Papua New Guinea

**Bank of Papua New Guinea (BPNG):** BPNG has previously issued warnings to the public regarding the risks associated with cryptocurrencies, including volatility, lack of consumer protection, and potential use for illicit activities. These warnings do not constitute a regulatory framework but indicate a cautious approach.

*BPNG Website:* https://www.bankpng.gov.pg/ (You would typically find press releases or advisories under their 'News' or 'Publications' section).

**Financial Analysis and Supervision Unit (FASU):** As the AML/CTF regulator, FASU is responsible for ensuring compliance with the Anti-Money Laundering and Counter Terrorist Financing Act 2015. While VASPs are not explicitly listed as "reporting entities" under this Act *yet*, the FATF standards imply that they should be.

*FASU Website:* Typically integrated within the BPNG site or linked from it. Information on the AML/CTF Act and reporting requirements can be found there.

**Cryptocurrency Exchanges:** Would fall into this gap. If a business sought to offer traditional securities exchange services, it would require licenses under the Securities Commission of Papua New Guinea (if established for this purpose) or relevant financial market laws. However, crypto assets are not typically classified as securities under existing PNG law.

**Custody Providers:** Similarly, no specific license for crypto custody. Traditional trust or financial services licenses might be considered, but these are not designed for digital assets.

**Payment Processors:** While payment services generally require licensing under BPNG (e.g., National Payment Systems Act 2013), this applies to fiat currency payments and remittances. Processing crypto-to-crypto or crypto-to-fiat payments without being a licensed traditional financial institution operating in fiat would be in a grey area.

**Currently, neither a specific registration nor a licensing regime exists for VASPs.**

**Anticipated Future:** Based on FATF recommendations, it is highly probable that PNG will eventually adopt a **licensing regime** for VASPs. The FATF standards recommend that VASPs be licensed or registered, and subject to effective systems for monitoring and ensuring compliance with AML/CTF requirements. Licensing typically implies a more rigorous pre-approval process and ongoing supervision than simple registration.

**Capital Requirements:** Financial institutions, including future VASPs, are typically required to maintain a certain level of minimum paid-up capital to demonstrate financial stability and ability to absorb losses. The exact amount would be determined by BPNG based on the scope and risk of services offered.

**AML/KYC (Anti-Money Laundering / Know Your Customer):** This is the most certain requirement. Future regulations will mandate VASPs to:

Identify and verify customers (KYC).

Conduct ongoing customer due diligence.

Monitor transactions for suspicious activity.

Report suspicious transactions to FASU.

Implement robust risk-based AML/CTF programs.

Adhere to the "travel rule" for VA transfers, requiring information sharing between VASPs.

**Local Presence:** For foreign entities, a local physical presence, a local board of directors, or a local registered company structure is often a requirement for financial licenses.

**Management & Governance:** Fit and proper tests for directors and senior management, robust governance structures, internal controls, and risk management frameworks (including cybersecurity).

**Consumer Protection:** Rules around disclosures, clear terms of service, dispute resolution mechanisms, and safeguarding of client assets.

**Technology & Security:** Requirements for secure systems, data protection, and measures against cyber threats.

**Pre-Application Consultation:** Discussion with BPNG/FASU.

**Submission of Application:** Detailed business plan, legal structure, ownership details, management profiles, capital adequacy proof, AML/CTF policies, risk management framework, technology infrastructure details.

**Due Diligence & Assessment:** BPNG/FASU would review the application, conduct interviews, and assess the suitability of the applicant.

**Fit and Proper Checks:** For all key personnel.

**Approval/Rejection:** Decision by the regulator.

**Ongoing Supervision:** Regular reporting, audits, and compliance checks post-licensing.

**Bank of Papua New Guinea (BPNG):**

*Note:* Specific advisories on crypto may be found under their "News" or "Media Releases" section, but these often change or are archived. There isn't a dedicated crypto regulation page currently.

**Anti-Money Laundering and Counter Terrorist Financing Act 2015:**

This is the foundational AML/CTF law. While it doesn't explicitly name VASPs, it's the framework FASU operates under. The Act can often be found on government legal websites or linked from FASU/BPNG.

