At a glance: cryptoassets for investment and financing in Cyprus

Cryptoassets for investment and financing

Regulatory threshold

What attributes do the regulators consider in determining whether a cryptoasset is subject to regulation under the laws in your jurisdiction?

The Cyprus Securities and Exchange Commission (CySEC) applies a ‘technology neutral approach’ in determining the ambit of regulation. In effect, the categorisation of the cryptoassets will determine the regulatory parameter. The determination of whether a cryptoasset will be subject to regulation depends on the classification of the cryptoasset pursuant to its characteristics. For the classification of cryptoassets in Cyprus, the relevant authorities use as reference the provisions of Markets in Crypto-Assets Regulation (MiCA), in relation to the classification of cryptoassets as asset-reference tokens, e-money tokens and utility tokens. Further, the European Securities and Exchange Commission (ESMA) has also issued relevant guidelines on the classification of cryptoassets as financial instruments, which CySEC has also adopted.

A cryptoasset qualifying as a financial instrument will be subject to financial instrument laws, whereas a cryptoasset not qualifying as a financial instrument will be excluded from the scope of application of such legislation. Following that, and through the method of exclusion, the classification of other cryptoassets will take place.

Investor classification

How are investors in cryptoassets classified and treated differently?

There is no bespoke definition or specific classification of investors of cryptoassets under the Cyprus regulatory regime. MiCAR, which is directly applicable in Cyprus, refers to 'qualified investors', linking to the definition under MiFID II as guidance.

Initial coin offerings

What rules and restrictions govern the conduct of, and investment in, initial coin offerings (ICOs)?

The rules governing initial coin offerings (ICOs) vary depending on the cryptoasset being offered. Under MiCAR, any entity conducting an ICO must first determine the classification of the token as an ART, an EMT or other cryptoasset to apply the relevant regulatory rules. Issuers of ARTs and EMTs must obtain authorisation from CySEC and meet prudential, governance, and consumer-protection requirements, including capital, reserve, and safeguarding rules. All issuers offering cryptoassets to the public or seeking admission to trading must prepare and publish a MiCAR- compliant white paper containing detailed information on the project, rights, risks, technology, and issuer, and must notify CySEC before publication. Additionally, issuers and intermediaries must comply with anti-money laundering (AML) and know-your-customer (KYC) obligations under Cypriot law, ensure fair marketing, prevent market abuse, and safeguard investors’ funds.

The issuance of cryptoassets classified as utility tokens, meaning that the cryptoasset intends to provide access to a good or a service supplied by the issuer, is not subject to an authorisation procedure. However, before the offering to the public, the issuer must follow a notification procedure with CySEC, disclosing the white paper in accordance with the provisions of MiCAR. Similar to offerors of ARTs and EMTs, the white paper should contain detailed information about the project, the rights attached to the token, relevant risks, among others. The issuer must ensure that all marketing communications are fair, clear and not misleading and consistent with the white paper.

An entity, when launching an ICO, should, among others, consider very carefully:

whether tokens issued are considered securities or financial instruments under MiFID II and generally MiFID II compliance;
whether it falls within the provisions of the Prospectus Directive;
whether it may qualify as a licensed investment scheme;
whether it complies with legislation on AML and GDPR; and
any possible tax implications for the parties involved.

Security token offerings

What rules and restrictions govern the conduct of, and investment in, security token offerings (STOs)?

Security tokens are considered financial instruments. Depending on the nature of the financial instrument represented by the security token, any entity that offers security tokens will be subject to any of the following legislation:

the Investment Services and Activities and Regulated Markets Law of 2017 (implementing the European Union MiFID II Directive);
the Alternative Investments Funds Law of 2018;
the Prospectus Law; and
the Crowdfunding Rules.

Stablecoins

What rules and restrictions govern the issue of, and investment in, stablecoins?

MiCAR introduced rules on stablecoins, categorised either as ARTs or EMTs, with specific rules regarding their authorisation, governance and consumer protection.

Under MiCAR, EMTs are defined as cryptoassets that purport to maintain a stable value by referencing the value of one official currency. Only credit institutions and electronic money institutions authorised in the EU may issue EMTs, subject to the supervision of the Central Bank of Cyprus. Issuers must obtain prior authorisation, maintain reserves, and guarantee redemption at par value at any time. An approved white paper must be published before any public offering, and marketing must be clear and not misleading. EMT issuers are also bound by capital, governance, AML/KYC, and conduct-of-business rules, and significant EMTs face enhanced oversight by the European Banking Authority (EBA).

ARTs are defined as cryptoassets that are not electronic money tokens and that purport to maintain a stable value by referencing another value or right or a combination thereof, including one or more official currencies. Issuers must be EU-established entities and obtain authorisation from CySEC before issuance. They must publish an approved white paper, ensure adequate and segregated reserve assets, maintain sufficient own funds, and implement robust governance, risk management, and redemption procedures. Holders have a right to redeem their tokens based on the value of the underlying reserve.

