2.3. Governance
2.3.1. Mandatory appointments
(1) A Digital Asset Trading Facility Operator must make the following appointments:
(a) Senior Executive Officer;
(b) Finance Officer;
(c) Compliance Officer; and
(d) Money Laundering Reporting Officer.
(2) A Digital Asset Trading Facility Operator must appoint a Chief Information Technology Officer, who is an individual responsible for its ongoing information technology (“IT”) operations, maintenance and security oversight, and for ensuring that the Digital Asset Trading Facility Operator’s IT systems are reliable and adequately protected from external attack or incident.
(3) AFSA may direct a Digital Asset Trading Facility Operator to appoint a Risk Manager.
(4) A person may not combine two roles specified in (1) unless the Digital Asset Trading Facility Operator obtains the AFSA’s written approval.
2.3.2. Board of Directors of a Digital Asset Trading Facility Operator
(1) A Digital Asset Trading Facility Operator must have an effective Board of Directors which is collectively accountable for ensuring that the Digital Asset Trading Facility Operator’s business is managed prudently and soundly. At least one-third of the Board of Directors should comprise independent Directors.
Note: Rule 2.3.2(1) will come into force 12 months after the commencement of these Rules.
(2) The AFSA may issue guidance on the requirements relating to Board composition, structure, duties and powers as well as skills, experience and qualifications of Directors, and other relevant requirements.
(3) The Board must ensure that there is a clear division between its responsibility for setting the strategic aims and undertaking the oversight of the Digital Asset Trading Facility Operator and the senior management’s responsibility for managing the Digital Asset Trading Facility Operator’s business in accordance with the strategic aims and risk parameters set by the Board.
(4) The Board and its committees must have an appropriate balance of skills, experience, independence, and knowledge of the Digital Asset Trading Facility Operator’s business, and adequate resources, including access to expertise as required and timely and comprehensive information relating to the affairs of the Digital Asset Trading Facility Operator.
(5) The Board must ensure that the Digital Asset Trading Facility Operator has an adequate, effective, well-defined and well-integrated risk management, internal control and compliance framework.
(6) The Board must ensure that the rights of shareholders are properly safeguarded through appropriate measures that enable the shareholders to exercise their rights effectively, promote effective dialogue with shareholders and other key stakeholders as appropriate, and prevent any abuse or oppression of minority shareholders.
(7) The Board must ensure that the Digital Asset Trading Facility Operator’s financial and other reports present an accurate, balanced and understandable assessment of the Digital Asset Trading Facility Operator’s financial position and prospects by ensuring that there are effective internal risk control and reporting requirements.
(8) A Director of the Digital Asset Trading Facility Operator must act:
(a) on a fully informed basis;
(b) in good faith;
(c) honestly;
(d) with due skill, care and diligence; and
(e) in the best interests of the Digital Asset Trading Facility Operator and its shareholders and Clients.