Back Custom print Link Text Only Rich Text Print

  • CRA-4.3 CRA-4.3 Listing of Crypto-assets

    • CRA-4.3.1

      This section outlines the frameworks, criteria and obligations for listing of crypto-assets by a licensee.

      Amended: April 2023
      Added: April 2019

    • CRA-4.3.2

      [This Paragraph was deleted in April 2023].

      Deleted: April 2023
      Added: April 2019

    • CRA-4.3.2A

      Licensees are allowed to undertake spot trading (spot market) in crypto-assets.

      Added: April 2023

    • CRA-4.3.2B

      The CBB may, at its sole discretion, allow a licensee to list and conduct trading activities in derivatives of crypto-assets such as, but not limited to, futures, options, indices, contract for difference (CFD’s), swaps etc provided the CBB is satisfied that the licensee has a comprehensive derivative transactions risk management framework. The aforementioned risk management framework should provide appropriate measure to mitigate, amongst others, market risk, credit risk, liquidity risk, settlement risk, operational risk and legal risk. In addition, the derivative transaction risk management framework should also include guidelines for stress testing, back testing, settlement process, margin methodology, derivative product selection policy, client exposure limit and suitability and appropriateness policy.

      Added: April 2023

    • CRA-4.3.3

      [This Paragraph was deleted in April 2023].

      Deleted: April 2023
      Added: April 2019

    • CRA-4.3.4

      [This Paragraph was deleted in April 2023].

      Deleted: April 2023
      Added: April 2019

    • CRA-4.3.5

      [This Paragraph was deleted in April 2023].

      Deleted: April 2023
      Added: April 2019

    • Crypto-asset Listing Policy

      • CRA-4.3.6

        Licensees must establish and adopt a board approved crypto-asset listing policy in accordance with the framework stipulated in this Section.

        Added: April 2023

      • CRA-4.3.7

        Licensees must, prior to commencement of business operations, provide a copy of the crypto-asset listing policy to the CBB. Unless the CBB raises specific concerns with respect to the board approved crypto-asset listing policy, licensees may implement the policy and self-certify crypto-assets for listing on its platform.

        Added: April 2023

      • CRA-4.3.8

        Prior to listing a crypto-asset, a licensee must notify the CBB of its intent to list the crypto-asset, provide the findings of the risk assessment undertaken in accordance with Paragraph CRA- 4.3.14 along with the board resolution approving the crypto-asset. The licensee must confirm in its notification to CBB that the proposed new crypto-asset complies with the requirements of its crypto-asset listing policy.

        Added: April 2023

      • CRA-4.3.9

        Licensees must provide a list of all the crypto-assets listed on its platform no later than 10 days from the end of each quarter.

        Added: April 2023

      • CRA-4.3.10

        The crypto-asset listing policy referred to in Paragraph CRA-4.3.6 must include robust procedures that comprehensively address all steps involved in the review and approval of crypto-assets. Licensees must have necessary monitoring capability (e.g. via monitoring systems, internal monitoring control, on-chain analysis etc.) in place before listing of the crypto-asset on its platform.

        Added: April 2023

      • CRA-4.3.11

        The crypto-asset listing policy should help establish a mechanism for approval of a crypto-asset only if the licensee unambiguously concludes that the listing and trading of the crypto-asset is consistent with the CBB’s approach to establish a fair, transparent and orderly crypto-asset market, complies with applicable laws, rules and regulations and is not detrimental to the interest of the market or client.

        Added: April 2023

      • CRA-4.3.12

        Licensees must not list crypto-assets that facilitate or may facilitate the obfuscation or concealment of the identity of a client or counterparty or crypto-assets that are designed to, or substantially used to circumvent laws and regulations. Licensees must ensure that they only list crypto-assets to which they have in place the necessary AML monitoring capabilities.

        Added: April 2023

      • CRA-4.3.13

        Licensees must ensure that:

        (a) Decisions to approve or disapprove each new crypto-asset is taken in accordance with the crypto-asset listing policy;
        (b) Any actual or potential conflicts of interest in connection with the review and decision-making process have been assessed and effectively addressed, whether such actual or potential conflicts of interest are related to the licensee’s board members, shareholders employees, their families, or any other party;
        (c) Records are readily available for the CBB’s review, of the crypto-asset listing policy’s application to each crypto-asset. This includes the final approval for listing of a crypto-asset, the documents reviewed including an assessment of all associated material risks in connection with each crypto-asset approval or disapproval, such as reviews and sign-offs by various departments of the licensee, such as the legal, compliance, cybersecurity, and operations department etc.;
        (d) The crypto-asset listing policy is reviewed annually to ensure that it continues to properly identify, assess, and mitigate the relevant risks and to ensure the robustness of the governance, monitoring and oversight framework;
        (e) It informs the CBB immediately, at any time after the submission of its crypto-asset listing policy to CBB, if the said policy ceases to comply with the general framework laid out in this Section; and
        (f) It does not make any changes or revisions to its crypto-asset listing policy without the prior written approval of its Board. A copy of the revised crypto-asset listing policy along with the written Board approval must be submitted to the CBB.
        Added: April 2023