Airdrops

Are cryptoassets distributed by airdrop treated differently than other types of offering mechanisms?

The law does not differentiate between rules on the treatment of cryptoassets distributed by airdrop and those on cryptoassets distributed by other types of offering mechanisms.

Advertising and marketing

What laws and regulations govern the advertising and marketing of cryptoassets used for investment and financing?

Cryptoassets that are classed as financial instruments (eg, shares and bonds) will be subject to specific rules governing the issuance and marketing of financial instruments. In effect, the rules under the Investment Services Law, the Prospectus Regulation and the Crowdfunding Rules may be applicable in respect of advertising and marketing during the offering of cryptoassets that are qualified as financial instruments.

All advertising and marketing of cryptoassets falling under MiCAR, used for investment or financing, must be clearly identifiable, with fair, clear, and not misleading information in the marketing communication, and must remain consistent with the information contained in the white paper. For the offering of utility tokens, the marketing communication should clearly indicate that it has not been reviewed or approved by any competent authorities; however, the issuer has the obligation to notify the marketing material to the competent authorities in Cyprus, being CySEC.

For ARTs and EMTs, marketing communications must be clearly identifiable, fair, clear, not misleading and consistent with the white paper. Further, the marketing communications should indicate that a white paper has been published and indicate the issuer’s website address and contact details. In addition, the communication must contain a clear statement that the holder of ARTs and EMTs have the right to redeem their tokens against the issuer at any time. The issuer should notify the marketing material to CySEC, upon their request; however, there is no obligation for their prior approval.

Trading restrictions

Are investors in an ICO/STO/stablecoin subject to any restrictions on their trading after the initial offering?

In the absence of a specific regulatory framework on the trading of cryptoassets after the initial offering, investors should follow the developments and have access to the circulars issued by the responsible authorities (CySEC and the Central Bank of Cyprus). The trading restrictions on the secondary market depend on the rules of the operation of the relevant trading platform.

Crowdfunding

How are crowdfunding and cryptoasset offerings treated differently under the law?

Crowdfunding and cryptoasset offerings are treated differently in Cyprus.

Crowdfunding in Cyprus is regulated under the EU Regulation 2020/1503 on European crowdfunding service providers for business and the Crowdfunding Directive issued by CySEC.

According to the provisions of the Crowdfunding Rules and the EU Regulation on the provision of crowdfunding services, crowdfunding service providers must obtain a licence prior to the provision of their services.

Transfer agents and share registrars

What laws and regulations govern cryptoasset transfer agents and share registrars?

Under MiCAR, there is no separate regulatory category for cryptoasset transfer agents or share registrars. Instead, entities performing similar functions, such as maintaining ownership records, facilitating transfers, or administering token holdings, are classified as CASPs. These providers must be authorised by CySEC and comply with MiCAR’s rules on safekeeping, segregation of client assets, governance, and AML/KYC obligations.

Anti-money laundering and know-your-customer compliance

What anti-money laundering (AML) and know-your-customer (KYC) requirements and guidelines apply to the offering of cryptoassets?

CASPs are classified as obliged entities under the AML Law to perform customer due diligence when they carry out an individual transaction amounting to or exceeding €1,000, regardless of whether the transaction is carried out with a single transaction or with several connected transactions.

Further, during the offering of cryptoassets and at all times, the obliged entities must:

establish know- your- client checks and other due diligence measures;
maintain a record of clients;
monitor transactions and report suspicious transactions to the authorities; and
establish sufficient policies and procedures for risk management and other relevant obligations.

Sanctions and Financial Action Task Force compliance

What laws and regulations apply in the context of cryptoassets to enforce government sanctions, anti-terrorism financing principles, and Financial Action Task Force (FATF) standards?

Obliged entities must comply with the provisions of the AML Law and the guidelines issued by CySEC, the Central Bank of Cyprus and the Cyprus Bar Association.

Register now for your free, tailored, daily legal newsfeed service.

At a glance: cryptoassets for investment and financing in Cyprus

Filed under

Popular articles from this firm

Force majeure clauses in times of geopolitical uncertainty *

Cyprus adopts stricter withholding tax rules on outbound payments to low-tax & non-cooperative jurisdictions *

Cyprus VAT: Important Amendments to the VAT Treatment of Immovable Property (Effective 1 September 2026) *

The Management and Control Test Taxation of Cyprus and Foreign Companies *

Understanding stamp duty law in Cyprus: a comprehensive overview *

Professional development

Related practical resources PRO

Related research hubs

Cyprus

Banking

IT & Data Protection