered “credit institutions” even when they do not offer deposits but issue “other repayable funds” and give credits on their own funds.

Regarding the second conception, post office giro institutions (POGIs), usually referred to as “postal banks,” are a suitable example because several of them are known to be able to take deposits. This is according to the Article 1 (2) of Regulation (EU) No 1074/2013 and EBA in 2014, although they do not meet the criteria of being a “credit institution” in many nations.

Full-service banks, lending institutions, mortgage banks, savings banks, and post office savings banks are some firms that make up the European Union’s credit institutions sector. In Figure 2 below, you can see how each country contributed to the total number of legal institutions or entities (on the left) and assets (right).

Beneath the Surface of Banks versus Electronic Money Institutions

The types of companies that carry out electronic money issuance are more varied than those that carry out deposits. Electronic money providers are listed below:

  • Electronic Money Institutions, or EMIs;
  • Credit institutions (that is, banks);
  • Post office giro institutions (also known as “postal banks”, such as the Post Office in the United Kingdom); and
  • Countries’ central banks and public authorities at times when they are not serving as either a monetary authority or other public authority.

The larger parts of e-money sector are actually issued by credit institutions, which are a subset of monetary financial institutions (MFIs), as seen in Figure 3:

Beneath the Surface of Banks versus Electronic Money Institutions

To put it in another way, as of right now, sight deposits and electronic money coexist on the liabilities side of the balance sheets of credit institutions.

For several instances, organisations that may have initially qualified as Electronic Money Institutions are ultimately given the deposit-taking license, joining the monetary financial institutions’ industry.

Revolut Ltd. is one illustration of this, since it has used its banking license from Lithuania to provide protected deposit accounts in Bulgaria, Croatia, Cyprus, Estonia, Greece, Latvia, Malta, Romania, Slovakia, and Slovenia but not in the United Kingdom, where it still conducts business as an EMI.

Bank versus Electronic Money Institution: A Balance Sheet Comparison

It is required to first eliminate a common misconception about the nature of a current account to be able to recognise the distinction between the mentioned financial products and the subject of Electronic Money Institution versus Bank.

Following a poll done in Austria in 2020, sixty-eight percent (68%) of the two thousand (2000) survey participants think that bank savings and currency are guaranteed by gold. In 2009, a different study of two thousand (2000) Britons found that seventy-four percent (74%) of participants believed they were the rightful owners of the funds in their current account.

Both concepts are demonstrably untrue. Legal literature has long recognised that bank deposits are really loans to banks. In this sense, the word “deposit” might be deceptive since it implies relatively secure supervision, disposition of property, or reliance.

However, the deposit contract is often written such that the bank does not retain the depositor’s cash in custody; the monies are not set aside or designated. Instead, the bank is free to utilise the money however it sees fit and to mix (that is, commingling) them with its own funds as long as it returns the same amount to the depositor. That seems to be, the contrast between an electronic money institution and a bank is where the matter eventually comes down to.

As a result, when a depositor places funds in a bank, that individual is not the actual proprietor of that money. They are only one of the many customers the bank is in debt to.

The money a person has in an account with a creditor is the money that the company owes that person. It gives you a guarantee to pay it back, and that assurance is what our culture refers to as “money”.

Let us now look into the perspective of Electronic Money Institutions, or EMIs. In this respect, they are rather comparable since electronic money is both a credit claim made by the holder against the electronic money institution and a debt obligation made by the institution to the electronic money account holder. For efficient purposes, society is considering electronic money to be comparable to deposits from banks since both are utilized as payment methods for their purchases. The Electronic Money Institution guarantees to reclaim or move the money being demanded, just like how banks do it.

Looking at another crucial part of the industry, bank deposits and electronic money differ in one another, and the cause is how lending companies and electronic money institutions permit their balance sheets to be set up.

The unique characteristic of lending firms versus Electronic Money Institutions can be seen on the concept that even though lending firms can be mix the accounts provided by their clients with the companies’ own money, and even use both for their benefit (such as granting loans on their own funds), EMIs are required to separate their companies’ funds’ to that of their customers’, hence, keeping them segregated. Yes, Electronic Money Institutions can get a hold off their customers’ funds, nonetheless, they are not allowed to use it for their own objectives aside from pure business transactions like those that involve issuing and claiming of electronic money.

Meaning, in real life scenarios wherein banks keep one pound (GBP 1) in account (that is money reserves in central banks, or “nostro” account balances with other banking firms) for each ten pound (GBP 10) of electronic money debts (or usually noted as Fractional reserve banking, which means that a bank are permitted to use funds that would be unutilized or stagnant in order to gain profits through interest rates on new credits), Electronic Money Institutions should safeguard ten pound for each issued GBP 10 electronic money liabilities (in this case, they are required to keep a constant one is to one proportion or “parity”). This ruling is based on Articles 21 and 22 of The Electronic Money Regulations 2011 and Article 7(1) of Directive 2 Articles 21 and 22 of The Electronic Money Regulations 2011 and Article 7(1) of Directive 2009/110/EC009/110/EC.

In addition, contradictory to lending institutions in terms of deposits, Electronic Money Institutions are not permitted to allow loans from the accounts accepted in trading for e-money, and in case they do so, it should be a support and allowed only for those whose connected in performing the actual payments. This is stated in Article 32(2) of The Electronic Money Regulations 2011 and in Article 6(1) of Directive 2009/110/EC).

The explanation could be more understandable when you look at and compare the balance sheets of Electronic Money Institutions (on Figure 4) and credit firms (on Figure 5). A more restricted balance sheet is visible on EMIs’ than that of credit institutions’. It is required to have a parity to be maintained between electronic money obligations and safeguarded assets and this will bring them forth a lesser space for having other entries on the company’s balance sheets.

Beneath the Surface of Banks versus Electronic Money Institutions

As previously stated, for each one pound worth of electronic money issued to clients, they must keep one pound in assets that are safeguarded and segregated from their company’s account. Usually, Electronic Money Institutions maintain protected accounts across other lending companies or even central banks and sometimes invest in a more liquid asset. It is also highly probable that there are instances wherein they utilise insurance to safeguard funds. Such a strategy is more known as “PSD Bond”.

Taking in the fact that by law, lending companies are permitted to allocate money from their customers, that amount can be utilised to fund more loans and can exit the banks, and are even replaceable by greater-yielding assets such as loans (such as transactions from banks, receiving deposits and payment of deposits at a lower rate than what they normally charge their lenders on credits). Figure five (Fig. 5) below is an illustration of what a balance sheet of a credit institution may look like:

Beneath the Surface of Banks versus Electronic Money Institutions

In opposition to the situation of Electronic Money Institutions, the money owed by credit institutions to their creditors are largely supported by less liquid loans and just a minimum of liquid assets. Without any special support from the central bank, banks would not be able to fulfill their pledge to restore customers’ money even if they wanted to urge their banks to do so (letting them borrow reserves from central banks or cash from vaults on large amounts of volumes and more flexible terms).

On another note, Electronic Money Institutions have enough money on hand to cover a hypothetical unexpected demand for money withdrawals or transfers from all of their clients.

Here, things get a little more difficult because of where Electronic Money Institutions keep the money. The answer is, frequently, credit institutions (or banks) do not maintain an exact matching amount in funds that are similarly liquid (say for example with the central bank). The question of whether a client would lose the money stored in their electronic wallets if the bank where the Electronic Money Institution stores its secured cash failed is a source of significant debate (that results in insolvency).

According to the assessment, those who own electronic money carry out to lose funds since the Financial Services Compensation Scheme (FSCS) does not apply to deposits made by financial institutions (including EMIs) with credit institutions (take into consideration that even if these deposits were protected, the protection would be ineffectual because they are only protected up to a maximum of eighty-five thousand pounds (GBP 85,000) and EMIs sometimes retain millions of dollars in client cash in pooled accounts.).

In any case, the fact that Electronic Money Institutions have all the funds necessary to meet a hypothetical unexpected demand from their clients in withdrawing or transferring money, and that in the event of being insolvent, these finances would be accessible to be dispersed to e-wallet owners, may help to partially describe in detail how it was that, in contrast to e-money, bank deposits are generally virtually assured by the country’s administration. The Financial Services Compensation Scheme (FSCS) in the United Kingdom provides depositor protection for sums up to GBP 85,000. This is again another distinction between a bank and an electronic money institution.

How about financial firms that print both paper money and electronic money? This is a somewhat uncommon matter, and not much has been published about it. According to the study, when credit institutions issue electronic money, separation restrictions are not applicable under United Kingdom legislation (neither, as was previously noted, when they make deposits) – they are solely applicable to banking institutions and electronic money institutions.

In the European Union (EU), not many banks issue electronic money, and their balance sheets are not well-documented either. There are several occurrences, though. Taking this as an example, studies have shown that the Luxembourg Commission de Surveillance du Secteur Financier (the “CSSF”) permitted PayPal to utilise thirty-five percent (35 %) of the cash deposited to be electronic money holders to give credit. PayPal has a banking license in Luxembourg but seems to issue e-money solely.

