|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Table of content |
|
|
Part A - Information about the issuer of the e-money token |
|
|
Part B - Information about the e-money token |
|
|
Part C - Information about the offer to the public of the e-money token or its admission to trading |
|
|
Part D - Information on the rights and obligations attached to e-money tokens |
|
|
Part E - Information on the underlying technology |
|
|
Part F - Information on the risks |
|
|
Part G - Information on the sustainability indicators in relation to adverse impact on the climate and other environment-related adverse impacts |
|
|
I.01: Date of Notification |
|
|
|
I. 02: Statement in accordance with Article 51(3) of Regulation (EU) 2023/1114 |
This crypto-asset white paper has not been approved by any competent authority in any Member State of the European Union. The issuer of the crypto-asset is solely responsible for the content of this crypto-asset white paper. |
|
|
I.03: Compliance statement in accordance with Article 51(5) of Regulation (EU) 2023/1114 |
This crypto-asset white paper complies with Title IV of Regulation (EU) 2023/1114 and to the best of the knowledge of the management body, the information presented in the crypto-asset white paper is fair, clear and not misleading and the crypto-asset white paper makes no omission likely to affect its import. |
|
|
I.04: Warning in accordance with Article 51(4), points (a) and (b) of Regulation (EU) 2023/1114 |
This e-money token is not covered by the investor compensation schemes under Directive 97/9/EC. This e-money token is not covered by the deposit guarantee schemes under Directive 2014/49/EU. |
|
|
|
|
|
|
|
|
Summary |
|
|
I.05: Warning in accordance with Article 51(4), points (a) and (b) of Regulation (EU) 2023/1114 |
The summary should be read as an introduction to the crypto-asset white paper. The prospective holder should base any decision to purchase the asset-referenced token on the content of the crypto-asset white paper as a whole and not on the summary alone. The offer to the public of the crypto-asset does not constitute an offer or solicitation to purchase financial instruments and that any such offer or solicitation can be made only by means of a prospectus or other offer documents pursuant to the applicable national law. The crypto-asset white paper does not constitute a prospectus as referred to in Regulation (EU) 2017/1129 of the European Parliament and of the Council (36) or any other offer document pursuant to Union or national law. |
|
|
I.06: Characteristics of the crypto-asset |
Stable mint Limited (the “Company” or the “Issuer”) issues and redeems Euro (€) denominated elec-tronic money tokens (the "Token/s"). The Tokens constitute electronic money tokens as defined under Markets in Crypto-Assets Regulation (Regulation (EU) 2023/1114 (as amended) (“MiCA”), each pegged to the value of the Euro.
The Tokens are designed to meet the e-money token criteria as outlined in MiCA. These Tokens comply fully with MiCA requirements, ensuring stability, security, and regulatory adherence.
Key Characteristics:
a) Stability: The Tokens are fully backed 1:1 by cash and high-quality liquid assets. This means that for every Token in issue, the Company will hold one (1) Euro in an account with a credit institu-tion or in secure, low-risk Euro denominated assets that qualify as highly liquid financial instru-ments with minimal market, credit, and concentration risk in compliance with the relevant finan-cial standards set forth in Article 54 of MICA.
b) Redeemability: Holders of the Tokens have a contractual right to redeem the Tokens at any time at par value in Euro, ensuring liquidity and confidence among users, as specified in MiCA.
c) Security and Management: The lifecycle of the Tokens—including issuance, redemption, and transfers—is managed by audited smart contracts deployed on the Ethereum and BNB Chain net-works. These smart contracts ensure secure, transparent, and efficient operations, complying with MiCA’s requirements for technology and security standards;
d) Operational Control: Control over the smart contracts that manage the lifecycle of the Tokens is maintained through an administrator's wallet address, secured using multi-party computation (“MPC”) technology. This aligns with MiCA’s mandate for robust operational safeguards to pre-vent unauthorized access and ensure integrity;
e) Usage: The Tokens are intended for business-to-business (“B2B”) payments and virtual asset exchanges. They are issued to legal persons for B2B payments and available for redemption at par value to both legal and natural persons. The usage of these Tokens meets MiCA’s definitions and regulatory scope for e-money tokens;
f) Transparency and Reporting: The Company maintains transparency through regular reporting and audits, ensuring compliance with MiCA’s requirements for disclosure and regulatory oversight. This includes periodic updates on the reserve assets and any significant changes affecting the To-kens’ value;
g) Regulatory Compliance: The Company is authorized under the Financial Institutions Act (Cap. 376 of the laws of Malta; the “FIA”) and fully complies with MiCA, ensuring that all operational, fi-nancial, and security protocols are in line with European standards. The Company also complies with all applicable regulations on anti-money laundering (AML) and combating the financing of terrorism (CFT). |
|
|
I.07: Right of redemption |
The holders of the Tokens have a right of redemption at any time and at par value without delay and free of charge.
To redeem Tokens, holders must first agree to, and comply with, the terms and conditions set by the Company. These terms ensure that all operational and regulatory requirements are met, maintaining the integrity and security of the redemption process. Additionally, all Token holders must complete Know Your Customer (KYC) and Anti-Money Laundering (AML) verification processes. This mandatory ver-ification is in place to comply with regulatory standards and to secure the financial ecosystem against illicit activities. The verification process is conducted through third-party identity verification providers in accordance with the Company’s stringent KYC/AML and privacy policies.