*Example Search Term (you may need to search for the specific PDF):* "Papua New Guinea Anti-Money Laundering and Counter Terrorist Financing Act 2015"

**Financial Action Task Force (FATF) Recommendations:**

These are the international standards that PNG, as a member, is expected to implement. Recommendation 15 and its Interpretive Note specifically address VAs and VASPs.

*Specific Recommendation 15:* https://www.fatf-gafi.org/recommendations.html (Look for "Standards" or "Recommendations" and locate R.15 and INR.15 on Virtual Assets and VASPs).

**Bank of Papua New Guinea (BPNG)**:

**Role:** The central bank and primary financial regulator. It has consistently issued public warnings regarding the risks associated with cryptocurrencies. It is responsible for monetary policy, financial stability, and the oversight of the financial system.

**Official Website:** Bank of Papua New Guinea

**Financial Analysis and Supervision Unit (FASU)**:

**Role:** PNG's Financial Intelligence Unit (FIU), responsible for enforcing Anti-Money Laundering and Counter-Terrorist Financing (AML/CTF) laws. As a member of the Asia/Pacific Group on Money Laundering (APG), PNG is obligated to implement FATF recommendations, which include those related to virtual assets. While there may not be specific VASP regulations, FASU would be the body responsible for monitoring suspicious transactions involving virtual assets under existing AML/CTF frameworks.

**Official Website (Often linked via BPNG or government sites):** While FASU has a presence within the BPNG and government structures, a standalone public website with detailed guidance on crypto is not readily available. Information is usually found in broader government or BPNG publications.

**Securities Commission of Papua New Guinea (SCPNG)**:

**Role:** Responsible for regulating the capital markets and securities in PNG. If any virtual asset were deemed to constitute a security under PNG law, the SCPNG would have jurisdiction. However, given the current general stance, this is less immediately relevant than the BPNG's warnings.

**Official Website:** Securities Commission of Papua New Guinea

**Bank of Papua New Guinea Act 2000 (and subsequent amendments):** This act grants the BPNG its mandate to regulate and supervise financial institutions and maintain financial stability, which underpins its cautionary stance on cryptocurrencies. (A direct URL to the full, consolidated act is often through legislative databases, e.g., via the PNG National Parliament website or Pacific Islands Legal Information Institute (PacLII). For instance, an older version might be found on PacLII).

**BPNG Public Notices/Statements (e.g., 2018):** While not legislation, these public advisories represent the official regulatory stance. For example, a **2018 public notice from BPNG** warned against cryptocurrencies, stating they are not legal tender, are unregulated, and carry significant risks, including price volatility, cybersecurity risks, and use for illicit activities. These warnings have been reiterated over time. Finding a direct permalink to a specific public notice from 2018 can be difficult as BPNG's news archives may not go back that far online, but the content of these warnings is widely reported in news and financial advisories.

**Not Legal Tender:** The Bank of Papua New Guinea has explicitly stated that cryptocurrencies are **not recognized as legal tender** in PNG.

**Unregulated Environment:** There is **no specific regulatory framework** for cryptocurrency exchanges or trading platforms operating within PNG. This means such platforms are not licensed or supervised by PNG authorities.

**High Risk Warnings:** The BPNG strongly **advises the public against investing in or trading cryptocurrencies** due to the high risks involved, including:

Potential for fraud, scams, and cyber-attacks.

Lack of recourse or regulatory oversight.

Potential for use in money laundering and terrorist financing.

**No Official Ban on Ownership/Trading (but Discouraged):** While individuals are not explicitly forbidden from owning or trading cryptocurrencies, they do so at their own risk and outside of any regulatory safety net. Operating an exchange or offering crypto services *officially* within PNG would likely be challenging without a clear regulatory framework or specific licensing.

**AML/CTF Scrutiny:** Any large or suspicious transactions involving virtual assets could fall under the purview of the FASU and the AML/CTF Act 2015.

**Anti-Money Laundering and Counter Terrorist Financing Act 2015 (AML/CTF Act 2015):** This Act provides the legal basis for identifying, freezing, and confiscating assets related to money laundering and terrorist financing. It obligates financial institutions and designated non-financial businesses and professions (DNFBPs) to implement AML/CTF measures. While it pre-dates specific crypto regulation, its broad definitions and principles are applied to virtual asset activities where deemed appropriate by regulators.

