| 1. |
VASPs providing Staking from Custody Services shall establish standards for the DLTs for which it provides, or the DLTs it uses to provide Staking from Custody Services [DLT Standards]. |
| 2. |
DLT Standards shall include, but not be limited to—
| a. |
security and immutability of the DLT protocol, including its level of centralisation, reliance on a single Entity, or any potential single points of failure; |
| b. |
operating history of the DLT, including any periods of disruption or downtime; |
| c. |
soundness of the staking protocol and operation, including the duration for which it has successfully been active; |
| d. |
source of any rewards being offered by the DLT or any other party for a user’s participation, including whether such rewards are derived from the fees paid by users of the DLT, or from other means; |
| e. |
the VASP’s ability to maintain all operational, maintenance or other requirements for participation; |
| f. |
its design, features and use cases, whether or not intended by relevant developers; |
| g. |
any features that present a risk of materially affecting a VASP’s compliance with applicable laws, Regulations, Rules or Directives, including but not limited to those relating to AML/CFT, sanctions, security and intellectual property; |
| h. |
regulatory treatment by VARA and other appropriate authorities [including those outside of the Emirate]; |
| i. |
future development plans [e.g. “roadmap”] of the DLT as communicated by relevant developers, and whether such developments may have an impact [positive or negative] on, or relevance to, any of the above factors; |
| j. |
potential or actual conflicts of interest that may arise should a VASP provide any Staking from Custody Services in relation to the DLT, and relevant mitigations provisioned for such instances; |
| k. |
background of the founders, management, and current core developers of the DLT, including, but not limited to, relevant experience in the Virtual Asset sector, and whether they have been subject to any investigations, penalties, or claims in relation to fraud or deceit etc.; and |
| l. |
any additional factors that the VASP may require to be considered.
|
|
| 3. |
VASPs providing Staking from Custody Services shall take all reasonable steps, including but not limited to conducting relevant due diligence, prior to the provision of such services in respect of a DLT, to ensure the DLT meets all their prescribed DLT Standards. |
| 4. |
VASPs providing Staking from Custody Services must actively monitor all DLTs for which Staking from Custody Services is provided, for continued compliance with their DLT Standards. |
| 5. |
Upon becoming aware that a DLT no longer meets a VASP’s prescribed DLT Standards, the VASP must—
| a. |
notify all affected clients and VARA immediately; |
| b. |
cease accepting new Virtual Assets for Staking from Custody Services in respect of that DLT immediately; |
| c. |
determine a course of action with such affected clients to cease all Staking from Custody Services for that DLT, as soon as practicable; |
| d. |
continue to provide such Staking from Custody Services in accordance with this Part IV of this Custody Services Rulebook throughout the agreed course of action, and until such services have been effectively concluded; |
| e. |
keep VARA informed of all actions being taken throughout such course of action; and |
| f. |
take all other steps as VARA may direct.
|
|
| 6. |
VASPs providing Staking from Custody Services shall also set and implement conditions, under which the VASP will suspend accepting new Virtual Assets for Staking from Custody Services which, as required under Rule IV.E.5 of this Custody Services Rulebook above, must include where a DLT no longer meets the VASP’s DLT Standards. |
| 7. |
VASPs must maintain all records relevant to such assessments under this Rule IV.E of this Custody Services Rulebook for eight [8] years, and provide such records for VARA’s inspection upon request.
|