Skip to content
All about casino & gambling.

"AML and KYC Compliance in Security Token Offerings (2024 Edition)"

"Examining Global Security Token Offerings: Notable KYC Processes in the US and EU – Insights on Optimal KYC/AML Practices from The Sumsuber"

 and  Administrator
3 min read
Compliance Challenges in Security Token Offerings: A Focus on AML and KYC (Year 2024)
Compliance Challenges in Security Token Offerings: A Focus on AML and KYC (Year 2024)

"AML and KYC Compliance in Security Token Offerings (2024 Edition)"

In the rapidly evolving world of digital assets, the KYC/AML requirements for Security Token Offerings (STOs) vary by jurisdiction but share core elements of customer due diligence, transaction monitoring, and reporting suspicious activity, consistent with traditional financial regulations adapted for digital assets.

United States

In the United States, STOs are regulated under frameworks involving multiple bodies such as FinCEN, SEC, and others. Firms must follow the Bank Secrecy Act (BSA) and USA PATRIOT Act standards, which require stringent KYC procedures (e.g., identity verification, PEP and sanctions screening), AML programs, transaction monitoring, and suspicious activity reporting. This regime applies to crypto-related entities classified as financial institutions or securities service providers.

Singapore

The Monetary Authority of Singapore (MAS) regulates STOs under the Digital Payment Token license framework. Compliance requires comprehensive KYC/AML policies, including verifying investor identity, continuous monitoring, audits, and ensuring transparency of funding sources. The process is rigorous, often taking 6–12 months, and requires establishing local compliance infrastructure.

Global/Other jurisdictions

Many countries now incorporate international standards from the Financial Action Task Force (FATF) and OECD's Crypto-Asset Reporting Framework (CARF), enforcing:

  • The "Travel Rule," obliging Crypto Asset Service Providers (CASPs) to share customer information during transactions.
  • Annual reporting and data exchanges for cross-border crypto transfers.
  • Use of blockchain analytics and real-time sanctions screening to detect illicit activity on-chain.

Hong Kong

Hong Kong implemented a new licensing regime for Virtual Asset Trading Platform Operators (VATPs) on June 1, 2023, overseen by the Securities and Futures Commission (SFC). Certain small (personal) offers of digital tokens do not exceed S$5 million within any 12-month period and are exempt from Prospectus Requirements and Authorization/Recognition Requirements. Offers made to institutional investors only are also exempt.

For VATPs (for non-security tokens) under the AMLO regime in Hong Kong, a handbook and guideline were issued to fill the regulatory gap that existed prior to June 1, 2023. If dealers and brokers are involved by the STO issuer to market the token sale, they must implement AML measures, such as KYC, as these are AML-regulated entities. The SFC views tokenized securities as fundamentally traditional securities with a tokenization wrapper, hence the existing legal and regulatory requirements governing the traditional securities markets continue to apply to tokenized securities in Hong Kong.

European Union

In the EU, STOs may be regulated under the traditional rules applicable to securities or may not have a specific regulatory regime.

Other jurisdictions

Most countries have regulations based on local securities laws for STOs, but some jurisdictions haven't introduced any regulations yet. In Singapore, digital tokens offered or issued may be regulated by MAS if they are "capital markets products" under the Securities and Futures Act (SFA). Offers made to no more than 50 persons within any 12-month period are exempt in Hong Kong, provided they meet certain conditions. Offers made to accredited investors, subject to certain conditions, are also exempt.

Practical Implications

The practical implications for STO issuers across jurisdictions are the need to:

  • Implement robust customer due diligence (CDD) consistent with local laws.
  • Conduct ongoing transaction and wallet monitoring for suspicious patterns.
  • Report suspicious activities and cooperate with regulatory bodies and financial intelligence units (FIUs).
  • Align with evolving regulatory frameworks, for example, pending U.S. legislation (Digital Asset Market Clarity Act) and EU AML Authorities regulations, which may redefine the classification and compliance requirements for security tokens.

In summary, compliance requires a tailored approach respecting local regulations with attention to global AML standards, rigorous KYC checks, ongoing monitoring, and reporting to mitigate risks inherent in STOs across different jurisdictions.

  1. The digital assets industry in the United States is subject to regulations from bodies such as FinCEN, SEC, and others, which necessitate adherence to the Bank Secrecy Act (BSA) and USA PATRIOT Act standards for firms, including stringent KYC procedures, AML programs, transaction monitoring, and suspicious activity reporting.
  2. In Singapore, the Monetary Authority of Singapore (MAS) requires digital assets firms to comply with extensive KYC/AML policies, such as verifying investor identity, continuous monitoring, audits, and transparency of funding sources, through their Digital Payment Token license framework.
  3. Many countries around the world adhere to international standards from organizations like the Financial Action Task Force (FATF) and OECD's Crypto-Asset Reporting Framework (CARF), enforcing regulations like the "Travel Rule," annual reporting, data exchanges for cross-border crypto transfers, and the use of blockchain analytics and real-time sanctions screening to detect illicit activity.
  4. As for virtual asset trading in Hong Kong, operators are regulated under a new licensing regime overseen by the Securities and Futures Commission (SFC) effective from June 1, 2023, requiring AML measures such as KYC for STO issuers when they involve brokers and dealers.
  5. The European Union doesn't have a specific regulatory regime for STOs, but traditional securities regulations may apply; alternatively, they may fall outside any specific regulatory framework. Meanwhile, some jurisdictions still lack regulations for STOs, but others, such as Singapore and Hong Kong, have exemptions for certain offers, such as those made to accredited investors or no more than 50 persons within any 12-month period. In all cases, companies must pay attention to both local regulations and global AML standards, perform thorough KYC checks, monitor transactions, report suspicious activities, and stay informed about evolving regulations to ensure compliance.

Read also:

    Related

    Latest