05 January 2022

Bermuda blockchain and cryptocurrency regulation 2022

Partner Steven Rees Davies and associate Alexandra Fox have authored the Bermuda chapter of Global Legal Insight's fourth edition guide to blockchain and cryptocurrency regulation. The chapter covers the Bermuda legal requirements relating to cryptocurrency and blockchain, including the Digital Asset Business Act and the Digital Asset Issuance Act.

Contents

Please click on the links below to jump to the relevant section:

Government attitude and definition

Bermuda has been recognised as a global leader in the regulation of businesses using blockchain and cryptocurrencies. The Bermuda government has pioneered one of the world’s first comprehensive regulatory and legislative frameworks specifically designed to provide legal and regulatory certainty to industry participants whilst ensuring that business in the sector is conducted in accordance with the highest international standards.

The framework is more particularly defined below, but in essence comprises two legislative arms that, subject to certain exemptions, treat all cryptocurrencies, digital coins and tokens as the same and use the term “Digital Assets” to identify them all. The Digital Asset Business Act (“DABA”) introduced a licensing regime for businesses seeking to conduct “Digital Asset Business” (defined below) whilst the Digital Asset Issuance Act (“DAIA”) introduced a regime to regulate persons seeking to carry on a “Digital Asset Issuance” (defined below).

The Bermuda government also introduced an insurtech sandbox that is an additional licensing regime designed to promote innovation in the use of technology across the insurance and reinsurance sectors, being industries in which Bermuda has been recognised as a world leader for decades. The government further announced its intention to widen the scope of the sandbox to encompass other industry sectors. Bermuda also introduced one of the world’s first digital asset business bank licensing regimes that provides for a banking licence to be issued to persons seeking to provide traditional banking services to the digital asset sector.

At the Bermuda Tech Summit 2021, the Bermuda government announced that it will be launching a blockchain-based stimulus token for use in Bermuda’s retail market and which will be a Bermuda dollar-backed stablecoin using technology developed by one of the first companies to be regulated under the DABA in Bermuda. The government has also been working on numerous other technology projects to further enhance the island’s digital infrastructure, including the development of a digital ID system that meets internationally recognised standards of both privacy and anti-money laundering and anti-terrorist financing (“AML/ATF”) regulation and the introduction of submarine cabling legislation to protect both the environment surrounding the island and the submarine cables themselves once installed.

Bermuda has developed a collaborative business culture that involves government and industry working together to create opportunity and commercial success with truly independent, actively engaged and globally recognised regulators maintaining the balance between the promotion of innovation and adherence to worldwide standards of regulation, compliance and transparency.

The Bermuda Monetary Authority (“BMA”), as Bermuda’s financial sector regulator, is a member of the Global Financial Innovation Network (“GFiN”) and also a member of the GFiN Coordination Group. GFiN was created to provide an efficient mechanism for innovators to interact with regulators and assist in navigating between jurisdictions as they look to scale and test new products and services. GFiN also provides a means for regulators to cooperate and share knowledge and experience in working with new and innovative product and service lines.

Cryptocurrency regulation

 

Digital Asset Business Act

The DABA came into force in September 2018. Since the DABA’s enactment, the BMA has promulgated rules, regulations, codes of practice, statements of principles and guidance in order to supplement the DABA, with the result that the DABA operates in a similar manner to the regulatory frameworks in place for other financial services regulated by the BMA. In summary, the DABA specifies the digital asset-related activities to which it applies, imposes a licensing requirement on any person carrying on any of those activities, lays out the criteria a person must meet before it can obtain a licence, imposes (and permits the BMA to impose) certain continuing obligations on any holder of a licence, and grants to the BMA supervisory and enforcement powers over regulated digital asset businesses. The BMA and other industry stakeholders are constantly reviewing and monitoring the framework in order to ensure that it remains fit for purpose and meets with all international standards of regulation, compliance and transparency. Through consultation with industry, the BMA, together with the Bermuda government, has already updated and improved the provisions of the DABA to give greater clarity and to facilitate more effective administration of its provisions, evidencing an actively engaged and responsive regulator.