In addition to the above, Token holders must authenticate ownership of their wallet addresses before initiating a redemption request. This is achieved by signing a message through their self-custodial wallet, ensuring that the holder’s identity and wallet ownership are validated. This step is crucial in preventing fraud and ensuring that only the rightful owners can redeem the Tokens. Upon such signature, the To-ken holder’s wallet address must pass on-chain analytics and risk scoring via Elliptic, a third-party screening service.
Once the above conditions have been satisfied Token holders may submit a request to the Company to have any of their Tokens redeemed at par value by submitting a redemption request form through the Company’s online platform which may be accessed at the following website: https://stablemint.io/. A re-demption request submitted by a Token holder must set out, amongst others, the number of Tokens to be redeemed, the blockchain, the address of the digital wallet from which the Tokens will be transferred to the Company and the details of the bank account to which the redemption proceeds are to be remitted by the Company to the Token holder. Once the Company has received the Tokens to be redeemed from the Client, (from digital wallet address provided by the Client in the redemption request form), the Com-pany will burn the required number of Tokens and remit the redemption proceeds to the account details provided by the Token holder in the redemption request form that was submitted. The Company is not bound by any particular timeframe within which it has to redeem a Token holder’s Tokens. However, it will endeavour to redeem the Tokens and transfer the redemption proceeds to the Token holder as soon as reasonably possible following transfer of the Tokens by the Token Holder. |
|
|
I.08: Key information about the offer and or admission to trading |
The Tokens will be offered to both B2B and direct-to-consumer markets. As per Article 48(2) of the MiCA, all EMTs that represent the value of an official currency of a Member State of the European Un-ion are considered automatically offered to the public upon their issuance. The Tokens will be denom-inated in Euro (€) and developed on the ERC20/BEP20 token standard, deployed on Ethereum and BNB Chain networks.
The Tokens will also be listed on centralized exchanges that meet MiCA requirements. This ensures that the platforms adhere to stringent regulatory standards, providing a secure and compliant trading envi-ronment as required by MiCA.
To ensure compliance with MiCA, the Company will implement the following measures:
1. Issuance and Redemption
a) The Tokens will be issued by the Company as authorized under the FIA;
b) Holders will have the right to redeem the Tokens at any time at par value, in accordance with MiCA, ensuring they can always exchange their Tokens back into the corresponding fiat cur-rency
2. White Paper Disclosure
a) As mandated by MiCA, this crypto-asset white paper has been drawn up, containing essential information on the Company, the Tokens, the offer, and the associated rights and risks.
b) This crypto-asset white paper will be published and notified to the competent authorities be-fore the public offering or admission to trading.
3. Transparency and Reporting
a) Regular disclosures will be made available on the Company's website, detailing the number of Tokens in circulation and the value and composition of the reserve assets.
b) This transparency ensures that Token holders and potential investors have access to up-to-date information regarding the stability and backing of the Tokens.
4. Market Conduct and Investor Protection
a) The Company will ensure that all communications and marketing materials are fair, clear, and not misleading. Additionally, effective administrative arrangements will be in place to safe-guard investors and maintain the integrity of the market.
5. Governance and Safeguarding Policy
a) The Company has established a comprehensive Safeguarding Policy to ensure that its safe-guarding arrangements are in strict accordance with its regulatory obligations hereunder:
(i) In terms of the FIA, the Company is required to safeguard all funds received from any person utilizing its services or received through another payment service provider for the execution of payment transactions;
(ii) The Financial Institutions Act (Safeguarding of Funds) Regulations (Subsidiary Legisla-tion 376.04) provide detailed guidelines on the safeguarding of customer funds to protect them in the event of insolvency;
(iii) Financial Institutions Rule No. 1 on Application Procedures and Requirements for Au-thorization of Licences under the Financial Institutions Act 1994 (FIR/01) outlines the procedures and requirements for safeguarding funds during the application and authori-zation processes.D31
6. Safeguarding of Reserve Assets
In addition to safeguarding customer funds, the Company adheres to stringent regulations for managing reserve assets:
a) In terms of MiCA, reserve assets must be invested in secure, low-risk, and liquid assets to ensure their availability and stability. This investment strategy minimizes the risk of loss and maintains the value of the reserve assets;
b) Reserve assets should be held with credit institutions or investment firms authorized under the relevant Union law to ensure they are insulated against claims from any creditors, especially in the case of insolvency of the Company;
c) Reserve assets are to be fully segregated from the Company’s own assets at all times, ensuring they are not encumbered or pledged as collateral. The Company must have prompt access to these assets to fulfill obligations towards Token holders. |
|
|
|
|
|
|
|
|
Part A: Information about the offeror or the person seeking admission to trading |
|
|
A.1: Name |
Stable Mint Ltd. |
|
|
A.2: Legal form |
Company limited by shares |
|
|
A.3: Registered address |
Notabile Gardens, No.2 – Level 3, Mdina Road, Zone 2, Central Business District Trident Park, Birkirkara CBD 2010, Malta. |
|
|
A.4: Head office |
Notabile Gardens, No.2 – Level 3, Mdina Road, Zone 2, Central Business District Trident Park, Birkirkara CBD 2010, Malta. |
|
|
A.5: Registration Date |
|
|
|
A.6: Legal entity identifier |
|
|
|
A.7: Other identifier required pursuant to applicable national law |
|
|
|
|
A.8: Contact telephone number |
|
|
|
A.9: E-mail address |
info@stablemint.io |
|
|
A.10: Response Time (Days) |
5 |
|
|
A.11: Management |
Gold Token SA (“GTSA”)
LEI: CHE-287.630.262 |
|
|
A.12: Business Activity |
(1) Mr. James Bennett (executive director, chief executive officer (“CEO”) and chief financial officer (“CFO”))
(2) Mr. Daniel Masters (non-executive director)
(3) Ms. Stephanie Borg Caruana (executive director and risk manager)
(4) Mr. Joseph Portelli (non-executive director and chairman)
(5) Mr. Sean Camilleri (executive director, Chief operating officer ("COO")) |
|
|
A.13: Parent Company Business Activity |
The Company is a financial technology company specializing in the issuance of Euro-denominated electronic money tokens using Distributed Ledger Technology (“DLT”). The Com-pany offers a secure and regulated platform for the efficient issuance and redemption of elec-tronic money tokens, commonly referred to as stablecoins.
