The key pieces of financial services law in the Cayman Islands are outlined below:

• The Monetary Authority Act (2020 Revision) establishes the Cayman Islands Monetary Authority (CIMA) and gives it powers to licence, supervise, and enforce compliance in the financial sector.
• The Banks and Trust Companies Act (2025 Revision) regulates banking and trust business.
• The Companies Management Act (2025 Revision) governs company management and corporate service providers.
• The Insurance Act, 2010 (as amended), regulates insurance and reinsurance businesses, including captives, and insurance intermediaries.
• The Mutual Funds Act (2025 Revision) regulates mutual funds and mutual fund administration services.
• The Private Funds Act (2025 Revision) brings closed-ended investment funds (eg, private equity and venture capital vehicles) under CIMA oversight.
• The Securities Investment Business Act (2020 Revision) (SIBA) regulates securities investment businesses, including investment managers, advisers, dealers and market makers.
• The Virtual Asset (Service Providers) Act (2024 Revision) (VASP Act) regulates crypto/digital asset service providers.
• The Money Services Act (2024 Revision) regulates money transmission, currency exchange, and related payment services under CIMA supervision.

The above laws are known as the Regulatory Laws and are administered by CIMA. In addition, the Cayman Islands regulatory framework includes laws that aim to counter financial crime:

• The Proceeds of Crime Act (2025 Revision) (POCA) forms the core of Cayman’s AML/CFT regime and money laundering offences.
• The Anti-Money Laundering Regulations (2025 Revision) (AMLRs) implement the regulatory obligations for all financial service providers.
• The CIMA Guidance Notes on the Prevention and Detection of Money Laundering, Terrorist Financing and Proliferation Financing (February 2024), while not directly enforceable, contain CIMA’s interpretive framework for applying the AMLRs, which sets detailed expectations for compliance policies, procedures, and internal controls.
• The Terrorism Act (2018 Revision) supports the AML/CFT/CPF regime by criminalising terrorist financing.
• The Proliferation Financing (Prohibition) Act (2017 Revision) supports the AML/CFT/CPF regime by criminalising proliferation financing.
• The International Tax Co-operation (Economic Substance) Act (2024 Revision) requires in-scope entities engaged in relevant activities to demonstrate adequate economic substance in the Cayman Islands, reinforcing international tax transparency standards.
• The Beneficial Ownership Transparency Act, 2023 (BOT Act), mandates maintenance of beneficial ownership registers for in-scope companies, ensuring transparency and accessibility to competent authorities.

The Cayman Islands regulates a broad spectrum of financial services through a well-defined, risk-based framework supervised by the Cayman Islands Monetary Authority (CIMA). The regime covers:

• banking and trust business, including deposit-taking and fiduciary services;
• company management and corporate services, such as registered office provision and directorship services;
• investment funds, including both open-ended and closed-ended funds, along with fund administration, investment management, advisory, and brokerage activities under SIBA;
• the insurance and reinsurance sector, encompassing domestic and international insurers, captives, managers, and brokers, all governed by the Insurance Act, 2010 (as amended); and
• money service businesses, such as remittance and currency exchange providers, under the Money Services Act (2024 Revision).

More recently, the Cayman Islands has extended regulation to virtual asset service providers, including digital asset exchanges, custodians, and token issuers under the VASP Act. CIMA is also the regulator for VASPs under that Act.

The Cayman Islands regulatory framework for financial services is comprehensive and there are few exemptions from the requirement to seek a licence or registration to carry out a financial service in or from within the Cayman Islands. The main exemptions can be found in the Securities Investment Business Act (SIBA), the Mutual Funds Act (MFA) and the Private Funds Act (PFA).

SIBA requires persons carrying out securities investment business via a legal person formed in the Cayman Islands or through a place of business in the Cayman Islands to seek a licence or registration from CIMA to carry out that activity. Exemptions are listed in Schedule 3 to that Act and in Schedule 2A.

