Nigeria: Fintech Update: SEC New Rules On The Issuance, Offering Platforms And Custody Of Digital Assets – What You Need To Know (Series 5)

In our Series 4 of these updates, we had looked at the Securities and Exchange Commission's ("SEC") requirements in relation to VASPs. In this last update on the series, we will review Part E of the rules which contains the Rules on Digital Assets Exchange ("DAX Rules"). Under the Rules on Virtual Assets Services Providers ("VASPs") ("VASP Rules"), a DAX is defined as an electronic platform which facilitates the trading of a virtual asset or digital asset and a DAX Operator is defined to mean a person who operates a DAX. What this means is that any entity that intends to operate an exchange for trading in digital assets and virtual assets in Nigeria will need to register as a DAX Operator with the SEC.

In addition to the general requirements for VASPs as set out in series 4, the DAX Rules provide additional requirements which an entity seeking to register as a DAX Operator must comply with. In this article, we will highlight the provisions of the DAX Rules and related matters.

Registration Requirements

An applicant seeking to register with the SEC as a DAX must comply with the general requirements for VASPs (see here). In addition, the applicant shall file the appropriate SEC Form 2 and 2D which shall be completed in duplicates and make payment of the following applicable prescribed fees: (i) filing/application fee of N100,000 (one hundred thousand Naira only); (ii) processing fee of N300,000 (three hundred thousand Naira only); (iii) registration fee of N30,000,000 (thirty million Naira only); and (iv) sponsored individuals fee of N100,000 (one hundred thousand Naira only) per person.

The SEC requires that the application must also be supported by evidence of the applicant having the required minimum paid up share capital of N500,000,000 (five hundred million Naira only) either in bank balances, fixed assets or investment in quoted securities, and a current fidelity bond covering at least 25% of the minimum paid-up share capital as stipulated by the SEC. It should be noted that notwithstanding the requirement for a minimum paid up capital above, the SEC may at any time impose additional financial requirements on the DAX commensurate with the nature, operations and risks posed by the DAX.

There are other mandatory documents which the SEC required that need to accompany the application. These include:

1. A certified copy of the constitutional documents and latest audited account of the DAX;
2. A certified copy of the statement of the DAX's share capital, return of allotment and particular of its directors;
3. sworn undertaking to keep proper records and render returns as may be specified by the SEC from time to time signed by a director or the company secretary; and
4. sworn undertaking to abide by SEC Rules and the Investments and Securities Act No.29 of 2007 (the "ISA") by a director or the company secretary.

MANAGEMENT REQUIREMENTS

The SEC's prior approval is required for the appointment of the Board of Directors of a DAX Operator. The same requirement applies for the appointment of the Chief Executive Officer (CEO) and other principal officers of a DAX Operator.

The DAX Rules also requires that the CEO of a DAX Operator shall hold office for a period of five (5) years in the first instance and renewal for a further term of five (5) years only. That is, a CEO can only hold office for a maximum period of 10 (ten) years. Other requirements for the appointment of a CEO and Principal Officers of a DAX Operator include that they must:

1. be registered by the SEC as sponsored individuals;
2. be person of proven integrity with no record of criminal conviction;
3. hold at least a university degree or its equivalent;
4. have at least five (5) year cognate experience;
5. not have been found complicit in the operation of an institution that has failed or been declared bankrupt or has had its operating license revoked as a result of mismanagement or corporate governance abuses;
6. not have been found liable for financial impropriety or any other misdemeanor by any court, panel, regulatory agency or any professional body or previous employer; and
7. comply with any other criteria which the SEC may, in the public interest, determine from time to time.

OUTSOURCING OBLIGATIONS OF A DAX OPERATOR

The SEC sought to impose minimum requirements for DAX Operators in their operations with a view to protecting the interest of the investing public. As a result, the SEC requires that a DAX operator shall:

1. have a board of directors accountable for all outsourced functions and the board shall establish effective policies and procedures for its outsourcing arrangement including a monitoring framework to monitor the service delivery and performance reliability of the service provider;
2. ensure that the service provider has adequate policies and procedures to monitor the conduct of any appointed sub-contractor;
3. perform an assessment on a service provider on a periodic basis, as part of its monitoring mechanism and submit a report of the assessment to its board of directors and senior management;
4. have a sworn undertaking from the service provider or sub-contractor stating that the SEC will have access to all information, records and documents relating to the material outsourced arrangements; and
5. notify the SEC of any adverse development arising in the outsourcing arrangement of any outsourced function that could significantly affect the operations of a DAX, within two weeks from the occurrence of the event.

OTHER OBLIGATIONS OF A DAX OPERATOR

The SEC imposes various obligations on a DAX Operator in the discharge of its functions. Some of these obligations are discussed below.