*Note:* Finding a publicly accessible, definitive online link for the most current version of PNG legislation can sometimes be challenging. Often, these are available through official government gazettes or legal databases.

**Reference:** Anti-Money Laundering and Counter Terrorist Financing Act 2015 (No. 4 of 2015). It can often be found on legal databases like PACLII (Pacific Legal Information Institute): http://www.paclii.org/pg/legis/consol_act/amlact2015408/ (This link may lead to an older version, direct legislative publication is preferred).

**Terrorism Act 2002 (and subsequent amendments):** This Act provides specific provisions related to terrorist financing and the designation of terrorist entities.

**Reference:** Terrorism Act 2002. Again, often available via PACLII or official sources.

**Financial Analysis and Supervision Unit (FASU):** As the FIU, FASU issues guidance, receives suspicious transaction reports (STRs), and disseminates information regarding designated persons and entities subject to sanctions.

**Reference:** FASU Website (part of BPNG): https://www.bankpng.gov.pg/financial-analysis-and-supervision-unit-fasu/

**Bank of Papua New Guinea (BPNG) Circulars and Statements:** BPNG, as the central bank, has the authority to regulate financial services. While it has expressed caution regarding cryptocurrencies, it is working towards a regulatory framework for virtual assets. Any entities providing virtual asset services are expected to comply with existing AML/CTF obligations.

**Reference:** BPNG Public Statements/Press Releases (monitor for specific crypto guidance): https://www.bankpng.gov.pg/media-releases/

**Obligations for VASPs (or entities providing similar services):**

**Designated Person/Entity Screening:** VASPs must screen their customers (both at onboarding and on an ongoing basis) against the UN Consolidated Sanctions List, which includes individuals and entities designated under various UN sanctions regimes (e.g., terrorism, proliferation, specific country regimes).

**Asset Freezing:** If a VASP identifies that it holds assets (including virtual assets) belonging to a designated person or entity, it must immediately freeze those assets and report the match to FASU.

**Prohibition on Dealing:** VASPs are prohibited from making funds or economic resources available to, or for the benefit of, designated persons or entities.

**Suspicious Transaction Reporting (STR):** Any transaction involving designated persons, or transactions suspected of being related to money laundering or terrorist financing, must be reported to FASU.

**Legal Basis:** The AML/CTF Act 2015 mandates compliance with international obligations, including UN sanctions. FASU, under this Act, is responsible for disseminating UN sanctions lists to reporting entities and overseeing compliance.

**Reference:** UN Security Council Sanctions Committees Website (for consolidated lists): https://www.un.org/securitycouncil/sanctions/information

FASU typically publishes advisories when new UN designations are made.

**Extraterritorial Reach:** OFAC and EU sanctions can have extraterritorial effects, particularly if transactions involve:

US persons (citizens, residents, entities, or their foreign branches).

The US financial system (e.g., US dollar clearing).

**Correspondent Banking Relationships:** PNG financial institutions (and potentially VASPs dealing with them) rely on correspondent banking relationships with US and European banks, which impose their own OFAC/EU compliance requirements.

**Reputational Risk:** Failing to comply with major international sanctions regimes like OFAC or EU can lead to severe reputational damage, de-risking by international partners, and exclusion from global financial systems.

**Obligations:** VASPs in PNG that engage in international transactions, particularly those involving US dollars or counterparties in the US/EU, should screen against:

**OFAC Specially Designated Nationals (SDN) List:** https://www.treasury.gov/ofac/downloads/sdn.txt

**EU Consolidated Financial Sanctions List:** https://www.sanctionsmap.eu/

**Who:** Any entity offering services related to virtual assets that falls under the scope of "financial institutions" or "designated non-financial businesses and professions" (DNFBPs) as defined by the AML/CTF Act 2015, or is otherwise regulated by BPNG/FASU. Even if not formally regulated as such yet, prudent business practice dictates compliance.

