CySEC updates rules for regulated brokers’ cross border activity

As CySEC’s attitude of adopting more stringent licensing guidelines and operating regulations becomes ever clearer, certain aspects of the rules and operations start to come into sharper focus.

Among those is what the regulator calls the requirements to provide investment and ancillary services and/or perform investment activities in a third country.

CySEC today sent a circular to its regulated brokers, in which it mentioned some basic rules that every broker has to obey. It also drew attention to its board’s decision on October 24 , which replaced circular 256.

According to the circular, onboarding overseas clients now requires a broader set of features and the presence of an active regulatory approval to ensure soundness of operating in another jurisdiction.

However, the Cypriot regulator has opened both doors – flexibility in its legal requirements as well as the ability to restrict the CIF’s access to provide investment activities in a third country.

Back to the official announcement, the Cyprus Investment Firms (‘CIFs’) must now assess their existing third-country-passports and secure official documents to either confirm that they hold relevant authorisation, or to be granted relief from the obligation to hold such a licence in that territory.

“CIFs wishing to provide and/or perform investment and ancillary services and/or activities in third countries, must notify CySEC via a letter of their intention to do so. The letter should include a list of third countries where the CIF intends to provide/perform services and activities,” the Cypriot watchdog says.

In other words, once a regulatory equivalence has been established, that firm is subject to a ‘mandatory’ verification process. We describe it as ‘mandatory’ since CIFs will be obliged to submit supporting evidence for the documents describing their regulatory status and that they could be subject to inspection when CySEC deems necessary.

The CySEC’s newest circular is devoted entirely to explaining the exact steps of the process. It says: CIFs should carry out the following actions:

  • Prior to providing/performing the said services/activities in third countries, CIFs need to acquire the necessary authorisation by the respective competent Authorities of the third countries, in accordance with their legislative framework.
  • (ii) CIFs should provide CySEC with a certified copy of the authorisation for the provision of these services by the competent Authority of the third country.
  • (iii) In the case that the third country does not require such authorization, the CIF must provide CySEC a relevant certificate from the competent Authority of the Third country, stating that the legislation does not require such authorisation for the services/activities to be carried out.
  1. CIFs are exclusively responsible for acquiring such authorisation by the competent Authorities of the third countries.
  2. CIFs must also file this information in the Portal and notify CySEC in writing of any subsequent changes to the third countries in which they operate.
  3. All existing and newly established CIFs must declare on their websites the names of all the third countries in which they provide/perform services/activities.
  4. CIFs that are already operating in third countries should ensure that they continue to comply with the Legislative Framework applicable in the relevant Third Country.