Uganda -- Licensing Requirements Regulatory Overview

**Regulator Name:** Bank of Uganda (BoU)

**Entity Targeted:** All Regulated Financial Institutions (e.g., Commercial Banks, Payment Service Providers, Microfinance Deposit-taking Institutions)

**Violation Type:** N/A (this was a pre-emptive prohibition, not an action against a prior violation by a crypto firm)

**Penalty Amount:** N/A (the circular itself did not impose a fine on a crypto entity, but implied penalties for regulated entities that failed to comply with the directive)

**Outcome:** The BoU issued a circular directing all supervised financial institutions to cease facilitating transactions related to virtual currencies. This effectively cut off cryptocurrency exchanges and related businesses from accessing formal banking services in Uganda. The BoU cited concerns over consumer protection, money laundering, terrorism financing, and the lack of specific regulations. This directive has made it extremely challenging, if not impossible, for crypto businesses to operate formally within the Ugandan financial system.

**Bank of Uganda Circular (N. 3 of 2021):** While direct link to the circular might change, news articles widely reported on it and often link to scans of the original.

Bank of Uganda Warns Supervised Entities Against Dealing in Cryptocurrencies - Techweez (reporting on the circular)

Uganda's Central Bank Orders Financial Institutions to Cease All Crypto Transactions - Bitcoin.com News

**Regulator Name:** Bank of Uganda (BoU), Financial Intelligence Authority (FIA)

**Entity Targeted:** The general public and unregulated virtual asset service providers (implicitly)

**Violation Type:** N/A (warnings about risks, not specific violations)

**Date:** Ongoing, but prominent warnings in late 2020, 2021, and subsequent reiterations.

**Outcome:** These warnings emphasize that cryptocurrencies are not legal tender, are not regulated by the BoU, and carry high risks of fraud, money laundering, and loss of funds. The FIA has also highlighted AML/CFT risks. The lack of a specific licensing and regulatory framework for VASPs means that any entity operating with virtual assets does so without official recognition or oversight, increasing their operational risk and exposure to potential future actions should a framework be introduced. This environment largely *prevents* formal enforcement actions against VASPs for regulatory non-compliance because there aren't specific VASP regulations to violate yet, other than general financial laws (e.g., fraud).

**Source URL (example of a reiteration):**

Bank of Uganda reiterates its tough stance on cryptocurrency use - Africanews (2022)

FIA Uganda AML/CFT Guidances (though not crypto-specific, they cover general financial crime) - specific crypto guidance might be harder to find directly, but their mandate covers new financial technologies.

A comprehensive legal and regulatory framework for the licensing and supervision of Virtual Asset Service Providers (VASPs) is still largely absent.

The existing regulatory stance, exemplified by the 2021 circular, has effectively pushed crypto operations out of the formal financial system, making traditional regulatory enforcement challenging.

**Bank of Uganda (BOU) Stance:** The BOU has repeatedly issued advisories clarifying that cryptocurrencies are not recognized as legal tender in Uganda and that the central bank does not regulate or license any cryptocurrency businesses.

**Reference:** *Bank of Uganda, Public Notice on Cryptocurrencies* (various notices, e.g., November 2021, March 2019, generally found in their press release archives). While specific direct URLs for older press releases can be hard to pinpoint consistently, searching "Bank of Uganda cryptocurrencies" on their official website (www.bou.or.ug) will yield relevant advisories.

**National Payment Systems Act, 2020 (NPS Act) and Regulations, 2021:** This is the most relevant piece of legislation for payment services in Uganda.

**National Payment Systems Act, 2020:** https://www.bou.or.ug/bou/docs/NPS%20Act,%202020.pdf

**National Payment Systems Regulations, 2021:** (Often published as a statutory instrument, typically available via the Uganda Legal Information Institute or Ministry of Finance archives).

**Relevance:** The NPS Act and its regulations govern the operation of payment systems and the licensing of payment service providers (PSPs). While it does not explicitly mention cryptocurrencies, an argument could be made that any entity facilitating fiat-to-crypto or crypto-to-fiat transactions, or otherwise dealing with funds in a way that resembles traditional payment services, *might* fall under the purview of these laws. However, the BOU has not clarified how these laws apply to crypto-specific businesses.

