The Crypto-Asset Exchange System in Bahrain
Bahrain's forward-thinking fintech regulations, coupled with a commitment to fostering young tech talent, have successfully lured some of the globe's most inventive financial entities to the region. Notably, cryptocurrency exchange Binance recently secured its inaugural license as a crypto-asset provider within the Gulf Cooperation Council (GCC).
To engage in cryptocurrency trading, such as buying or selling Bitcoin or Ethereum, individuals must first establish an account on a cryptocurrency exchange platform. These platforms, known as crypto-asset exchanges (CAX), including popular ones like Kraken, Coinegg, Gemini, and Binance, facilitate the exchange of traditional currencies like Bahraini Dinars or U.S. Dollars for digital assets.
A CAX allows users to trade one crypto-asset for another, such as converting Bitcoin to Litecoin or purchasing crypto using regular currency like Bahraini Dinar or U.S. Dollar. These exchanges display real-time market prices for the cryptocurrencies they offer, enabling users to monitor and make informed trading decisions. Additionally, users can convert their cryptocurrencies back into traditional currency, either leaving it in their exchange account for future crypto trading or withdrawing it to their regular bank account.
The Central Bank of Bahrain (CBB) introduced the crypto-asset module in 2019, outlined in Volume 6 of the CBB Rulebook. This regulatory framework provides guidelines for CAX platforms, ensuring compliance and proper operations within Bahrain.
When evaluating the suitability of a crypto-asset, the CBB considers factors such as the issuer's technological expertise, reputation, traceability, and volatility of the crypto-asset. Regulated Crypto-Asset services include order execution, dealing on one's own account, portfolio management, custody of clients' assets, and offering investment advice. Licensees may combine these services as long as it avoids potential conflicts of interest.
Certain activities, such as creating or administering crypto-assets, developing or using software for crypto-asset creation or mining, and loyalty programs, are not within the scope of regulated Crypto-Asset services.
Applicants seeking a license under the CBB's framework can choose from four categories. Importantly, for categories one to three, the legal status must be a Bahraini company with limited liability, a Bahraini joint-stock company, or a branch resident in Bahrain of a company incorporated under the laws of its territory of incorporation.
Relevant Fees
Applicants are obligated to submit a non-refundable fee of 100 Bahraini Dinars (BD) to the Central Bank of Bahrain (CBB). Upon approval of the application, licensees will then be subject to an annual license fee calculated at 0.25% of their operating expenses.
Licensing Requirements
Licensees are mandated to establish a designated place of business within Bahrain. In the case of overseas Crypto-Asset Exchanges (CAXs), approval from the CBB is required to maintain a local management premise in the Kingdom. The application process must include a comprehensive business plan and submission of application forms for all shareholders, subsidiaries, and controlled functions. Additionally, the CBB necessitates the appointment of an independent third party to conduct a readiness assessment on the licensee's risk management system, organizational structure, and operational manuals.
While Bahrain-based licensees must maintain a specified level of financial resources, overseas CAX licensees must demonstrate that their platforms are sufficiently resourced to mitigate the risks associated with their operations. Apart from appointing a licensed external auditor, licensees must assure that substantial shareholders do not pose undue risks to the platform.
To prevent the misuse of system errors, licensees must implement adequate segregation among staff arrangements, ensuring that control is not concentrated in the hands of a single individual.
Client Portfolio
Prospective licensees must ensure that their clients are at least 21 years old, are not acting as third-party agents for other organizations, and maintain a designated bank account with a licensed retail bank. It is important to note that entities such as charitable funds, sporting, social, religious, cooperative, and professional societies cannot register as clients. Licensees are also responsible for maintaining confidentiality of all client-supplied information and disclosing relevant terms, conditions, and transactions associated with their services.
Keyman Risk Management and Compliance
To address keyman risk, the CBB mandates procedures, including obtaining insurance coverage, to manage unforeseen circumstances where information becomes unavailable. This includes situations where encryption keys or passcodes to stored assets, such as wallets, become inaccessible. Licensees are additionally required to establish permanent compliance functions that effectively adhere to the responsibilities and conditions outlined in the CBB Rulebook.
Security Measures
In an effort to enforce robust network security practices, licensees are strongly advised to implement firewalls, regularly change passwords, and employ data encryption in transit and at rest. The CBB recommends the implementation of competent cybersecurity programs to ensure the availability and functionality of electronic systems, protecting them from unauthorized access. Licensees must also establish mechanisms for reporting cybersecurity risks, emerging trends, and potential breaches to initiate prompt recovery plans.
Other Relevant Requirements
Applicants have the option to appoint a legal representative, such as a law firm or professional consultancy, to prepare and submit the application on their behalf.
Licensees must ensure that, when dealing with accepted crypto assets, their proprietary affairs do not exceed 50% of the paid-up capital or net shareholders' equity (whichever is lower).
The CBB encourages licensees to adopt a well-designed Business Continuity and Disaster Recovery plan and maintain professional indemnity coverage with a minimum amount of 100,000 Bahraini Dinars from the CBB's licensed insurance firm. Among other obligations, licensees must provide regulated financial services without discrimination and conduct their activities in a fair, orderly, and transparent manner.
After Approval is Issued
Licensees are required to commence operations within six months of receiving approval from the CBB. Additionally, they are urged to promptly notify the CBB of any legal proceedings against them, breaches committed, or any susceptibility to insolvency.
Crypto Wallets
The CBB introduces two types of crypto wallets in its Rulebook. The custodial wallet gives clients limited control over their crypto-assets, while the non-custodial wallet provides clients with complete control. Licensees dealing with alternative types of crypto-assets are advised to consult the CBB.
Crypto-Asset Custody Services
The CBB outlines three acceptable types of custodial arrangements for crypto-asset custody services: in-house custodian, third-party custodian, and self-party custodian. Licensees are prohibited from trading, assigning, lending, or dealing with accepted crypto-assets unless directed otherwise by the client. Clients must be informed about the use and function of custody wallets.
Growth of CAXs in Bahrain
The increasing presence of CAXs in Bahrain is evident through the CBB's approval of well-recognized and Shari’a-compliant cryptocurrency platforms. Rain, as the first licensed Crypto-Asset Brokerage, underwent a rigorous two-year regulatory process, offering investors leading cryptocurrencies with stringent security measures. Coin MENA, having met operational and security requirements, obtained a license to operate its trading CAX services in Bahrain, providing retail and institutional investors with major cryptocurrencies and implementing robust security measures.