21.8 C
New York

Key point of the ” VARA’s VA Management and Investment Services Rulebook (Updated May 2025)”

ComplianceUAE ComplianceGCCUAEUAE RegulatorVARA

Published:

Reading time: 4 min.

Original source: VARA_EN_317_VER2025051

1. Regulatory Context & Scope

VARA—established under Dubai Law No. 4 of 2022—is the dedicated regulator for Virtual Asset Service Providers (VASPs) operating in Dubai (excluding DIFC). This Rulebook governs all VASPs licensed to perform VA Management and Investment Services and applies in addition to the entire VARA regulatory stack: Company Rulebook, Compliance & Risk Management Rulebook, Technology and Information Rulebook, Market Conduct Rulebook, and any other VA-activity–specific rulebooks.
(Introduction, pp. 3–4)

What this means for practitioners

You must treat VA management and investment services as a regulated discretionary / advisory investment activity with cumulative compliance obligations. Licensing for one activity does not exempt compliance for others.

2. Governance: Policies, Procedures & Public Transparency Requirements

2.1 Mandatory Internal Policies (Part I.A)

VASPs must maintain written policies covering:

  • Client access and withdrawal of virtual assets, especially in stress scenarios.
  • Client suitability assessment protocols considering product complexity, costs, and risks.
  • Staff competency frameworks and ongoing training.
  • Any additional policies VARA later mandates.
    (Part I.A.1, p. 4)

Policies must be reviewed at least annually.

2.2 Public Disclosures (Part I.B)

VASPs must publish on their website:

  • Full conflict of interest disclosures.
  • Policies on data privacy, whistleblowing, complaint handling.
  • Clear statements on client asset access, especially during volatility.
  • How client assets are protected, used, and safeguarded from counterparty risk.
  • Order execution, liquidity risk management, and use of client assets.
  • Explicit warnings that virtual assets used during management may be at risk, including types, likelihood, and severity of potential loss.
  • Disclosures of past criminal convictions of Senior Management or Board.
    (Part I.B.1–2, pp. 4–5)

Implication for practitioners

Transparency standards mirror those of traditional fund managers but are more expansive, especially around asset use, custody and risk statements, reflecting lessons from global VA failures (e.g., FTX, Celsius).

3. Client-Facing Conduct Rules

3.1 Suitability Requirements (Part II.A)

Before providing advisory or discretionary management services, VASPs must assess:

  • Client knowledge and experience in VA investing.
  • Investment objectives and constraints, including risk appetite and time horizon.
  • Financial circumstances, especially the ability to absorb losses.
  • Proportion of net worth exposed to VAs.
    (Part II.A.2, p. 6)

All supporting information must be kept for 8 years.

3.2 Verification of Information (Part II.C)

VASPs may not issue statements or forecasts that are misleading or unverified. All factual representations must be confirmed via reliable sources, with ongoing monitoring for accuracy.
(Part II.C, p. 7)

3.3 Prohibited or Restricted Activities (Part II.D)

  • Rehypothecation of VA is forbidden without explicit prior client consent.
  • VASPs may only use client VA under specific instructions or explicit Client Agreement language.
  • Client VA must be held on behalf of clients, unless otherwise contractually agreed.
    (Part II.D, pp. 7–8)

Practitioner insight:
This is a strong move toward segregated client asset protection, reflective of global post-crisis regulatory emphasis.

4. Reporting, Valuation, Fees & Marketing Controls

4.1 Client Reporting & Valuation (Part II.E)

Monthly reporting must include:

  • Total value of VA in client accounts.
  • All transactions for the period.
  • Valuation changes (total and period-specific).
    (Part II.E.1, p. 8)

Valuation must be independent and ongoing, supported by documented valuation procedures.

4.2 Fees & Charges (Part II.F)

  • Fees may only be taken if clearly stated in the Client Agreement.
  • 90-day notice is required before introducing or increasing any fees.
    (Part II.F, p. 8)

4.3 Marketing Restrictions (Part II.G)

VASPs may not claim that services involve “staking rewards” unless rewards actually originate from protocol-level staking.
(Part II.G, p. 8)

Industry implication:
VARA explicitly targets misleading yield products, aligning with global regulators’ crackdown on disguised lending/hypothecation schemes marketed as “staking”.

5. Management, Execution, and Risk Practices

5.1 Best-Interest Duty (Part II.H)

VASPs must always act in the best interests of clients, considering:

  • Price
  • Costs
  • Execution and settlement likelihood
  • Custody conditions
  • Speed
  • Suitability
    (Part II.H, p. 9)

5.2 Order Handling (Part II.I)

VASPs must:

  • Establish procedures ensuring prompt and correct transmission of instructions.
  • Not receive benefits or kickbacks for routing orders unless disclosed and consented to.
  • Not misuse client information.
    (Part II.I, p. 9)

5.3 Risk Management & Due Diligence (Part II.J)

  • Must monitor liquidity and market risk regularly.
  • Independent third-party audits of risk management are required.
    (Part II.J, p. 9)

Practitioner insight:
These requirements mirror capital markets standards (MiFID II, SEC custody rules) but adapted to the unique volatility and liquidity dynamics of crypto markets.

6. Contractual Requirements — Client Agreements (Part II.K)

Client Agreements must explicitly cover:

  • Identification of all Virtual Assets in scope.
  • Rights of the VASP, client, and third parties (including staking scenarios).
  • How proceeds are calculated, varied, and paid.
  • Whether client assets are held on their behalf or otherwise.
  • Full informed consent for use of client assets.
  • Client withdrawal rights.
  • Detailed risk statements, including likelihood and severity of loss.
  • Termination rights and consequences.
  • Value fluctuation terms.
  • Default events and consequences.
  • Complaints procedures.
  • Whether the VASP receives execution-related remuneration.
    (Part II.K, pp. 10–11)

What this means in practice

Client Agreements become core compliance artifacts, functioning similarly to investment management agreements (IMAs) in traditional finance, but with additional VA-specific risk disclosures and asset treatment clauses.

Key Takeaways for Financial Practitioners in Dubai

1. VARA is setting a global benchmark for investor protection in virtual assets

The Rulebook aligns crypto investment activity with standards seen in asset management and securities regulation.

2. Client asset segregation and explicit consent are foundational

Practitioners must design non-commingled custody, seek consistent informed consent, and avoid any implicit use of client assets.

3. Suitability, transparency, and independent valuation are mandatory

Firms must adopt frameworks similar to MiFID II / FCA suitability, but tailored to crypto markets’ characteristics.

4. Marketing is heavily controlled—no implied yield, no misleading “staking” claims

This mitigates systemic risk and protects retail and institutional investors from disguised lending products.

5. Strong risk management with third-party audits is required

This is a significant operational obligation, especially for firms accustomed to lightly regulated crypto environments.

6. Dubai positions itself as an institutional-grade jurisdiction for VA investment management

The Rulebook reflects VARA’s strategic intent: to attract global financial institutions by offering regulatory clarity and high standards.

Dr. Nick
Dr. Nick

Related articles

spot_img

Recent articles

spot_img
Premium Content

© Newspaper WordPress Theme by TagDiv