**Current Situation:** No specific license. Many operate in a grey area.

**Potential Interpretation:** If an exchange facilitates transactions between fiat currency and virtual assets (or vice versa), it *could* theoretically be deemed to be performing functions similar to a money remitter or payment service provider. In such a scenario, they *might* be required to obtain a **Payment Service Provider (PSP) license** or a **Payment System Operator (PSO) license** under the **National Payment Systems Act, 2020**, regulated by the Bank of Uganda.

**Requirement for a PSP/PSO License (General):** This would entail meeting the requirements for traditional payment service providers.

**Current Situation:** No specific license.

**Potential Interpretation:** Unless the custody service is directly tied to a payment system or involves managing traditional financial assets alongside virtual assets, it is highly unlikely to fall under any existing financial services licensing regime. These entities currently operate without specific oversight.

**Current Situation:** No specific license for crypto-native processing.

If the processing involves converting fiat to crypto, or crypto to fiat for merchants/users, it again *might* be seen as a **Payment Service Provider (PSP)** under the NPS Act.

If the processor only handles crypto-to-crypto payments for merchants (e.g., accepting Bitcoin and paying the merchant in Ethereum), it would likely fall outside current licensing requirements.

**Requirement for a PSP License (General):** As above.

**For Crypto Assets:** Currently, neither a specific licensing nor a specific registration regime exists for virtual asset service providers in Uganda.

**For Traditional Financial Services:** Uganda primarily operates a **licensing regime** for regulated financial institutions and payment service providers, where entities must apply for and obtain a specific license from the relevant regulator (e.g., Bank of Uganda, Uganda Microfinance Regulatory Authority, Capital Markets Authority) before commencing operations. There might be some lighter "registration" requirements for certain categories of smaller financial services providers, but full-fledged financial services typically require a license.

**Current:** No specific capital requirements for crypto businesses.

**Hypothetical (based on PSPs):** For a Payment Service Provider license under the NPS Act, there are minimum paid-up capital requirements (e.g., UGX 100 million for Tier 1 PSPs, UGX 10 billion for Tier 2 PSPs like e-money issuers – these figures are indicative and subject to change by the BOU). A future crypto license would likely have similar or tailored capital requirements depending on the scope of services.

**AML/KYC (Anti-Money Laundering / Know Your Customer):**

**Current:** While there are no specific crypto AML laws, Uganda has a robust **Anti-Money Laundering Act, 2013 (as amended)**.

**Reference:** *Anti-Money Laundering Act, 2013* (and subsequent amendments, available via Uganda Legal Information Institute: https://www.ulii.org/ug/legislation/act/2013/6)

**Relevance:** Financial Institutions and designated non-financial businesses and professions (DNFBPs) are subject to AML obligations. Although VASPs are not explicitly listed as "financial institutions" under the current AML Act, any entity dealing with funds or facilitating financial transactions is expected to implement AML/KYC measures in practice to avoid involvement in illicit activities. Any future VASP regulation would certainly impose strict AML/KYC obligations, including:

Customer Due Diligence (CDD) procedures.

Reporting of suspicious transactions (STRs) to the Financial Intelligence Authority (FIA).

**Current:** No specific requirement for crypto businesses.

**Hypothetical (based on traditional financial services):** For regulated financial services, a local physical presence, local incorporation, and often local management and directors are typically required. This would almost certainly be a requirement for any future VASP license, ensuring local oversight and accountability.

**Initial Consultation:** Informal discussions with the Bank of Uganda.

**Application Submission:** Submitting a formal application to the BOU, including:

Company incorporation documents (must be a Ugandan entity).

Detailed business plan, including services offered, target market, operational procedures.

Technical and security specifications of the platform/technology.

Proof of capital (e.g., audited financial statements, bank statements).

AML/CFT Policy and Compliance Manual.

Information on key personnel (directors, senior management) – including background checks and fit-and-proper assessments.

**Review and Due Diligence:** The BOU would conduct a thorough review of the application, including site visits, interviews, and technical assessments.

