Last Updated on February 2, 2021 by Talium
In France, digital asset service providers have been defined thanks to the PACTE law. Designed to protect the investor and fight against money laundering, some services require prior registration with the AMF.
What are digital assets and PSANs?
As we have seen in a previous article on the “Minibons” ordinance of 2016 and the regulations around the DEEP (Dispositif Électronique d’Enregistrement Partagé), France was one of the first countries to regulate on the use of blockchain/DLTs in the field of finance.
In 2019, the PACTE law defines PSAN (Prestataires de Services sur Actifs Numériques) and provides a more extensive framework. Let’s start by providing some definitions.
Note: In English, the acronym VASP is used to designate the virtual assets service providers. As the definition is not exactly the same, we chose to keep the acronym PSAN in this article.
Digital assets are defined by the Code Monétaire et Financier as follows:
- Les jetons mentionnés à l’article L. 552-2, à l’exclusion de ceux remplissant les caractéristiques des instruments financiers mentionnés à l’article L. 211-1 et des bons de caisse mentionnés à l’article L. 223-1 ;
- Toute représentation numérique d’une valeur qui n’est pas émise ou garantie par une banque centrale ou par une autorité publique, qui n’est pas nécessairement attachée à une monnaie ayant cours légal et qui ne possède pas le statut juridique d’une monnaie, mais qui est acceptée par des personnes physiques ou morales comme un moyen d’échange et qui peut être transférée, stockée ou échangée électroniquement.
- The tokens mentioned in Article L. 552-2, excluding those meeting the characteristics of the financial instruments mentioned in Article L. 211-1 and the savings bonds mentioned in Article L. 223-1 ;
- Any digital representation of a security that is not issued or guaranteed by a central bank or by a public authority, that is not necessarily attached to a legal tender and that does not have the legal status of a currency, but that is accepted by natural or legal persons as a means of exchange and that can be transferred, stored or exchanged electronically.
Digital assets mainly include :
- Virtual currencies, cryptocurrencies (e.g. Bitcoin, Ether, Litecoin): allow the payment of any goods or services to a third party that accepts this mode. Rewards network participants (e.g. minors).
- Utility Tokens (e.g. BNB, LINK, MKR, BAT): allow access to a particular service, deployed as a decentralized application.
The “PACTE” law (LOI n° 2019-486 du 22 mai 2019 relative à la croissance et la transformation des entreprises) defines the PSANs. Thus the different providers are as follows:
- Services on behalf of third parties :
- the conservation of digital assets, in practice the conservation of cryptographic keys on behalf of a customer (key safekeeping) ;
- the service of buying or selling digital assets in legal tender;
- the service of exchanging digital assets for other digital assets;
- the receipt and transmission of orders for digital assets, i.e. the receipt and transmission of orders to buy or sell digital assets on behalf of a customer;
- portfolio management of digital assets, i.e. the act of managing, in a discretionary and individualized manner, portfolios including one or more digital assets within the framework of a mandate given by a customer;
- advising subscribers of digital assets. This involves providing personalized recommendations to a third party, either at its request or at the initiative of the service provider providing the advice, concerning one or more digital assets;
- underwriting of digital assets, i.e. the direct acquisition of digital assets from a digital asset issuer in order to sell them;
- the guaranteed placement of digital assets, which consists of seeking buyers on behalf of an issuer of digital assets and guaranteeing a minimum amount of purchases by undertaking to acquire the digital assets not placed;
- the non-guaranteed placement of digital assets, which consists of seeking purchasers on behalf of an issuer of digital assets without guaranteeing it an acquisition amount.
- the operation of a digital asset trading platform. This involves the operation of one or more digital asset trading platforms, in which multiple third-party buying and selling interests in digital assets against other digital assets or in legal tender may interact in a manner that results in the conclusion of contracts.
Note that, for the time being, registration with the AMF (Autorité des marchés financiers) as a PSAN is required for only two of these services: key safekeeping and/or the purchase and sale of assets in legal tender.
It should also be noted that as of June 10, 2021, Order No. 2020-1544 of December 9, 2020, will come into force to extend this obligation to services for exchanging digital assets for other digital assets and to digital asset trading platforms.
Mandatory registration and optional approval
As we have just seen, for the time being, registration is mandatory for those who keep digital assets (i.e. portfolios of cryptocurrency or utility tokens) and for those who offer the exchange of these digital assets for legal tender (i.e. fiat money or electronic money).
In the case of a registration, the applicant must compile a file that includes the elements listed in the following articles:
You must of course have an establishment in France in order to be able to make this registration. The Autorité de contrôle prudentiel et de résolution (ACPR) verifies the compliance of the service provider with anti-money laundering and anti-terrorist financing regulations.
The accreditation is always optional. The accreditation file contains more elements than the registration file. It is a real pledge of confidence for the user.
In the case of accreditation, the applicant must compile a file that includes the elements listed in the following articles:
- article D-54-10-6 of Code Monétaire et Financier ;
- article 721-2 (section 2, chapter 1, title II) of the AMF’s general regulations;
- AMF instruction DOC 2019-23 (same as above).
Brief on cybersecurity
Whether for registration or accreditation, the Cyber Security Requirements Repository (DOC-2019-24) is a requirement. Only the investment advisory service is excluded since it does not involve the registration of data on an information system. This repository lists general technical requirements to ensure a minimum level of security.
In order to achieve this, the provider is responsible for cybersecurity, even if it is outsourced to a subcontractor.
At the international level, the FATF (Financial Action Task Force) represented by 39 member countries aims to combat money laundering and terrorist financing.
This group establishes the recommendations to be followed by member countries, which are not binding. The PSANs, defined by the PACTE law, meet various requirements reported by the FATF recommendations, which, since 2019, focuses on digital assets.
References and supplements (in French) :