DLT Provider Guidance Notes

The purpose of this guidance note is to provide a DLT Provider, as defined in the Financial Services (Distributed Ledger Technology Providers) Regulations 2017 (the DLT Regulations), with guidance as to the operational, technical and organisational standards expected and in some circumstances required by the GFSC.

2. Customer Care

This guidance note is specifically in respect of the regulatory principle under paragraph 2 of Schedule 2 of the DLT Regulations (the Regulatory Principle).

The Regulatory Principle states that “A DLT provider must pay due regard to the interests and needs of each and all its customers and must communicate with its customers in a way which is fair, clear and not misleading”.

This document should be read as interpretative guidance for a DLT Provider and the examples contained in this document should be noted as indicative of good practice by a DLT Provider in connection with the Regulatory Principle.

A DLT Provider should note that the GFSC will take this document into account when reviewing a DLT Provider’s practices. The operational standards expected and required by the GFSC of a DLT Provider will vary depending on the size, particular nature, scale or complexity of the DLT Provider’s business.

Customer Care

A DLT Provider will be expected to devote as much time and consideration to protecting customers’ interests as to their own, and dedicate sufficient resources necessary to protect customers. A DLT Provider will need to apply best endeavours to mitigate any risks to its customers associated with the use of DLT and employ best practices in the operation of its business.

Conflicts of Interest

A DLT Provider should take all reasonable steps to identify and avoid where possible or manage potential conflicts of interest that may arise within its business.

For the purposes of identifying the types of conflicts of interest, DLT Providers may take into account whether a person is directly or indirectly linked by way of control to the DLT Provider. Such examples include situations where a person:

  • is likely to make a financial gain, or avoid a financial loss, at the expense of the DLT Provider’s customers; or
  • has an interest in the outcome of a service or an activity provided to the DLT Provider.

Examples of potential conflicts of interest include:

  • the employment of an individual or company that provides a specific service to the DLT Provider;
  • providing a service to a connected person;
  • providing a service to existing customers who are competitors and, or service providers;
  • acceptance or giving of gifts;
  • situations where value (as defined in the DLT Regulations) can be controlled or fixed by the DLT Provider by restricting its supply to the market; and
  • contingency fee arrangements.

A DLT Provider should maintain and operate effective, organisational, administrative arrangements with a view to preventing, managing and monitoring conflicts of interest.

Examples of ways in which a DLT Provider can maintain good conflicts of interests processes include:

  • the preparation of a conflicts of interest policy which clearly sets out to all directors, officers, managers and key members of staff where potential conflicts of interest may arise and how they should be managed;
  • the appointment of an individual director/manager (or committee depending on the size of the DLT Provider) with specific responsibility for assessing the nature and risk of a conflict (as it arises) and thereafter ultimately ensuring that suitable steps are taken to avoid such a conflict or where not possible to avoid the conflict, that it be managed so as to not prejudice the customers;
  • the segregation of responsibilities with key management staff. This would be indicative of maintaining effective technical and operating standards for the preventing, managing and monitoring of conflicts of interest;
  • the removal of any direct link between the remuneration of a relevant person engaged in one particular activity; and
  • preventing individuals from exercising inappropriate influence.

Disclosure & Communication

A DLT Provider must disclose information to its customers which may impact and/or be of material significance to its customers.

All communications made by a DLT Provider to its customers shall be:

  • accurate, concise and not misleading;
  • sufficient for, and presented in a way that can be understood by the group to which it is directed; and
  • made within a reasonable timeframe.

Examples of information which a DLT Provider should make clear to its customers include:

  • the DLT Provider’s standard terms and conditions;
  • what part of the DLT Provider’s services are regulated and the standards applicable to the regulated activity;
  • when a DLT Provider is providing an ancillary unregulated service to that which it is licensed to provide, to inform customers that that particular service is not regulated;
  • the DLT Provider’s fees (including any changes to those fees, the manner in which fees can be varied and any associated or indirect costs);
  • the process of transfer of the DLT Provider (or the DLT Provider’s business) as a going concern to a third party (and provide details of that third party);
  • potential and actual conflicts of interest;
  • information on the actual DLT system/network used, its nature and any inherent risks involved in the technology generally and in the specific system/network used (e.g. in the dependency on third party or open source software and networks or on protocols subject to independent consensus mechanisms); and
  • material changes in connection with the actual service provided by the DLT Provider which may affect customers (including instances where the DLT has been compromised).

Complaints Handling

A complaint is an expression of dissatisfaction from a customer irrespective of whether it is justified or not in respect of, specifically, the services provided to it by the DLT Provider.

A DLT Provider should establish a procedure to ensure that any complaints are resolved as quickly as possible and, where necessary, trigger an internal review into the quality of service being provided and whether or not it can be improved.

A DLT Provider will be expected to establish a written complaints procedure which is to be communicated to all staff.

Examples of ways in which a DLT Provider can maintain good complaints handling processes include:

  • the assignment of responsibility of complaints handling to a director/manager (or committee depending on the size of the DLT Provider);
  • the establishment of means by which customers may make a complaint. This should be user friendly and easily accessible to all customers;
  • the review and action of complaints promptly upon receipt; and
  • regularly advising complainants of the progress and outcome of any complaints.

Record Keeping

In accordance with the law of Gibraltar, a DLT Provider shall:

  • keep and maintain records of all customer information and data In a secure manner;
  • record all transfers and receipts made by its customers; and
  • keep a record of all interactions with its customers including all agreements entered into.

Marketing and Advertising

A DLT Provider that issues an advertisement concerning its business or the goods and services it provides should ensure that:

  • the advertisement identifies the DLT Provider as the issuer; and
  • the contents and presentation of the advertisement are demonstrably fair and not misleading.

A DLT Provider that becomes aware of any marketing or advertising material issued on behalf of, or in relation to any products or services provided by, the DLT Provider, that may be misleading and, or detrimental to Gibraltar’s reputation as a financial centre, should report the matter to the GFSC immediately.