The Hong Kong government has entered a new phase in digital asset development with the release of its ‘Policy Declaration on Virtual Asset Development 2.0’. The Financial Services and Treasury Bureau (FSTB) and Securities and Futures Commission (SFC) have jointly issued a consultation paper proposing a licensing regime for virtual asset trading and custodial service providers, with a two-month public consultation period ending August 29.
The proposed framework defines digital asset custody services as encompassing two key scenarios: 1) holding virtual assets for clients as part of business operations, and 2) managing transfer tools including private keys. This regulatory scope primarily targets custodial wallet service providers that control client assets or possess transfer capabilities.
Three main custody models fall under the proposed regulation:
1. Centralized custodial services (e.g., exchanges holding client assets)
2. Third-party institutional custody services
3. Private key management services
Licensed custodians would need to meet stringent requirements including:
– Fit and proper assessments for management
– Minimum capital requirements
– Robust cybersecurity measures
– Strict client asset segregation
– Comprehensive risk management frameworks
– AML/CFT compliance
– Potential insurance arrangements
Hong Kong’s regulatory architecture adopts a dual-layer approach:
– SFC as standard-setter for licensed custodians
– HKMA as frontline regulator for banks and stored value facilities
The framework maintains the ‘same business, same risks, same rules’ principle while preserving individual self-custody rights. Notably, the consultation seeks public input on emerging models like MPC-based self-custody services, demonstrating regulators’ technical awareness.
For self-custody providers navigating this evolving landscape, the article recommends:
1. Obtaining international certifications (ISO 27001, SOC 2)
2. Implementing advanced security technologies (MPC, TEE)
3. Maintaining transparent, auditable operations
4. Developing compliance-oriented architectures
The piece draws parallels with Singapore’s regulatory approach under its Payment Services Act, noting similar emphasis on client asset protection, AML compliance, and technological security. Both jurisdictions focus regulation on custodians holding client assets rather than self-custody solutions.
This legislative initiative represents a strategic move to solidify Hong Kong’s position as a global virtual asset hub, with clear regulations expected to drive innovation in custody services while enhancing compliance standards. Institutional-grade custody solutions are poised for significant growth in this regulated environment.
References include consultation documents from HKMA, FSTB, and SFC regarding stablecoin regulation and virtual asset custody frameworks.