Researchers may imagine that the balance sheets of lending institutions that generate simultaneous deposits and e-money could resemble anything like this based on the scant data in Figure 6.

Beneath the Surface of Banks versus Electronic Money Institutions

Result of Debate: E-money versus bank deposits

While deposit and electronic money loans (a guarantee to reimbursement on trend) issued by lending institutions are supported by borrowings and, to a lesser degree, bunker cash and reserves with the central bank that the credit institution is, electronic money obligations (another promise to full payment on trend) issued by electronic money institutions are supported on the financial assets of their balance sheets by an equivalent size of funds secured by the electronic money institutions in funds with lending institutions.

However, debts or obligations are not liquid enough, and creditors can fail to pay back a debt according to the initial agreement (or default). Depositors are likely to lose revenue if a bank fails due to widespread loan defaults because they are general lenders to companies. When these two financial products are established by the identical business, the very same guidelines are applicable.

How can COREDO help you?

If you are a beginner in the industry or a current Electronic Money Institution and have questions about Electronic Money Institutions vs. Banks, you might wish to contact our team at COREDO. You may visit our website at

Additionally, we can assist you in comprehending the practical and legal facets of safeguarding, securing accounts, and the e-money issuing industry more broadly. We are here to guide you not just through the intricate licensing process for electronic money institutions but also to assist you in comprehending how to grow your e-money company.

A high-risk country: what is it?

High-risk countriesA high-risk country is a jurisdiction that poses a significant threat to the global financial system due to the fact that it does not sufficiently implement, or does not implement measures to counter money laundering and terrorism financing.

The information in this article applies only to the activities of companies registered and operating in the Czech Republic. At the same time, 90% of the information applies to other EU jurisdictions.

Section 9(1)(a)(3) of Act No. 253/2008 Coll., on Certain Measures against the Legalization of the Proceeds from Crime and the Financing of Terrorism, states that the countries that should be considered high-risk are those that are recognized as such by the European Union regulation or for any other reason.

The normative act which is directly applicable on the territory of the European Union is the Commission Delegated Regulation (EU) 2016/1675 of 14 July 2016 supplementing the Directive (EU) 2015/849 of the European Parliament and Council. It explains how and for what reasons a country may be listed as a high-risk country.

The Financial Analytical Office (FAÚ) also considers important the list of high-risk countries that has been compiled and published by the Financial Action Task Force on Money Laundering (FATF).

High-risk countries: lists

When determining whether a particular country is among the jurisdictions with a high level of risk to the financial system, it is recommended to be guided by the following lists:

FATF lists. This influential intergovernmental organization has created two lists:

  • a blacklist that includes high-risk countries that require a call to action. The countries on this list are characterized by serious AML/CFT deficiencies that pose a direct threat to the international financial system.
  • a grey list that includes countries under enhanced monitoring that actively cooperate with the FATF to quickly eliminate existing shortcomings in the field of AML/CFT.

The list of the European Commission, which in many aspects duplicates the mentioned FATF lists. It is annexed to Regulation (EU) 2016/1675 supplementing Directive (EU) 2015/849.

All these lists are mandatory for individuals and companies that are obliged to comply with the principles listed in the AML/CFT Act. They are encouraged to apply enhanced measures to customers originating from countries included in one of the mentioned lists.

The consolidated list of high-risk countries according to the FATF and the European Commission as of October 21, 2022 is as follows:

  • Afghanistan (AFG) – included in the list of the European Commission
  • Albania (ALB) – included in the FATF list
  • Barbados (BRB) – included in both lists
  • Burkina Faso (BFA) – included in both lists
  • Philippines (PHL) – included in both lists
  • Gibraltar (GIB) – included in the FATF list
  • Haiti (HTI) – included in both lists
  • Iran (IRN) – included in both lists
  • Jamaica (JAM) – included in both lists
  • Yemen (YEM) – included in both lists
  • South Sudan (SSD) – included in both lists
  • Jordan (JOR) – included in both lists
  • Cayman Islands (GYM) – included in both lists
  • Cambodia (KHM) – included in both lists
  • North Korea (PRK) – included in both lists
  • Mali (MLI) – included in both lists
  • Morocco (MAR) – included in both lists
  • Myanmar (MMR) – included in both lists
  • Nicaragua (NIC) – included in both lists
  • Pakistan (PAK) – included in both lists
  • Panama (PAN) – included in both lists
  • Senegal (SEN) – included in both lists
  • United Arab Emirates (ARE) – included in the FATF list
  • Syria (SYR) – included in both lists
  • Trinidad and Tobago (TTO) – included in the list of the European Commission
  • Turkey (TUR) – included in the FATF list
  • Uganda (UGA) – included in both lists
  • Vanuatu (VUT) – included in the list of the European Commission
  • Zimbabwe (ZWE) – included in the list of the European Commission
  • Democratic Republic of the Congo (COD) – included in the FATF list
  • Mozambique (MOZ) – included in the FATF list
  • Tanzania (TZA) – included in the FATF list

Act No. 253/2008 Coll., on Certain Measures against the Legalization of the Proceeds from Crime and the Financing of Terrorism, which is also often referred to as the “Anti-Money Laundering Act” or the “AML/CFT Act”, describes who falls into the category of politically exposed persons.

However, the definition given in this law can be interpreted in different ways, which sometimes causes certain confusion. In this regard, the Financial Analytical Office (FAÚ) issued Methodological Instruction No. 7 of November 22, 2022, with clarification as to who exactly can be called a politically exposed person. A specific list of government functions, which determines the inclusion of a person in the category of politically exposed persons, can be found on the FAÚ website.

The information in this article applies only to the activities of companies registered and operating in the Czech Republic. At the same time, 90% of the information applies to other EU jurisdictions.

Government functions and positions that allow a person to be classified as a PEP

In accordance with the information contained in Methodological Instruction No. 7, published by the FAÚ, the list of politically exposed persons includes:

  • Persons holding the highest government positions (the President, the Prime Minister, the Head of the Office of the President, the Head of Administration and his deputies, ministers and their deputies, members of Parliament, senators, etc.);
  • Heads and employees of the central bodies of the government administration (Czech Statistical Office, Czech Mining Office, Industrial Property Office, State Office of Material Reserves, Office of National Security, etc.);
  • Chairman and deputy governing bodies of political parties and political movements;
  • Heads of local authorities (mayors and their deputies, municipal secretaries, governors and their deputies, etc.);
  • Judges of the Supreme and Constitutional Courts;
  • Members of the board of the Central Bank;
  • Senior officers of the armed forces;
  • Heads of diplomatic missions (ambassadors, consuls general, chargé d’affaires, members of the European Parliament, etc.);

How can I tell if a particular person belongs to the PEP category?

Politically exposed person: who is itAccording to the generally accepted definition, the list of politically exposed persons includes persons who can potentially be involved in corruption and bribery due to their position and influence.

In order to determine whether a person falls into this category, it is necessary to be guided by both the Anti-Money Laundering Law and Methodological Instruction No. 7 from the FAÚ, as the legislative definition of politically exposed persons is limited to general phrases and does not provide an exhaustive list of state functions, performing which a person receives PEP status.

Separately, under section 4(5)(b)(1) of the AML/CFT Act, the category of politically exposed persons includes close relatives of listed individuals, as well as those who have a close business relationship with them.

Unfortunately, there are no lists of politically exposed persons., In each case, before making a transaction or starting a business relationship, obliged entities must determine whether a potential client / counterparty is among the PEP. Procedures to determine whether a person has PEP status are an essential part of the internal policy system of any company that is required to identify its customers. Each check should be carried out in full, and information about its results should be recorded in writing.

The procedure for determining the status of politically exposed persons: what is it all about?

For determining whether a person falls into the PEP category, it is recommended to:

  • conduct an online study using the national list of government functions and positions;
  • use paid online resources that help to identify politically exposed persons based on information from open sources (for example,;
  • receive a written application from the client/counterparty.

At the same time, it is important that a person is fully informed about the significance of the status of a politically exposed person in the context of the Anti-Money Laundering Act. Also, in terms of cooperation, it is necessary to write down the client’s obligations to notify them about the change in his position during business cooperation.

FAÚ’s Methodological Instruction No. 7 recommends using more than one of these techniques to check each specific customer.

What to do if the status of a politically exposed person is confirmed?

In such situations, individuals and companies legally required to conduct background checks on their customers must apply a specific procedure. It is provided for in section 9a of the AML/CFT Act and involves enhanced identification and control of the client. It is also mandatory to determine the sources of origin of funds of politically exposed persons.

FAÚ’s Methodological Instruction No. 7 allows obliged entities to divide clients with PEP status into groups with higher and lower f ML/TF risk levels. Accordingly, different control measures proportional to the risk may be applied to each group.

For example, an affidavit (written statement) from the client is sufficient for politically exposed persons with a low level of risk to confirm the origin of funds, while when checking clients with PEP status from a high-risk group, it is recommended to use other sources of information (for example, tax returns, bank statements, etc.).