**Provisional Approval:** If satisfactory, the BOU might grant provisional approval.

**Final Approval and Licensing:** Upon meeting all conditions, the BOU would issue the final license.

**Ongoing Compliance:** Licensees would be subject to ongoing supervision, reporting requirements, and compliance audits by the BOU.

**Closely monitor regulatory developments:** The landscape is dynamic, and new laws could emerge.

**Seek legal counsel:** Obtain specific legal advice on how existing laws might apply to their particular business model.

**Implement strong internal controls:** Proactively adopt international best practices for AML/KYC, cybersecurity, and consumer protection, as these will undoubtedly form the foundation of any future regulatory framework.

**No Legal Tender:** Cryptocurrencies are explicitly not recognized as legal tender.

**No Licensing Framework:** There is no framework for licensing Virtual Asset Service Providers (VASPs), including crypto exchanges, custody providers, or issuers of virtual assets.

**Prohibition on Financial Institutions:** Licensed financial institutions are prohibited from facilitating crypto-related transactions or engaging with crypto businesses.

**Warnings to the Public:** The public is repeatedly warned about the risks associated with virtual assets, including volatility, fraud, money laundering, and lack of consumer protection.

**Bank of Uganda (BoU):** This is the primary authority responsible for the regulation, control, and supervision of all financial institutions and the issuance of currency. The BoU has been the most vocal in issuing warnings and clarifying its stance on virtual assets.

**Financial Intelligence Authority (FIA):** As Uganda's central agency for combating money laundering and terrorist financing, the FIA is responsible for ensuring that financial institutions comply with anti-money laundering and combating the financing of terrorism (AML/CFT) laws. While crypto businesses are not licensed, if they operate, they would fall under the purview of AML/CFT obligations.

**Capital Markets Authority (CMA):** While the CMA regulates capital markets, securities, and investment activities, it has not actively regulated cryptocurrencies as securities. Their statements often defer to the BoU regarding virtual assets, unless a specific digital asset falls squarely within the definition of a security under existing laws, which is rare for general cryptocurrencies.

**The Bank of Uganda Act, 2000:** This act establishes the functions of the BoU, including its powers to issue currency and regulate financial institutions. It's the basis for the BoU's pronouncements on non-legal tender status and warnings.

*Reference (via Uganda Legal Information Institute - ULII):* https://www.uli.ug/uganda/legislation/act/2000/5/bank-uganda-act-2000

**The Financial Institutions Act, 2004 (as amended):** This Act empowers the BoU to license, supervise, and control financial institutions. It is the basis for the BoU's directive prohibiting licensed entities from engaging with virtual assets.

**The Anti-Money Laundering Act, 2013 (as amended):** This Act provides the legal framework for combating money laundering and terrorist financing. While virtual assets are not explicitly named, the FIA's mandate extends to any financial transaction or service that could facilitate illicit activities, implying that even unlicensed VASP activities would be subject to its scrutiny.

**Crypto Trading (by individuals):** While there isn't an explicit law making it illegal for individuals to *hold* or *trade* cryptocurrencies, the BoU strongly discourages it due to the inherent risks (volatility, scams, lack of regulatory oversight, no consumer protection). Individuals who engage in trading do so at their own risk, with no legal recourse in case of loss or fraud.

**No Licensing:** Uganda does not license cryptocurrency exchanges or any Virtual Asset Service Providers (VASPs). Any entity attempting to operate as a crypto exchange within Uganda would be doing so without regulatory approval.

**Prohibition on Financial Institution Support:** Licensed banks and payment service providers are explicitly prohibited from facilitating payments to or from crypto exchanges or otherwise engaging with crypto businesses. This makes it extremely difficult for exchanges to operate legally within the traditional financial system.

**AML/CFT Scrutiny:** Even in the absence of a licensing regime, the FIA would still hold such entities accountable for AML/CFT compliance under the Anti-Money Laundering Act, 2013, given that they would be handling transactions that could be used for illicit purposes.

**Risk for Users:** Users engaging with unlicensed exchanges face significant risks, including the lack of security, potential for fraud, and no legal protection for their funds.