Requirements for the applicant company
In order to prevent the legalization of the proceeds of crime, the activities of cryptocurrency companies are monitored by the relevant legal institutions. Board member as well as owners of the company must meet the requirements of impeccable reputation and have no criminal record.
Companies providing services in the cryptocurrency sector are subject to the following requirements:
- At least one owner (natural or legal person)
- One board member (may also be the owner)
- AML Compliance Officer (may be the same as board member)
- Company virtual address in Lithuania
- All clients must undergo a background check and identification procedure
- Customer data must be kept with the possibility of submitting them to the regulator
- The company must have internal control and risk assessment procedures
- Reporting to the regulator (Financial Crimes Investigation Service)
There is no need for owners or board member of a cryptocurrency company to be physically present in Lithuania so that foreigners/non-residents of Lithuania can legally engage in crypto related activities while in their country.
During the licensing process, the regulator has the right to request additional information and a detailed/white paper description of the proposed activity of the cryptocurrency company. A licence may be issued only after all necessary information is considered sufficient and all licensing conditions are met.
Any change in the structure of the cryptocurrency company after the receipt of the license (address, owner, board member, beneficiary, AML officer) requires the registration of changes in the registry with the provision of a complete set of documents.
The application for a cryptocurrency licence is considered by the Bank of Lithuania, regulated by the FCIS and issued by the Business Register. FCIS is an independent structural unit of the Lithuanian Police and Border Police Department.
Cryptocurrency companies are regulated by the Law on the Prevention of Money Laundering and Financing of Terrorism, in particular Order No V-5 of January 2020.
The cryptocurrency company has no special reporting requirements to the tax authorities. Accounting must be provided in the same way as for any other Lithuanian company. FCIS can always make prescriptions and queries about the activities of a cryptocurrency company. The basic requirement of the FCIS is to comply with AML/KYC requirements, such as the collection of client data from a crypto related project and the possibility of making them available to the regulator on demand.
In order to apply for a cryptocurrency license, a limited liability company (UAB) must be established in Lithuania to provide cryptocurrency exchange or storage services. The minimum requirement for the company’s authorized capital is 2,500 EUR. The establishment of a cryptocurrency company can be carried out upon a visit to Vilnius or completely remotely by proxy without the need to visit Lithuania.
Today UAB is one of the most frequently used and popular forms of business activity in Lithuania.
Uždaroji akcinė bendrovė (UAB) in translation from the Lithuanian language means Closed Joint-Stock Company. The statutory capital of the UAB is divided into shares which can be sold in whole or in part, donated or hereditary. UAB must have at least one owner (natural or legal person) and one director (natural person) authorized to sign on behalf of the company.
Stages of obtaining a cryptocurrency licence in Lithuania:
- Signing of cooperation agreement with Company in Lithuania UAB
- Preparation of the necessary documents for the purchase/registration of the company
- Company purchase/registration (takes approximately 5 business day)
- Preparation of the company to a form suitable for the license application (up to 7 business days).
- Once the company has been registered and provided with all the necessary information and documents, it is possible to apply for a cryptocurrency license.
- The application for the issue of a license for activity is processed by the FCIS within 20 working days from the date of submission of the application.
PROCEDURE FOR OBTAINING A CRYPTOCURRENCY LICENCE
Documents required for the application
The following documentation will be required to review and prepare an application for a cryptocurrency licence:
- Valid copy of passport from home country
- Power of attorney (PoA) (if the procedure for opening a company and obtaining a license occurs remotely)
- Company business model/detailed activity description
- CV/Summary of experience and education of all participants in the crypto related project
- Website address where cryptocurrency services will be offered
- Certificate of criminal record (not more than 3 months) for owners, board members, final beneficiaries (UBO) and AML officers
- Data of all beneficial owners (UBO) must be provided at the request of FCIS
The cryptocurrency company must also have an AML officer. AML officer for the prevention of money laundering and terrorist financing must have previous professional experience and an impeccable reputation (Lithuanian residence is not compulsory).
The licensed company must keep a detailed and up-to-date overview of all customers and transactions in accordance with AML/KYC rules. The FCIS Control Authority can make requests about the company’s activities, especially regarding compliance with the AML/KYC policy.
Risk Assessment, KYC/AML documents and procedural rules
Before applying for a cryptocurrency license in Lithuania, it is necessary to prepare documentation on internal procedures of the company in order to meet the anti-money laundering criteria (AML) and «Know your client» (KYC) established by FCIS. Some parts of this include, for example:
Internal security measures and risk assessments
- Assessment and risk management of money-laundering and terrorist financing:
- Determination of risk level
- Risk classification
- Transaction control procedures
- Origin of funds
- Compliance monitoring and internal audit
- Due diligence measures
- Notification obligations
- Collection and storage of information on company transactions and clients
- Fulfilling the obligation to notify the regulator
- Internal control rules of the company
Procedural rules, AML/KYC procedures
- Description of lower-risk transactions and establishment of appropriate requirements and procedures for such transactions
- A description of transactions with a higher level of risk, including risks arising from means of communication, location of customers. Other parameters and establishment of appropriate requirements and procedures for conducting and monitoring operations
- Rules of Due Diligence
- Customer Identification – document requirements
- Source of welfare, proof of address of residence
- Requirements and procedures for storing data on transactions and clients of the company
- Regulatory Notification Requirements
The duties of an AML employee include:
- Assistance in the development, implementation and maintenance of an institution’s anti-money-laundering programme.
- Organization of the collection and analysis of information on suspicious transactions or transactions where there is a risk of money-laundering or the financing of terrorism.
- Submission of written statements on compliance with the requirements of this Law to the management of the Virtual Currency Exchange Service Provider or Virtual Currency Wallet Service Provider registered in the Commercial Register of Lithuania.
- High Risk Customer Accounting and Suspicious Activity Reporting.
- Communication to FCIS in case of suspicion of money laundering or financing of terrorism.
- Develop and maintain a system of risk assessment for products and services, clients and clients, as well as for other issues related to money-laundering.
- Monitor and implement a permanent AML learning program for other employees.
- Guidance and reporting to senior management on issues related to AML’s internal policies and procedures.
- Organization and conduct of inspections and audits of external organisations, and development of recommendations on compliance with regulatory requirements.
KYC/AML officer applies due diligence measures:
- When establishing a business relationship with a new client
- When a cash payment is made in excess of 15,000 EUR or equal to in other currencies
- When verifying information in case of doubt as to the reliability of the documents or data provided
- In the case of suspected money laundering or financing of terrorism
FCIS requirements for an AML compliance officer:
- Only a person who has the education, professional aptitude, abilities, personal qualities, experience and impeccable reputation necessary for the performance of the duties of AML may be appointed as an employee of AML.
- The company should provide specialized training on measures to prevent money-laundering and the financing of terrorism to its employees, especially those responsible for customer relations and transaction control.
The Compliance Specialist not only tracks and processes various confidential financial data, but also interacts regularly with the board of directors as well as financial authorities. In addition to KYC/AML, an officer of your company must have sufficient authority to ensure the effective performance of his duties. Ideally, an AML specialist should be a director-level employee with industry experience to deal with all aspects of their professional environment.