It is also essential that Section 15(2) of the AML/CFT Act states that if a politically exposed person refuses to provide information on the origin of the funds or other assets used in the transaction, the obliged entity shall not cooperate with him in any way.

Consumers of payment services now have the comfort and a wide range of options thanks to FinTech’s widespread adoption and the expansion of the payments industry. However, progress most often results in the appearance of new hazards that are not properly anticipated at the outset. The insolvency of payment institutions (PIs) and electronic money institutions (EMIs) and the resulting impact on their consumers are two such hazards that have lately been recognised.

There is proof that the consumers are not well-served by the current insolvency procedure for PIs and EMIs. Consumers were denied access to their finances for extended periods and received lower payments after discounting the distribution costs in some notable administrative situations involving PIs and EMIs.

To address these problems, the Payment Institution (PI) and Electronic Money Institution (EMI) Insolvency Regulations were established last June 2021. This was developed with a specific administration regime to update the insolvency architecture for payment and e-money institutions in the United Kingdom.

Why was the Special Administration Regime Created?

The Payment Institution (PI) and Electronic Money Institution (EMI) Insolvency Regulations 2021 were primarily built based on the Investment Bank Special Administration Regulations (IBSAR) of 2011. This is given the fact that it is much simpler for authorities and insolvency practitioners to adopt a structure they are accustomed to. This helped create a standard special administration regime for the firms under the FCA’s supervision and streamline the UK’s insolvency architecture.

The special administration regime under payment institution (PI) and electronic money institution (EMI) insolvency regulationsHowever, the primary goals of the Payment Institution (PI) and Electronic Money Institution (EMI) Insolvency Regulations 2021 varied from those of IBSAR’s. The PI and EMI Insolvency Regulations 2021 brought the Special Administration Regime with three primary goals:

  1. To enable prompt recovery of relevant funds;
  2. To guarantee prompt communication with payment system administrators, the Payment Systems Regulator, the Bank of England, HM Treasury, and the FCA; and
  3. To save the organisation as a viable business or to close it down in the greatest advantage of the stakeholders.

The insolvency professional chosen to serve as the special administrator can choose which of these goals should be prioritised, but these all must be completed. When the FCA specifies that a specific goal must be prioritised, this general rule is subject to an exemption.

The FCA cannot set goals at whim and will always be required to act in good faith and the public interest, following consultations with the Treasury and Bank of England.

Who has the Authority to Initiate the Administration Procedure?

A judicial order can initiate the special administration. And for this to happen, a member of the parties involved should submit an application. According to Regulation 8 of the Payment Institution (PI) and Electronic Money Institution (EMI) Insolvency Regulations 2021, the application can be submitted by:

  1. the institution itself;
  2. directors of the institution;
  3. creditors of the institution;
  4. person liable or alleged to be liable to contribute to the assets of the institution in the event of its being wound up;
  5. a combination of the aforementioned parties;
  6. the Financial Conduct Authority (FCA); or
  7. the Secretary of State.

The grounds for a judicial application will vary depending on the type of applicant. In general, these can be characterised in three types:

  1. the institution is, or is likely to become, unable to pay its obligations fully,
  2. a special administration order would be fair and just, or
  3. putting the institution into administration would be beneficial for the general good.

The first six parties mentioned above may submit an application using grounds a and b, i.e. the institution’s inability to pay its obligations or fairness. Meanwhile, the Secretary of State may apply the institution into a special administration under the grounds of b and c, i.e. fairness and public interest.

As previously mentioned, Payment Institution (PI) and Electronic Money Institution (EMI) Insolvency Regulations 2021 were created in accordance with the IBSAR, which also uses the term “fairness” and, in both instances, denotes a more concise version of the phrase “just and equitable”, as stated in Banking Act 2009 section 93 (8).

This issue was brought up during the HM Treasury’s consultation, where it gave assurances that the court would assess what is fair, minimising any potential negative implications for the institutions that are still operating as going concerns. PIs and EMIs in the United Kingdom should not be very worried about such trifles since courts are required by law to determine what is fair and what is not.

How are Asset Pools Defined?

According to the Payment Services Regulations of 2017 (PSRs) and the Electronic Money Regulations of 2011 (EMRs), both payment and e-money institutions, both known as “relevant funds”, are subject to strict security measures regarding the assets of their clients.

Assets that are classified, deposited into an account, accepted in an account, or acquired in compliance with the EMRs or PSRs, as well as any proceeds from an insurance policy or guarantee that are kept in an account in accordance with the EMRs or PSRs, are included in the asset pool.

For electronic money institutions, relevant funds are those that have been collected in return for electronic money that has been released. Meanwhile, for both payment institutions and electronic money institutions that provide payment services unrelated to the issuance of electronic money, relevant funds include:

  • sums acquired from a payment service consumer or for their benefit in order to execute a payment transaction; and
  • sums received from a payment service provider in order to execute a payment transaction on the consumer’s behalf.

The special administration regime under payment institution (PI) and electronic money institution (EMI) insolvency regulationsAs stipulated in the Payment Institution (PI) and Electronic Money Institution (EMI) Insolvency Regulations 2021, the administrator shall do a reconciliation as soon as possible after being appointed following the procedure used by the institution the last time it performed a reconciliation.

Reconciliation entails determining if the overall amount of relevant funds that a payment institution or electronic money institution must protect matches the total amount of relevant funds being protected. The institution’s record and statements as they appeared right after the previous reconciliation must serve as the foundation for the reconciliation.

This reconciliation procedure under the special administration regime aims to find potential excesses or shortfalls in the asset pool and reconcile them against the institution’s own financial account.

Furthermore, any shortfall in the asset pool that the administrator determines and cannot be covered by a deduction from the institution’s assets must be shared pro rata by all clients for whom the institution maintains the necessary amounts within the asset pool.

Additionally, in the case of e-money institutions that offer both payment services associated with electronic money and payment services unrelated to electronic money issuance, the administrator is not permitted to counterbalance any shortfall in one asset pool against any relevant funds or financial assets in the other. This entails that the asset pool of unrelated payment services cannot be utilized to make up a shortage in the asset pool made up of funds related to the issuing of electronic money, and vice versa.

Bar Date under the Special Administration Regime

The administrator may choose to set a “bar date” in order to provide the relevant funds to the institution’s clients as soon as is practical.

A bar date is a date by which creditors must file their claims. Without it, the administrator may have to wait a long time before they can actually pay claims. Under the bar date mechanism, the administrator can issue distributions based on relevant fund claims acquired by a certain date.

The administrator can set up two different kinds of bar dates: final bar dates, sometimes known as “hard” bar dates, and intermediate bar dates. Consumers must be provided enough period after the notification has been issued to estimate and file any monetary claims before the bar date.

Without the court’s permission, which it will grant when the administrator requests, the administrator may not set a hard bar date. The court may only grant permission to set the hard bar date in situations where:

  1. it is determined that the administrator has done everything within its power to locate and get in touch with anyone who might be eligible for the recovery of the relevant funds; and
  2. it believes that if a hard bar date is established, there will be no chance for the administrator to accept claims for the recovery of relevant funds after that time.

In summary, the placement of the hard bar date takes into account the general interests of consumers of the payment or e-money institution in question and that the Payment Institution (PI) and Electronic Money Institution (EMI) Insolvency Regulations 2021 stipulates specific guidelines to avoid potential late claimants.

Continuity of Services under the Special Administration Regime

The Payment Institution (PI) and Electronic Money Institution (EMI) Insolvency Regulations 2021 demand that services that are necessary for effective administration should be provided continuously.

When an institution becomes an administration, payment to any unpaid fees owed by the institution that was accrued before the date of administration cannot be made a requirement by the supplier.

The special administration regime under payment institution (PI) and electronic money institution (EMI) insolvency regulationsTherefore, if any charges were not fully compensated before the administration started, the main supplier will have to keep supplying the services or should not stop doing so because of the non-payment. The continuity of service for the below services is specifically mentioned under the special administration regime:

  • services relating to the protection of relevant funds (such as the provision of a bank account for relevant funds or insurance guarantees);
  • computer hardware or software used by the institution;
  • financial information and business statements;
  • infrastructure enabling digital communication services
  • data processing and data warehousing
  • secure information networks offered by an accredited network provider; or
  • access to a relevant system by a sponsoring system participant.

However, this does not mean that the providers of the aforementioned services have no chance of ceasing their services to the institution in the administration; rather, there are a few circumstances in which they are permitted to do so. The supplier is allowed to stop services under below scenarios:

  1. any costs that were accumulated after the date of administration remain unpaid for more than 28 days;
  2. the administrator permits the termination of the service; or
  3. the supplier has the permission of the court, which may be provided if the supplier can show that the continued provision of the supply would cause the supplier to suffer hardship.

It goes without saying that the administrator dealing with the institution that is covered by a special arrangement must ensure that it will have a chance to assure the return of the cash to the clients, which is why the aforementioned constraints are put in place. Such limitations on the suppliers are required for these problems, the HM Treasury stated directly in its explanatory document devoted to the Payment Institution (PI) and Electronic Money Institution (EMI) Insolvency Regulations 2021.

