Fintech 2025

BRITISH VIRGIN ISLANDS Law and Practice Contributed by: Chris Duncan and Katrina Lindsay, Carey Olsen

All fintech providers incorporated in the BVI are required to put in place appropriate risk-based mechanisms, policies and procedures to assess applicants for business, customers, and busi - ness relationships in order to determine whether they are under any sanctions imposed by the United Nations Security Council or the UK and extended to the BVI as sanctions orders. Fintech providers who are regulated by the FSC (whether under the VASP Act, SIBA, the FMSA or otherwise) will play an important role in gate - keeping access to the products and services offered on their platform ‒ principally, through the implementation of effective policies and procedures for managing money laundering, terrorist financing and proliferation financing risks, as required under the BVI AML regulatory framework. This framework primarily comprises the Proceeds of Criminal Conduct Act 1997 (as amended), the Anti-Money Laundering Regula - tions 2008 (as amended) (the “AML Regs” ), and the Anti-Money Laundering and Terrorist Financ - ing Code of Practice 2008 (as amended). 2.10 Significant Enforcement Actions The VASP Act is still in its infancy and, as such, the FSC has not – to date – taken any enforce - ment action thereunder. The VASP Act does, however, furnish the FSC with wide enforcement powers, including the power to: • impose administrative penalties; • appoint examiners or qualified persons to conduct investigations; • issue directives imposing a prohibition, restriction or limitation on the financial ser - vices business that may be undertaken; and • remove the director or other persons (or with - draw its approval of such persons as fit and proper persons).

In more extreme cases, the FSC may revoke or suspend a licence or apply to the court under the BVI Insolvency Act 2003 for the appointment of a liquidator in respect of the licensee. 2.11 Implications of Additional, Non- Financial Services Regulations Amendments to the AML Regs, implemented by the Anti-Money Laundering (Amendment) Regu - lations 2022, brought the business of carrying on or providing virtual assets services when a transaction involves virtual assets valued at USD1,000 or more within the scope of the BVI AML regulatory regime. The FSC also issued a Virtual Assets Service Providers’ Guide to the Prevention of Money Laundering, Terrorist Financing and Proliferation Financing to provide VASPs with clarity on specific AML/CTF obliga - tions, including requirements for robust custom - er due diligence and enhanced customer due diligence procedures, proper record-keeping measures, frameworks to fulfil statutory report - ing obligations, and monitoring and assessment of risks that are present in the use and exchange of virtual assets and in the operations of VASPs themselves. DPA The DPA is intended to safeguard personal data processed by public and private bodies in the BVI by balancing the need for the protection of personal data against the need to process per - sonal data for legitimate means. The DPA also aims to promote transparency and accountabil - ity in the processing of such personal data. Under the DPA, persons who process, have con - trol over, or authorise the processing of personal data can only process personal data (other than sensitive personal data) about a data subject without consent if the processing is necessary for:

132 CHAMBERS.COM

Powered by