The Company’s primary business activity is the issuance of e-money tokens designed to facili-tate cross-border transactions. By enabling both businesses and consumers to participate in reli-able digital financial activities, the Company’s services address the demand for seamless and se-cure digital transactions essential for international trade and finance. In addition to the Compa-ny’s core services, it also provides operational and closely related ancillary services in the issu-ance of electronic money. All payment services are conducted solely to support the Company’s e-money offerings.
As a licensed financial institution that issues e-money tokens, the Company complies with both MiCA and the FIA. The Company’s operations are characterized by rigorous processes for mint-ing, managing, and redeeming digital tokens. These processes are underpinned by stringent anti-money laundering (AML) and know-your-customer (KYC) protocols, alongside robust govern-ance frameworks.
Looking to the future, the Company plans to diversify its offerings to include additional major fiat currencies. This strategic expansion aims to enhance the Company’s service capabilities on a global scale and respond to the increasing demand for versatile financial solutions within the dig-ital economy. |
|
|
A.14: Parent Company Business Activity |
GTSA's business activities are related to the issuance and marketing of virtual tokens that are di-rectly or indirectly backed by physical commodities, fiat currency corresponding to a currency, or fixed-income instruments. GTSA may conduct all commercial, financial, and real estate opera-tions (limited exclusively to commercial properties), undertake movable transactions, and con-clude contracts that have a direct or indirect connection with its purpose and promote its devel-opment. In addition, it may also acquire stakes in other companies and acquire companies aim-ing for an identical or analogous purpose, establish branches or form subsidiaries in Switzerland or abroad, provided that the company may hold interests in exclusively commercial real estate companies in Switzerland.
As a self-regulatory organization, GTSA is a member of the VQF and falls under the supervision of the Swiss Financial Market Supervisory Authority (FINMA). Since its establishment in 2018, GTSA has been at the forefront of asset tokenization. Notably, it issued one of the first physical gold-backed payment tokens in the world, known as ‘DGLD’. |
|
|
A.15: Conflicts of Interest Disclosure |
Token holders should be aware that there may be situations in which each and any of the direc-tors, and/or the shareholder of the Company could encounter a conflict of interest in connection with the Company. Should a conflict of interest actually arise, the directors will use their best en-deavours to ensure that the conflict is resolved fairly. In addition, the directors will use their best endeavours to ensure that all agreements and transactions entered into by the Company will be negotiated at arm's length insofar as it is reasonably possible to do so. In particular, potential Token holders should be aware of the following:
(a) Both James Bennett and Daniel Masters sit on the board of directors of GTSA (the sole shareholder of the Company).
(b) James Bennett also sits on the board of directors of GTSA London Limited, a company in-corporated in the United Kingdom having company number 13527770 (“GTSA London”), which provides a number of services to the Company including software development ser-vices, back-office support services such as human resources support, information technolo-gy and financial planning.
(c) Any of the directors, risk manager, money laundering reporting officer and/or compliance of-ficer of the Company may from time to time be involved with other regulated entities which may operate in a similar line of business to that of the Company. |
|
|
A.16: Issuance of other crypto-assets |
FALSE |
|
|
A.17: Activities related to other crypto-assets |
FALSE |
|
|
A.18: Connection between the issuer and the entity running the DLT |
FALSE |
|
|
A.19: Description of the connection between the issuer and the entity running the DLT |
The Company issues its crypto-assets on the Ethereum and BNB Chain networks, both of which are decentralized blockchain platforms. These platforms are not owned, controlled, or operated by any single entity closely connected to the Company or its parent company, GTSA. Ethereum and BNB Chain are maintained by a global community of independent validators and developers who contribute to the network's protocols. These platforms operate under a decentralized con-sensus mechanism, ensuring that no single party, including the Company, has the authority to control or influence the underlying protocols directly. This structure effectively mitigates any po-tential conflicts of interest between the issuer and the entity running the distributed ledger tech-nology used to issue the crypto-asset. |
|
|
A.20: Newly Established |
TRUE |
|
|
A.21: Financial condition over the past three years |
The Company will be a newly incorporated entity, wholly owned by GTSA. As a new company, the Company does not have historical financial information spanning the past three years. How-ever, its financial foundation is solidly underpinned by the robust financial health of its parent company, GTSA, which has consistently demonstrated sound financial management and strategic growth since its establishment.
Upon incorporation, the Company will adhere to all relevant capital requirements as mandated by Maltese law under the Companies Act (Chapter 386 of the laws of Malta) and the FIA, this in-cludes a minimum share capital requirement which must be fully subscribed and adequately paid upon incorporation.
In addition, in terms of the FIA and MiCA electronic money institutions (such as the Company) are required to maintain adequate levels of capital and liquidity to manage and sustain their oper-ations effectively. This includes maintaining own funds at a level either equal to or above the re-quired regulatory minimums, which are determined based on the volume of business and the as-sociated risk factors.