Transfer Arrangements under the Special Administration Regime

An administrator may organise for the transition of all or a portion of the payment or electronic money institution’s business to another institution in order to pursue objective 1 (i.e to enable prompt recovery of relevant funds) and, in some cases, concurrently pursue objective 3 (i.e. to save the organisation as a viable business or to close it down in the greatest advantage of the stakeholders). However, according to the Payment Institution (PI) and Electronic Money Institution (EMI) Insolvency Regulations 2021, the administrator is prohibited from conducting a transfer agreement unless the below requirements are satisfied:

  1. The agreement contains any clauses that the administrator deems essential to guarantee that the users or holders of the relevant funds that are to be transferred will be able to exercise their rights in relation to those funds as soon as is reasonably practical following the transfer;
  2. The institution has secured a contractual agreement from the transferee to protect both the relevant money that will be transferred and any additional relevant funds of users; and
  3. The institution has secured a contractual agreement from the transferee to inform the customers, any dealers, and/or distributors within a period of 14 days starting on the day the arrangement is entered into.

Significantly, in accordance with regulation 27, agreements with consumers, agents, and/or distributors will be seen as having been made by the institution to which they are transferred rather than the institution that was in administration, immediately following the transfer.

When an institution is fully or partially transferred and meets the criteria, the Payment Institution (PI) and Electronic Money Institution (EMI) Insolvency Regulations 2021 give the authority to disregard customer, agent, and distributor consent requirements. This includes the requirement that the institution transmits all pertinent cash, along with all rights and obligations arising from associated payment or electronic money institution contracts. As a result, for the parties involved, the transfer arrangement will have the effect of novating the aforementioned agreement.

How can COREDO help you?

If you are in need of professional advice as an existing EMI client or a new individual in the field, we have the appropriate consultants for you who can help. You may view the services that we can offer through this link: 

The Financial Conduct Authority (FCA) has recently decided to establish new consumer duty rules and guidelines in response to multiple cases of customer mistreatment from financial service organisations. These are intended to drive and allow competition based on high standards, with consumers serving as the key component of a conforming financial services

The FCA has announced that these new consumer duty regulations have already been finalised and will take effect for all new, current, and up-for-renewal products and services on July 31, 2023. Beginning on July 31, 2024, it will also apply to closed products (i.e., off the market) that the client purchased before the new regulations went into effect. In any scenario, the electronic money institutions (EMI) and payment institutions (PI) must develop a plan by the end of October 2022 for how the consumer duty will be applied through the deadline in July 2023.

The New Consumer Duty Regulations

We must examine the initial considerations for the new FCA consumer duty guidelines in order to comprehend what these are. The FCA stated that it has observed evidence of activities that hurt consumers, including businesses supplying information that is presented in a misleading or complex manner, making it challenging for customers to evaluate the product or service accurately. This was notable given that Principles 6 and 7 from the FCA Handbook’s PRIN obliged firms to give consumers’ interests and information needs significant consideration.

This prompted the FCA to establish a broad, outcome-based obligation with the consumer’s interests at its centre. The FCA consumer obligation is made up of three essential parts:
The Financial Conduct Authority Introduces New Consumer Duty Rules

  1. Consumer Principle
  • The new Principle 12 of PRIN which outlines the general level of conduct anticipated by the companies and mandates that they operate to generate favourable results for retail clients.
  1. Cross-Cutting Rules
  • Set of guidelines that require businesses to:
    • act in good faith towards retail customers;
    • ensure to set in place precautionary measures on any foreseeable harms to consumers; and
    • allow and assist retail clients in pursuing their financial goals
  1. Four Outcomes
  • A set of guidelines and standards defining more specific requirements for business behaviour in below four areas that correspond to the core components of the business-consumer connection:
    • the governance of products and services;
    • price and value;
    • consumer understanding; and
    • consumer support.

How the Principles 6 and 7 connect with the new Customer Duty Rules

As previously mentioned, Principles 6 and 7 already discussed client interests and information demands. The logical question that follows is how these concepts connect with the new FCA consumer obligation regulations.

The current Principles 6 and 7 will not apply to any new emerging customers. Instead, they work better together than separately because the new customer duty rules are outcome-based, although they have a similar concept to Principles 6 and 7. The FCA’s expectations for business behaviour are reflected in the new Principle 12, which places the client’s interests at the centre of all endeavours.

Scope of the new customer duty regulations

What Defines as a Retail Customer?

Retail customers are defined as individuals, micro-entrepreneurs, nonprofits organisations with a revenue of not more than £1 million, and a single individual operating in a position as a trustee if working for reasons unrelated to their industry, organisation, or vocation when discussing the payments and electronic money market. In other terms, retail consumers are individuals who, in the context of conventional payment/electronic money goods, might be seen as the weaker side, and to whom further legal representation must be provided.

What subjects to the new FCA consumer duty rules?

Authorised businesses engaging in ancillary operations are subject to the new FCA consumer obligation. This implies that if services are given in conjunction with regulated activities, even those services that do not necessarily fall under the FCA’s purview will be subject to the requirement. The most frequent illustration of an ancillary business in the electronic money and payments industry is currency exchange.

Unless the cryptocurrency company is also a licensed firm (e.g., an EMI and PI), the new FCA consumer duty regulations do not apply to cryptocurrency exchange and custody activities. Depending on whether the company involved has a direct connection between the crypto exchange and payment/electronic money services, that crypto-asset operations may be seen as supplementary. This might occur if the company sells payment cards connected to payment accounts that can only be topped off through cryptocurrency transfer and are regulated by the FCA as an EMI and crypto-asset exchange operator.

At what stage of the contact does the application of the consumer obligation regulations begin?

The new FCA consumer duty rule will begin to apply as soon as the company initiates communication with the potential customer (regardless of whether the potential customer becomes a customer) or the actual consumer. This can be summed up as below:

  • when authorising or declaring a financial promotion
  • when responding to a query from a potential client
  • when accepting an application from a potential client for a good or service
  • when addressing the customer.

How do the new consumer duty rules apply to distributors?

The Financial Conduct Authority Introduces New Consumer Duty RulesAll electronic money institutions (EMI) and payment institutions (PI) that significantly impact or control the outcomes for retail customers are subject to the new FCA consumer duty throughout the distribution process.

It means that the company will be compelled by the consumer duty and accountable for guaranteeing its conformance whether or not it is directly communicating with the client.

In actuality, this implies that the primary electronic money institutions (EMI) and payment institutions (PI) will be held accountable for the deeds of their agents and distributors because they had a role in how the final product was designed. This means that all of the PSD Agents, EMD Agents, and E-money Distributors must follow the consumer duty regulations outlined.

Similarly, any contracted work done for the company will be governed by the FCA consumer duty, and the company will need to think about how any of its service providers (such as customer support) may affect its adherence.

What happens upon customer duty breach?

After reviewing the consumer duty, it makes sense to wonder whether the customer will always be right and the company will be responsible for any harm. It has a solution, but it’s not as obvious as it could be. Overall, the business must watch out for its clients’ best interests and work hard to deliver positive results. It does not, however, imply that customers are essentially free from duty or responsibility for their choices. Of course, the payment/electronic money institutions are in charge of reasonably foreseeable harm, but clients can still make terrible choices.

How should electronic money institutions (EMI) and payment institutions (PI) comply with the new customer duty regulations?

It is crucial for payment and electronic money institutions to get ready for the new consumer obligation to go into effect. The following actions should be taken as a start:

  1. Design the strategy and technique for evaluating the current goods to determine whether they adhere to the new FCA consumer duty criteria.
  2. Examine the customer-facing verticals in relation to their compliance with the goals of the consumer duty.
  3. Establish the technique for evaluating new goods and services in relation to their adherence to the new consumer duty and evaluate as part of the plan-making process.
  4. To prove the results consumers are experiencing, undertake regular reviews and assessments of the goods versus their conformity to the FCA consumer obligation.

What are the best practices in adhering under the new fca customer duty regulations?

The many preliminary applicability scenarios show that the company must consider customer responsibility across the whole consumer journey. Therefore, even when a product or service is primarily designed, the new FCA consumer duty regulations must be considered. Establishing the client base and marketing objectives, it can be useful in this situation to organise the consumers and consider their preferences collectively. Pay close attention to whether the objectives outlined in our FCA consumer duty summary are realised.

Nonetheless, the new FCA consumer duty guidelines will mandate that the company consider the demands and traits of that client when responding to inquiries from a specific potential customer. An individualised approach should be used in genuine interactions with the company’s clients.

How can COREDO help you?

If you require professional advice as an existing EMI client or a new individual in the field, we have the appropriate consultants for you who can help. You may view the services that we can offer through this link: 

The abbreviation AML/CFT literally means “Anti-Money Laundering/Combating the Financing of Terrorism”. This term is used in the context of systematic fighting against the legalization of crime proceeds (the so-called “dirty money”), prevention of terrorism financing and the distribution of weapons of mass destruction.

