Kazakhstan -- Licensing Requirements Regulatory Overview

Kazakhstan has adopted a dual regulatory approach to virtual assets. The primary hub for legitimate, licensed virtual asset activities is the Astana International Financial Centre (AIFC), a special economic zone with its own legal system based on English common law. Outside the AIFC, the general laws of the Republic of Kazakhstan are more restrictive, generally prohibiting the issuance and unlicensed circulation of cryptocurrencies, though regulated crypto mining is permitted.

This answer will focus primarily on the AIFC regime, as it is where licensing for virtual asset service providers (VASPs) occurs.

Cryptocurrency/Virtual Asset Licensing in Kazakhstan (AIFC Regime)

The Astana International Financial Centre (AIFC) provides a dedicated regulatory framework for Digital Assets, overseen by the AIFC Financial Services Authority (AFSA). The AIFC's objective is to create a well-regulated environment for the development of FinTech and Digital Assets.

Regulatory Bodies

1. AIFC Financial Services Authority (AFSA): The independent regulator of the AIFC, responsible for licensing, supervision, and enforcement of financial services, including virtual asset activities.
2. AIFC Court and International Arbitration Centre: Provides independent resolution of disputes.
3. Financial Monitoring Agency of the Republic of Kazakhstan: The national financial intelligence unit (FIU) for anti-money laundering and counter-terrorist financing (AML/CFT) oversight, which works in coordination with AFSA for AIFC entities.

Registration vs. Licensing Regime

Within the AIFC, the regime for virtual asset service providers (VASPs) is licensing, not registration. Firms must apply for and obtain specific licenses from the AFSA to conduct regulated activities involving digital assets.

Required Licenses for Exchanges, Custody Providers, and Payment Processors

The AIFC Digital Asset Rules categorize various activities. Here are the most relevant ones:

1. Exchanges (Digital Asset Trading Facility - DATF)

• License Type: Operating a Digital Asset Trading Facility (DATF).
• Definition: A person who provides a facility where multiple third-party buying and selling interests in Digital Assets are able to interact in the facility in a way that results in a Contract for sale or purchase. This broadly covers cryptocurrency exchanges.
• Key Services: Matching orders, trade execution, offering a trading platform for various digital assets (utility tokens, security tokens, potentially payment tokens/cryptocurrencies).

2. Custody Providers (Custodian)

• License Type: Providing Custodian (Digital Assets) services.
• Definition: A person who provides services for the safekeeping, administration, and segregation of Digital Assets (or instruments enabling control over Digital Assets) on behalf of clients.
• Key Services: Secure storage of private keys, multi-signature wallets, cold storage solutions, segregated client accounts, record-keeping.

3. Payment Processors (Payment Services Provider - PSP)

• License Type: Providing Payment Services Provider (PSP) services.
• Definition: While not exclusively for digital assets, a PSP license is required for firms handling fiat-to-crypto and crypto-to-fiat conversions, remittances, or other payment-related services where digital assets are involved in the transaction flow. AFSA's rules define specific "payment services" that require licensing, and these can extend to services involving digital assets.
• Key Services: Fiat-to-crypto on/off-ramps, crypto remittances, facilitating payments using stablecoins or other digital assets.

Other Relevant Licenses:

• Broker (Digital Assets): Acting as an agent for clients in buying and selling digital assets.
• Dealer (Digital Assets): Dealing in digital assets as a principal, either buying or selling for one's own account.

Key Requirements (General for AIFC Licenses)

The AFSA imposes stringent requirements across several areas:

1. Legal Form & Local Presence:

   • Must be incorporated or established as a legal entity within the AIFC.
   • Maintain a physical office presence in the AIFC.
   • Have key personnel (e.g., CEO, Compliance Officer) primarily based in the AIFC.

2. Capital Requirements:

   • Base Capital: This varies significantly based on the type and scope of the license.
     • Digital Asset Trading Facility (DATF): Typically USD 300,000 (or KZT equivalent) for non-dealing DATFs. If the DATF also acts as a Dealer, higher capital may be required.
     • Custodian (Digital Assets): Typically USD 300,000 (or KZT equivalent).
     • Payment Services Provider (PSP): Varies depending on the specific payment services and tiers of authorization, ranging from USD 50,000 to USD 200,000 (or KZT equivalent) for higher-tier PSPs.
   • Ongoing Capital: Firms must maintain capital sufficient to cover their regulatory capital requirements (base capital plus operational risk requirements) at all times.

3. AML/KYC (Anti-Money Laundering / Know Your Customer):

   • Adherence to AIFC AML Rules, which are aligned with FATF (Financial Action Task Force) recommendations.
   • Robust AML/CFT policies, procedures, and controls.
   • Appointment of a qualified Compliance Officer (MLRO - Money Laundering Reporting Officer).
   • Customer due diligence (CDD) and enhanced due diligence (EDD) procedures.
   • Transaction monitoring systems.
   • Suspicious activity reporting (SAR) obligations to the Financial Monitoring Agency.
   • Screening against sanctions lists.

4. Fit and Proper Criteria:

   • All senior management, shareholders (above a certain threshold), and key personnel must meet AFSA's "Fit and Proper" criteria regarding honesty, integrity, reputation, competence, and financial soundness.