 

Scope of the DABA

The DABA applies to any entity incorporated or formed in Bermuda and carrying on digital asset business (irrespective of the location from which the activity is carried out) and to any entity incorporated or formed outside of Bermuda and carrying on digital asset business in or from within Bermuda.

A “digital asset” is defined as anything that exists in binary format and comes with the right to use it and includes a digital representation of value that is (a) used as a medium of exchange, unit of account, or store of value and is not legal tender, whether or not denominated in legal tender, (b) intended to represent assets such as debt or equity in the promoter, (c) otherwise intended to represent any assets or rights associated with such assets, or (d) intended to provide access to an application of service or product by means of distributed ledger technology.

“Digital asset business” is defined as the provision of the following activities to the general public as a business:

  • Issuing, selling or redeeming virtual coins, tokens or any other form of digital asset: this is intended to regulate any person providing these services to other persons, whether such other person is situated in or outside Bermuda. It does not include a digital asset issuance to fund an issuer’s or promoter’s own business or project, which is regulated under the DAIA (see below).
  • Operating as a payment service provider business utilising digital assets, which includes the provision of services for the transfer of funds: the term “payment service provider” is used globally in AML/ATF laws, regulations and guidance, and is defined in Bermuda’s Proceeds of Crime (Anti-Money Laundering and Anti-Terrorist Financing) Amendment Regulations 2010 as “a person whose business includes the provision of services for the transfer of funds”.
  • Operating as a digital asset exchange: this means the operation of a centralised or decentralised electronic marketplace used for digital asset issuances, distributions, conversations and trades, including primary and secondary distributions, with or without payment.
  • Carrying on digital asset trust services: this means the carrying on of the business of acting as a fiduciary agent, or trustee on behalf of another person for the purpose of administration and management of a digital asset.
  • Providing custodial wallet services: this means the provision of services of storing or maintaining digital assets or a virtual wallet on behalf of a client.
  • Operating as a digital asset derivative exchange provider: this means the operation of a centralised or decentralised marketplace used for digital asset derivative issuances, distributions and trades with or without payment and that provides the services of creating, selling or otherwise entering into digital asset derivatives contracts or clearing and settlement of the same.
  • Operating as a digital asset services vendor: this includes a person that, under an agreement as part of its business, can undertake a digital asset transaction on behalf of another person or has power of attorney over another person’s digital asset, or a person who operates as a market maker for digital assets, or a person who operates as a digital asset benchmark administrator. The definition is intended to be widely interpreted to include any other business providing specific digital asset-related services to the public.

In addition to the above categories, the DABA includes an option for the Minister of Finance, after consultation with the BMA, to be able to add new categories or to amend, suspend or delete any of the categories listed above by order. The DABA specifically provides that the following activities shall not constitute digital asset business:

  • providing data storage or security services for a digital asset business, so long as the enterprise is not otherwise engaged in digital asset business activity on behalf of other persons; and
  • the provision of any digital asset business activity by an undertaking solely for the purpose of its business operations or the business operations of any of its subsidiaries.

 

Licensing requirement

The DABA requires persons carrying on digital asset business to obtain a licence before doing so, unless that person is subject to an exemption order issued by the Minister of Finance. At the time of writing, the Minister had not issued or proposed any exemption orders. Three classes of licence are available for applicants:

  • a Class F licence is a full licence to conduct any or all digital asset business activities and is not subject to a specified period, although the BMA has discretion to make any licence subject to restrictions where it deems it appropriate in the circumstances;
  • a Class M licence is the same as a Class F licence except with modified requirements and restrictions and will only be valid for a specified period of time determined by the BMA on a case-by-case basis. In advance of the expiry of a Class M licence, holders are expected to either apply for a Class F licence, cease carrying on digital asset business altogether or seek an extension to the Class M licence period, which may be granted at the BMA’s discretion; and
  • a Class T licence is for the sole purpose of carrying out pilot or beta testing in relation to the applicable digital asset business activities. In advance of the expiry of a Class T licence, holders are expected to either apply for a Class M or Class F licence, cease carrying on digital asset business altogether or seek an extension to the Class T licence period, which may be granted at the BMA’s discretion.