**What:** Screening must be conducted against:

**OFAC SDN List** (for US nexus/best practice).

**EU Consolidated Financial Sanctions List** (for EU nexus/best practice).

Any other relevant sanctions lists from jurisdictions where the VASP operates or has significant business ties.

**Onboarding:** Before establishing any business relationship or conducting transactions.

**Ongoing Monitoring:** Regular screening of existing customer bases against updated lists.

**Per-Transaction Screening:** For high-risk transactions or as part of a risk-based approach.

**How:** Using reliable screening software or services that keep lists updated and provide auditable results.

**Prohibited Jurisdictions:** VASPs are generally prohibited from dealing with individuals or entities located in or connected to comprehensively sanctioned jurisdictions (e.g., North Korea, Iran, Syria, Cuba, certain regions of Ukraine/Russia) where those sanctions apply.

**High-Risk Jurisdictions:** VASPs are expected to apply enhanced due diligence to transactions involving countries identified by FATF or other international bodies as high-risk for money laundering and terrorist financing. FASU may issue guidance on such jurisdictions.

**For Individuals:** Imprisonment, substantial fines.

**For Corporations:** Significant monetary penalties (fines) that can be millions of Kina, and potential de-registration or loss of operating license.

**For Directors/Officers:** Personal liability, including fines and imprisonment.

**Terrorism Act 2002:** Severe penalties, including long-term imprisonment for financing terrorism.

**Reputational Damage:** Significant harm to business reputation, making it difficult to operate internationally or attract customers.

**De-risking:** International financial partners may sever relationships, effectively cutting off access to global financial systems.

**Reference:** Specific penalty provisions can be found in the respective Acts, particularly Part 9 (Enforcement and Penalties) of the AML/CTF Act 2015.

**Implement UN Sanctions:** FASU and BPNG are responsible for enforcing UN Security Council Resolutions, which list sanctioned individuals and entities. These lists are applied universally, meaning any assets (fiat or virtual) belonging to these designated persons/entities must be frozen.

**Follow FATF Recommendations:** PNG's regulatory developments for VASPs will be guided by FATF Recommendation 15 (New Technologies) and Recommendation 6 (Targeted Financial Sanctions), ensuring that VASPs are subject to the same sanctions obligations as traditional financial institutions.

**Investment/Security Tokens:** Tokens that represent traditional financial instruments such as equity (ownership stakes), debt (loans), or rights to future profits, dividends, or revenue streams from an underlying enterprise. These are almost certainly considered securities.

**Asset-Backed Tokens:** Tokens representing fractional ownership of real-world assets (e.g., real estate, art, commodities) or financial assets (e.g., shares, bonds) would be considered securities, as they derive their value from the underlying security/asset.

**Certain Stablecoins:** While a stablecoin designed purely for transactional utility might not be a security, those that offer yield, profit-sharing, or are part of an investment scheme (e.g., lending platforms promising returns) would likely fall under securities regulation.

**Prospectus Requirements:** Issuers would generally need to prepare and register a detailed prospectus with the SCPNG, providing comprehensive information about the token, the project, the issuer, risks, and financial details, before offering the tokens to the public.

**Licensing:** Issuers, promoters, and distributors of securities tokens would need to be licensed by the SCPNG to conduct such activities. This includes investment advisors, brokers, and capital market participants.

**Corporate Governance & Reporting:** Companies issuing security tokens would be subject to ongoing corporate governance, financial reporting, and disclosure obligations as specified by the Capital Market Act.

**Exemptions:** Traditional securities law exemptions (e.g., private placement exemptions for sophisticated investors, small offering exemptions, or offerings not deemed a "public offering") might apply, but specific guidance for crypto tokens is absent. Issuers would need to seek explicit clarification from the SCPNG.

**Regulated Exchanges:** Secondary trading would ideally need to occur on a licensed securities exchange (e.g., the PNGX National Stock Exchange, if it were to list digital assets) or through licensed brokers. Operating an unlicensed exchange for security tokens would be illegal.

**Market Conduct Rules:** All secondary trading would be subject to market conduct rules, including prohibitions against market manipulation, insider trading, and other abusive practices.

