| 1. |
VASPs shall establish and maintain effective operational policies and processes to ensure—
|
| |
a. |
they have regular exchange of information with their clients, Group and, where appropriate, counterparties; |
| |
b. |
the integrity of their dealing practices, including the treatment of all clients in a fair, honest and professional manner; |
| |
c. |
the safeguarding of both their assets and all Virtual Assets [including Client VAs] in accordance with applicable requirements in this Compliance and Risk Management Rulebook and the Technology and Information Rulebook; |
| |
d. |
the maintenance of proper records and the reliability of the information contained in such records in accordance with applicable requirements in this Compliance and Risk Management Rulebook; and |
| |
e. |
the compliance by VASP and all its Staff with all applicable laws and regulatory requirements.
|
| 2. |
Where a VASP may act on behalf of the client in relation to the operation of an account, it shall properly communicate to the client the necessary procedures and terms and conditions under which the VASP may act on its behalf in transactions which are consistent with the stated objectives of the client and strictly follow such procedures. |
| 3. |
In addition to applicable requirements in the Market Conduct Rulebook, VASPs shall establish and enforce procedures to ensure that there are safeguards against any of their Staff or members of the Board taking advantage of confidential information or Inside Information. |
| 4. |
In addition to applicable requirements in the Technology and Information Rulebook, VASPs shall establish and maintain robust procedures to protect their Virtual Assets and Client VAs from theft, fraud and/or misappropriation. All Staff and members of the Board should follow all applicable internal protocols to acquire, transfer or otherwise dispose of any of the VASP’s Virtual Assets and Client VAs in accordance with applicable requirements in this Compliance and Risk Management Rulebook and the Technology and Information Rulebook. |
| 5. |
VASPs shall regularly check all—
|
| |
a. |
records and reports, whether issued by third parties, such as banks, other VASPs, or other virtual asset service providers outside of the Emirate; and |
| |
b. |
relevant information recorded on all systems including distributed ledgers, |
| |
and reconcile the above with their internal records for the purpose of identifying any errors, omissions or misplacement of assets, including Virtual Assets.
|
| 6. |
VASPs may establish committees as they deem appropriate in order to ensure compliance with all applicable laws and regulatory requirements. VARA may require a VASP, either as a condition of granting a Licence or at any stage thereafter, to establish any committee[s] determined by VARA as it deems appropriate, and VASPs shall comply with such requirements.
|