The intention behind this tiered licensing regime is to allow start-ups engaging in digital asset business to do so in a properly supervised regulatory environment, and to engage in proof of concept and develop a track record before obtaining a modified or full licence. The modified licence allows for persons who have developed proof of concept and are seeking to launch their products and services into the market, but might not be able to meet all the requirements of a full licence. The restrictions to which a licensee will be subject will depend on the business model of the prospective licensee and the risks associated with it, but include an obligation to disclose to prospective customers the fact that the licensee holds either a Class T or Class M licence and certain limitations on the volume of business the licensee is permitted to conduct, along with other restrictions as the BMA may deem necessary or appropriate on a case-by-case basis.

A prospective licensee may not necessarily receive the licence for which it applies: an applicant for a Class F licence may receive a Class M licence, or an applicant for a Class M licence may receive a Class T licence, if the BMA decides that a Class F or Class M licence, respectively, would be inappropriate in the circumstances. A licence will further specify the category (or categories) of digital asset business in which the licensee is permitted to engage. Carrying on digital asset business without a licence is a criminal offence punishable by a fine of up to US$250,000, imprisonment for a term of up to five years, or both.

 

Application process

An application for a digital asset business licence is made to the BMA and must specify the class of licence being sought and be accompanied by (a) a business plan setting out the nature and scale of the digital asset activities to be conducted, (b) particulars of the applicant’s arrangements for the management of the business, (c) policies and procedures to be adopted by the applicant to meet the obligations under the DABA and the Proceeds of Crime (Anti-Money Laundering and Anti-Terrorist Financing) Regulations 2008, (d) such other information and documents as the BMA may reasonably require for the purpose of determining the application, and (e) the applicable application fee.

 

Criteria to be met by licensees

The DABA provides that the BMA may not issue any licence unless it is satisfied that the applicant fulfils certain minimum criteria addressing the fitness and propriety of directors and officer ensuring business is conducted in a prudent manner, the integrity and skill of the business’s management, and standards of corporate governance observed by the (prospective) licensee. This is consistent with the position under other regulatory laws applicable to other sectors and is intended to ensure that the BMA maintains high standards for the conduct of regulated business. The BMA has also published a code of practice detailing requirements as to, inter alia, governance, risk management and internal controls applicable to licensees. The BMA recognises, however, that licensees have varying risk profiles arising from the nature, scale and complexity of the business, so assesses a licensee’s compliance with this code in a proportionate manner relative to the business’s nature, scale and complexity.

The DABA requires licensees to notify the BMA upon changes in directors or officer and the BMA has powers to, inter alia, object to and prevent new or increased ownership of shareholder controllers and the power to remove controllers, directors and officers who are no longer fit and proper to carry on their role.

 

Continuing obligations of licence holders

Persons holding a licence issued under the DABA are subject to several ongoing obligations.

Client disclosure rules: the BMA has used powers conferred to it under the DABA to promulgate the Digital Asset Business (Client Disclosure) Rules 2018 in order to mitigate the high degree of risk for consumers owing to the highly speculative and volatile nature of digital assets. These rules require licensees, before entering into any business relationship with a customer, to disclose to that customer: the class of licence it holds; a schedule of its fees and the manner in which fees will be calculated if not set in advance; whether it has insurance against loss of customer assets arising from being hacked or otherwise stolen; the extent to which a transfer or exchange of digital assets is irrevocable and any exceptions; governance or voting rights regarding client assets if the licensee is to hold client assets; the extent to which it will be liable for an unauthorised, mistaken or accidental transfer or exchange; and sundry other matters. The rules also oblige licensees to confirm certain information regarding transactions with clients at the conclusion of each such transaction.

