The Association of Cryptocurrency Enterprises and Startups, Singapore (ACCESS) has released a draft version of an industry code of practice targeted at cryptocurrency participants operating in Singapore, including exchange operators, payment and remittance services firms, cryptocurrency custodians and blockchain network infrastructure service providers.
The code of practice aims to set out standards of good practice regarding anti-money laundering and countering the financing of terrorism (AML/CFT) measures for crypto firms to comply with on a voluntary basis.
“In essence, the code of practice helps banks and industry players to sieve out the ‘bad,’ so that quality licensed blockchain and crypto-asset businesses can grow here in a bigger way and make a stronger imprint on the global stage,” Anson Zeall, the chairman of ACCESS, said in a press release on August 13, 2019.
Adding SPICE to Crypto Practices
The code of practice is part of ACCESS’s broader, industry-driven Standardisation of Practice in Crypto Entities (SPICE) initiative, which aims to formulate and promote industry best practices.
SPICE is being facilitated by the Monetary Authority of Singapore (MAS) and developed in consultation with the Association of Banks in Singapore (ABS).
To further the SPICE initiative, ACCESS said it is also working with industry leaders to provide practical guidance around best practices for numerous cryptocurrency exchanges based in Singapore. The working group is co-led by cryptocurrency exchange Luno and includes Paxos, Quoine and Xfers.
Sopnendu Mohanty, the chief fintech officer of MAS, said the regulator welcomes the industry’s collaborative effort to develop guidance that helps banks and cryptocurrency/blockchain startups strengthen regulatory compliance.
“The challenge for regulators has been to harness the potential benefits of blockchain technology and crypto tokens while ensuring that the risks are contained,” Mohanty said. “This industry collaboration will help to promulgate good practices for fintech players and financial institutions to manage risks such as money laundering and terrorism financing in crypto and blockchain [technology], and set the foundation for further technical development and broader industry adoption of innovative technologies.”
Among the measures recommended, the code advises cryptocurrency companies to assess the AML/CFT risks arising from their activities and clientele. This includes consideration of customer risk, geographical risk and business risk.
Assessing customer risk means, for instance, considering the complexity of a business’s ownership structure, whether they are a cash-intensive business, and if they will be making high volumes of transactions and/or regular transactions of high value.
Geographical risk requires evaluating factors such as where a company’s customers are located, as well as the origin and destination of transactions.
Finally, mitigating business risk involves taking into account whether or not a business is spread across multiple jurisdictions, the nature and complexity of a company’s products or services, and if the business has a heavy reliance on third parties to distribute its products, among other factors.
Depending on the assessed customer risk, crypto companies should apply the appropriate level of customer due diligence measures, the code says.
It recommends the establishment of an internal AML/CFT policy that addresses the main areas of AML/CFT compliance, including customer due diligence, transaction monitoring and suspicious transaction reporting.
Furthermore, it prescribes that cryptocurrency companies should designate an AML/CFT compliance officer and also put in place systems to monitor customers’ transactions and flag suspicious activities, including complex, unusually large or unusual patterns of transactions. Records of all data, documents and information related to the requirements under the code should be prepared, maintained and retained, the code says.
ACCESS is compiling feedback from the public on the code until September 10, 2019.