REGULATORY

by Andria Papageorgiou

Legal Opinions For Financial Institutions

Legal opinion is a piece of professional legal advice on a specific subject. Lawyers have an exclusive right to prepare such a document at the request of the person concerned. A correctly drafted opinion letter will ensure the benefit of your side to all parties to the dispute and confirm the transparency of the contract or the legality of certain legal actions.

Navigating through complex and uncertain legal provisions, Andria Papageorgiou Law Firm provides qualified third-party opinions on an array of subjects, with our expertise lying in financial services to assist you to come to the right conclusion whilst allowing you to have a clear understanding of the law.

​We can assist with drafting legal opinions in Cyprus and over 100 other jurisdictions through our network of associates.

Regulators, payment service providers, and other methods of payment such as Visa and Mastercard are now requiring investment firms and other financial institutions to show that the provision of services in European or non-European countries, is permitted and in line with local country rules and regulations.

​It is important to remember that in drawing up a Legal Opinion on any issue, Lawyers are responsible for their opinions, as they conduct legal and factual research, analysis, and verification and it is for this reason that providing Legal Opinions can be a rather expensive process at times.

​Our global network of associates has been vetted to ensure that quality Opinions are prepared with investment issues distinguished by strict language, clarity of circumstances provided, and presence of transparent and understandable conclusions.

​We have assisted investment firms and other financial institutions globally, including Cyprus, South Africa, Belize, New Zealand, Australia, Thailand, Malaysia, Taiwan, Singapore, and more, to attain Legal Opinions in over 100 countries.

Should you have any further questions, please do not hesitate to contact us at info@apapageorgiou.com.

Disclaimer: The information contained in this article is provided for informational purposes only, and should not be construed as legal advice on any matter. Andria Papageorgiou Law Firm is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this article and in no event shall be liable for any damages resulting from reliance on or use of this information.

by Andria Papageorgiou

CySEC New Directive for the Registration of Crypto Providers

The Cyprus Securities and Exchange Commission (CySEC) issued on Friday a directive about the registration and operating conditions of providers of services related to cryptocurrencies. According to the guidelines, published only in the Greek language, CySEC provides certain procedures to follow in order to comply with the recent transposition of AMLD5 measures taken in the European Union (EU) to combat Anti-Money Laundering and Counter-Terrorist Financing.

The registration fee for the providers who want to apply before CySEC for authorization under the said directive would be EUR 10,000, and the renewal fee shall be EUR 50,000. In terms of the board’s composition, there should be a minimum of four members: two executives and two non-executives. Furthermore, among the conditions set out in the said directive, the companies should comply with some requirements such as good reputation, appropriate policies, systems and procedures, relevant security policies, and remuneration requirements, as specified by the CySEC.

In addition to the said directive, it is expected that the CySEC will issue a policy statement very soon clarifying other relevant matters. Additionally, there is a CySEC application file available with the updated regulatory requirements to follow the AMLD5 rulings.

It is well admitted by CySEC, who shares the position of the European Securities and Markets Authority (ESMA), that some crypto assets, including the so-called virtual currencies, such as Bitcoin, are highly risky and speculative, and investors must be alert to the high risks of buying and/or holding these instruments, including the possibility of losing all their money. Crypto assets come in many forms but the majority of them remain unregulated in the EU including Cyprus.

In light of all the above, it is quite evident that the incorporation of crypto-asset businesses under the scope of the EU AML legislation under the amended 5th AML Law in Cyprus is a very significant step.

Should you have any further questions, please do not hesitate to contact us at info@apapageorgiou.com.

Disclaimer: The information contained in this article is provided for informational purposes only, and should not be construed as legal advice on any matter. Andria Papageorgiou Law Firm is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this article and in no event shall be liable for any damages resulting from reliance on or use of this information. 

by Andria Papageorgiou

The Use of Electronic Signature

Undoubtedly and unsurprisingly, the COVID-19 pandemic has affected businesses and individuals in a variety of ways. One aspect, which has been discussed to a great extent, is the use of electronic signatures in Cyprus and the legal implications of their use.

The Regulation (EU) N 910/2014

In an aim to improve trust in EU-wide electronic transactions and to increase the effectiveness of public and private online services and e-commerce, Regulation (EU) N 910/2014 on electronic identification and trust services for electronic transactions in the internal market (the “eIDAS Regulation”) created a new system for secure electronic interactions across the EU between businesses, citizens and public authorities, setting out the conditions under which Member States recognize electronic identification means of natural and legal persons falling under a notified electronic identification scheme of another Member State, rules for trust services (for the verification of the identity of individuals and businesses online, as well as authenticity of documents) and establishing a legal framework for electronic signatures, seals, time stamps, documents, registered delivery services and certificate services for website authentication.

The Cyprus Law 55(I)/2018

The eIDAS Regulation has been incorporated into Cyprus law in 2018 through Law 55(I)/2018 (the “Law”).

The three types of electronic signatures

Three types of electronic signatures, each with different judicial value, are distinguished by the Regulation, as follows:
1. an “electronic signature” is defined by the Regulation as “data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign”;
2. an “advanced electronic signature” is “an electronic signature which is uniquely linked to the signatory, is capable of identifying the signatory, is created by using electronic signature creation data that the signatory can, with a high level of confidence, use under their sole control and is linked to the data therewith in such a way that any subsequent change in the data is detectable”; and
3. a “qualified electronic signature”, which is an advanced electronic signature created by a qualified electronic signature creation device having the added comfort of being based on a qualified certificate for electronic signatures.