Cybersecurity rules: alongside the client disclosure rules described above, the BMA has promulgated the Digital Asset Business (Cybersecurity) Rules 2018, which require licensees to file an annual cybersecurity report prepared by its chief information security officer assessing the availability, functionality and integrity of its electronic systems, any identified cyber-risk arising from any digital asset business activity carried on or to be carried on by the licensee, and the cybersecurity program implemented and proposals for steps to remediate any inadequacies identified

The cybersecurity program itself must include (but is not limited to) the following audit functions:

  • penetration testing of its electronic systems and vulnerability assessment of those systems conducted at least on a quarterly basis; and
  • audit trail systems that:
    • track and maintain data that allows for the complete and accurate reconstruction of all financial transactions and accounting;
    • protect the integrity of data stored and maintained as part of the audit trail from alteration or tampering;
    • protect the integrity of hardware from alteration or tampering, including by limiting electronic and physical access permissions to hardware and maintaining logs of physical access to hardware that allows for event reconstruction;
    • log system events including but not limited to access and alterations made to the audit trail systems, and cybersecurity events; and
    • maintain records produced as part of the audit trail.

Custody and protection of consumer assets: licensees holding client assets are required to have in place and maintain a surety bond, trust account or indemnity insurance for the benefit of their customers, in such form and amount as the BMA deems acceptable or such other arrangements as the BMA may approve. Any such trust account must be maintained with a qualified custodian appropriate for the type of asset held. A licensee is, in addition, required to maintain books of account and other records sufficient to ensure that customer assets are kept segregated from those of the licensee and can be identified at any time. All customer funds must be held in a dedicated separate account and clearly identified as such.

Senior representative: the DABA imposes an obligation on licensees to appoint a senior representative, to be approved by the BMA, who must maintain an office in Bermuda (except where such representative is approved by the BMA for purposes of a Class T licence) and who is sufficiently knowledgeable about both the licensee itself and the industry in general. This senior representative will himself be under a duty to report to the BMA certain significant matters, including: a likelihood of the licensee becoming insolvent; breaches by the licensee of any conditions imposed by the BMA; involvement of the licensee in criminal proceedings, whether in Bermuda or elsewhere; and other material developments.

Head office: the DABA also requires licensees, other than those issued a Class T licence, to maintain a head office in Bermuda and to direct and manage their digital asset business from Bermuda. The relevant section goes on to list a number of factors the BMA shall consider in determining whether a licensee satisfies this requirement, together with a number of additional factors to which the BMA may (but need not) have regard.

Annual prudential return: a licensee is obliged to file with the BMA an annual prudential return, with the BMA being granted the power to require more frequent filings or additions to a filing if required in the interest of consumer protection. The annual prudential return should be accompanied by a copy of the licensee’s audited financial statements and business plan for the following year, and include information relating to, inter alia, business strategy and risk appetite, products and services, the number, risk rating and geographical profile of customer accounts, information on risk and cybersecurity (including a risk self-assessment and policies in these areas), AML/ATF controls, corporate governance, audited financial statements and details on any outsourcing to third parties.

 

BMA’s supervision and enforcement powers

The DABA grants the BMA wide-ranging powers of supervision and enforcement. It will have the power to compel production of information and documents (with criminal sanctions for non-production or for making false or misleading statements), the power to issue such directions as appear to be desirable to it for safeguarding the interests of a licensee’s clients where a licensee is in breach of the DABA or regulations or rules applicable to it, and the power to impose conditions and restrictions on licences. For example, the BMA may:

  • require a licensee to take certain steps or to refrain from adopting or pursuing a particular course of action, or to restrict the scope of its business activities in a particular way;
  • impose limitations on the acceptance of business;
  • prohibit a licensee from soliciting business, either generally or from prospective clients;
  • prohibit a licensee from entering into any other transactions or class of transactions;
  • require the removal of any officer or controller; and/or
  • specify requirements to be fulfilled otherwise than by action taken by the licensee.

In more extreme cases, the BMA may revoke a licence altogether and, if it so elects, subsequently petition the court for the entity whose licence it has revoked to be wound up. In the event a licensee fails to comply with a condition, restriction or direction imposed by the BMA or with certain requirements of the DABA, the BMA has the power to impose fines of up to US$10,000,000. Alternatively, it may issue a public censure (“naming and shaming”), issue a prohibition order banning a person from performing certain functions for a Bermuda regulated entity, or obtain an injunction from the court. The BMA will use these enforcement powers in a manner consistent with the Statement of Principles and Guidance on the Exercise of Enforcement Powers it published in September 2018, which contains general guidance applicable to all regulated sectors on the BMA’s approach to the use of its enforcement powers and the factors it will consider in assessing whether to exercise those powers.

