How to Prepare for a Regulated Market of Digital Assets


As published on TABB Forum (https://tabbforum.com/opinions/how-to-prepare-for-a-regulated-market-of-digital-assets/)

Full article published below:

As investors’ appetite for digital assets grow, regulators around the world are simultaneously increasing their focus on investor protection. This article by Magnus Almqvist, Head of Exchange Development at Exberry, highlights a number of issues that that are on regulators’ radar. Mr. Almqvist also offers a brief checklist of what digital asset marketplaces need to consider in terms of regulatory compliance.

As popular interest in digital assets grows, regulators around the world are simultaneously increasing their focus on investor protection. As a consequence, they are beginning to establish rules to ensure fair and orderly markets to better protect the end consumer. With a growing number of jurisdictions keen to issue regulatory licences for crypto businesses, those that either already have or are interested in setting up a digital asset exchange cannot afford to dismiss the concerns of regulators. This article sets out a brief checklist of what digital asset marketplaces need to consider in terms of regulatory compliance.

It’s a tough crowd

The Basel Committee on Banking Supervision (BCBS) recently called for tougher capital rules over holding digital assets, the toughest of which could force banks to put aside enough capital to cover 100% of potential losses. Further, the intergovernmental organisation Financial Action Task Force (FATF), which addresses combatting the financing of terrorism (CFT), has updated its Travel Rule of Recommendation 16. This means that creators and beneficiaries of all digital fund transfers should exchange descriptive information, implying a systemisation of information-exchange protocols.

Regulators on a national level are also keen to bring the cryptosphere into their purview:

  • The Monetary Authority of Singapore (MAS) is offering payments and crypto exchange licences under the Payment Services Act, a comprehensive regulatory framework for companies handling activities relating to digital assets, including payments and trading;
  • Hong Kong’s Financial Services and Treasury Bureau (FSTB) and the Hong Kong Securities and Futures Commission (HKSFC) are proposing regulations that will allow security token offerings (STOs) as an alternative to traditional fund-raising channels, and are meant to cover virtual assets services providers that trade non-securities virtual assets as well (e.g. cryptocurrencies) under the Anti-Money Laundering Ordinance (AMLO);
  • The UK’s Financial Conduct Authority (FCA) is extending the deadlines of its temporary registrations regime which allows cryptoasset firms to carry on their business while the regulator carries out further checks related to anti-money laundering rules.

What is clear is that digital asset organisations need to start thinking about reaching compliance or regulatory status on their operations and their tech stacks; or at the very least have systems and controls that are equivalent to capital markets requirements if the local regulator does not yet have a certification process for digitised assets, as these requirements are surely inevitable.

Brief overview of regulatory checks

Below is a brief overview of both the operational and technology elements that digital asset exchanges should be considering upon setting up their enterprise.


  • In terms of overall corporate governance, there will be regulatory requirements for holding regulatory capital (capital reserves in order that the company can be wound down in an orderly manner), as well as requirements on how that capital is held (financial implications for the balance sheet of a company);
  • In certain jurisdictions, regulators will dictate that certain roles must exist within an organisation, and may even need to approve candidates when appointing corporate roles within the company, such as the Chief Financial Operator, Head of Compliance and Head of IT;
  • A Risk Register and Log of Incidents will need to be set up to continuously record and keep updated a list of events, associated actions and resulting remedies, including customer complaints, employee complaints, security breaches, IT failures, IT security audits, regulatory audits etc.


  • The ability to demonstrate the matching engine of an exchange can guarantee a fair and orderly processing of orders (known as a ‘deterministic’ market ). Take, for instance, the case of systems built on ERC-20 (the official protocol for proposing improvements to the Ethereum (ETH) network), from which the full history of an entity on the protocol can sometimes be viewed. In addition, the staking process is potentially open to front-running of client orders. Firms will need to be prepared to answer regulators as to how this system, therefore, guarantees fair and orderly markets;
  • A full audit trail of transactions (of both orders and trades) is mandatory – so you can have an understanding if something went wrong, and you have the data to rebuild the order book for any point in time historically. Your infrastructure will need the ability to both log, store and quickly search for files;
  • An ability to detect potential market abuse will be needed (depending on what type of asset is being made available to trade);
  • Transaction reporting capabilities will be necessary for regulatory compliance.

Adeptly scale, with confidence

In order to go forward with confidence against a backdrop of constantly changing rules, firms should undertake a review of their operational organisation and tech stack – in what regulators refer to as ‘systems and controls’. In addition, depending on what matching engine and infrastructure is installed, firms should seriously consider doing a POC with a matching engine they are confident will correlate with regulatory expectations from the core up.

Innovative and fast-growing tokenized or digitised markets often come with a perception of uncertainty and risk. Anyone looking to take advantage of them, and the latest technologies, are also looking for the safety, security and maturity expected by experienced market participants. Providers of purpose-built exchange infrastructure, such as Exberry, can not only help digital asset firms with their regulatory compliance, but can adeptly scale to the needs of its clients from start-ups to more established exchanges.

Photo Credit: by Aviz from Pexels

Try Our Free Sandbox

Share your details below for immediate access