Furthermore, the Company will ensure it has sufficient capital resources, both short-term and long-term, to support its business activities. This will involve a detailed narrative on cash flows, sources of capital, and the management of financial resources to maintain operational liquidity and meet ongoing business demands.
As the Company progresses, it will establish rigorous financial monitoring systems to maintain transparency and compliance with all regulatory requirements, ensuring a stable financial trajec-tory aligned with its growth objectives and regulatory obligations. |
|
|
A.22: Financial condition since registration |
Please refer to A.21 above. |
|
|
A.23: Exemption from authorisation |
FALSE |
|
|
A.24: Asset Token Authorisation |
The Company is licensed as a financial institution in terms of the FIA and is authorized to issue electronic money in terms of the third schedule to the FIA. |
|
|
A.25: Authorisation Authority |
The Malta Financial Services Authority (MFSA). |
|
|
A.26: Persons other than the issuer offering to the public or seeking admission to trading of the e-money token according to Article 51(1), second subparagraph, of Regulation (EU) 2023/1114 |
The Company reserves the right to (i) engage with other entities to distribute the Tokens, which are appropriately authorised under MiCA; and/or (ii) seek admission to trading of the Tokens across MiCA-compliant trading platforms. |
|
|
A.27: Reason for offering to the public or seeking admission to trading of the e-money token by persons referred to in Article 51(1), second subparagraph, of Regulation (EU) 2023/1114 |
The Company reserves the right to take the actions set out in row A.26 above in future in order to potentially increase liquidity and accessibility of the Tokens, subsequently making it easier for users to buy, sell, and trade the Tokens within regulated and secure environments. |
|
|
|
|
|
|
|
|
Part B – Information about the e-money token |
|
|
B.1: Name |
Stable Mint Euro |
|
|
B.2: Abbreviation |
EURSM |
|
|
B.3: E-money token Characteristics |
|
|
|
B.4: Details of all natural or legal persons involved in the implementation of the crypto-asset project |
The following is a list of advisors, developers, service providers and others involved in the above process:
a) GTSA London. GTSA London intends to provide inter alia software development services, back-office support services such as human resources support, information technology and financial planning;
b) Elliptic Enterprises Limited, a company registered in the United Kingdom with company registration number 08458210, which proposes to provide screening of blockchain based wallets and the transaction of electronic money settled via the blockchain ledger;
c) Amazon Web Services (AWS), which will provide cloud-based infrastructure services, in-cluding computing power, storage options and networking capabilities to the Company;
d) Utila, a company registered in Israel with company registration number 516556792, which is an enterprise-grade operations platform focusing on secure, non-custodial and chain-agnostic wallet infrastructure for managing digital assets. The Company intends to appoint Utila to inter alia utilise its MPC technology and compliance-focused integrations;
e) Twilio Ireland Ltd., a company registered in Ireland with company registration number 557454, which the Company proposes to appoint to provide it with customer communica-tion platforms, offering services for email marketing, transactional emails, and engagement tools to connect with audiences;
f) Consensys Software Inc., a company registered in New York (United States) with company registration number 1894351, which proposes to provide the Company with the necessary infrastructure and tools, through its Infura platform, to build and scale blockchain applica-tions, supporting Ethereum and IPFS;
g) Persona Identities, Inc. a company registered in Delaware (United States) with company registration number 6978487, which proposes to provide identity verification services to the Company, including customer due diligence, fraud prevention and compliance tasks. Persona is a technology provider which can be used as a supporting technology to assist the MLRO or appointed compliance officer with their duties. It is intended to be used for inter alia the sanctions checks, PEP and document likeness etc. as well as a general database and logging system for the collection of client data.
h) Mr. Filip Vostatek, holder of Czech passport bearing number 44283161, who will be tasked with overseeing the Company’s technical operations infrastructure, managing the Company’s development and operations engineer, front-end developer and full-stack developer.
i) Mr. Niko Kodzhabashev, holder of Bulgarian passport bearing number 9503200028, as a full-stack developer;
j) Enea Exhenry, holder of Swiss passport bearing number XO252462, as the Company‘s Product Manager.