1. Submission of Rules
   A DAX Operator shall prepare its own draft rules (or amendments to existing ones) and submit same to the SEC for approval. The submission shall include the text of the proposed rules or amendments and the purpose of the proposed rules or amendments. Following a review, the SEC may direct a DAX operator to vary or amend any rule submitted as it deems necessary.
2. Reporting requirements
   The SEC requires a DAX Operator to submit the following: (a) weekly and monthly trading statistics and all reporting requirements, (b) quarterly and annual financial as well as compliance reports to demonstrate its compliance with any conditions imposed by the SEC pursuant to the registration of the DAX Operator; (c) its latest audited financial statements, within three months after the close of each financial year or such period that the SEC may allow' and (d) any information which may be required by the SEC from time to time.
3. Cessation of Business or Operations
   The SEC does not permit a DAX Operator to cease the business or operations of an Exchange without a prior notification to the SEC. Upon receiving such notification, the SEC may issue a directive or impose any term or condition for the purposes of ensuring the orderly cessation of the business or operations of the Exchange. This is to ensure that investors' interests are protected and that they are always able to transition from one Exchange to another one.
4. Suspension/Cancellation/Withdrawal of Registration
   The SEC may suspend or cancel the registration of an Exchange as prescribed in the SEC Rules and Regulations on suspension/cancellation of registration. The DAX Operator may, by notice in writing, voluntarily apply to the SEC to withdraw its registration and provide reasons for its withdrawal as prescribed in the SEC Rules and Regulations on withdrawal of registration.
5. Prohibition on financial assistance/conflict of interest
   A DAX operator is prohibited from providing direct or indirect financial assistance to investors, including its officers and employees, to invest or trade in virtual assets or digital tokens listed on its platform. Regarding trading by officials of a DAX, the SEC requires a DAX Operator to have a robust framework to address matters like trading in Virtual and Digital Assets on its platform or other platforms by its officers and employees.
6. Risk Management
   Managing risks is key to the operations of a DAX. As a result, the SEC mandates a DAX Operator to:
   
   1. establish a robust operational risk-management framework with appropriate systems, policies, procedures, and controls to identify, monitor, mitigate and manage operational risks and have in place clearly defined roles and responsibilities for addressing operational risk; and
   2. ensure that it has adequate capacity proportionate to stress volumes to achieve its service-level objectives and have a comprehensive physical and information security policy that addresses all potential vulnerabilities and threats.
7. Business Continuity Plan
   Similar to risk management, the SEC requires that a DAX Operator shall:
   
   1. have a business continuity plan that addresses events posing a significant risk of disrupting operations. The business continuity plan should incorporate the use of a secondary site and be designed to ensure that critical information technology systems can resume operations within reasonable recovery time following disruptive events.
   2. carry out periodic reviews, audits and testing on systems, operational policies, procedures, and controls relating to risk management and its business continuity plan.
8. Trading of Virtual Assets/Digital Tokens
   The DAX Rules prohibit a DAX Operator from facilitating the trading of any virtual asset or digital asset on its platform unless the SEC has issued a "no objection" to the trading of the virtual asset or digital asset. This no-objection application is to be submitted to the SEC enclosing documents and any other information to be determined by the SEC from time to time. The applicant for the registration is required to demonstrate availability of information related to the project including;
   
   1. the white paper or any other disclosure document accompanying the virtual/digital asset;
   2. the progress of the project including both business and technical aspects;
   3. compliance with all other legal and regulatory frameworks in Nigeria and other jurisdictions where the project operates in, where applicable; and
   4. security of the underlying distributed ledger including the number of nodes, any history of hacks and other form of attacks and any known security vulnerabilities.
   Where an issuer has previously obtained SEC's approval to issue its virtual or digital asset, the no-objection application stated above must still be obtained.
9. Asset Protection
   It is important that the assets of investors are protected from third parties. In that regard, the SEC requires that a DAX Operator shall have in place various systems and measure to protect investors including:
   
   1. establishing systems and controls for maintaining accurate and up to date records of investors and any monies or virtual assets/digital tokens by the DAX;
   2. ensuring that investors monies and virtual assets/digital tokens are properly safeguarded from conversion or inappropriate use by any person, including implementing multi-signature arrangements;
   3. establishing and maintaining with a registered Central Securities Depository or Trustee, one or more Central Securities Depositories or trust accounts, designated for the monies received from investors; and
   4. ensuring that the Central Securities Depository or trust accounts are administered by an independent registered Central Securities.
10. Obligation to maintain proper records
    A DAX Operator must maintain records of all transactions and activities executed on its platform in a form and manner to be determined by the SEC from time to time. It shall also ensure that trading information for both pre-trade and post-trade is made publicly available on a real-time basis.
11. Transaction Fees
    The SEC indicated in the DAX Rules that it will charge fees on transaction carried out regarding trading in virtual assets/digital tokens on a DAX at a rate or percentage to be determined by the SEC from time to time. It is not clear yet how this will work in practice and whether, where a registered DAX operates in multiple jurisdictions, it will apply to the global trades on a DAX registered with the SEC or will be limited to transactions originating from Nigeria. In addition, all transaction fees payable to DAX by its users shall be subject to approval of the SEC. This is to ensure that there is uniformity in the fees to be charged by various operators.

Conclusion

We are uncertain as to how this Part of the Rules will apply in light of the CBN Circular that prohibits institutions under its regulatory purview from engaging in or facilitating payments for transactions involving cryptocurrencies considering that DAX This is because a DAX Operator will need to operate a bank account and engage a payment platform for its business and to facilitate the settlement of trades on its platform. This is presently not possible with the CBN prohibition. We can only hope that this is resolved soon between the CBN and the SEC.

We have analysed the provisions of the SEC Rules on digital and virtual assets in these 1 to 5 series. The Rules are still in infancy. As you would have seen, there are still various issues which still need to be settled or for the SEC to clarify. We hope that it will become clearer going forward how the SEC will apply the Rules. The issuance of the Rules by the SEC represents a bold step regarding deepening the market for virtual and digital assets in Nigeria. However, a lot still needs to be done. The regulators, particularly the CBN and the SEC, will need to collaborate more with a view to creating an enabling environment for the growth of the sector in Nigeria.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.