Crypto assets are not currently a financial product. While not illegal, there is no dedicated legal framework governing the use of crypto-assets and the provision of services related to them. There is ongoing work being conducted by the authorities to bring crypto assets within the regulatory purview. The Intergovernmental Fintech Working Group (“IFWG”) comprising of the Financial Sector Conduct Authority (“FSCA”), the National Credit Regulator, the National Treasury, the South African Reserve Bank (“SARB”) and the South African Revenue Service (“SARS”) have released a number of position papers on crypto assets, outlining various use cases and recommendations for the future legislative accommodation of crypto assets.  Upon reading these position papers it is evident that there are several steps to take and legislative areas to cover in the regulation of crypto assets. This then begs the question- which legislative change will be implemented first?

Crypto Assets as Financial Products

In a pre-recorded webinar hosted by PSG Konsult on 12 July 2022 (“PSG Webinar”), the deputy governor of the SARB, Kuben Naidoo (“Naidoo”), confirmed that the declaration of crypto assets as a financial product would be the first regulatory step to take effect. This follows from the FSCA’s draft declaration, published on 20 November 2020 (“Draft Declaration”), proposing to include “crypto assets” as part of the definition of “financial product” under the Financial Advisory and Intermediary Services Act 38 of 2002, as amended (“FAIS Act”).

Defining Crypto Assets

The Draft Declaration provides a much-needed definition of crypto assets, which serves as a point of departure for its further inclusion and interpretation within the regulatory space. It defines “crypto assets” as:

“any digital representation of value that can be digitally traded, or transferred, and can be used for payment or investment purposes, but excluding digital representations of fiat currencies or securities that already fall within the definition of financial product”

This definition is quite broad and, as it does not refer to cryptography or distributed ledger technology, it does not limit crypto assets to the blockchain network. Notably, the term “crypto assets” is used, as opposed to “cryptocurrencies”, aligning with the IFWG’s position that crypto assets are not currencies and are not recognised as form of legal tender in South Africa. The term crypto assets also aligns with SARS’ tax treatment thereof, as crypto assets are viewed as intangible assets as opposed to currencies for tax purposes. You can read more about tax on crypto assets here.

But what are the implications of defining crypto assets as a “financial product”?

Most entities offering services within the financial sector are required to be licensed with the FSCA. Section 7 of the FAIS Act provides that a person may only act or offer to act as a financial services provider if licensed in terms of the FAIS Act.  The FAIS Act defines a “financial services provider” as a person who, as a regular feature of their business, furnishes advice and/or renders an intermediary service in connection with a financial product/s.  An intermediary service is specifically defined as “any act other than the furnishing of advice, performed by a person-

(a) the result of which is that a client may enter into, offers to enter into or enters into any transaction in respect of a financial product; or

(b) with a view to—

(i) buying, selling or otherwise dealing in (whether on a discretionary or non-discretionary basis), managing, administering, keeping in safe custody, maintaining or servicing a financial product;

(ii) collecting or accounting for premiums or other moneys payable by the client in respect of a financial product; or

(iii) receiving, submitting or processing the claims of a client in respect of a financial product”  

Therefore, if crypto assets were to be defined as “financial products”, persons furnishing advice and/or rendering “intermediary services” in connection with crypto assets (“Crypto Asset Service Providers”) would need to be licensed by the FSCA. This would include:  intermediaries that sell crypto assets to clients; entities that advise clients on crypto-related investments; platforms offering interest-earning crypto “accounts” to clients; and entities providing custody for crypto assets such as crypto wallet service providers and service providers offering cold storage solutions.

Once licensed, these Crypto Asset Service Providers (also referred to as ‘CASPS’ in foreign jurisdictions) would need to comply with the requirements set out in the FAIS Act; including making relevant disclosures to their clients, using qualified advisors to provide their services, maintaining sufficient compliance, and maintaining full and proper accounting records and audited annual financial statements. In essence, licensing would require Crypto Asset Service Providers to be more transparent and accountable to clients.

A further impact of declaring of crypto assets as financial products in terms of the FAIS Act, is that Crypto Asset Service Providers would be considered “accountable institutions” in terms of the Financial Intelligence Centre Act 38 of 2001, as amended.  This would require them to have appropriate client due diligence (KYC) procedures in place and to report any suspicious transactions to the relevant authority in order prevent money laundering and other illicit activities.

Rationale for Draft Declaration

In its statement in support of the draft declaration, the FSCA states that crypto assets have similar features to other financial products, such as acting as a commodity or a means of payment or acting like a security – which is why it can easily be catered for within the provisions of the FAIS Act. However, the FSCA acknowledges that, due to its digital nature, crypto assets are different to other financial products and that the declaration of crypto assets as financial products is only an interim measure to “address some of the immediate consumer risks” in an “expeditious manner”. There are still a range of legislative changes that need to be implemented in order to address the full array of areas which crypto assets impact.

When can we expect implementation?

The declaration of crypto assets as financial products is a long-awaited legislative update. While there is no clear deadline for the implementation of the terms contained in the Draft Declaration, during the PSG Webinar, Naidoo indicated that it should take the regulators around 12 to 18 months to implement the changes – putting the date for regulation of crypto assets as financial products at early 2024 at best.

Given that crypto assets are not currently a financial product, governed by clear laws, if you or your business are considering offering crypto-related products it is advisable that you take legal advice so that when regulation is enacted, your business is still viable. Contact us today and let’s see how we can help you.

