COB 14.3.3 COB 14.3.3(1) A Digital Wallet Service Provider must ensure that:(a) any DLT application it uses in Providing Custody of Investment Tokens is resilient, reliable and compatible with any relevant facility on which the Investment Tokens are traded or cleared;(b) it is able to clearly identify and segregate Investment Tokens belonging to different Clients; and(c) it has in place appropriate procedures to enable it to confirm Client instructions and transactions, maintain appropriate records and data relating to those instructions and transactions and to conduct a reconciliation of those transactions at appropriate intervals.(2) A Digital Wallet Service Provider must ensure that, in developing and using DLT applications and other technology to Provide Custody of Investment Tokens:(a) the architecture of any Digital Wallet used adequately addresses compatibility issues and associated risks;(b) the technology used and its associated procedures have adequate security measures (including cyber security) to enable the safe storage and transmission of data relating to the Investment Tokens;(c) the security and integrity of cryptographic keys are maintained through the use of that technology, taking into account the password protection and methods of encryption used;(d) there are adequate measures to address any risks specific to the methods of usage and storage of cryptographic keys (or their equivalent) available under the DLT application used; and(e) the technology is compatible with the procedures and protocols built into the Operating Rules, or equivalent procedures and protocols on any facility on which the Investment Tokens are traded or cleared or both traded and cleared.
COB 14.3.3 Guidance
Where an Authorised Firm that is a Digital Wallet Service Provider delegates any function to a Third Party Digital Wallet Service Provider, it must ensure that the delegate fully complies with the requirements of COB Rule 14.3.3. The outsourcing and delegation requirements of GEN Rule 5.3.21 and 5.3.22 will also apply to the Authorised Firm in those circumstances.
COB 14.3.4 COB 14.3.4
An ATS Operator that appoints a Third Party Digital Wallet Service Provider to Provide Custody of Investment Tokens traded on its facility, must ensure that the person is either:(a) an Authorised Firm appropriately authorised to be a Digital Wallet Service Provider; or(b) an entity that is regulated by a Financial Services Regulator to an equivalent level of regulation to that provided for under the DFSA regime for Providing Digital Wallet Services.
COB 14.3.4 Guidance
Where an ATS Operator appoints a non-DIFC firm regulated by a Financial Services Regulator, it must undertake sufficient due diligence to establish that the non-DIFC firm is subject to an equivalent level of regulation as under the DFSA regime in respect of that service.