For Startups

Virtual Financial Asset Service Provider Licensing: Procedure and Requirements

With a wide spread of blockchain technology, to ensure proper and professional business conduct, the world has faced a need for its regulation. Malta, a jurisdiction that undoubtedly takes lead among all states with blockchain-specific legal acts and is sometimes referred to as the “Blockchain Island”, has recently introduced additional rules for blockchain activities licensing.

Our partners at Blockchain Advisory Limited, leading Malta blockchain consulting company, have agreed to shed some light on the licensing regime for Virtual Financial Asset (VFA) Service Providers and share their legal analysis on our blog.

Virtual Financial Asset Rulebook

On February 25, 2019, the Malta Financial Services Authority (MFSA) published the Virtual Financial Asset Rulebook, known simply as the “Rulebook”, charting the regulations for the operators in this field of financial assets, with Chapter 3 of the Rulebook focusing on the Virtual Financial Asset rules for VFA Service Providers.

The Chapter applies to VFA Service Providers licensed under the VFA Act and applicants seeking to be licensed under the Act. VFA Service Providers must engage VFA Agents duly registered or in the process of being registered with the MFSA in accordance with Article 14 of the Act.

As such, as we have previously reported on our social media, Blockchain Advisory Limited has successfully applied for registration as a VFA agent and is composed of a team of lawyers and technical professionals who have successfully completed a course approved by the Authority.

Licensing Criteria

A person seeking to become a licensed VFA Service Provider must be a legal person established in Malta, act in an ethical manner, taking into consideration the best interests of clients and the integrity of Malta’s financial system, and overall be applicable under various factors demanded by MFSA under its “Fit and Proper” criteria.

These criteria demand that applicants have:

1) Integrity: of good repute and intends to act honestly and in a trustworthy manner;

2) Competence: possess an acceptable level of knowledge, professional experience, and expertise necessary for carrying out the functions of a VFA Service Provider;

3) Solvency: with an initial capital requirement of 730,000 EUR applicable to Class 4 VFA Service Providers and maintain this amount as a permanent minimum capital, as well as pay the submission and annual fees to MFSA.

Application Process

The Application Process is broken into several phases:

1) The preparatory phase during which the VFA Agent notifies the MFSA of an intent to apply for a VFA Service Provider license on behalf of the applicant with a statement including the proposed structure with a list of persons for key positions, a list of VFA services that the applicant seeks to carry out and a legal opinion that the activity does not fall under regular financial services. Once all these documents are received the Authority will set up a meeting with the Applicant, as well as set up a deadline of 60 days for the Applicant to submit its application and pay application fees.

2) The pre-licensing phase depicts the period during which the Authority reviews the documentation and if everything is satisfactory, it provides “principle approval” of 3 months, during which the applicant must finalize outstanding issues, satisfy pre-licensing conditions and provide the original and supporting documentation.

3) Post-licensing / pre-commencement phase defines the 12 months window after the review and approval of all the documents, during which the VFA Service Provider must commence its work.

Staff Requirements

There are key functionary positions that the VFA Service Provider applicant must appoint. These are:

  1. VFA Agent – a crucial figure who will be acting as a bridge between the Authority and the VFA Service Provider;
  2. Board of Administration;
  3. Risk Manager;
  4. Compliance Officer;
  5. Money Laundering and Reporting Officer (MLRO);
  6. Auditor.

Compliance Requirements

The VFA Service Provider license holder has several important obligations to maintain, such as notifying the MFSA of certain breaches and changes of its strategy, security and core regulations; maintaining an insurance policy; submitting an annual Compliance Certificate drawn up by its Compliance Officer;  undertaking a Financial Instrument Test which shall be signed by the Board and Compliance Officer; holding and controlling clients’ assets in segregated and highly secure accounts; following supplementary conditions applicable to VFA Exchanges set out by Chapter 3 of the Rulebook.


Compliance for blockchain businesses is no easy task. This is why we are beyond grateful to Blockchain Advisory Limited for agreeing to share this piece on the Legal Nodes Blog.

If you would like to know more, please check out the Blockchain Advisory Limited Blog.

Blockchain Advisory Limited can assist in further queries and guide the applicant through the process of attaining the above rules and regulations, as well as prepare one for any new policies and procedures required in this respect. Don’t forget that you can order their services through Legal Nodes.

Disclaimer: the information in this article is provided for informational purposes only. You should not construe any such information as legal, tax, investment, trading, financial, or other advice.

Beverly Tonna, Lead Advisor at Blockchain Advisory Limited

Legal Nodes Blog

For Startups
Ultimate guide to connecting Virtual Data Protection Officer

Connecting Virtual DPO can greatly reduce start-up’s data protection costs. This article explains who the Data Protection Officer is, why you should consider outsourcing DPO services, and how to pick one that matches the needs of your business....

Legal Nodes Team
Privacy (GDPR)
Cookie Policy: How to Track Website Users Lawfully

The recent study of the Nederlandse Omroep Stichting (the ‘NOS’), a Dutch news media, showed that more than 1,300 Dutch websites violate the privacy of their users. The violation found by the NOS is simple - the users cannot use the websites wit...

Legal Nodes Team
For Startups
Why Your Startup Needs a Founders' Agreement + Template 2021

Founders Agreement – the key step to set clear intentions for you and your partners and to avoid misunderstandings in the future. In a new post on the Legal Nodes blog, we explain what a Founders Agreement is, reasons for your startup to prepare...

Legal Nodes Team
For Startups
Terms of Use that your users will actually read

In this article Legal Nodes Team talks about Terms of Use, how to write them effectively and why you need them in the first place. You could find a FREE template at the end of this article....

Legal Nodes Team
Privacy (GDPR)
How Can You Leverage a Privacy Kit More Effectively?

In this article, Punit Bhatia, a leading privacy expert, shares how small businesses can become privacy compliant by using Privacy Kits in an effective and why just branding the documents and templates in name of your company is not a good idea....

Punit Bhatia
Legal Nodes Updates
Legal Nodes in 2020: A Year in Review

Despite the fact that for many 2020 will be strongly associated with the coronavirus pandemic and lockdown measures, it would be a mistake to forget all the good things that happened this year. Especially when the festive season approaches, and ...

Legal Nodes Team
Privacy (GDPR)
Internet data mining. Is it legal in the EU?

Data mining is the process of collecting and analyzing human-readable data for own purposes. More and more businesses are built on that concept, scientists and medics also use automatically combined data from different sources to spawn predictio...

Ewa Wojnarska-Krajewska
Privacy (GDPR)
11 simple (but complete) steps towards the GDPR compliance in 2020

The GDPR can be a wake-up call to sort out your processes, procedures and technology and thereby run a more successful organisation. Data is now more essential than ever, regardless of your activities or market sector. Not only will efficiencies...

Thomas Hayes
Contract Work
Force Majeure Clauses and the Effect of Coronavirus on Businesses

The coronavirus pandemic has made force majeure clauses one of the hottest legal topics worldwide. To help businesses navigate this issue, we asked Tom Bohills, an English qualified lawyer and the Founder of Chronos Law, to explain the backgrou...

Tom Bohills