About the author

Mikayla joined Dunsters as a candidate attorney in 2020 and is currently in her second year of articles. She is an alumni of Stellenbosch University where she obtained her BA(Law), LLB and LLM degrees. While completing her LLM she obtained practical experience in the legal field and gained valuable insight into the plight of disadvantaged communities by working as a paralegal at the Stellenbosch University Law Clinic.

Mikayla enjoys general civil litigation and has a keen interest in Company and Tax Law. She particularly enjoys drafting civil pleadings as well as tailoring commercial contracts to suit each client’s unique goals.

In her time off, Mikayla enjoys taking long drives and frequenting outdoor markets.

We use cookies to analyse website usage and other technical information to improve the functionality of our website   View more
Cookies settings
Privacy & Cookie policy
Privacy & Cookies policy
Cookie name Active
This policy informs you how we will use your personal information, by using our services and/or website you consent to our use of your personal information for the purposes described herein.
    • Personal Information means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to, name and surname; identification number; physical address; contact information such as an email address and telephone number.
    • Data Subject means the person to whom personal information relates.
    • Responsible Party means a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing personal information.
    • Identification Information means information that can be used to identify the data subject.
    • Compliance Information means information that is needed by Dunsters Attorneys for us to be compliant with relevant laws including the Financial Intelligence Centre Act “FICA” and regulatory standards and government orders such as Anti-Money Laundering (AML), Know-Your-Client (KYC) and Counter-Terrorist Financing (CTF).
    • Communication Information includes all correspondence such as emails and messages.
    • Financial information means any information relating to payment of invoices, including but not limited to banking information and account details
  • We may collect website usage and other technical information such as details of your visits to our website through cookies and other tracking technologies. Cookies are small data files stored by your computer to help improve functionality or tailor information to provide visitors with more relevant pages.
  • The information we collect may include information provided to us through your initial correspondence, possibly including:
    • Name and Surname
    • Email address
    • Contact numbers; and/or
  • This may also include information that we may have requested, and you subsequently provided, including, but not limited to:
    • Compliance Information
    • Identification Information
    • Communication Information
    • Financial Information
    • Other Personal Information
  • Reasons for collection of your personal information will be explained to you when we collect/request the information. We may request certain personal information to comply with global industry regulatory standards, local regulatory standards or government orders.
  • You, the data subject, consent to our use of your information in line with this privacy policy and/or any terms of engagement you may sign with us. If you wish to revoke your consent, please email .
  • We acquire information from you directly, save where accessible from publicly available sources.
  • Information may be collected through various platforms, including:
    • Our onboarding process with you
    • Email engagement
    • Telephonic engagement
    • In-person engagement
    • Cookies
    • Your personal information may be collected and saved on our system for the following purposes:
      • To enable us to provide legal services.
      • To send news, updates and marketing information.
      • To review job applications.
      • To comply with legal requirements
    • Your personal information will not be used for the following purposes:
      • We will never use your personal information for direct marketing purposes without your consent (you may opt-out of our newsletter at any time)
      • We will never disclose your personal information to another third party without permission from yourself, unless it is required for fulfilment of our legal services or as mandated by law.
  • Right of the data subject under the POPI Act include, but are not limited to:
    • Having access to their recorded personal information
    • Requesting correction or amendment to their personal information and to have information corrected or amended
    • Requesting deletion or destruction of personal information from the responsible party’s system
    • Objecting to the processing of personal information
    • Submitting a complaint to the Regulator regarding the alleged interference with the protection of the personal information of any data subject or submitting a complaint to the Regulator (
    • Instituting civil proceedings regarding the alleged interference with the protection of their personal information.
  • We will retain your information for the period required by law.
  • Where we retain your contact information for any period other than may be prescribed by law, we retain this information to keep you updated of our various offerings and news. By not unsubscribing from newsletter, you consent to us retaining your personal information on our records indefinitely, for the purposes explained above, including, to keep you informed about news and updates pertaining to Dunsters Attorneys Inc.
  • We take reasonable technical and organisational measures to secure the integrity of your personal information and use accepted technological standards to prevent unauthorised access to or disclosure of your personal information, and protect your personal information from misuse, loss, alteration and destruction.
  • The measures that are taken in order to protect your personal information include:
    • Physical measures: access to physical copies of your information is controlled using strict protocol.
    • Electronic measures: firewalls and password protection
  • While we will take all reasonable steps to ensure the security of your data and personal information according to industry standards, it is not possible to guarantee the complete security of all information provided at all times.
  • We will notify you as soon as reasonably practicable of any breach of security, loss of or damage to your personal information.
  • Data subjects are responsible for taking reasonable precautions to safeguard their personal information.
  • Although we endeavour to ensure your information is as correct as possible, you are responsible for notifying us of any changes to your data or personal information in respect of the services provided and/or your account with us.
  • We will not be held liable for losses of any nature which are due to incorrect data or personal information provided by users in respect of the service provided.
  • We will not be held liable for any loss or damage arising from a security breach or disclosure of your personal information or data, to the maximum extent permitted by law.
  • We shall not be liable for any damage or interruptions caused by any computer viruses or other malicious code that may affect your computer or other equipment, or any phishing, spoofing or other attack.
  • If you suspect that your personal information has been compromised, or that there has been unauthorised use of your email address by any person, or any other violations to the security of the website, please contact us.
Save settings
Cookies settings