The Cyprus Securities and Exchange Commission (CySEC) last week issued its first regulations regarding cryptocurrency.

The new rules laid down in Circular C417 are designed to ensure that Cyprus Investment Firms (CIFs), make provision to cover investments in cryptocurrencies (the regulations do not distinguish among them), and that risks involving cryptocurrencies are managed properly.

"It is a good first step for the country," comments Dimitris Papoutsis, a lawyer with Elias Neocleous & Co. in Limassol. "The Circular addresses much-needed direction so that CIFs can invest in cryptocurrency and be assured of compliance."

Papoutsis points out that the Circular cites the lack of previous regulation for cryptocurrencies. "As noted in the EBA's report on crypto assets there is no reference in the current prudential framework for crypto assets," the Circular says.

"So it is natural that CySEC should fill this gap for CIFs to be able to calculate their own funds and capital adequacy ratio, accordingly," he adds.

CIFs must first obtain authorisation from CySEC to trade in cryptocurrencies, because they are not specifically regulated by previous financial regulation, whether in Cyprus, or at the level of the EU.

The first three provisions of the Circular specify how CIFs should calculate capital adequacy for cryptocurrency investment, and how to report it – there must be sufficient provision for these investments.

Then, risks must be carefully managed, the Circular points out.

"CIFs, which trade in crypto assets, and/or in financial instruments relating to crypto assets, should revisit their risk management procedures and strategies and ensure that all risks associated with this product are duly taken into consideration.

"CIFs must have in place sound, effective and complete strategies and processes to assess and maintain on an ongoing basis the amounts, types and distribution of internal capital that they consider adequate to cover the nature and level of the risks to which they are or might be exposed. These strategies and processes are subject to regular internal review to ensure that they remain comprehensive and proportionate to the nature, scale and complexity of the activities of the CIF."

Considering the nature of crypto assets, CIFs should also examine taking mitigating measures against operational, cybersecurity and reputational risks, the Circular concludes.

"We can expect further regulation of cryptocurrencies under the rubric of Anti-Money Laundering legislation in due course," Papoutsis concludes.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.