What does the abbreviation AML/CFT stand for?Another abbreviation directly related to combating money laundering is KYC (“Know Your Customer“). It should be understood as the obligation to identify the counterparty before performing any financial transaction. This is one of the most important principles aimed at implementing AML/CFT measures.

The information in this article applies only to the activities of companies registered and operating in the Czech Republic. At the same time, 90% of the information applies to other EU jurisdictions.

All persons obliged to comply with the mentioned principles are listed in Act No. 253/2008 Coll., on Certain Measures against the Legalization of the Proceeds from Crime and the Financing of Terrorism.

This list includes loan and financial institutions, gambling operators, companies providing services related to virtual assets, companies providing services in the field of real estate and financial accounting, a person authorised to trade in used goods, or to broker such trading, as well as other companies working with the money of legal entities and individuals.

Obligations of companies under AML/CFT

When providing professional services for AML/CFT purposes, the organizations mentioned above are obliged to:

Proper compliance with these obligations is monitored by the Financial Analytical Office (FAÚ), as well as the Czech National Bank (ČNB) – the latter monitors the activities of financial and credit institutions. Failure to comply with AML/CFT obligations entails substantial penalties.

Banks or trading companies may also request confirmation of the company’s compliance with all AML/CFT measures. In case of the absence of the necessary documentation or non-fulfillment of obligations, financial institutions have the right to refuse to cooperate with such an organization.

If you are unsure whether your company is included in the list of organizations required by law to comply with the principles of AML/CFT, don’t hesitate to contact COREDO specialists for advice.

Reliable financial instruments are essential for the smooth development of international business. International payment system MultiPass is an excellent solution for businessmen. What is it and what are its advantages — read further.

What is MultiPass?

Payment System MultiPassMultiPass is a provider of complex FinTech solutions for international businesses. This payment system, headquartered in the UK, allows customers around the world to open accounts abroad and make secure money transfers online.

The creators themselves call the MultiPass system a progressive and flexible alternative to traditional banking.

MultiPass is the part of the international holding DYNINNO Group, which was founded in 2004 and specializes in optimizing business processes. Previously, this payment system was called DynaPay.

MultiPass uses a modular platform and proprietary IT solutions to provide clients with international business accounts, and enables them to go global.

The company employs a team of highly qualified experts who promptly implement the know-how emerging in the FinTech industry and contribute to the development of clients’ business.

Who is the MultiPass system suitable for?

The MultiPass payment system offers numerous products for businesses involved in international and cross-border activities. This financial instrument will be useful for:

  • companies involved in import and export;
  • organizations providing forwarding services;
  • international companies with branches in different countries;
  • IT businesses, digital marketing companies and more.

Advantages of cooperation with MultiPass

The MultiPass payment system perfectly proved itself, thousands of companies around the world use its services. Among its most significant advantages are:

  • the fastest and easiest way to open an account for all clients (you can submit documents remotely in just 10 minutes);
  • the ability to perform several business transactions from one account and fully manage personal account through online banking;
  • the ability to make payments to/from 180 countries of the world;
  • support for more than 30 world currencies in one account (EUR, USD, GBP, CHF, JPY, CZK, PLN, HUF and others);
  • the fastest payments (98% of payments are made in less than 24 hours);
  • 29 payment schemes to meet any customer needs;
  • the ability to receive and send international payments via SEPA, SWIFT, Target2, ACH and other global and local payment systems;
  • free currency conversion and favorable conversion rates;
  • the possibility of issuing both virtual and plastic payment cards;
  • the ability to open a current business account in over 20 countries to make payments as a local resident, which helps businesses eliminate additional fees.

How to open an account in the MultiPass system?

The procedure for opening an account in the MultiPass system is really as simple as possible. It does not require a personal presence, everything can be done online. The first step is to fill out an online application form, in which you need to provide your contact information.

Payment System MultiPassNext, the applicant will have to provide documents confirming his identity and address (scan/photo of the original passport/identity card, scan/photo of the document confirming the address, which is not more than 3 months old (for example, a utility bill or bank statement)), and also take a selfie with the passport/identity document. Within 3 months from the date of application, video verification of identity may be requested.

At the next stage, the applicant must provide information about his company, type of business and the intended use of the account in the MultiPass system.

And, finally, to complete the registration, the client will have to send the legal documents of the company (certificate of the registration, extract from the register containing the information about the directors and shareholders of the company, articles of association, etc.). There is no single list of documents that will be requested. It all depends on the type of business, the characteristics of the organizational-legal form of the company and some other factors.

MultiPass guarantees the most reliable protection of the client’s finances: two-factor authentication, data encryption, risk and fraud monitoring are used for this. Each client is assigned an individual experienced manager, and the online support service works 24/7.

With MultiPass, it is really easy to open an account abroad and conduct international business without unnecessary complications.

Exposing the truth behind fast EMI or PI License Transaction

Typically, time constraints drive someone to purchase a micro-payment institution, an authorised financial institution, or an e-money institution. Generally, it is thought that purchasing an authorised institution enables activities to launch more quickly than requesting authorisation from scratch.

Potential purchasers frequently believe that buying an existing authorised EMI or PI will speed up the process of entering the market compared to applying for a fresh license. Such presumptions are demonstrably untrue, as any personally liable purchaser should first undertake thorough research on the acquisition target, gather all relevant paperwork, file a request to the regulatory agencies for the transition of ownership, and then interact and respond to any inquiries may arise regarding the buyer’s intended financial model.

Many experts stated that the transfer of ownership process, from undergoing proper research to the end of receiving approval, takes about the same amount of time same with applying for a new license, both usually taking around 6 to 8 months. In addition to this, one should consider how long it will take you to identify a business that can grant the kinds of licenses required.

Another significant fallacy is the idea that buying an authorised, already-existing EMI or PI will result in a faster launch of the purchaser’s goods and services. If the purchaser launches his goods and services prior to the regulator’s approval of the transition of a control application, it would be dangerous for the purchaser and suspicious to the regulator.

One major factor in this is the existing legislation governing the country. For example, in the UK, A business with an EMI or PI license is required by the Electronic Money Regulations 2011 (EMRs 2011) and the Payment Services Regulations 2017 (PSRs) to notify the FCA of any shifts in circumstances. Additionally, we should remember that EMIs and PIs are now subject to PRIN as of 2019. The FCA must be properly informed of any significant issue related to an EMI or PI that the FCA would probably foresee or expect to be made aware of, according to Principle 11 “Relations with regulators,” which requires EMIs and PIs to report to the FCA. The SUP 15 form must typically be submitted to receive this kind of communication.

Payment (PI) and electronic money institution (EMI): here’s what you should knowThe regulatory compliance guidelines and practices of the acquisition target must be updated before the launch of any product or service to guarantee that they thoroughly address all the characteristics of the purchaser’s goods and services. In some instances, it would be difficult and most likely improbable since the EMI or PI architecture is insufficient for such items, or the customer contract has to be updated to reflect this.

But according to legislation, such a modification necessitates giving the customer 60 days’ notification. In other cases, the EMI or PI lacks the necessary permits, making launching such services impossible. For instance, the acquisition target cannot provide such a provision if it does not have authorisation for purchasing/issuing forms of payment.

This same concept also applies to the function and systems of the EMI or PI, which the authority officially approved. The purchaser who registered into the accord with the seller cannot force the seller to push out goods or services that were not included in the initial approval from the authority.

For instance, if the EMI initially received an authorisation on the premise that it will only offer digital financial services, it cannot introduce new payment cards, even if the license that was granted states that it can acquire or issue payment instruments. Before beginning card issuance operations, the firm would need to notify the authority of its plan to do so and get clearance to be entitled to this under the license terms.

What to consider before EMI/PI acquisition?

I. Regulations and Compliance Process

Prospective buyers seeking an EMI or PI license must recognise the importance of the below fundamental aspects of the authority’s strategy for the transition of ownership:
Payment (PI) and electronic money institution (EMI): here’s what you should know

  • Until the transition of ownership is permitted, the purchaser is not allowed to take over ownership of the EMI/PI unless the executive management that represents the purchaser has received regulatory approval as being associated with the target. Typically, when the transition of control ownership application is registered, the purchaser often asks for the permission of the new executive management at the same time.
  • A redesigned strategic plan, operating policies, and financial structure must always be presented to the regulatory authorities, along with the transition of ownership submission. Resubmitting the pre-existing EMI/PI’s corporate strategy, financial structure, and operational strategy as they were when it was first authorised would not be enough.
  • A fresh or revised risk management structure needs to be created since the transfer of control typically results in changes to the products and services offered. It is improbable that the authorities will be satisfied with a re-submission of the current EMI/PI’s risk management rules and processes under which the EMI/PI was initially authorised.
  • Avoid falling under the misconception that because the EMI/PI has already been approved, the ownership transition will be simple because it most likely will not be. In general, authorities view the transition of ownership as a separate permission.
  • Anticipate increased regulatory inspection of the durability and profitability of the company model and financial projections.