k) Luca Luzzati, holder of Italian passport bearing number YB2624994, as the Company's Head of Design
Some persons within the management team listed in A.12 above have also been involved in different aspects of the implementation of the crypto-asset project. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Part C – Information about the offer to the public of the e-money token or its admission to trading |
|
|
C.1: Public Offering or Trading |
OTPC and ATTR. |
|
|
|
C.2: Number of units |
N/A – no cap |
|
|
C.3: Trading Platforms |
|
|
|
C.4: Applicable law |
The Laws of Malta |
|
|
C.5: Competent court |
The Courts of Malta |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Part D – Information on the rights and obligations attached to e-money tokens |
|
|
D.1: Holder’s rights and Obligations |
Holders of the Tokens issued by the Company have specific rights and obligations as set out in the Company’s terms and conditions. Each Token holder has the right to redeem the Tokens at par value, corresponding to one Euro per Token, reflecting the backing of each Token by liquid financial reserves. The redemption process is defined in the Company’s terms and conditions, including the necessary steps and conditions under which redemption can be requested and pro-cessed. Token holders are obliged to comply with all regulatory requirements and procedures outlined during the issuance and redemption processes, including but not limited to, Anti-Money Laundering (AML) and Know Your Customer (KYC) checks as mandated by Maltese law. |
|
|
D.2: Rights and obligations modification |
The Company may amend its terms and conditions (including the rights and obligations of To-ken holders, as well as the terms under which the Tokens are issued and managed) by giving no-tice to Token holders at least two (2) months prior to the proposed date of effectiveness of the changes, unless a change in applicable law or regulation requires the Company to take immediate action, in which case such changes shall be effective immediately without the need for the Com-pany to provide prior notice. A Token holder may either accept or reject the changes before the date of their proposed date of entry into force. In the absence of any formal rejection by the To-ken Holder, the Token holder will be deemed to have accepted any changes to the terms and conditions of the Company. |
|
|
D.3: Description of the rights of the holders |
The money received by the Company from issuance of the Tokens is held: (a) in segregated account(s) at regulated credit institutions; (b) otherwise invested in secure, low risk assets, in accordance with the requirements of MiCA (collectively, the "Assets Backing the Tokens"). This arrangement is intended to ensure the redeemability of the Tokens. In the event that the Company becomes insolvent, creditors of the Company ought not to have a claim on the Assets Backing the Tokens, which assets consitute a distinct patrimony from the Company's own assetsand are not available to meet creditor claims. |
|
|
D.4: Rights in implementation of recovery plan |
Recovery plan is still under development. This white paper will be updated to reflect the approved recovery plan, once regulatory authorization has been received. |
|
|
D.5: Rights in implementation of redemption plan |
Redemption plan is still under development. This white paper will be updated to reflect the approved redemption plan, once regulatory authorization has been received. |
|
|
D.6: Complaint Submission Contact |
complaints@stablemint.io |
|
|
D.7: Complaints Handling Procedures |
The Complaints Management Procedure of the Company outlines the process to be followed in order to ensure that complaints are handled promptly, equally, fairly and efficiently.
Filing a Complaint:
Complaints may be made ideally in writing, addressed to the Complaints Management Function of the Company, using one of the following methods:
- By email: complaints@stablemint.io
- By mail: Trident Park, Notabile Gardens, No.2 – Level 3, Mdina Road, Zone 2, Central Business District, Birkirkara CBD 2010, Malta.
In case the complaint has been made verbally, the Company shall make a summary of the complaint and request the complainant to confirm in writing the said summary and send a signed copy of the complaint to the Company.
The complainant should provide the Company with as much detail as possible to enable the Company to resolve the concerns fairly, effectively and promptly. The complainant should pro-vide at least the following information:
a) Name and address of the complainant;
b) Contact details of the complainant (e.g. telephone number and/or email address);
c) If the complaint is being handled by an external representative, include external representa-tive name and contact details;
d) A description of the complaint and how it affected the complainant;
e) Supporting documentation for the complaint; and
f) When the incident(s) occurred.
Complaints may be lodged free of charge.
Procedure for Acknowledging, Investigating and Responding to Complaints
1. Acknowledgement
When the Company receives a complaint, it shall acknowledge receipt of the complaint in writing within two (2) business days of receipt of the complaint. The acknowledgement shall include the Company’s Complaints Procedure.
A complaint can be lodged by any reasonable means – for example letter, fax, email, telephone or in person. Should a complaint be made verbally, the Company shall either:
a) ask the complainant to lodge the complaint in writing, or;
b) make a summary of the complaint and request the complainant to confirm the summary in writing and send a signed copy of the complaint to the Company. If the client makes a com-plaint but does not follow-up in writing, the Company will nevertheless investigate the com-plaint.
2. Investigation
The Complaints Management Function will investigate the complaints received. Such function may also appoint an employee(s) of sufficient standing and competence to investigate or assist with the investigation. Such persons should not have been directly involved with the subject mat-ter relating to the complaint. Third-party legal advisors may also be appointed as necessary.
The Company shall seek to gather and investigate competently, diligently and impartially all rele-vant evidence and information regarding the complaint. In this regard the Company will take into consideration the following factors:
a) the subject matter of the complaint;
b) whether the complaint should be upheld;
c) what remedial action or redress (or both) may be appropriate; and
d) if appropriate, whether it has reasonable grounds to be satisfied that another party may be solely or jointly responsible for the matter alleged in the complaint.
3. Resolution
When the investigation is completed, the Company will:
a) offer redress or remedial action when the Company decides this is appropriate;
b) explain to the client promptly and in a way that is fair, clear, and not misleading, the assess-ment of the complaint, the decision on the matter and any offer of remedial action or redress. In this regard the Company shall always communicate in plain language, which is clearly un-derstood by the client; and
c) comply promptly with any offer of remedial action or redress accepted by the client.
A ‘final response’ is a written response from the Company which:
a) accepts the complaint and, where appropriate, offers redress or remedial action; or
b) offers redress or remedial action without accepting the complaint; or
c) rejects the complaint and gives reasons for doing so.
