Article 12 | Delegated Regulation 2025/305

Updated 10/05/2025

Metadata

In force

Initial Legal Act

Amendments

Article 12 - Delegated Regulation 2025/305

Article 12

Custody and administration policy

For the purposes of Article 62(2), point (m), of Regulation (EU) 2023/1114, applicants that intend to provide custody and administration of crypto-assets on behalf of clients shall provide to the competent authority all of the following information:

(a)

a description of the arrangements linked to the type of custody offered to clients, a copy of the applicant’s standard agreement for the custody and administration of crypto-assets on behalf of clients pursuant to Article 75(1) of Regulation (EU) 2023/1114and a copy of the summary of the custody policy made available to clients in accordance with Article 75(3) of Regulation (EU) 2023/1114;

(b)

the applicant’s custody and administration policy, including a description of identified sources of operational and ICT risks for the safekeeping and control of the crypto-assets or the means of access to the crypto-assets of clients, together with a description of:

(i)	the policies and procedures and a description of the arrangements to comply with Article 75(8) of Regulation (EU) 2023/1114;

(ii)	the policies and procedures, and a description of the systems and controls to manage operational and ICT risks, including where the custody and administration of crypto-assets on behalf of clients is outsourced to a third party;

(iii)

the policies and procedures relating to, and a description of, the systems ensuring the exercise of the rights attached to the crypto-assets by the clients;

(iv)	the procedures and a description of the systems ensuring the return of crypto-assets or the means of access to the clients;

(c)	information on how the crypto-assets and the means of access to the crypto-assets of the clients are identified;

(d)	information on arrangements to minimise the risk of loss of crypto-assets or of means of access to crypto-assets;

(e)

where the crypto-asset service provider has delegated the provision of custody and administration of crypto-assets on behalf of clients to a third-party:

(i)	information on the identity of any third-party providing the custody and administration of crypto-assets and its status in accordance with Article 59 or Article 60 of Regulation (EU) 2023/1114;

(ii)	a description of any functions relating to the custody and administration of crypto-assets delegated by the crypto-asset service provider, the list of any delegates and sub-delegates, as applicable, and any conflicts of interest that could arise from such a delegation;

(iii)

a description of how the applicant intends to supervise the delegations or sub-delegations.

Recitals Article 1 - General information Article 2 - Programme of operations Article 3 - Prudential requirements Article 4 - Information about governance arrangements and internal control mechanisms and conflict of interests Article 5 - Business continuity plan Article 6 - Detection and prevention of money laundering and terrorist financing Article 7 - Identity and proof of good repute, knowledge, skills and experience, and of sufficient time commitment of the members of the management body Article 8 - Information relating to shareholders or members with qualifying holdings Article 9 - ICT systems and related security arrangements Article 10 - Segregation and safekeeping of clients’ crypto-assets and funds Article 11 - Complaints-handling procedures Article 12 - Custody and administration policy Article 13 - Operating rules of the trading platform and market abuse detection Article 14 - Exchange of crypto-assets for funds or other crypto-assets Article 15 - Execution policy Article 16 - Provision of advice on crypto-assets or portfolio management of crypto-assets Article 17 - Transfer services Article 18 - Entry into force

Metadata

Related documents

Article 12 - Delegated Regulation 2025/305

Table of contents