    • Risk Assessment

      • CRA-4.3.14

        Licensees must establish criteria and undertake a comprehensive risk assessment of the crypto-assets that it intends to list on its platform. The assessment must include, but are not limited to, the following:

        (a) Licensees must conduct a thorough due diligence process to ensure that the crypto-asset is created or issued for lawful and legitimate purposes, and not for evading compliance with applicable laws and regulations (e.g., by facilitating money laundering or other illegal activities) and that the process is subject to a strong governance and control framework.
        (b) Licensees must consider the following factors while undertaking the due diligence:
        (i) The technological experience, track record and reputation of the issuer and its development team;
        (ii) The availability of a reliable multi-signature hardware wallet solution;
        (iii) The protocol and the underlying infrastructure, including whether it is: (1) a separate blockchain with a new architecture system and network or it leverages an existing blockchain for synergies and network effects, (2) scalable, (3) new and/or innovative or (4) the crypto-asset has an innovative use or application;
        (iv) The relevant consensus protocol;
        (v) Developments in markets in which the issuer operates;
        (vi) The geographic distribution of the crypto-asset and the relevant trading pairs, if any;
        (vii) Whether the crypto-asset has any in-built anonymization functions; and
        (viii) Crypto-asset exchanges on which the crypto-asset is traded.
        (c) Operational risks associated with a crypto-asset. This includes the resulting demands on the licensee’s resources, infrastructure, and personnel, as well as its operational capacity for continued client on-boarding and client support based on reasonable forecasts considering the overall operations of the licensee;
        (d) Risks associated with any technology or systems enhancements or modification requirements necessary to ensure timely adoption or listing of any new crypto-asset;
        (e) Risks related to cybersecurity: Whether the crypto-asset is and will be able to withstand, adapt and respond to cyber security vulnerabilities, including size, testing, maturity, and ability to allow the appropriate safeguarding of secure private keys;
        (f) Traceability/Monitoring of the crypto-asset: Whether licensees are able to demonstrate the origin and destination of the specific crypto-asset, whether the crypto-asset enables the identification of counterparties to each trade, and whether transactions in the crypto-asset can be adequately monitored;
        (g) Market risks, including minimum market capitalisation, price volatility, concentration of crypto-asset holdings or control by a small number of individuals or entities, price manipulation, and fraud;
        (h) Risks relating to code defects and breaches and other threats concerning a crypto-asset and its supporting blockchain, or the practices and protocols that apply to them;
        (i) Risks relating to potential non-compliance with the requirements of the licensee’s condition and regulatory obligations as a result of the listing of new crypto-asset;
        (j) Legal risks associated with the new crypto-asset, including any pending or potential civil, regulatory, criminal, or enforcement action relating to the issuance, distribution, or use of the new crypto-asset; and
        (k) Type of distributed ledger: whether there are issues relating to the security and/or usability of a distributed ledger technology used for the purposes of the crypto-asset, whether the crypto-asset leverages an existing distributed ledger for network and other synergies and whether this is a new distributed ledger that has been demonstrably stress tested.
        Added: April 2023

    • Periodic Monitoring

      • CRA-4.3.15

        Licensees must have policies and procedures in place to monitor the listed crypto-assets to ensure that continued use of the crypto-asset remains prudent. This includes:

        (a) Periodic re-evaluation of crypto-assets, including whether material changes have occurred, with a frequency and level of scrutiny tailored to the risk level of individual crypto-assets, provided that the frequency of re-evaluation must at a minimum be annual;
        (b) Implementation of control measures to manage risks associated with individual crypto-assets; and
        (c) The existence of a process for de-listing of crypto-assets, including notice to affected clients and counterparties in the case of such de-listing.
        Added: April 2023

    • Disclosure

      • CRA-4.3.16

        Licensees must make disclosures, which are easily accessible and prominently visible to clients, for each listed crypto-asset, containing at a minimum, the following information:

        (a) Details about the crypto-asset: the type of crypto-asset (payment token, asset token, utility token, stablecoin etc.), its function and details about the asset(s) where a crypto-asset is backed by asset(s);
        (b) The risks related to the specific crypto-asset such as, but not limited to, price volatility and cyber-security; and
        (c) Any other information that would assist clients to make an informed investment decision.
        Added: April 2023

      • CRA-4.3.17

        Licensees must prominently display on their platform the following statement, “THE CENTRAL BANK OF BAHRAIN HAS NEITHER REVIEWED NOR APPROVED THE LISTED CRYPTO-ASSETS”.

        Added: April 2023

      • CRA-4.3.18

        Where the CBB determines that undertaking regulated services in a crypto-asset may be detrimental to the financial sector of the Kingdom of Bahrain and/or it may affect the legitimate interest of clients, the licensees, based on the instruction of the CBB, must delist the crypto-asset. In such scenarios, the licensee shall remain responsible for orderly settlement of trade and any liability arising due to the delisting of the crypto-asset.

        Added: April 2023