II. Proper Research and Due Diligence

In addition to the aforementioned items, a purchaser should keep in mind that establishing a sales contract and concluding it without conducting adequate due diligence could harm their brand and investments. Prospective purchasers should look into performing extensive due diligence on the acquisition target, paying close attention to the following points:

  • In most countries, especially in Europe, authorities require all licensed EMI or PI to begin offering operations within a year after receiving their permission. The government can revoke clearance if your acquisition target has not started offering services within 12 months. Hence, if you are purchasing a business that is more than a year old and they have not documented any consumer engagement throughout that time, you are at risk. One way to solve the issue is to mention it to the authority when submitting the transition of ownership application and ask for confirmation that you can complete a such activity and that the permission won’t be revoked.
  • Thoroughly verify all market authorisation supplied by the company and examine the operating documents to confirm the authenticity of the data provided and confirm client cash balances as well as balances on protecting bank accounts and the firm’s own funds.
  • Verify the accuracy of the safeguarding records, examine numerous examples of the daily safeguarding reconciliations, and check with the bank the outstanding balances on the safeguarding checking accounts. Any compliance issue can result in significant risk in the future.
  • Inspect all correspondence between the business and the authorities and other concerned parties, including the tax agency, the banking and finance ombudsman, the monetary criminal investigative agencies, etc. There are frequently unresolved open-ended inquiries or concerns that could be detrimental to the business and the incoming stakeholders.
  • Look for that are off-balance sheet assets, such as any guarantees given, any client finances that are not recorded in the business’s accounts, any debt securities created and not reported, etc.
  • Ask the firm’s management and stockholders for guarantees that no brokerage or distributorship agreements have been made and haven’t been declared to the authorities and customers, as these could involve obligations and reputational risk.
  • Inspect all contracts with 3rd parties cautiously since these frequently include high minimum fees and charge for early termination that often equals the total value of the agreement for the remaining years. These third parties include software providers and property owners. Closely examine which of these contracts you will have to cancel and the resulting financial harm. If possible, try to negotiate a concession on the purchase cost equal to that amount.
  • Make sure that no other party has permission to utilise the intellectual property (IP) generated by the EMI/PI for its own digital software system and solutions if those technologies’ IP rights are included in the acquisition price. Ask the sellers for guarantees that the IP was not given to a private entity and that the operator, staff, and administration will not keep backups of the codebase, technical information, or development files.
  • Revisit the company’s anti-money laundering processes, counter-terrorism financial support, anti-bribery and fraud, and budgetary crime prevention practices and policies. You should also analyse a sample of customers from various products and services to see if these practices and policies were implemented and if there is any possible hazard in the client portfolio. One of the main dangers that the buyer of the EMI/PI is exposed to is non-compliance with AML/CTF/KYC standards. You need reassurance that any misbehaviour by the clients won’t come back to haunt you in the future, including claims, guarantees, and insurance.
  • Examine any service contracts with employees, executives, and administration because they may contain clauses that provide for further incentives and payouts in the event of termination. Verify that the senior executives do not have any pending non-financial incentives.
  • Create a thorough purchase/sale contract that outlines the procedures, restrictions, and timelines of the acquisition in detail. All of these should be subject to legal permissions. Do not include firm deadlines for governmental permits and due diligence because these processes are uncertain, heavily reliant on the seller, and frequently take much longer than planned. Simply obtaining all required due diligence papers from the sellers can take months, so avoid making commitments that are out of your disposal.
  • As conventional bookkeeping firms do not generally have an in-depth understanding of the company and nuances linked to the regulatory duties, think about hiring experienced payments or e-money compliance requirements experts to undertake the due diligence on the acquisition target.
  • Use a trustworthy third-party custody operator to close the purchase/sale contract; all transactions, including the deposit, must be conditioned on the delivery of the commitments and go through the authorised agent.

III. Business and Corporation Concerns

Many parties and stakeholders should be to be taken into consideration when the purchase is being planned. If this factor is not accounted for, the company’s operations may subsequently become immobilised. In this matter, the following are some factors that must be looked into:
Payment (PI) and electronic money institution (EMI): here’s what you should know

  • Analyse the customer portfolio, price, contract terms, and others. if the acquisition target has already begun to provide services. Upon completion of the transfer of ownership, keep in mind that you might need to stop offering some services, raise prices, and end some client relations and that most of these adjustments will need 60 days’ notice to the clients, which could result in new concerns to the banking and finance ombudsman and authorities. Remember that the current source of revenue could decline dramatically or stop altogether; if necessary, try to cut purchasing prices in line with this.
  • Be mindful to thoroughly analyse the risks associated with the contracts the EMI/PI has signed with its stakeholders, particularly those with the financial institutions, suppliers, and purchasers. In several cases, the shift of ownership entails asking a third party for approval before implementing the adjustment. These partners will frequently need to establish separate investigations into the purchaser, new supervisory board, new directors, and fresh business models, as well as brand-new services and products. The enrollment procedure with these stakeholders when you purchase a firm may have to be restarted from the beginning, even though you may have relied on these ties when making a purchase.
  • If the purchaser does not adhere to the guidelines outlined in the contracts, there is a serious risk that such stakeholders may temporarily halt the delivery of services to the EMI/PI. This could have a detrimental effect on the firm’s revenue stream and result in concerns from end customers that could eventually reach the budgetary ombudsman office and/or the authority.
  • The dangers associated with changing authorised signatures for associate agreements during a managerial transfer for a firm are particularly high when it comes to financial institutions. Changing the authorised signatories on an account can take several months. In one case, a business waited for 10 months to update the user’s account authorised signatories, during which time the consumer’s finances were frozen on the account’s safeguarding bank because there was no legal way to sign the money transfer orders. Bear in mind the Covid-19 travel restrictions as well, as some traditional banks need in-person verification.
  • Think thoroughly about the acquisition target’s workforce because you could need to replace some staff members, undertake additional training, set up new qualifying programs, etc. Additionally, keep in mind the legislative employment security and dismissal processes you must adhere to. Do not undervalue the significance of a coherent and experienced team or the corresponding expenditure necessary for that area. After all, any EMI/PI is just a collection of people and IT systems.

Opinion: buy an EMI/PI license or a new one?

The time required to obtain a new license or a transition of ownership permission is not a factor when comparing an EMI or PI license for sale to an EMI or PI license that has already been issued because both are similar in that sense. In our viewpoint, it is not worthwhile to acquire an empty-shell EMI or PI license, or an EMI or PI that has not evolved much and lacks beneficial Intellectual Property in technology, goods or services, 3rd agreements, and client portfolios because the premiums demanded on the industry are frequently unjustified by any inherent assets aside from the license on its own.

A comparative assessment between a new EMI license and the available EMI license is provided below:


FACTORS Buying a License New License
Performing due diligence, undergoing proper research, and preparing contracts 1 to Months Not Applicable
Outlining necessary submissions, creating / revising operational plans, business strategies, system architectures, and review/establishing of compliance processes At least 1 Month 1 to 2 Months
Legislative Approval Period 4 to 6 months 4 to 6 months
TOTAL TIME EFFORT 6 to 8 months 6 to 8 months


FACTORS Buying a License New License
Cost of research and due diligence At least 6,000 EUR to 12,000 EUR Not Applicable
Outlining necessary submissions, creating / revising operational plans, business strategies, system architectures, and review/establishing of compliance processes At least 18,000 EUR to 42,000 EUR Maximum of 90,000 EUR
Purchase Price on top of stakeholder assets At least 400,000 EUR to 1,300,000 EUR Not Applicable
Minimum Authorized Capital At least 350,000 EUR At least 350,000 EUR
TOTAL COST 700,000 EUR to 1,500,000 EUR 450,000 EUR

As shown in the tables above, the new EMI license option will take the same period as acquiring an existing one and can be up to 3.5 times less costly than buying an expensive EMI or PI license. Additionally, with the new authorisation, there is no need to be concerned about undisclosed duties, historical problems, accrued liabilities, customer complaints, or any other significant concerns that might prevent your setup from becoming a unicorn.

The acquisition option only stands to reason if you’re purchasing an already successful company, the acquisition target’s exclusive properties, and/or a client base to launch your own items. Therefore, before buying licenses, you should consider whether it is worthwhile. Finding an EMI license for sale may not be difficult, but the actual issue is making the deal succeed.

How can COREDO help you?

If you need professional advice as an existing EMI client or a new individual in the field, we have the appropriate consultants for you who can help. You may view the services that we can offer through this link: 

Organizations whose work is related to their client’s financial assets are obliged to protect the financial system from money laundering at the local and global levels. These obligations exist under Act No. 253/2008 Coll., on Certain Measures against the Legalization of the Proceeds of Crime and the Financing of Terrorism (also known as the “Anti-Money Laundering Act” or the “AML/CFT Act”). This law details the obligations of companies under AML/CFT (Anti-Money Laundering/Terrorist Financing).

The information in this article applies only to the activities of companies registered and operating in the Czech Republic. At the same time, 90% of the information applies to other EU jurisdictions.

What is meant by AML/CFT obligations?

