Our regulatory fluency enables confident market entry, licensing, and ongoing compliance.
We map securities, commodities, payments, AML/CFT, market conduct, and data obligations across key markets—then translate complexity into execution for issuers and service providers.
We advise on SEC and CFTC classification analysis, exemptions and cross-border offerings (Reg D, Reg S, Reg CF, Reg A+), FinCEN and Bank Secrecy Act AML/KYC programs, state money transmission licensing (including NYDFS BitLicense considerations), OFAC sanctions screening, IRS tax positions and reporting, custody and safekeeping requirements, and marketing and promotions compliance. We stay current on evolving examination priorities, including the SEC's 2025 focus on AI, cybersecurity, and crypto asset activities.
Key Frameworks: Securities Act of 1933, Securities Exchange Act of 1934, Commodity Exchange Act, Bank Secrecy Act, state Money Transmitter Laws, NYDFS Part 200 (BitLicense), IRS Notice 2014-21 and subsequent guidance.
We guide clients through the Markets in Crypto-Assets Regulation (MiCA), covering crypto-asset issuance (asset-referenced tokens, e-money tokens, utility tokens), crypto-asset service provider (CASP) authorization and conduct obligations, whitepaper requirements, governance and reserve management, AML Travel Rule implementation under TFR and AMLR, DLT Pilot Regime for market infrastructures, Payment Services Directives (PSD2/PSD3) and e-money intersections, GDPR and Data Act privacy and portability requirements, and NIS2/DORA operational resilience and incident reporting for financial entities.
Key Frameworks: MiCA (Regulation (EU) 2023/1114), Transfer of Funds Regulation, PSD2/PSD3, GDPR, Data Act, NIS2, DORA, DLT Pilot Regime.
We navigate the FCA's financial promotions regime for cryptoassets, Money Laundering Regulations (MLR) registration for crypto-asset businesses, FSMA perimeter mapping for regulated activities, custody and safeguarding under proposed stablecoin regulation, consumer duty obligations for crypto firms, and social media and influencer advertising guardrails. The UK continues to develop its regulatory framework with proposed stablecoin regulation and broader digital assets legislation.
Key Frameworks: Financial Services and Markets Act 2000 (FSMA), Money Laundering Regulations 2017, FCA Financial Promotions Order, Consumer Duty, proposed stablecoin regulation.
We advise on licensing across multiple UAE regimes: ADGM Financial Services Regulatory Authority (FSRA) categories for digital asset activities, DIFC Dubai Financial Services Authority (DFSA) Crypto Token regime, VARA (Virtual Assets Regulatory Authority) licensing for Dubai mainland activities, UAE Securities and Commodities Authority (SCA) coordination for tokenized securities, as well as regional frameworks including Bahrain Central Bank of Bahrain (CBB) crypto-asset licenses, Saudi Arabian Monetary Authority (SAMA) fintech sandbox pathways, and Qatar Central Bank restrictions with compliant alternative structures.
Key Frameworks: ADGM Financial Services and Markets Regulations, DIFC Crypto Token Regulations, VARA regulations, UAE SCA guidance, Bahrain CBB rulebooks, SAMA sandbox.
We focus primarily on Brazil, where the Central Bank of Brazil (Bacen) supervises Virtual Asset Service Providers (VASPs) under the Payment Arrangements Law, and the CVM (Comissão de Valores Mobiliários) oversees tokenized securities. We advise on VASP licensing and registration, AML/CFT obligations under COAF (Conselho de Controle de Atividades Financeiras), tax reporting and crypto-asset classification, LGPD (Lei Geral de Proteção de Dados) privacy compliance, and cross-border payment regulations. We also provide advisory on regional frameworks in Mexico, Colombia, Argentina, and Chile.
Key Frameworks: Brazil Bacen Law 14.478/2022, CVM regulations, COAF AML rules, LGPD, regional fintech laws.
We navigate diverse Asia-Pacific regimes, including Singapore's MAS Payment Services Act (PSA) licensing for Digital Payment Token services, Securities and Futures Act (SFA) considerations, and Technology Risk Management (TRM) expectations; Hong Kong's SFC Virtual Asset Service Provider (VASP) licensing regime; Japan's FSA frameworks for crypto-asset exchange and custody businesses; India's PMLA/FIU-IND registration requirements for VDA service providers, tax withholding (TDS) on VDA transactions, and evolving regulatory positions; Pakistan's SECP and State Bank of Pakistan considerations; and PRC restrictions with compliant enterprise blockchain pathways for licensed entities.
Key Frameworks: Singapore PSA and SFA, Hong Kong VASP regime, Japan FIEA and PSA, India PMLA and Income Tax Act, Pakistan SECP guidelines.
The definitive home of the blockchain-powered state, championing its sovereign Digital Currency Electronic Payment (DCEP / e-CNY) system as the core of its financial technology vision. Hong Kong operates as its regulated international crypto gateway, permitting virtual asset trading and services under the Securities and Futures Commission (SFC) and Virtual Asset Service Provider (VASP) licensing regimes.
Key Frameworks: Cryptocurrency transaction ban, Digital Currency Electronic Payment (DCEP / e-CNY), Blockchain Information Service Management Regulations, Hong Kong VASP licensing regime, Hong Kong Stablecoin Ordinance.
The fluid, cross-jurisdictional realm of digital asset finance, operating between established regulatory perimeters. Characterized by flexible frameworks, key hubs like the Cayman Islands (CIMA), British Virgin Islands (BVI FSC), and Seychelles (FSA) offer tailored regimes for crypto funds and SPVs, navigating a patchwork of Travel Rule compliance and MiCA alignment.
Key Frameworks: Cayman Islands Virtual Asset (Service Providers) Act (VASP Act), Cayman Islands Crypto-Asset Reporting Framework (CARF), British Virgin Islands VASP Act.
Beyond regional frameworks, we design programs that operate globally: FATF-aligned AML/CFT and Travel Rule implementation, sanctions screening and OFAC/UN/EU compliance, global data protection and privacy (GDPR, LGPD, PDPA harmonization), cybersecurity standards and incident reporting (NIS2, DORA, state breach notification laws), and coordinated regulatory engagement strategies.
Operating across borders? We will map your regulatory pathway and coordinate execution.