5. Governance & Risk Management:

   • Comprehensive business plan outlining proposed activities, target market, operational structure, and financial projections.
   • Robust corporate governance framework.
   • Adequate risk management systems and controls, including cybersecurity, operational risk, market risk, and compliance risk.
   • Internal audit function (or outsourced equivalent).

6. Technology & Security:

   • Demonstrated ability to protect client assets and data.
   • Robust IT infrastructure and cybersecurity measures.
   • Regular independent security audits.
   • Business continuity and disaster recovery plans.

Application Process (General for AIFC Licenses)

The AFSA application process is rigorous and typically involves several stages:

1. Initial Consultation: Informal discussion with AFSA to clarify regulatory requirements and the application process.
2. Application Submission:
   • Completion of detailed application forms (typically Forms 1-4).
   • Submission of comprehensive documentation, including:
     • Business Plan
     • Financial Projections
     • Detailed Policies and Procedures (AML/KYC, Risk Management, Cybersecurity, etc.)
     • CVs and Fit & Proper forms for all key individuals and significant shareholders
     • Legal entity documents (incorporation certificates, constitutional documents)
     • Organizational chart
     • Proof of capital
     • IT architecture and security assessments.
3. Review and Assessment: AFSA reviews the application, may request additional information, and conduct interviews with key personnel. This stage involves detailed scrutiny of the business model, financial projections, risk management framework, and compliance arrangements.
4. In-Principle Approval: If satisfied, AFSA may issue an "in-principle" approval, subject to certain conditions (e.g., establishing a local office, hiring specific personnel).
5. Final Approval and Licensing: Once all conditions are met, AFSA grants the license.
6. Post-Licensing Obligations: Ongoing reporting, compliance with AIFC Rules, and regular audits.

Republic of Kazakhstan (General Laws outside AIFC)

Outside the AIFC, the general legal framework in Kazakhstan has been more restrictive regarding virtual assets:

• Prohibition: The general law of the Republic of Kazakhstan historically prohibited the issuance and unlicensed circulation of "unsecured" digital assets (i.e., cryptocurrencies not backed by a tangible asset or security) as a payment instrument.
• Digital Assets Law (Recent Developments): Kazakhstan has recently been active in developing national legislation for digital assets. The Law "On Digital Assets in the Republic of Kazakhstan" (signed into law in February 2023) regulates various aspects, including:
  • Mining: Legalized and regulated. Miners must register, obtain licenses, and are subject to energy consumption quotas and taxation.
  • Issuance of Secured Digital Assets: Permits the issuance of digital assets backed by specific assets or rights, with the National Bank of Kazakhstan overseeing this area.
  • Unlicensed Activity: Reaffirms the prohibition on the issuance and circulation of unsecured digital assets outside the AIFC. This means that exchanges, custodians, and payment processors dealing with cryptocurrencies generally must operate within the AIFC framework to be legal in Kazakhstan.

Specific Regulatory References and URLs

AIFC Financial Services Authority (AFSA):

• AFSA Official Website: https://afsa.kz/

Key AIFC Regulatory Framework Documents:

1. AIFC General Regulations: The foundational regulatory document.
   • Can typically be found in the "Legal Framework" or "Rules and Regulations" section of afsa.kz.
2. AIFC Digital Asset Rules: Contains the specific framework for regulating digital assets and related services.
   • Search for "AIFC Digital Asset Rules" on afsa.kz. (Example: https://afsa.kz/sites/default/files/2023-01/Digital%20Asset%20Rules.pdf - Please note: Always check AFSA's website for the most current version, as rules can be updated.)
3. AIFC Anti-Money Laundering, Counter-Terrorist Financing and Sanctions Rules (AIFC AML Rules): Crucial for compliance requirements.
   • Search for "AIFC AML Rules" on afsa.kz.
4. AIFC Conduct of Business Rules: Governs how firms conduct their business with clients.
   • Search for "AIFC Conduct of Business Rules" on afsa.kz.
5. AIFC Payment Services Rules: Relevant for PSPs.
   • Search for "AIFC Payment Services Rules" on afsa.kz.
6. AIFC Fees Rules: Details application and annual supervision fees.
   • Search for "AIFC Fees Rules" on afsa.kz.
7. Application Packs and Guidance: AFSA provides detailed application forms and guidance notes for each license type, which often include specific capital requirements and detailed checklists.
   • Look under "Licensing" or "FinTech" sections on afsa.kz for "Application Forms" or "Regulatory Guidance."

Republic of Kazakhstan (General Law):

• Law "On Digital Assets in the Republic of Kazakhstan": For the most up-to-date information, it's best to consult official legal databases in Kazakhstan or reach out to legal counsel specializing in Kazakh law. Searches on official government sites (e.g., https://adilet.zan.kz/) using the Kazakh or Russian title "О цифровых активах в Республике Казахстан" would be necessary, but these databases are primarily in local languages.

Disclaimer: This information is for general guidance only and does not constitute legal or financial advice. Regulatory requirements are complex and subject to change. It is essential to consult with legal professionals specializing in AIFC and Kazakh law before making any decisions or undertaking any virtual asset activities.