 

Digital Asset Issuance Act

The DAIA came into force in May 2020, superseding legislation that had been introduced in 2018 to initially regulate persons carrying on an offering of digital assets via a digital asset issuance in or from within Bermuda and to protect the interests of persons acquiring digital assets through such issuances.  Since the DAIA’s enactment, the BMA has promulgated rules and a statement of principles in order to supplement the DAIA. In summary, the DAIA specifies swhat activities amount to a digital asset issuance, prohibits such activities other than by authorised undertakings, lays out the criteria a person must meet before it can become an authorised undertaking, imposes (and permits the BMA to impose) certain continuing obligations on any authorised undertaking, and grants to the BMA supervisory and enforcement powers over the issuers and/or promoters of digital asset issuances. The BMA and other industry stakeholders are constantly reviewing and monitoring the framework in order to ensure that it remains fit for purpose and meets with all international standards of regulation, compliance and transparency. Through consultation with industry, the BMA, together with the Bermuda government, has already updated and improved the provisions of the DAIA to give greater clarity and to facilitate more effective administration of its provisions, evidencing an actively engaged and responsive regulator.

 

Scope of DAIA

The DAIA applies to any undertaking incorporated or formed in or outside Bermuda and that conducts any digital asset issuance in or from within Bermuda. A “digital asset issuance” is defined as an offer to the public, or any section of the public, to acquire digital assets or to enter into an agreement to acquire digital assets at a future date. The DAIA requires any undertaking seeking to conduct a digital asset issuance to obtain prior authorisation from the BMA.

If the digital asset issuance would not result in the digital assets becoming available to more than 150 persons or was to persons whose ordinary business involves the acquisition, disposal or holding of digital assets or was an offer to qualified acquirers, then the undertaking conducting such digital asset issuance would not be treated as an offer to the public. In such instances, the issuer and/or promoter would be required to file a digital asset placement declaration form with the BMA prior to entering into any transaction rather than having to seek prior authorisation. “Qualified acquirers” include high income (US$200,000 per annum for two years) and high-net-worth (greater than US$1,000,000 excluding residence value) private acquirers, corporate and unincorporated bodies with not less than US$5,000,000 in assets and other similar persons and arrangements.

Conducting a digital asset issuance in or from within Bermuda without authorisation is a criminal offence punishable by a fine of up to US$100,000, imprisonment for a term of up to five years, or both.

 

Authorisation requirements

An application for authorisation to conduct a digital asset issuance shall be made to the BMA and be accompanied by (a) a business plan setting out the nature and scale of the digital asset issuance to be conducted, (b) a copy of the issuance document to be made available to digital asset acquirers, (c) particulars of the applicant’s arrangements for the management of the offering via the issuance, (d) policies and procedures to be adopted by the applicant to meet the obligations under the DAIA and the Proceeds of Crime (Anti-Money Laundering and Anti-Terrorist Financing) Regulations 2008, (e) such other information and documents as the BMA may reasonably require for the purpose of determining the application, and (f) the applicable application fee.

 

Authorisation criteria

The DAIA provides that the BMA may not authorise an undertaking to conduct a digital asset issuance unless it is satisfied that the applicant fulfils certain minimum criteria addressing the fitness and propriety of directors and officer ensuring business is conducted in a prudent manner, the integrity and skill of the business’s management, and standards of corporate governance observed by the undertaking. This is consistent with the position under other regulatory laws applicable to other sectors and is intended to ensure the BMA maintains high standards for the conduct of regulated business. The BMA has also published the Digital Asset Issuance Rules 2020 (Rules), detailing requirements as to, inter alia, minimum required information for a digital asset issuance document, ongoing disclosures and information technology and cybersecurity, custody of acquirer assets and compliance measures. 

The DABA requires licensees to notify the BMA upon changes in directors or officer and the BMA has powers to, inter alia, object to and prevent new or increased ownership of shareholder controllers and the power to remove controllers, directors and officers who are no longer fit and proper to carry on their role.

