The Cayman VASP Framework: Where It Stands
The Cayman Islands introduced its Virtual Asset (Service Providers) Act in 2020, giving CIMA authority to regulate entities conducting virtual asset services — including exchange, issuance, custody, and operation of virtual asset trading platforms. The initial implementation was phased, with existing businesses given a transition window to register. By 2024, the Cayman VASP registry had grown to over 300 registered entities, and CIMA had begun enforcing compliance with the full suite of requirements including AML obligations, annual filing requirements, and substance standards that closely parallel the existing economic substance framework.
For CSPs, this matters because many of the entities on the VASP registry require exactly the same corporate administration services as any other Cayman entity: registered office, corporate secretarial services, director services, and annual compliance filing. But serving a VASP client is not identical to serving a conventional holding company. The regulatory overlay is different, the AML exposure is higher, and the documentation requirements are more intensive.
What Makes VASP Administration Different for CSPs
Enhanced Due Diligence Obligations
A CSP providing registered agent or director services to a Cayman VASP entity is providing services to a regulated entity. CIMA expects that registered agents and corporate directors understand the nature of the business they are facilitating. This means your standard CDD process is insufficient for VASP clients. You need to understand the specific virtual assets or services involved, the geographic markets served, the counterparty profile (are they primarily serving retail or institutional customers?), and the AML controls the VASP itself has in place.
In practice, this means an enhanced onboarding questionnaire for VASP clients, review of their own AML/KYC policies and procedures, and an ongoing monitoring programme that assesses whether the VASP's risk profile has changed — which it can do rapidly in the digital asset sector.
Annual Filing and Reporting
VASP entities registered with CIMA must file annual financial statements and a compliance declaration confirming ongoing adherence to the VA Act requirements. These filings are in addition to the standard Cayman annual return and economic substance declaration requirements. CSPs administering VASP entities need to track these additional deadlines and ensure the client provides the necessary compliance information to support accurate filings.
The Director Services Question
Providing director services to a VASP entity requires careful consideration. A professional director serving on the board of a registered VASP has governance responsibilities that include oversight of the VASP's AML programme, compliance with CIMA's conduct standards, and understanding of the virtual asset activities being conducted. A director who does not understand virtual assets — who is simply providing a name for the register — is exposed to personal regulatory risk if CIMA finds that governance standards have not been met.
"CSPs need to make a deliberate decision about whether they are willing to provide director services to VASP entities, and if so, whether their nominated directors have the competency to discharge those governance responsibilities appropriately."
Practical Steps for CSPs with VASP Clients
If you currently provide services to VASP entities or are considering onboarding them, the following steps are essential:
- Review your risk appetite: Determine whether VASP clients fall within your firm's risk appetite, given the enhanced AML obligations and the sector's inherent higher-risk profile.
- Develop a VASP-specific onboarding questionnaire: Standard CDD forms are not sufficient. You need questions that address the specific regulatory status, business model, and AML controls of the VASP entity.
- Track VASP-specific filing deadlines: Add the CIMA VASP annual filing deadlines to your compliance calendar for every relevant entity. These are in addition to, not instead of, standard Cayman compliance filings.
- Assess director competency: If you provide director services to VASP entities, ensure your nominated directors have appropriate digital asset knowledge and are comfortable with the governance responsibilities involved.
- Monitor regulatory developments: The VASP framework is still evolving. CIMA has signalled further guidance on conduct standards, and the sector's risk profile continues to change as markets develop.
VASP clients present a genuinely different risk profile from conventional corporate clients. Before onboarding VASP entities, CSPs should ensure their risk committee has formally considered and approved the VASP client category, with appropriate enhanced due diligence procedures and monitoring programmes in place.
The Economic Substance Intersection
As noted in our BVI article on the 2026 economic substance amendments, digital asset business has been added as a relevant activity in BVI. The same logic applies in Cayman: VASP entities that are undertaking virtual asset services may now be subject to the Cayman economic substance requirements if those services constitute a relevant activity. CSPs need to assess each VASP entity against both the VASP framework and the economic substance framework — two overlapping compliance regimes with their own filing deadlines and documentation requirements.