Bermuda

Question

Details

1. Rules for asset issuance on digital ledger

Bermuda's Digital Asset Issuance Act (DAIA) regulates digital asset issuance, applying to any undertaking formed in or outside Bermuda. The act requires prior authorization from the Bermuda Monetary Authority (BMA) for public offers of digital assets. If an offer is to fewer than 150 persons or to qualified acquirers (high-net-worth individuals or certain corporate entities), a digital asset placement declaration form can be filed instead of obtaining full authorization.

2. Clarity over resale of digital assets

The DAIA and DABA do not explicitly prohibit or restrict the resale of digital assets unless these assets represent an interest in a security, real estate, vessel, or aircraft. In such cases, the resale would be subject to additional legislation relevant to those underlying assets .

3. Clarity over trading of digital assets

Bermuda's Digital Asset Business Act (DABA) provides a clear framework for digital asset trading. Digital asset exchanges are classified as a regulated activity, including both centralized and decentralized exchanges, and entities must obtain a license from the BMA to operate. The Act specifies that engaging in digital asset business without a license is a criminal offense, subject to fines of up to $250,000 or imprisonment for up to five years. BMA supervision ensures compliance, and the BMA can impose limitations or revoke licenses if regulatory standards are not met​.

4. Clarity about custody of digital assets

Under the DABA, licensed entities providing custodial wallet services must maintain a surety bond, trust account, or indemnity insurance to protect customer assets. Client assets must be segregated from the entity's assets and held in separate accounts with qualified custodians. Licensees must maintain sufficient records to ensure the identification of client assets at any time. The BMA enforces strict standards for the safekeeping of customer funds, including insurance against losses and cyber risk management protocols​

5. Dispute resolution of digital assets

Bermuda law does not specify a unique dispute resolution process for digital assets. However, Bermuda’s regulatory framework includes provisions requiring digital asset issuers and businesses to implement dispute resolution mechanisms, primarily through clear contractual arrangements with clients. Digital asset businesses are also subject to BMA supervision, allowing the Authority to enforce compliance and take corrective actions if necessary​

6.Promotion of digital assets

Bermuda permits digital asset advertising under the Digital Asset Business Act (DABA), requiring businesses to obtain a license. Promotions must include full disclosure of risks, fees, and customer rights.

7. Process for filing of issuance

To issue digital assets, entities must file an application with the Bermuda Monetary Authority (BMA) under the Digital Asset Issuance Act (DAIA). The application must include: (a) a business plan detailing the nature and scale of the issuance, (b) a copy of the issuance document for prospective acquirers, (c) management arrangements for the issuance, (d) policies and procedures to comply with the DAIA and AML/ATF regulations, (e) any additional information required by the BMA, and (f) the applicable application fee. The BMA reviews the applicant’s fitness and propriety, governance standards, and the management’s integrity and skills before authorization. If the issuance targets fewer than 150 people or qualified acquirers, a simpler digital asset placement declaration can be filed​

8. Most important takeaways for VASP (Virtual Asset Service Provider)

1. VASPs must obtain a license under the Digital Asset Business Act (DABA) to operate, with varying license classes (Class F, M, T) catering to different business stages and needs.

2. VASPs must disclose all material risks, licensing class, fee structure, insurance against hacking/theft, governance rights, and transaction details to customers before entering business relationships.

3. VASPs must establish a robust cybersecurity program, conduct regular penetration testing, maintain audit trails, and submit annual cybersecurity reports. The BMA introduced the Digital Asset Business (Cyber Risk) Rules 2023, requiring cyber risk returns for Class F licenses annually.

4. VASPs must keep customer assets segregated, maintain surety bonds, trust accounts, or indemnity insurance, and comply with strict custody and record-keeping standards.

5. The BMA has broad supervisory and enforcement powers, including compelling information production, imposing fines, restricting business activities, and revoking licenses for non-compliance

9. Most important takeaways for digital asset issuer

1. Before conducting an issuance, issuers must obtain authorization from the BMA, providing detailed business plans, issuance documents, and compliance policies. Failure to obtain authorization results in criminal offenses with fines up to $100,000 or imprisonment.

2. Issuers must maintain a communications facility for public access, provide cooling-off rights for acquirers to withdraw applications within three business days, and comply with stringent IT and cybersecurity measures.

3. Issuers must publish white papers and disclose risks, issuance details, and conditions on their websites, and update them as necessary.

4. Issuers holding acquirer assets must keep accounts separate from other business accounts and appoint a local representative knowledgeable in the digital asset sector.