When providing a final response which does not fully satisfy the complainant’s request, the complainant may refer the complaint to the Officer of the Arbiter for Financial Services estab-lished under the Arbiter for Financial Services Act (Cap. 555). The Arbiter for Financial Services can be contacted as follows:
Address: Office of the Arbiter for Financial Services, First Floor, St. Calcedonius Square, Floria-na FRN1530
Telephone: Freephone (local calls): 80072366 Telephone: (+356) 21249245
Further details may be found at: http://financialarbiter.org.mt
Closing Complaints: A complaint is closed when the client indicates in writing their acceptance of an earlier response from the Company or when the Arbiter for Financial Services informs the Company in writing that the complaint has been closed. |
|
|
D.8: Dispute Resolution Mechanism |
In accordance with the terms and conditions of the Company, any disputes between Token hold-ers and the Company shall be resolved before the Maltese courts (if not resolved amicably or by the Arbiter for Financial Services beforehand). |
|
|
D.9: Token Value Protection Schemes |
Not applicable
It is important to note that EMTs issued by Stable Mint Ltd are not covered by investor compensation schemes under Directive 97/9/EC or deposit guarantee schemes under Directive 2014/49/EU. However, the segregated accounts, where the funds or other assets are held for the benefit of holders of e-money tokens, are covered by these compensation schemes, which further protects the holders of e-money tokens from potential insolvency or bankruptcy of the financial institutions that act as the custodians of these segregated accounts. |
|
|
D.10: Applicable law |
The Laws of Malta |
|
|
D.11: Competent court |
The Courts of Malta |
|
|
|
|
|
|
|
|
Part E – Information on the underlying technology |
|
|
E.1: Distributed ledger technology |
As an e-money token issuer, the Company utilizes DLT specifically focusing on the Ethereum and BNB Chain networks. These platforms are known for their robust, decentralized blockchain environments which are conducive to deploying a variety of financial applications, particularly those involving e-money tokens.
Ethereum and BNB Chain operate on the Ethereum Virtual Machine (EVM), making them com-patible with a wide array of decentralized applications and smart contracts. This compatibility is essential for the issuance, management, and operational control of the Tokens, which are devel-oped on the ERC20/BEP20 token standard. The choice of these blockchains offers enhanced se-curity, transparency, and efficiency, vital for the minting, burning, and overall lifecycle manage-ment of the Tokens. Both blockchains have fostered a robust ecosystem of developer and user activity that has driven innovation in financial infrastructure and applications. |
|
|
E.2: Protocols and technical standards |
The Tokens are developed on Ethereum and BNB Chain, adhering to the ERC20 and BEP20 to-ken standards respectively. These standards are pivotal in the crypto world for ensuring high-speed, efficient transactions, and compatibility with major crypto exchanges, which greatly en-hance liquidity and market accessibility.
The benefits of the ERC20 Standard are:
a) Efficiency and Speed: ERC20 tokens facilitate rapid and smooth transactions, optimizing the user experience;
b) Security: The design of ERC20 minimizes the risk of smart contract errors, enhancing trans-action security;
c) Cost-Effectiveness: ERC20 allows for a low-cost creation process, making it an attractive op-tion for various projects;
d) User-Friendliness: The simplicity of the ERC20 token ensures ease of use for conducting transactions.
BEP20 Standard Enhancements
a) BNB Chain Compatibility: While based on the ERC20 standard, BEP20 includes adaptations for BNB Chain’s unique features such as its native BNB coin support, fostering efficient smart contract execution and high transaction throughput.
b) Advanced Governance: BEP20 supports an advanced governance system, aligning with de-centralized finance (DeFi) applications on BNB Chain.
These standards not only facilitate seamless token operations but also ensure that the Tokens can be stored, managed, and transferred with high reliability across a wide array of digital wallets and trading platforms. |
|
|
E.3: Technology Used |
The Tokens utilize a sophisticated integration of traditional financial systems and advanced blockchain technologies, ensuring secure, efficient, and compliant management of digital assets.
For smart contract automation, the Company deploys contracts that enable automatic execution of financial transactions with complex functionalities, including minting, burning, role assign-ment, and compliance mechanisms like freezing and blacklisting. These smart contracts are akin to automated rule-based systems in traditional banking but are enhanced by the security and transparency offered by blockchain technology.
A critical component of the Company’s infrastructure is the communication with blockchain networks. The Company leverages Infura and BlastAPI’s RPC (Remote Procedure Call) nodes for both Ethereum and BNB Chain, which provide a reliable, scalable, and secure connection to these blockchain networks. This setup allows the Company to perform blockchain operations ef-ficiently without the need for maintaining the Company’s own full nodes. These service provid-ers’ robust infrastructure supports high availability and real-time data access, which are vital for the seamless performance of the Company platform’s operations.
In terms of security and operational excellence, the Company incorporates MPC technology to manage wallet addresses and transaction approvals securely. This cryptographic protocol dis-tributes transaction authority among multiple parties, thereby enhancing security and reducing the risk of unauthorized access or single points of failure. To ensure the highest standards of se-curity, the Company’s smart contracts and operational procedures undergo regular and rigorous security audits conducted by external firms, helping it to identify and mitigate potential vulnera-bilities.
The Tokens are designed to be compatible with a variety of self-custodial digital wallets, provid-ing users with the flexibility to manage their assets securely through their preferred wallet ser-vices. The user interface of the Company’s platform is designed to be intuitive and accessible, ensuring that even those new to digital currencies can easily navigate and perform transactions. This approach not only enhances user experience but also aligns with the Company’s commit-ment to providing a secure, transparent, and efficient digital finance environment.
