SEC Draft Rules on Digital Asset Exchanges

July 17, 2019 – The Securities and Exchange Commission (SEC) Draft Rules on Digital Asset Exchange was released yesterday July 16, 2019, inviting brokers, dealers, investments houses, investment public, and other interested parties to submit their views, comments, and inputs to the proposed rules.

Overview

In order to recognize innovation in the capital market, SEC formulated the rules to govern Digital Asset Exchanges (DAEs) in accordance with the Securities Regulation Code (SRC) that would work toward the development of the Philippine Financial Market allowing to access in a safe, transparent, reliable, and cost-effective manner while also ensuring and managing the investors settlement risk and market price discovery.

The Securities and Regulation Code (SRC) will provide the power and functions of the Commission to supervise, monitor, suspend or take over the activities of exchanges, clearing agencies, and other self-regulatory organizations (SROs). It will promote national economic development, competitive market price, and directs the Commission to promote rules for the registration and licensing of innovative and other trading markets for innovative securities, securities of small, medium, growth and venture enterprises, and technology-based ventures.

The “2016 Revised Implementing Rules and Regulations of the Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT)” will ensure the Philippines shall not be used as a money-laundering site for the proceeds of any unlawful activity.

Here are the important aspects of the rules governing Digital Asset Exchanges:

What is a digital asset exchange (DAE)?

An organized marketplace or facility that brings together the buyers and sellers and executes trades of securities. This includes buying/selling digital assets with fiat (fiat/digital asset pairing) as well as buying/selling digital assets with other digital assets (digital asset/digital asset pairing). They can be viewed as an online marketplace for the entire Digital Asset network.

Registration, Qualifications and Disqualifications of DAE

DAE should be duly incorporated, under SRC, unless registered as a Self-Regulatory Organization under the rules on the DAE. In applying for registration, the application needs to specify the intention to conduct digital asset activities. While foreign digital exchanges are welcome to apply, the Commission will require the foreign DAE to have an existing information-sharing arrangement in place between the Commission and the foreign DAE where the foreign regulator approved them. In addition to registration, DAE should follow the minimum Operational Framework which includes what they perceive as crucial, sufficient financial, human, and other resources stability and cybersecurity disclosures assessment of issuer-members.

How much is the initial capitalization requirement to set up a Digital Asset Exchange in the Philippines?

Initial capitalization requirement is in Philippine [Fiat] money paid-up capital of at least Php 100,000,000.

Technology, Governance, and Controls

The Digital Asset Exchange should establish systems and controls to ensure affairs are managed effectively, with responsibility and subject to regular review. This will include digital assets, private keys, source, and destination of digital assets funds; security and risk management.

Cybersecurity Policy

The DAE should have a written cybersecurity policy as required by the SRC. The DAE must inform its customers, investors, etc about cybersecurity risks and incidents in a timely manner. This cybersecurity policy should include the following as minimum:

1. Policies guarding against directors, officers and other corporate insiders taking advantage of the period between the company’s discovery of a cybersecurity incident and public disclosure of the incident to trade on material nonpublic information;
2. Policies that ensure the timely disclosure of any related material nonpublic information on cybersecurity;
3. Appropriate disclosure controls and procedures for discerning the impact of cybersecurity risks to the company and its business, financial condition, and results of operations, including the potential materiality of such risks and incidents; and,
4. Include written procedures, guidelines, and standards reasonably designed to ensure the security of all applications utilized by the Digital Asset

Business Community Plan

In any business operations, business continuity plan will ensure that the business processes will continue during the time of emergency or disaster, at a minimum time plan and who are the responsible personnel. The minimum Business Continuity Plan and Disaster Recovery plan should include the minimum;

1. identify documents, data, facilities, infrastructure, personnel and competencies essential to the continued operations of the Digital Asset Exchange business;
2. identify the supervisory personnel responsible for implementing each aspect of the BCDR plan, and third parties necessary to the continuous operation of the Digital Asset Exchange business;
3. include a plan to communicate with employees, counterparties, regulatory authorities, data and communication providers, disaster recovery specialists, and any other Persons essential to the recovery of documentation and data and the resumption of operations;
4. include procedures for the maintenance of back-up facilities, systems, and infrastructure, and as alternative staffing and other resources to enable the timely recovery of data and documentation and to resume operations as soon as reasonably possible following a disruption to normal business activities;
5. include procedures for the back-up or copying, with sufficient frequency, of documents and data essential to the operations of the Digital Asset Exchange and offsite information storage

The DAE should provide for notification to the Commission of the emergency or disruption to the Digital Asset Exchange business that may affect its ability to fulfill regulatory obligations or that may have a significant adverse effect on the Digital Asset Exchange, its counterparties, or the market.

Other Takeaways

• The SEC stresses its opposition to insider trading and these rules are made to prevent such.
• Marketing and advertisement requirements should include the statement “the Digital Asset Exchange is licensed to engage in Digital Asset Business Activity by the Philippines Securities and Exchange Commission.”
• The SEC decision to allow the establishment of DAE for trading digital assets is aligned with regulation to allow Initial Coin Offering in the country.

Note that the upcoming Rules on Digital Asset Exchange is different from the Virtual Currency Exchange License from the Bangko Sentral ng Pilipinas (BSP).

The public is invited to send their comments, views, and opinions to the SEC by August 14, 2019 to any of the following emails:

• jfbpatillero[at]sec.gov.ph
• vcvarga[at]sec.gov.ph

Or you can also mail it to Markets and Securities Regulation Department (MSRD), Ground Floor Secretariat Building, PICC Complex, Roxas Boulevard, Pasay City, c/o Ms. Jessa Farra Patilleros and Ms. Varellie Vargas.

This article is first published on BitPinas: [Key Takeaways] SEC Draft Rules on Digital Asset Exchanges

Photo by Michael Buillerey on Unsplash