Obligations to combat money laundering and terrorist financing are imposed on certain companies and are regulated by the following legislative acts:

  • Act No. 253/2008 Coll., on Certain Measures against the Legalization of the Proceeds from Crime and the Financing of Terrorism;
  • Act No. 69/2006 Coll., on the Implementation of International Sanctions;
  • by-laws and other normative acts (Decree of the Czech National Bank (ČNB) No. 67/2018 Coll., ČNB Communication of 26 May 2009, Government Decree No. 210 of 28 May 2008, and others).

For companies subject to the Anti-Money Laundering Act, compliance with these obligations must be complete and comprehensive and must be applied to every transaction.

The primary AML/CFT obligations include the following:

  • Appointment of contact and authorized persons. The term of fulfillment of obligations is up to 60 days; a fine for non-fulfillment or improper fulfillment can go up to 1,000,000 CZK;
  • Development and implementation of an internal policy and risk assessment system. The term of fulfillment of obligations is up to 60 days; a fine for non-fulfillment or improper fulfillment can go up to 1,000,000 CZK;
  • Identification and control of clients, as well as persons who can act on behalf of clients, verification of clients on sanctions lists;
  • Customer activities monitoring;
  • Preservation of data on the measures taken to reduce the risks of money laundering and terrorist financing;
  • Notification of suspicious transactions to the authorities;
  • Regular staff training on the rules of compliance with AML/CFT obligations. Such training should be conducted before the employee’s appointment to the relevant post and at least once a year. In case of non-fulfillment of obligations, a fine of up to 5 000 000 CZK will be imposed on the company.

List of entities subject to AML/CFT obligations

According to Article 2 of the AML/CFT Act, so-called obliged persons are natural and legal persons whose activities are related to:
AML/CFT obligations: details, control, fines

  • real estate transactions;
  • currency exchange;
  • accounting services and tax consulting;
  • insurance;
  • lending;
  • payment services;
  • gambling;
  • second-hand goods trading;
  • management of clients’ assets;
  • registration of legal entities for sales;
  • virtual assets.

If you are not sure whether you are an obliged person under the provisions of the AML/CFT Act, you can contact COREDO’s lawyers and check.

Monitoring compliance with AML/CFT obligations

Financial Analytical Office (FAÚ) and, in some cases, the Czech National Bank (ČNB) or the Czech Trade Inspection (ČOI) monitor proper compliance with all AML/CFT obligations. If the company fails to fulfill its obligations on time (for example, the contact person was not appointed on time), or when one of the company’s clients becomes involved in an investigation on suspicion of money laundering, the risk of being inspected by regulatory authorities increases.

If it turns out that the client was engaged in money laundering through a specific company, taking advantage of the fact that some AML/CFT obligations were not properly fulfilled, the business faces serious problems. It is important to remember that ActNo. 40/2009 Coll., the amended Penal Code, takes into account not only the intentional crime of laundering crime proceeds but also contains an article on “laundering crime proceeds by negligence”.

That means an offense can be committed without malicious intent, even out of ignorance.

Examples of sanctions for non-compliance with AML/CFT obligations

  • If the company has not taken the necessary measures to identify and control the client, it faces a fine of up to 10,000,000 CZK. A similar penalty is provided for the failure to keep the data on the measures taken for 10 years.
  • If the company concludes a deal with a client who has not been identified, it faces a fine of up to 10,000,000 CZK.
  • If the company fails to train employees on the rules of compliance with AML/CFT obligations on time, then it faces a fine of up to 5,000,000 CZK.
  • If a company identifies a suspicious customer (business) and does not report it to the supervisory authorities, it faces a fine of up to CZK 5,000,000.
  • If the company fails to develop an internal policy and risk assessment system in time and to submit these documents to the FAÚ or ČNB, a fine of up to CZK 1,000,000 can be imposed in such a case.

More severe sanctions are applied in case of repeated violations – from a significant increase in the fine to a ban on conducting activities.

Financial Conduct Authority (FCA) published an article on their website last July of 2020 revealing that the surveys they conducted suggested that several institutions, which includes the United Kingdom (UK) Electronic Money Institutions, also known as EMIs, were combining clients and the company’s funds in order to keep transactional records inaccurately. It was also found that some do not have an effective and sufficient process for managing their business risks, which, in turn, makes them fail in protecting their accounts based on the standards set by the FCA. More information about the survey can be found on FCA’s website.

Further, in 2019, one more survey was done among eleven non-bank payment platforms and it concluded that there are some financial institutions that cannot explain what payment service they offered in particular scenarios, or even point out when they were releasing electronic money. It is also unclear as to when they are serving as the payment distributor on behalf of another payment service provider. This just means that these institutions do not have accurate identifiers and records of the funds and are not practicing the required standard in protecting the right amount of the said funds.

As bad as it may sound, the surveys were not only applicable to the United Kingdom, but also to some more nations in Europe. Specifically, it is noteworthy that Lithuania is among these, even being one of the main financial technology hubs.

Now, let us check what efforts these financial companies exert with regard to the licensing of electronic money (e-money) in European countries to safeguard the rules and regulations and to properly utilize the accounts.

To be able to determine this, a statistical analysis of the data from the database of the Bank of Lithuania, containing forty-three (43) Electronic Money Institutions in the same country from 2019 – 2021, was conducted.

As a result, forty-eight per cent (48%) of the sample of Lithuanian financial companies with e-money licenses incurred a discrepancy of more than fifty per cent (50%). Meaning, there are inequalities in the safeguarded accounts these companies hold versus the e-money they possess in hand. We may call these scenarios as “shortages”, which, by definition, is having less safeguarded money in relation to e-money. In the same way, it may also be a case of “excesses”, which means that there are more safeguarded funds in relation to e-money. To note, excesses are more common than shortages.

The conclusion having that big percentage of results, loudly suggests that practicing to safeguard the accounts is necessary for Electronic Money Institutions. This holds true considering that there are new participants in the EMI industry. In accordance with the data from the same study, sixty-two per cent (62%) of financial institutions having Small Electronic Money Institutions (EMI) Licenses also has more than fifty per cent (50%) discrepancy.

To further understand this, let us elaborate on the balance sheet contents of safeguarding the accounts of clients. Next would be the statistical analyses of these data.

Explaining account safeguarding and segregation through balance sheets

An essential part, but possibly infamous variance on credit institutions (wherein high-street and money-centre commercial banks are included) versus electronic money institutions (EMIs) is that EMIs must create a process that will totally secure the funds of their customers and maintain separate accounts from their own “segregated accounts”. However, credit institutions have the freedom to mix these funds deposited by their clients together with the companies’ funds and use these accordingly through investments or to extend the credit.

With this, even though EMIs have full access to their customers’ accounts or funds, they cannot use these for their own business intention aside from just transacting through issuance and e-money redemptions.


In the same way, EMIs are sticking into this condition. Let us give an example. A customer wants to transfer funds from his current bank account to another person’s bank through e-money, using EMI. Say for example the amount wanted to be transferred is one thousand euros (EUR 1,000). The two financial institutions will, then, perform the following on the back end to be able to complete the requested transaction.

  1. If in case the EMI is the holder of the customer’s fund with the same banking institution that holds the current account, the bank will debit the account and credits it to the EMI’s account. This is called “in-house settlement”, which means that there is no money leaving the bank (as what is shown in Figure 1).

How EMIs Manage Safeguarding of Accounts

  1. Having the same concept, if a customer wants to transfer money from his e-money account, the opposite of the process will be performed. In this case, for each euro (EUR 1.00) leaving the e-money account, an outflow of EUR 1.00 will be reflected on the customer’s safeguarded EMI account (considering that the funds will not be transferred to another client of the same EMI, as shown in Figure 2).

How EMIs Manage Safeguarding of Accounts

The ins and outs of the transactions elaborated on figures 1 and 2 are leading us to an expectation that once all those transactions are made into the electronic wallets of the customers through EMIs, each transaction on the EMI will have the same amount of funds in its clients’ asset, as a balance of the electronic money in its liability. That is to say, a “parity” is expected between the mentioned components, and will lead into the EMI’s balance sheet as the following:

How EMIs Manage Safeguarding of Accounts

However, what happens in real life is quite more cluttered. The rules and regulations we have for Electronic Money Institutions are not that strict. On the abovementioned figure (Figure 3), let us take the assumption that EMI is holding the fund through one more credit firm. Nevertheless, these EMIs may also consider the central bank, or in some cases, use the funds to invest in a more liquid asset that has lower risk factors.

In Figure 4 below, forty-three (43) EMIs from Lithuania are analyzed. In the analysis, three methodologies (that is, central bank, credit institutions, and more secure, low-risk and liquid assets) in holding an account were used unvaryingly during 2019. In quarter one (Q1) of 2021, most of the accounts were transferred to credit institutions.

How EMIs Manage Safeguarding of Accounts

Adding up to that, it is highly probable that Electronic Money Institutions may keep safeguarded accounts in currencies where their denomination is different from that of the respective electronic money liabilities’. Take this scenario as an example: There is a customer wanting to invest in euro (EUR) electronic money fund, and at the same time, the same amount of funds (considering its corresponding foreign exchange rate) placed on the particular EMI are in United States dollar (USD) safeguarded account.