Admissibility and legal validity of electronic signatures

The Regulation specifies that an electronic signature cannot be denied legal effect or be deemed inadmissible as evidence in legal proceedings solely on the grounds that it is in an electronic form or that it does not meet the requirements for qualified electronic signatures. However, it grants the “qualified electronic signature” the most significant judicial value deeming that it shall be equivalent to a handwritten signature.

Obtaining a qualified electronic signature

The procedure of obtaining a qualified electronic signature under Cyprus law was announced in May, amidst the COVD-19 pandemic, by the Deputy Ministry of Research, Innovation and Digital Policy of Cyprus. The Cyprus Stock Exchange has been authorised as a Certification Service Provider to issue qualified certificates on electronic signatures, though the government has already signed a Memorandum of Understanding with commercial banks that will enable and promote electronic signatures in the banking sector.

The validity period of such qualified e-signatures is currently set at one year from the date of issuance of the qualified certificate.

The sole Qualified Trust Service Provider (QTSP) currently registered in Cyprus is JCC Payment Services Ltd and, there are just two other Greek Companies, registered in Europe, carrying out activities in Cyprus: Byte Computer ΑΕ and ADACOM S.A. However, with the passing of the new legislation it is likely that these companies will face competition.

Difficulties and complications

While electronic signatures and even advanced electronic signatures were occasionally used prior to the COVID-19 pandemic, an increase in their use was noticed under the current circumstances. Such increased use of digital signatures has highlighted certain issues with their applicability and implementation. One such problem arises with documents that require witnessing. Common law provisions, applicable in Cyprus, require the physical presence of witnesses in the same location as the signatory. Therefore, a witnessing and attestation requirement is only satisfied in the case of an electronically executed document where the witness is physically present in the same location as the signatory. While the witness can still attest the document via a digital signature from the same location as the signatory, “remote” witnessing (e.g. by video link) is not permitted.

However, it is worth mentioning that certain, if not all, local authorities and institutions are still reluctant in accepting the digital signatures. In addition, it is evident that there are still no judicial decisions in relation to the use and implementation of electronic signatures, in order to see how the Cypriot courts would interpret and apply the relevant regulatory and legal provisions.

Last but not least is the fact that heavy dependence on electronic means will bring a higher demand for cyber security which may include a requirement for the use of electronic passports. Steps such as the creation of an electronic passport are likely to meet with resistance from some sectors of society, since, whilst they are superficially equivalent to a biometric identity card, they include continuously updated real data about an individual.

Should you have any further questions, please do not hesitate to contact us at info@apapageorgiou.com.

Disclaimer: The information contained in this article is provided for informational purposes only, and should not be construed as legal advice on any matter. Andria Papageorgiou Law Firm is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this article and in no event shall be liable for any damages resulting from reliance on or use of this information.

by Andria Papageorgiou

ESMA Guidelines (ESMA35-36-1952) on certain aspects of the MiFID II compliance function requirements

The European Securities and Markets Authority (ESMA) has published the Guidelines on certain aspects of the MiFID II compliance function requirements (‘the Guidelines’), on 6 April 2021 translated in all official languages of the EU. These Guidelines, replace the previous ESMA guidelines on the same topic issued in 2012.

The Guidelines apply in relation to the requirement of the Regulated Entities who, as part of their obligations under the Investment Services and Activities and Regulated Markets Law of 2017 (‘the Law’), must ensure that the compliance function fulfils the requirements set out in Article 22 of MiFID II Delegated Regulation 565/2017 by maintaining an efficient compliance function in accordance with Article 17(2) of the Law.

The Guidelines’ objective is the establishment of consistent, efficient and effective supervisory practices and to ensure the common, uniform and consistent application of certain aspects of the MiFID II compliance function.

Therefore, these Guidelines aim at requiring the Regulated Entities to have a robust governance framework by implementing systems and controls, policies and procedures, establishing an independent and effective compliance function to manage risks and ensure compliance with their regulatory obligations.

In brief, the said Guidelines focus on the below areas:

1. Guideline on the compliance risk assessment;
2. Guideline on the monitoring obligations of the compliance function;
3. Guideline on the reporting obligations of the compliance function;
4. Guideline on the advisory and assistance obligations of the compliance function;
5. Guideline on the effectiveness of the compliance function;
6. Guideline on the skills, knowledge, expertise and authority of the compliance function;
7. Guideline on the permanence of the compliance function;
8. Guideline on the Independence of the compliance function;
9. Guideline regarding the proportionality with regard to the effectiveness of the compliance function;
10. Guidelines on combining the compliance function with other internal control functions;
11. Guidelines on outsourcing of the compliance function;
12. Guidelines on the review of the compliance function by competent authorities;

The Guidelines apply from two months of the date of publication of the guidelines on ESMA’s website in all EU official languages, i.e. 07 June 2021.

CySEC adopts these Guidelines by incorporating them into its supervisory practices and regulatory approach.

Regulated Entities must take the necessary actions in order to ensure their compliance with the Guidelines.

Should you have any further questions, please do not hesitate to contact us at info@apapageorgiou.com.

Disclaimer: The information contained in this article is provided for informational purposes only, and should not be construed as legal advice on any matter. Andria Papageorgiou Law Firm is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this article and in no event shall be liable for any damages resulting from reliance on or use of this information.