By leveraging the ERC20 and BEP20 standards along with secure and effective blockchain com-munication methods like RPC services, the Company creates a robust infrastructure for the se-cure management, transfer, and storage of e-money tokens. This comprehensive integration of technologies ensures that the Company’s platform exceeds traditional financial service stand-ards, offering advanced functionalities for today's digital economy. |
|
|
E.4: Purchaser’s technical requirements |
To effectively manage and utilize the Tokens, purchasers must meet the following technical re-quirements:
a) Self-Custodial Wallet: Purchasers must have a self-custodial digital wallet capable of manag-ing public and private key pairs. This wallet should support the specific blockchain protocol on which the Tokens are issued;
b) Secure Internet Connection: A stable and secure internet connection is essential to access the blockchain network, perform transactions, and access the Company’s web app platform;
c) Blockchain Network Fees (Gas): Purchasers need to be prepared to pay transaction fees, commonly referred to as 'gas' on the blockchain network. These fees vary based on network congestion and transaction complexity;
d) Banking or Payment Network Access: Ability to use personal banking services or payment systems such as the SEPA network is required. This facilitates the fiat to token conversion process and vice versa. Customers should ensure they can input the unique reference code for fiat deposits transactions to ensure traceability and security. |
|
|
E.5: Consensus Mechanism |
As an e-money token issuer utilizing DLT, it is important to clarify that the Company does not influence or impact the consensus mechanisms of the blockchains it uses for e-money token is-suance. Any discussion of the consensus mechanisms employed by Ethereum and BNB Chain is purely explanatory, aimed at demonstrating the Company’s technical understanding of these plat-forms and the stability and security they provide, which are critical for our operations as an e-money issuer.
Ethereum's Proof of Stake (PoS):
Ethereum has transitioned from a Proof of Work (PoW) mechanism to a Proof of Stake (PoS) model with its Ethereum 2.0 upgrade, significantly enhancing its energy efficiency and scalabil-ity. The PoS mechanism reduces the computational effort required to validate transactions and blocks, which not only minimizes environmental impact but also decreases transaction pro-cessing times and costs. For e-money tokens, this improvement translates to enhanced transac-tion throughput and reduced costs - features that are vital for maintaining high-volume, low-cost financial transactions. The stability and longevity offered by Ethereum's network effect and its established track record (Lindy Effect) provide a reliable foundation for issuing and managing e-money tokens securely and efficiently.
BNB Chain's Delegated Proof of Stake (DPoS) with Byzantine Fault Tolerance (BFT):
BNB Chain utilizes a Delegated Proof of Stake (DPoS) consensus mechanism, which is augment-ed by Byzantine Fault Tolerance (BFT). This combination allows for high transaction throughput and reduced latency, making it well-suited for financial applications that require rapid transaction confirmations. In DPoS, Token holders vote to elect a limited number of delegates who are re-sponsible for validating transactions and securing the network, which concentrates validation power but also allows for more scalable and faster consensus. The addition of BFT enhances the network's reliability by ensuring that once transactions are confirmed, they are final and cannot be reversed, thereby securing the ledger against forks and ensuring consistency across the net-work. For an e-money token issuer, this means that the Tokens benefit from robust security measures and a stable network environment, facilitating reliable and seamless financial transac-tions for the Company’s users.
Both consensus mechanisms underline the Company’s commitment to providing secure, effi-cient, and compliant e-money services. They ensure that the Company’s operations on Ethereum and BNB Chain are supported by advanced technological frameworks that enhance the overall in-tegrity and performance of its financial offerings. |
|
|
E.6: Incentive Mechanisms and Applicable Fees |
The incentive mechanisms for securing transactions on our platform vary based on the underlying blockchain technology, specifically Ethereum and BNB Chain.
Ethereum:
Validators secure the Ethereum network through the Proof of Stake (PoS) consensus mechanism. They are incentivized to act honestly by earning transaction fees and staking rewards, which are distributed based on their staked amount and participation in the consensus process. Transaction fees, often referred to as 'gas fees', are determined by the complexity and demand of the network and are paid by users to prioritize their transactions and compensate validators.
BNB Chain:
BNB Chain utilizes a Delegated Proof of Stake (DPoS) mechanism augmented by Byzantine Fault Tolerance (BFT). Validators, elected by token holders, are rewarded with transaction fees and block rewards. These fees, assessed based on transaction complexity and network conditions, are paid by users and help ensure rapid transaction confirmations and network security.
In summary, both Ethereum and BNB Chain employ robust incentive mechanisms involving transaction and staking rewards. Users pay fees based on transaction complexity and network demand, ensuring the efficient and secure operation of our e-money token services on these platforms. |
|
|
E.7: Use of Distributed Ledger Technology |
FALSE |
|
|
E.8: DLT Functionality Description |
N/A |
|
|
E.9: Audit |
TRUE |
|
|
E.10: Audit outcome |
Inference AG was engaged by GTSA to perform an independent security assessment of the Sta-ble Mint Token smart contract.
Inference AG performed the security assessment based on the agreed scope, between the 16th of January 2024 and the 13th of February 2024. Feedback from GTSA was received and Inference performed a follow-up assessment.
Based on the Company’s scope and performed activities, its security assessment revealed a few security issues with low severity ratings. Additionally, different observations were also made, which if resolved with appropriate actions, may improve the quality of GTSA’s Stable Mint To-ken smart contract.
This report only shows remaining open or partly resolved issues and observations. Overview on issues and observations:
Issues: S-GTC-001: ID reservation / consumption – low / open (severity/status)
Observations: O-GTC-001: ERC20 approve – Informational |
|
|
|
|
|
|
|
|
Part F – Information on the risks |
|
|
F.1: Issuer-Related Risks |
The Company has established a rigorous and comprehensive risk management policy and risk register to identify, monitor, and manage cross-functional risks. The risk register has forty two (42) risk criteria across five (5) risk categories that have been designated to specific divisions and risk owners.