Furtherly, we must not overlook Article 25 of the Law on Electronic Money and Electronic Money Institutions stating that EMIs have two choices as to how they could provide proper safeguarding of their client’s accounts.

These two are:

  1. The Segregated funds method – this is what is shown in the aforementioned outline.
  2. The Insurance policy method.

On the analysis of the Bank of Lithuania in 2019, the first method is the one mostly used by EMIs, therefore, resulting in the segregated funds method being set aside in this specific review.

Having these, and some more operational factors, reoccurrence of discrepancies may persist. This can be described as: scenarios wherein the amount of assets the EMIs are keeping on their safeguarded account is different from that of the electronic money amount of liabilities they have on issuance.

On the balance shown in Figure five (5) below, a case where discrepancy may occur is visible. On this balance sheet, before and after the fee for Customer X from EMI costs fifty euros (EUR 50). Customer X is debited with e-money for an amount of EUR 50, and then holds the earnings in the account which is safeguarded. This resulted in the account having a discrepancy amounting to EUR 50.

How EMIs Manage Safeguarding of Accounts

The authorities, during the period when they know that the process of totally eradicating the discrepancies will bring forth operational burden and may not be worthy of all the effort it will take, still require the EMIs to conduct settlements as oftentimes as possible. A sample case would be when the Financial Conduct Authority (FCA) spelt out (in 2021) that if ever there are discrepancies caused by reconciliations, the EMIs are required to provide justification regarding those discrepancies, and rectify them the soonest possible through payment of any deficit, and withdrawal of any extra amount, not unless the recorded discrepancy is from timing difference of the reporting system within the accounting department. Further, it was emphasized that the rectifications must be made within the specified business day.

Additionally, FCA provided two factors with regard to conciliating the assets’ safeguarding. Those are:

  1. It must be enough to make up for the expenses the company will need for the process of safeguarding before the next round of reconciliation.
  2. It should not be exaggerated so as to prevent the negative effect of commingling.

When it comes to considering the law of the western countries, specifically in Europe, there is no specific rule mirroring the mentioned ones from FCA. Instead, what they have in regulation is Article 7(1) of Directive 2009/100/EC. This establishes the qualifications and requirements for safeguarding clients’ accounts and is comparable to that Lithuania’s – Article 25 of the Republic of Lithuania Law on Electronic Money and Electronic Money Institutions.

To explain it more, the reasoning behind the existence of reconciliation because of the proper recording of the accounts. What is more, is that the consequential effect of mixing customers’ assets together with the companies’ funds and the succeeding liquidation of the companies’ funds may probably result in the customers’ funds being on the insolvency estate as well. However, truth be told, it will also eradicate the advantages of having a safeguarded account.

Continuing using the example from Figure 5, the way to correct the recorded discrepancy is when EMI transfer EUR 50 from their account that is safeguarded to its own account within the end of the same business day. This is ideal to restore the difference between the electronic money versus the safeguarded account and by doing that, the balance sheet will reflect as what is on Figure 6 below:

How EMIs Manage Safeguarding of Accounts

With all these, how can one tell that EMIs are sticking to the real-life qualifications and requirements of safeguarding accounts? The next part of this article will tell us through empirical data.

When the Data Talks

The simplest and most accurate technique to check if there are variances in the customers’ safeguarded account versus what is kept on the electronic money in issuance is through analyzing and comparing the balance sheets of the two accounts.

In this part, the analysis came from the data of forty-three EMIs from Lithuania. Figure 7 below is a scatterplot of the funds in both segregated (horizontal / x-axis), and the total outstanding electronic money liabilities (vertical / y-axis). From this, the two funds are visibly the same and significantly co-related, but not necessarily identical.

How EMIs Manage Safeguarding of Accounts

In Figure 8, a close-up of the variances is even more visible by looking at their respective ratios for the month of March 2021. With this, imbalances are indeed normal, and significant in volume, even though it is more on the “excess” part of the graph. This is considering that the ratio’s median of segregated accounts to electronic money liabilities is 1.26 during the period of December 2019 up until March 2021.

How EMIs Manage Safeguarding of Accounts

Now, take note that whether a discrepancy is an excess or a shortage, both are unpleasant from the point of view of authorities. As such, calculating the imbalances will show more than fifty per cent (50%) discrepancy, which means that they kept safeguarded money is either greater than less than 50% from that of the e-money they currently have.

The data are remarkable: forty-seven point eight per cent (47.8%) of the EMIs have variances of greater than fifty per cent (50%) by average. This is clearly shown in Figure 9.

How EMIs Manage Safeguarding of Accounts

For further analysis, we can separate the data into two subgroups: small EMIs (that is, data with electronic money of less than EUR 5 million), and the remaining would be those greater than or equal to EUR 5 million. By doing so, it was concluded that small EMIs are the top lawbreakers having sixty-one point nine per cent (61.9%) recorded discrepancy from the benchmark of 50%. Bigger EMIs have a lower discrepancy percentage, having twenty-seven point one per cent (27.1%) as what is reflected on Figure 10.

How EMIs Manage Safeguarding of Accounts

These results are distressing. If we take into account that the analysis done hypothetically suggests that fifty per cent (50%) of the credit companies in Europe have a Liquidity Coverage Ratio (LCR) of less than one hundred per cent (<100%), and twenty-seven per cent (27%) of the Global Systemically Important Banks (G-SIBs) have Leverage Ratio (LEV) of less than three per cent (<3%), neither have passed the standard set by the Basel III authorities.

Nevertheless, Republic of Lithuania Law on Electronic Money and Electronic Money Institutions is different from the United Kingdom’s Financial Conduct Authority (FCA). The former does not have a limit when it comes to working days in terms of correcting the variances in EMIs. Therefore, small EMIs are seen to have been performing poorly in providing safeguarded accounts.

Indeed, United Kingdom-based Electronic Money Institutions are not an exception to the discussion, and it seems like there are also inefficient and ineffective processes in safeguarding their customers’ funds as a whole.

How can COREDO help you?

If you are in need of professional advice as an existing EMI client or a new individual in the field, we have the appropriate consultants for you who can. You may view the services that we can offer through this link:

As part of their anti-money laundering obligations, companies are required to appoint a so-called contact person who will ensure the constant connection with the Financial Analytical Office (FAÚ), as well as to authorise a member of the statutory body responsible for compliance with obligations and record-keeping regarding anti-ML/TF measures in writing. This is provided for in articles 18, 22 and 22a of Act No. 253/2008 Coll., on Certain Measures against the Legalization of the Proceeds of Crime and the Financing of Terrorism (also known as the “Anti-Money Laundering Act” or the “AML/CFT Act”).

The information in this article applies only to the activities of companies registered and operating in the Czech Republic. At the same time, 90% of the information applies to other EU jurisdictions.

General information about an authorised person

Appointment of an authorised person and contact person to comply with the AML/CFT ActCompanies that are legally required to comply with AML/CFT legislation must notify the Financial Analytical Office of the appointment of the relevant contact person within 60 days.

In the case of replacing a contact person and another appointment, it is necessary to notify the department within 30 days. This notice must contain the name, surname, position, and all the contact details of the new contact person.

It is worth noting that according to the AML/CFT Act, the contact person of a financial institution (e.g. a mini-fund under § 15 of the ISIF Act) cannot be a member of the statutory body (except for when it is justified by the nature and area of the obliged person`s activities).

In addition, employees responsible for the conclusion and legal regulation of transactions or employees engaged in internal audits (unless justified by the nature and area of the obliged person’s activities) cannot be appointed to this position.

We recommend that you check whether a particular employee can be assigned as a contact person with the Financial Analytical Office (FAÚ) in each case.

Contact person and their obligations

One of the responsibilities of the contact person is to ensure an actual connection with the FAÚ. According to § 18 of the AML/CFT Act, such a link means notifying the supervisory authority when each suspicious transaction is detected.

One person can act as a contact person for only one company at a time.

Authorised person and their obligations

The authorised person responsible for ensuring compliance with anti-money laundering obligations under the AML/CFT Act can only be chosen and appointed from among the members of the statutory body. If there is only one member in the statutory body (for example, the managing director), then this person must be an authorised person by law. If there are several members in the statutory body, the authorised person may be selected from among them, and his powers must be delegated in writing.

The authorised person is responsible for complying with all AML obligations, including:

  • Ensures the availability of internal regulatory documents system;
  • Ensures the availability of a risk assessment system;
  • Monitors the relevance of documentation;
  • Identifies and monitors customers;
  • Trains staff, etc.

What are the consequences of not having an authorised person and a contact person?

The company’s failure to designate a contact person to ensure the constant connection with the FAÚ or to authorise a person required to monitor compliance with the AML/CFT Act in writing may result in a fine of 1 million CZK.

Failure to comply with the abovementioned requirements may also result in additional secondary risks arising from improper compliance with AML/CFT obligations. It puts the company at risk not only of a reputational nature but also attracts unwanted attention from fraudsters, leading to increased regulatory oversight and additional fines.