The changes are well-timed with an increase in digital KYC service providers, working to find solutions to the traditionally time-consuming and paper-heavy task of client due diligence. Such providers include those utilising cryptographic technologies, whereby customer information is uploaded and encrypted onto the blockchain. Such solutions allow customers to maintain control of their information, whilst giving businesses direct access to data, the ability to track any alterations therein and to rely on the immutable nature of the blockchain.

Overview of the existing legislation

The Code supplements a suite of anti-money laundering legislation in the British Virgin Islands, which includes the Proceeds of Criminal Conduct Act, 1997 (the Act) and the Anti-Money Laundering Regulations, 2008 (the Regulations). While the Act applies to all BVI persons (including BVI-incorporated entities) and sets out the principal money laundering offences, the Code and the Regulations apply only to certain ‘relevant’ businesses, which are at a higher risk of money laundering, and set out the identification, record keeping and internal control procedures that such businesses must establish in order to mitigate offences.

Overview of the changes to the Code

Electronic verification

Previous position

Where identity was verified electronically, or with only copies of documents, a business caught by the Code was generally required to treat the customer as high risk and apply additional, enhanced verification checks. Electronic checks were intended to be supplementary only and not a replacement for hard copy, wet ink verification. Whilst the explanation notes to the Code referred to using third parties to verify data, there were no direct authorisations in the Code itself.

Revised position

The revised Code expressly allows businesses to use electronic or digital means to verify identity and to engage, and rely on the data of, a third party to carry out verification. In doing so, businesses must be satisfied that such third party:

  • is independent from the business engaging it and from the customer to whom the verification relates;
  • utilises a wide multiplicity of sources, including positive information sources (to confirm the existence of a customer), negative information sources (such as databases relating to fraud, criminal convictions and deceased persons) and alert data sources;
  • has transparent processes which can be reviewed and assessed by the appointing business;
  • has not been convicted of a criminal offence or sanctioned for breach of data or providing misleading data; and
  • obtains and stores information which is sufficiently extensive, accurate and reliable.

Businesses must record the steps taken in engaging with third parties, their approval of the third party’s procedures and the satisfaction of the above conditions. If a third party provider is used on a continuing basis, the business must review satisfaction of the above conditions at least once every three years. Where electronic or digital verification fails to make any significant discovery in relation to the customer which could have otherwise been discovered with care and diligence, full responsibility, lies with the business.

Certified copies

Previous position

Where a business relied on a copy of a document provided by a customer, that document was required to be certified in a prescribed and lengthy manner by an independent certifier bound by professional or statutory rules of conduct. Repeated attempts to ensure the certification matched the Code’s requirements often resulted in lengthy delays.

Revised position

Where a business relies on a copy, a certified copy will no longer be required unless the business, having regard to appropriate risk assessment, considers that the uncertified copy may not be authentic, may be doubtful or generally has a concern with the uncertified copy. Where such concerns exist, the copy may be certified in any manner the business deems appropriate, provided that the certification includes the name, address and signature or seal of the certifier and the date of certification. The onus is on the business to determine whether the certifier is competent and has the authority to provide a reliable certification.

Non-face to face business relationships

Previous position

A business was required, as far as possible, to meet customers face-to-face. Where face-to-face verification was not possible, businesses were generally required to regard such relationship as high risk and apply enhanced verification checks. This approach recognised a heightened risk of identity theft where only documentary evidence is relied upon.

Revised position

Where identity is verified by electronic or digital means, rather than face-to-face, the business will not need to apply enhanced verification checks unless the business regards the customer to be, in actual fact, high risk or otherwise has doubts over authenticity of the documents provided.

Consequences and use cases

These changes present an opportunity for BVI entities to adopt forward-thinking and technologically supported anti-money laundering policies, with the comfort of regulatory backing.

A number of entities will turn to blockchain’s distributed ledger technology, for its immutable and instantaneous qualities, and the ability to encrypt data. Such providers include SelfKey, who were advised by Appleby in connection with their initial token offering in January 2018. SelfKey’s platform, KYC-Chain, can, among other checks, compare uploaded identity documents with selfies and live video, providing face-to-face style verification. Such digital checks, combined with the use of the blockchain, may have the ability to grant greater comfort in customer identification than traditional, wet ink requirements.

The amendments will also provide comfort to the increasing numbers of token issuers wishing to incorporate in the BVI. Whilst most utility token issues will not fall within the scope of the Regulations and the Code, we advise that issuers align their due diligence process with the Code as much as possible, in anticipation of changing legislation and to generally protect issuers from falling foul of the Act. With a large proportion of token issuers utilising the services of third parties to electronically verify the identity of participants, the amends to the Code validate this approach and provide a useful gauge of the BVI legislator’s forward thinking in this area.

Appleby has a global team of lawyers with experience in this area, monitoring developments not only in the jurisdictions in which we operate, but more widely. This is a global industry and one that is here to stay. If you have any questions regarding the above, or are interested in hearing more about how we can assist, please contact a member of the Technology and Innovation Team.

Share
X.com LinkedIn Email Save as PDF
More Publications
Appleby-Website-Technology-and-Innovation
3 Oct 2024

Navigating the Future: A 2024 Guide to Fintech Laws and Regulations

Our fintech expert provides a broad overview of the key issues in fintech laws and regulations in th...

Appleby-Website-Regulatory-Practice
27 Sep 2024

Important Update as to Filing of Annual Returns for BVI Companies

The deadline for the first filing of annual returns by companies incorporated or registered in the B...

The Grand Court clarifies the ordinary rule for damages in temporary deprivation of property cases
27 May 2024

Hong Kong Court of Appeal considers the enforceability of Keepwell Deed for the first time

On 10 May 2024 the Hong Kong Court of Appeal handed down its judgment in Nuoxi Capital Limited v. Pe...

Corporate
19 May 2024

BVI Company Distributions - From Dividends to Reorganisations

The British Virgin Islands (BVI) as one of the leading international financial centers (IFCs) global...

Applying Twice:  BVI Court of Appeal Reinforces the Protection Available to Beneficial Owners
1 May 2024

Applying Twice: BVI Court of Appeal Reinforces The Protection Available to Beneficial Owners

On 25 April 2024, the Court of Appeal of the Eastern Caribbean Supreme Court delivered a significant...

Regulatory Advice
8 Apr 2024

Whose crypto is it anyway? – the status of cryptocurrency as ‘property’ under BVI and Cayman law

In recent years, a number of courts have grappled with the question of whether cryptocurrency is “...

Regulatory Advice
14 Mar 2024

When is a company insolvent – to appoint or not to appoint a liquidator in the BVI?

China Minsheng Banking Corp., Ltd., Hong Kong Branch V Tai Feng Investments Limited. 

Fund Finance
26 Jan 2024

Fund Finance Laws and Regulations 2024 – BVI

The British Virgin Islands (BVI) fund finance market has seen continued growth during 2023, with inc...