The Class IIGB (Innovative Insurer – General Business) licence issued by the Bermuda Monetary Authority (“BMA”) has become the global regulatory standard for digital asset insurance carriers. It provides a clear and credible legal framework for insurers underwriting crypto custody risk, infrastructure risk, cyber risk, and other blockchain-related exposures.
However, obtaining a Class IIGB licence is a rigorous regulatory process. The BMA conducts a comprehensive evaluation of applicants, assessing capital adequacy, governance, ownership structure, risk management, and operational readiness.
Licence rejection or regulatory delay most often results not from the business model itself, but from deficiencies in regulatory structuring, capital planning, governance, or compliance preparation.
Understanding and avoiding these common mistakes is critical for securing regulatory approval efficiently and successfully.
This article outlines the most common legal and regulatory mistakes in Class IIGB licence applications and explains how digital asset insurers can avoid them.
I. Mistake 1: Improper Regulatory Structuring
The most fundamental mistake applicants make is failing to properly structure the insurance carrier before initiating the licence application.
Regulatory structuring involves designing the corporate, capital, governance, and operational framework in a manner that aligns with regulatory expectations.
Many applicants approach licensing as a documentation exercise rather than a structural exercise.
This approach often results in structural deficiencies that regulators identify during review.
Improper structuring can affect:
- Capital framework
- Governance architecture
- Operational model
- Risk management framework
Regulators evaluate the structural integrity of the insurer, not just the licence application documents.
Proper regulatory structuring significantly improves approval probability.
II. Mistake 2: Insufficient Capital Planning
Capital adequacy is the most important factor in licensing approval.
Applicants frequently underestimate capital requirements or fail to structure capital appropriately.
Common capital-related deficiencies include:
- Insufficient capital relative to underwriting risk
- Illiquid or unstable capital sources
- Lack of stress testing and solvency planning
The BMA evaluates whether capital is sufficient to maintain solvency under adverse conditions.
Capital must be stable, liquid, and capable of absorbing losses.
Improper capital planning is one of the most common causes of licence rejection.
Proper capital structuring is essential.
III. Mistake 3: Weak Governance Structure
Governance is one of the most heavily scrutinized areas of regulatory evaluation.
Applicants must demonstrate that the insurer has appropriate governance oversight.
Common governance deficiencies include:
- Lack of experienced directors
- Unclear management structure
- Inadequate governance policies
Regulators evaluate whether management can safely operate an insurance carrier.
Strong governance significantly improves regulatory confidence.
Weak governance is a major regulatory concern.
IV. Mistake 4: Lack of Digital Asset Risk Management Framework
Digital asset insurers face unique operational and technical risks.
Regulators expect insurers to demonstrate understanding of these risks.
Common deficiencies include:
- Lack of cybersecurity controls
- Inadequate custody risk management
- Poor operational risk planning
Regulators must be confident that digital asset risks can be managed safely.
Applicants must implement appropriate risk management frameworks.
Risk management deficiencies significantly delay licensing approval.
V. Mistake 5: Unclear or Poorly Defined Business Model
The BMA evaluates whether the insurer’s business model is clear, viable, and sustainable.
Applicants often fail to clearly define:
- Types of risks to be underwritten
- Target clients
- Underwriting methodology
Regulators must understand how the insurer will operate.
Unclear business models create regulatory uncertainty.
Clear business models improve approval probability.
VI. Mistake 6: Improper Ownership Structure and Lack of Transparency
Ownership transparency is essential for regulatory approval.
Applicants must disclose ownership structure and ultimate beneficial owners.
Common ownership deficiencies include:
- Opaque ownership structures
- Unclear source of funds
- Complex ownership chains without transparency
Regulators evaluate ownership transparency carefully.
Transparent ownership structures improve regulatory confidence.
Ownership deficiencies can significantly delay licensing approval.
VII. Mistake 7: Improper Custody and Asset Protection Framework
Digital asset insurers must ensure that digital assets are securely held.
Improper custody arrangements create operational and regulatory risks.
Common deficiencies include:
- Lack of regulated custody providers
- Inadequate custody security controls
Regulators evaluate custody arrangements carefully.
Proper custody frameworks improve regulatory approval probability.