Issuer-related risks include, but are not limited to:
a) Market Adoption Risk (SM_R007): Risks related to the possibility that the Token may not achieve widespread acceptance among clients and merchants, which could impact the overall success and viability of the Token.
b) Technology Obsolescence Risk (SM_R008): The risk that rapid technological advancements could render the Tokens’ underlying technology outdated, potentially leading to loss of mar-ket share to newer, more technologically advanced competitors.
c) Partnership Risk (SM_R009): Risks associated with reliance on strategic partnerships that may fail to deliver expected market share or benefits, potentially impeding growth and liquid-ity necessary for the Tokens’ adoption.
d) Financial Planning Risk (SM_R010): The risk of misallocating resources to non-strategic are-as, which could distract from the core business proposition and hinder the Company from achieving profitability.
e) Legal Risk (SM_R013): Potential for involvement in legal disputes that could create negative publicity and lead to loss of confidence among partners, including banks and other financial institutions, which may impact the Company's operational capabilities.
f) Ethical Conduct Risk (SM_R014): Risks related to ethical misconduct, such as misuse of us-er funds or lack of transparency, which can erode trust in the Token and impact its value and stability.
g) Loss of License or Operational Restrictions (SM_R015): Risks related to non-compliance with legal requirements that could result in the revocation of necessary licenses or the impo-sition of operational restrictions, limiting the Company’s ability to operate in key markets.
h) Cross-Jurisdictional Compliance Complexity (SM_R016): The global nature of the stablecoin necessitates navigation through a complex patchwork of legal systems, where failure to com-ply in one jurisdiction can have cascading effects, including international legal complications.
i) Risk relating to Insolvency: Despite the legal protections afforded to the Assets Backing the Tokens (as defined in row D.3), in the event of insolvency of the Company, it cannot be excluded that creditor(s) will claim or attempt to make a claim on said assets, which might result in litigation, which could be timely, costly and the outcome of which may not be easy to predict, particularly owing to a potential lack of experience of the Courts in dealing with similar disputes. |
|
|
F2Token-Related Risks |
Token-related risks include, but are not limited to:
a) Smart Contract Vulnerabilities (SM_R003): Risks associated with potential exploits in the smart contract code that could lead to unauthorized actions such as artificial inflation of e-money tokens. This includes risks from functions like upgradeability, mint/burn, permits, plausibility, blacklisting, and access control.
b) De-pegging from Underlying Currency (SM_R011): Risks that the stablecoin could lose its parity with the underlying currency it is pegged to, which could undermine trust in the stable-coin and trigger a flight to redemptions.
c) System Downtime Risk (SM_R002): The risk that unplanned IT outages could disrupt the stablecoin issuance process, impacting the reconciliation of creation and redemption requests with corresponding banking transactions. |
|
|
F.2: Technology-Related Risks |
Technology-Related Risks include, but are not limited to:
a) Information Technology and Cybersecurity Risks (SM_R001): Includes risks of unauthor-ized access to sensitive customer data such as legal persons onboarded, their banking infor-mation, contact information, and digital wallet addresses, which could compromise client privacy and expose them to fraudulent activities.
b) System Downtime Risk (SM_R002): Risks associated with unplanned IT outages of cloud server infrastructure or corresponding banks, which could disrupt the stablecoin issuance process and prevent the Company from reconciling the creation and redemption requests with corresponding banking transactions.
c) Smart Contract Vulnerabilities (SM_R003): Risks due to vulnerabilities in the smart contract code that could be exploited, leading to unauthorized creation or destruction of e-money to-kens through such functionalities as upgradeability, mint/burn, permits, plausibility, black-listing, and access control.
d) PCI DSS Failure (SM_R034): The risk associated with failing to meet the Payment Card In-dustry Data Security Standard (PCI DSS) requirements, which could lead to regulatory ac-tions or negative media exposure for the Company.
e) DORA Compliance Risk (SM_R033): The risk of not aligning with the Digital Operational Resilience Act (Regulation (EU) 2022/2554 (as amended), necessitating a gap assessment to ensure compliance with upcoming regulations. |
|
|
F.4: Mitigation measures |
In order to mitigate these risks, the Company will:
a) implement an efficient and robust IT and cybersecurity framework - including an infor-mation and cyber security policy - and will ensure that all risks are managed in line within its defined risk appetite through suitable and effective controls;
b) engage a specialised entity to be responsible for its internal audit function with the responsi-bility for oversight of, amongst others, outsourced functions;
c) implement and maintain an internal audit policy and outsourcing policy, that will govern, amongst others, the implementation, monitoring and management of the Company’s out-sourcing arrangements;
d) appoint a compliance officer who will be responsible for ensuring adherence to, inter alia, applicable laws and regulations. For this purpose, the compliance officer will, amongst oth-ers, implement and maintain a compliance policy and procedures manual for the Company and implement a risk-based compliance monitoring programme;
e) escalate any claims or complaints to the CEO and the compliance officer, who will manage the complaint in line with the Company’s complaints handling policy;
f) implement a business continuity plan that incorporates job shadowing and establishes a well-documented procedures for critical functions; |
|
|
|
|
|
|
|
|
Part G – Information on the sustainability indicators in relation to adverse impact on the climate and other environment-related adverse impacts |
|
|
G.1: Adverse impacts on climate and other environment-related adverse impacts |
It should be highlighted that the Delegated Regulation regarding these sustainability indicators, that is mandated inter alia under Article 51 of the Markets in Crypto-Assets Regulation (EU) 2023/1114, has not yet been approved nor published.
Stable Mint Ltd has mandated Crypto Risk Metrics to support in the computatino of the six sustainability indicators. |
|