 

Ongoing obligations

Authorised undertakings are subject to several ongoing obligations:

Communications facility: the promoter shall provide during the period of an offer or suspension, an electronic facility for persons to access the issuance document, post and read messages relating to the offer and ask questions relating to the offer

Cooling-off rights: provide a mechanism through which any applicant that has agreed to acquire digital assets under the offering to withdraw the application within three business days after the application is made.

Information technology and cybersecurity rules: an authorised undertaking is under an obligation to establish and maintain, for the duration of its authorisation and five years beyond, a data audit node in Bermuda where all information about the digital asset issuance will be stored real-time in an accurate and tamper-proof manner as well as deliver a cybersecurity report and program similar to those required under the DABA (see above). 

Custody and separate accounts: an authorised undertaking holding the assets of digital asset acquirers shall keep its accounts in respect of such assets separate from any accounts kept in respect of any other business for a period of time as specified in the legislation and Rules.

Local representative: authorised undertakings must appoint a local representative, to be approved by the BMA, who must maintain an office in Bermuda and who is sufficiently knowledgeable about both the authorised undertaking itself and the industry in general. This local representative will be under a duty to report to the BMA certain significant matters, including: a likelihood of the licensee becoming insolvent; breaches by the authorised undertaking of any conditions imposed by the BMA; involvement of the licensee in criminal proceedings, whether in Bermuda or elsewhere; a material misstatement being found in the issuance document; and other material developments.

Compliance measures: an issuer shall ensure that it applies “appropriate measures” with regard to customer due diligence in relation to a digital asset issuance as set out in the Rules as well as appoint a Reporting Officer and Compliance Officer. 

 

BMA’s supervision and enforcement powers 

The DAIA grants the BMA wide-ranging powers of supervision and enforcement similar to those granted under the DABA (see above).

 

Sales regulation

Other than digital asset business activity or issuing, selling or redeeming of digital assets under the DABA and the offering of digital assets by way of an issuance under the DAIA, there are no Bermudian laws, regulations or other restrictions governing the participation of persons resident or situated in Bermuda in the purchase, holding or sale of digital assets.

Taxation

There are no income, capital gains, withholding or other taxes imposed in Bermuda on digital assets or on any transactions involving them (the potential application of Bermuda’s foreign currency purchase tax is discussed below, under “Border restrictions and declaration”). Moreover, exempted companies or limited liability companies carrying on digital asset business, including digital asset issuers, may apply for an undertaking from the Minister of Finance to the effect that, in the event of there being enacted in Bermuda any legislation imposing tax computed on profits or income or computed on any capital asset, gain or appreciation, then the imposition of any such tax shall not be applicable to such company or to any of its operations.

Money transmission laws and anti-money laundering requirements

Operating a payment service business utilising digital assets (including the provision of services for the transfer of funds) or operating a digital asset exchange constitutes a regulated activity for the purposes of the DABA (on which see above).

Bermuda has a long-established and well-earned reputation as an international financial centre, and a crucial aspect of this is its robust AML/ATF regime. The jurisdiction made further enhancements to this regime ahead of its fourth-round mutual evaluation by the Financial Action Task Force in 2018.

The DABA amended certain provisions of Bermuda’s existing AML/ATF laws and regulations in order to ensure that the AML/ATF regime applies expressly to the carrying on of digital asset business, with the BMA subsequently issuing new AML/ATF guidance notes relating specifically to the conduct of digital asset business.

Most recently, at the time of publication of this chapter, the BMA had published for industry consultation its 2021 Guidance Notes for AML/ATF Regulated Financial Institutions on Anti-Money Laundering and Anti-Terrorist Financing, Annex VIII Sector-Specific Guidance Notes (SSGN) for Digital Asset Business.

A detailed discussion of the requirements imposed by Bermuda’s AML/ATF regime is beyond the scope of this chapter, but in short, digital asset businesses are required to establish policies and procedures to prevent money laundering and terrorist financing. These policies and procedures must cover customer due diligence, ongoing monitoring, reporting of suspicious transactions, record-keeping, internal controls, risk assessment and management, and the monitoring and management of compliance with, and internal communication of, these policies and procedures.

