54 CAYMAN FUNDS | 2019
and balances and controls mean that the risk of money laundering is
greatly reduced. It also means that there has been no pressing need
for additional legislation. He notes that Cayman has considered this
option but is watching and waiting to see how regulators in other
jurisdictions choose to treat this form of investment generally.
Key to this will be the US Securities and Exchange Commission
(SEC), which is expected to detail how it plans to treat various types
of ICOs and security token offerings (STOs) from a US securities
regulation perspective. This could be pivotal in determining how the
sector might develop and grow in the future.
“The market is hopeful that the SEC will make some sort of positive
decision soon—maybe by July,” Inggs says. “There are still big
question marks around how the SEC plans to treat ICOs, in particular
whether a distinction will be drawn between STOs and ICOs or socalled
‘utility tokens’ for securities law purposes.
“The fact is, if the SEC’s comments are favourable, we can expect
to see a very bullish reaction by the sector and more capital-raising; if
not, it could stymie its development.”
He notes another key challenge the sector must solve around the
security of these digital investments is who holds the assets, where
and in what form.
“In no other investment-related sector is cyber risk more important
and more pertinent than in this one—these are digital assets and that
is another complex layer of challenges for these funds to navigate and
for fund directors and administrators to carefully consider,” he says.
“The whole issue of the custody of these assets, and how secure
they are, is a big question right now. There are some bespoke
custody solutions on offer but that also complicates the issue of
how accessible they are and thus how easily and flexibly they can be
accessed for trading, but the issue of cybersecurity is a big item for
anyone involved in these funds to consider (see box).
“You need to consider potential brokerage, custody and storage of
“Certain cryptocurrencies will have to be traded and held in
exchange accounts and important considerations for directors and
managers should be placed on where and how these are transferred
to offline (cold) storage.
“Who then has access to the cold storage devices and who has set
them up? Where are the recovery phrases kept? Will the fund use
multi-signature wallets and who are the signatories for these wallets?
What exchanges is the fund exposed to?”
Despite the rapid growth of this sector on Cayman, Inggs adds,
there seems to be a number of investors and other service providers
waiting in the wings for further clarity on a number of issues from
regulatory issues to digital asset security. This means that as these
issues are resolved and greater certainty is gained, he expects the
sector to grow further.
“We are beginning to see more of the established investment
managers seriously looking at this sector. This is just the start,”
Sean Inggs is a professional
independent director at
International Management Services
(IMS). He can be contacted at:
on this basis with the vast majority of these funds accepting only
Bitcoin or Ethereum.
Sources of funds behind cryptocurrencies such as Bitcoin and
Ethereum are easier to trace than say, Monero or Zcash, and typically
these types of funds will accept and deal in the former without issue
but within the existing regulatory laws and subject always to the
vetting and know-your-customer (KYC) requirements and undertakings
within the fund documents.
Following the rules
Inggs stresses that the Islands’ adherence to the existing antimoney
laundering regime and KYC legal requirements ensures
that compliant cryptocurrency funds are as legitimate as any other
compliant investment funds.
“The legal regime sets the parameters; these investor proceeds and
fund investments are not untraceable; any reputable investment fund
documents should require the investor to make certain disclosures
around the source of the funds in the same way you would expect for
a fiat currency-derived fund,” he explains.
“In most cases you actually go through a few extra hoops in vetting
investors and source of funds by, for example, detailing the wallet
addresses that hold the currencies and remitting proceeds back to
investors to the same wallet address which has been associated with
a particular investor.”
Inggs asserts that for an independent board member, such checks
Inggs stresses that the issue of cybersecurity should be central to
every agenda for fund directors. He says that directors must seek
either assurance that a robust cyber risk governance framework
will be put in place for an investment fund, or seek help to
“The positives here are many: a fund will see improved decisionmaking
processes, which will lead to better service development
while at the same time providing more comprehensive assurance
that risks are being identified, quantified, managed and mitigated,”
When it comes to cryptocurrencies specifically, he says, the
issue of cybersecurity should be raised and addressed at every
relevant board meeting. “You need to be asking the right questions
and asking for reports,” he says.
“Has the fund suffered any cyber breaches? Have any of the
fund’s service providers suffered cyber breaches? If so, what
steps were taken following the breach? How is the fund executing
documents and is it using DocuSign or other browser signing
programmes? Are documents password-protected?
“Many of our clients already engage cybersecurity professionals,
be they third party cybersecurity firms or staff in-house. This
increased oversight is part of a wider trend of alternative fund
managers embracing regulatory compliance and corporate
governance more completely. They recognise the value of having
independent board directors in place as the risks facing investment
funds continue to grow.
“Prospective investors should also be committing some time
to this subject as part of their due diligence processes. Investors
should be asking questions around what policies the manager has
in place or will have in place, what the manager’s disaster recovery
plans are, and so on. Having written policies and procedures is