**AML/CFT:** Any platform facilitating secondary trading, regardless of whether it's classified as a securities exchange, would be subject to strict AML/CFT obligations under the *Anti-Money Laundering and Counter-Terrorist Financing Act 2015*, enforced by the Financial Analysis and Supervision Unit (FASU) and BPNG.

**Nascent Market:** The cryptocurrency market in PNG is relatively small compared to more developed economies.

**Regulatory Caution:** PNG's regulators have adopted a stance of extreme caution, primarily issuing warnings rather than engaging in specific enforcement for unlicensed crypto offerings.

**Lack of Specific Legislation:** Without explicit crypto legislation, enforcement would fall under existing general laws, which may not always be framed as "crypto enforcement."

**Focus on Warnings:** The BPNG has historically focused on issuing public warnings about the risks associated with cryptocurrencies, including their unregulated nature, price volatility, and potential for scams.

Seek injunctions to prevent further illegal offerings.

Refer cases for criminal prosecution for fraud or unlicensed activities.

**The Capital Market Act 1998:** This is the primary legislation governing securities and capital markets in PNG. You would typically find this on the Pacific Islands Legal Information Institute (PacLII) website or via the PNG National Parliament/Department of Justice and Attorney General sites.

*Direct URL for Act text is often difficult to find and may require navigating government legal databases or PacLII.* A search on PacLII for "Capital Market Act Papua New Guinea" should yield results: https://www.paclii.org/pg/legis/

**Securities Commission of Papua New Guinea (SCPNG):**

Website: http://www.scpng.gov.pg/ (Check for any news or statements, though specific crypto guidance is unlikely to be found here.)

**Bank of Papua New Guinea (BPNG):** BPNG has issued warnings and statements regarding virtual assets, primarily focusing on their non-legal tender status and risks.

Website: https://www.bankpng.gov.pg/ (Look for press releases, circulars, or financial stability reports for any mention of virtual assets.)

**Anti-Money Laundering and Counter-Terrorist Financing Act 2015:** This act is crucial for any entity dealing with virtual assets, regardless of their securities classification.

**Regulator Name:** Bank of Papua New Guinea (BPNG)

**Entity Targeted:** General public, financial institutions, individuals considering or engaging with cryptocurrencies.

**Violation Type (Implied):** Engaging in unauthorized financial activities; lack of consumer protection for speculative investments; potential for financial crime.

**Penalty Amount:** N/A (This was a public warning, not an enforcement action with a specific penalty).

**Date:** August 12, 2021 (The most prominent public warning in recent years)

**Outcome:** The BPNG clarified that cryptocurrencies are not legal tender in PNG. They highlighted risks such as volatility, lack of regulation, potential for scams, and use in illicit activities. The statement advised the public to exercise caution and warned that losses would not be protected by PNG laws. It also indicated the BPNG's intention to develop appropriate regulations for digital assets in the future. This warning has generally underpinned the BPNG's ongoing stance.

Bank of Papua New Guinea - Public Notice on Digital Currencies, Virtual Assets and Cryptocurrencies (PDF)

Business Advantage PNG - PNG central bank issues warning on cryptocurrencies

**Entity Targeted:** General public, potential market participants, financial sector.

**Violation Type (Implied):** Operating without appropriate licensing once a framework is established; engaging in risky or illicit activities.

**Penalty Amount:** N/A (Ongoing policy development and warnings, no specific penalties).

**Date:** Ongoing, with updates or reiterations appearing in various reports and speeches (e.g., annual reports, statements to media).

**Outcome:** The BPNG continues to monitor global developments and has expressed its intention to develop a comprehensive regulatory framework for digital assets. This includes exploring options for central bank digital currencies (CBDCs) and regulating private virtual assets. The current outcome is a state of active observation and policy formulation rather than direct enforcement.

Statements are often general and not tied to a single "action" URL, but reflect ongoing policy. For example, the BPNG's Annual Reports or public addresses often touch upon these topics. The above 2021 notice remains the foundational document. News articles frequently refer back to this stance:

PNG Central Bank: A cautious approach towards cryptocurrency - The PNG Bulletin (Refers to BPNG's ongoing stance in 2022)

BPNG Governor's Speeches and Statements (often contain updates on regulatory priorities) (While not a direct enforcement action, this is where updates on regulatory intent would be found.)