Promotion and testing

The Bermuda government has launched and continues to develop a number of initiatives aimed at promoting investment by technology businesses in Bermuda, including the Class T licence under the DABA and the Insurtech Sandbox regime, which allow for the testing and development of technology or technologically driven products and services in a safe and cooperative regulatory environment.

The government has also appointed a specialist technology team with a remit to promote the sector in Bermuda and attract more business to the island. The team also provides a specialist concierge service aimed at making the transition to Bermuda as easy as possible for new entrants.

The government has also introduced a tailored immigration policy for technology businesses that allows technology-focused companies that are new to Bermuda to receive immediate approval of up to five work permits for non-Bermudian staff within the first six months of obtaining its business permit. In order to benefit from this, a business must present a plan for the hiring, training and development of Bermudians in entry-level or trainee positions. A business may not, however, apply for a work permit under this policy in respect of any job categories that are closed (i.e. reserved exclusively for Bermudians, their spouses and permanent resident certificate holders only) or restricted (in respect of which a permit may only be obtained for one year) under Bermuda’s employment legislation, or which are entry-level, graduate or trainee positions.

Ownership and licensing requirements

Under current Bermuda law, and under the DABA and DAIA, no licensing requirements are imposed on any person merely by virtue of that person holding any form of digital asset, unless that person does so in the course of its business and on behalf of another, in which case that person will likely be regarded as either a digital asset trust services provider or a digital asset services vendor and thus subject to regulation under the DABA. 

An investment fund incorporated or formed in Bermuda that proposes to deal in digital assets as part of its investment strategy may fall within the ambit of the Investment Funds Act 2006. Depending on the type of fund, this may require an application for authorisation from or registration with the BMA prior to commencing business.

Mining

Digital asset mining is not within scope of the DABA as an activity in its own right and therefore remains an unregulated activity from a Bermuda perspective, whether conducted in Bermuda or by a Bermuda company outside of Bermuda. Notwithstanding this, the BMA is aware of other jurisdictions where such activity is prohibited or restricted in some way and will expect any Bermuda company conducting mining activity outside of Bermuda to be wholly compliant with any laws or regulations applied by the governing authorities of the jurisdictions where such activities are being conducted.

Border restrictions and declaration

Bermuda imposes a foreign currency purchase tax of 1% whenever a Bermuda resident purchases a foreign currency from a Bermuda-based bank. This tax will not apply to most (if not all) purchases of cryptocurrency or other digital assets, on the grounds that these are purchased almost exclusively from digital exchanges, whereas the foreign currency purchase tax applies only to purchases from banks in Bermuda. This renders immaterial the question of whether “foreign currency” in this context would include cryptocurrency (the BMA has not, to date, expressed a view).

There are no other border restrictions on cryptocurrencies or other digital assets; the only obligation to make a customs declaration in respect of any form of money arises in respect of cash or negotiable instruments in excess of US$10,000.

Reporting requirements

Digital asset businesses and their senior representatives are subject to certain reporting obligations under the DABA, as described in more detail above. The DABA does not impose any reporting requirements in respect of individual digital asset payments, irrespective of their value, although licensees are required to include anonymised details on transaction volume, value and geographical spread in their annual returns.

Estate planning and testamentary succession

There is no particular regime of Bermuda law that deals specifically with the treatment of cryptocurrencies or other digital assets upon the death of an individual holding them.  This means that, in principle, digital assets will be treated in the same way as any other asset and may be bequeathed to beneficiaries in a will, or, if a person dies intestate, will fall to be dealt with under the Succession Act 1974.

The main potential difficulty that may arise is practical and is by no means unique to Bermuda; namely that anyone inheriting any kind of digital asset will, on the face of it, only be able to access that digital asset if the beneficiary has, or can obtain or access, the private key to the wallet in which it is stored. Most exchanges have policies in place to transfer digital assets to next of kin but these policies, and the transfer requirements, will vary between the exchanges.

If you have any questions relating to blockchain and cryptocurrency regulation or about our services in this sector, please contact one of the lawyers listed or visit our crypto and blockchain service page.

The full GLI guide to blockchain and cryptocurrency regulation 2022 covers 29 jurisdictions and includes 17 general chapters.

Our people