VIII. Mistake 8: Inadequate Risk and Compliance Infrastructure
Applicants must establish compliance frameworks capable of ensuring regulatory compliance.
Common compliance deficiencies include:
- Lack of compliance monitoring systems
- Inadequate internal controls
Compliance frameworks must operate independently.
Regulators evaluate compliance infrastructure carefully.
Strong compliance frameworks improve regulatory confidence.
IX. Mistake 9: Failure to Align Capital Structure with Business Model
Capital structure must align with underwriting risk.
Applicants often fail to properly align capital structure with risk exposure.
This creates solvency concerns.
Capital structure must support underwriting activities safely.
Regulators evaluate capital alignment carefully.
X. Mistake 10: Attempting Licensing Without Proper Regulatory Strategy
Licensing success requires strategic regulatory preparation.
Applicants often attempt licensing without proper regulatory planning.
This increases risk of regulatory delay or rejection.
Regulatory strategy must align with regulatory expectations.
Proper preparation significantly improves approval probability.
XI. Regulatory Consequences of Improper Licensing Preparation
Improper preparation can result in:
Licensing delays
Additional regulatory scrutiny
Licence rejection
These consequences significantly impact business timelines.
Proper regulatory preparation avoids these risks.
XII. How Proper Regulatory Preparation Improves Licensing Success
Applicants that properly prepare regulatory structures significantly improve approval probability.
Proper preparation includes:
Strong capital planning
Robust governance framework
Clear business model
Transparent ownership structure
These factors improve regulatory confidence.
XIII. Regulatory Expectations for Digital Asset Insurance Carriers
Regulators expect digital asset insurers to demonstrate:
Capital adequacy
Operational readiness
Risk management capability
Governance strength
Applicants that meet these expectations are more likely to receive approval.
XIV. Strategic Importance of Avoiding Licensing Mistakes
Avoiding regulatory mistakes is critical for licensing success.
Proper preparation improves approval probability and reduces regulatory friction.
Licensing preparation must be comprehensive and strategic.
XV. Conclusion
The Class IIGB licence provides a powerful regulatory framework for digital asset insurance carriers.
However, regulatory approval requires careful legal and regulatory preparation.
Most licence rejections result from avoidable regulatory mistakes. Applicants that implement strong capital structures, governance frameworks, and risk management systems significantly improve approval probability.
Proper regulatory structuring is the key to licensing success.
FAQs
1. What is a Class IIIGB licence in crypto regulation?
A Class IIIGB licence authorises firms to manage and operate collective investment schemes involving crypto or digital assets. It is issued by regulators such as the FSRA in ADGM. It is one of the most scrutinised licence categories due to the investor protection obligations and AML compliance requirements attached to fund management activities.
2. Why do most Class IIIGB licence applications get rejected?
Most Class IIIGB applications are rejected due to incomplete compliance frameworks, weak AML/KYC policies, unqualified key personnel, and poorly drafted regulatory business plans. Regulators expect applicants to demonstrate operational readiness — not just intent. Submitting a technically incomplete application, even with a strong business model, almost always triggers rejection or a lengthy remediation process.
3. What documents are required for a Class IIIGB licence application?
A Class IIIGB application typically requires a Regulatory Business Plan, AML/CFT policy framework, corporate governance structure, audited financials, fit-and-proper declarations for key personnel, and a technology and risk management overview. Missing or poorly prepared documents are the most common reason regulators issue deficiency notices, delaying or ultimately rejecting the application entirely.
4. What is a Regulatory Business Plan and why does it matter?
A Regulatory Business Plan (RBP) is a detailed document submitted to the regulator outlining your business model, target market, risk appetite, compliance strategy, and operational structure. For Class IIIGB applications, a weak RBP is the single biggest rejection trigger. Regulators treat it as proof that an applicant fully understands their legal and operational obligations.
5. Who qualifies as a fit and proper person for a Class IIIGB licence?
A fit and proper person must demonstrate relevant financial services experience, a clean regulatory and criminal record, sound financial standing, and competence in fund management or digital asset operations. Regulators assess directors, senior managers, and key function holders. Appointing unqualified or undisclosed individuals is a fast track to automatic rejection of any Class IIIGB application.