Schedule 3 excludes numerous activities from the scope of the Act including:

• dealing in securities evidencing indebtedness;
• issuing, redeeming or repurchasing its own securities;
• disposing of treasury shares;
• buying, selling or subscribing for securities solely for risk management purposes (where other conditions are met);
• buying and selling securities in connection with the disposal of goods or supply of services;
• incidental activities;
• employe share or pension scheme;
• dealing in securities as principal; and
• giving advice on securities, provided other conditions are met.

Schedule 2A contains a list of persons who do not require a registration under the Act, namely:

• persons who participate in a joint enterprise with a person licensed or registered to carry on securities investment business;
• the Cayman Islands Stock Exchange, CIMA and public sector entities in the Cayman Islands; and
• a person carrying on securities investment business only in the course of acting as director, partner, manager, liquidator, trustee, receiver, executor or administrator of an estate provided that they are not separately remunerated for the carrying on of securities investment business.

The PFA also exempts certain activities from the requirement to register under that Act. These activities are listed in the Schedule to the Act and are referred to as non-fund arrangements. The list includes pension funds, securitisation special purpose vehicles, contracts of insurance, proprietary vehicles, employee incentive schemes, debt issues and debt-issuing vehicles, franchise arrangements, structured finance vehicles, preferred equity financing vehicles and funds listed on a stock exchange.

Finally, under both the MFA and the PFA, investment funds will be exempted from the requirement to seek a licence or registration if:

• the fund is not incorporated or established in the Islands;
• the fund makes an invitation to the public of the Islands to subscribe for investment interests via the holder of a licence under SIBA; and
• either (i) the interests of the fund are listed on a stock exchange recognised by CIMA or (ii) the fund is regulated in an overseas jurisdiction approved by CIMA.

The regulation of crypto-assets in the Cayman Islands is set out under the VASP Act, which brings businesses providing virtual asset services within the supervisory remit of CIMA. Virtual asset services include the issuance of virtual assets and the business of providing one or more of the following services or operations:

• exchange between virtual assets and fiat currencies;
• exchange between one or more forms of convertible virtual assets;
• transfer of virtual assets;
• virtual asset custody service; or
• participation in, and provision of, financial services related to a virtual asset issuance or the sale of a virtual asset.

All virtual asset service providers (VASPs) are required to either register with CIMA or seek a licence from CIMA. The licensing regime was recently introduced in April 2025 for higher-risk activities such as custody services and trading platform operations.

The new framework imposes enhanced standards for financial soundness, governance, risk management, and cybersecurity for licencees. Licensed VASPs must also appoint a minimum of three fit and proper directors, reflecting a higher standard than the minimum of two directors required in other sectors of the financial services industry.

In addition to the VASP Act, regulations made under that Act specify the criteria that CIMA uses to determine whether a sale of virtual assets is a sale to the public (which requires authorisation from CIMA). The criteria include whether the sale or offer of virtual assets is advertised, promoted or announced in the jurisdiction in a manner accessible to the public. The regulations also contain the information and fees required to apply for a licence or registration.

CIMA has also issued several regulatory measures, using its powers under Section 34 of the Monetary Authority Act, to regulate the business of virtual asset service providers. These regulatory measures include:

• a Statement of Guidance on Market Conduct;
• a Rule on the Obligation for the Provision of Virtual Asset Custody Services and Virtual Asset Trading Platforms;
• a Rule on Corporate Governance;
• a Rule and Statement of Guidance on Internal Controls;
• a Rule and Statement of Guidance on Cybersecurity; and
• a Statement of Guidance on Nature, Accessibility and Retention of Records.

VASPs also have to abide by the regulatory framework relating to countering financial crime, including the Anti-Money Laundering Regulations and the CIMA Guidance Notes on the Prevention and Detection of Money Laundering in the Cayman Islands.

The primary financial services regulator in the Cayman Islands is CIMA. CIMA draws its powers from the Monetary Authority Act. According to that Act, CIMA’s principal functions include:

• monetary functions relating to the issuance and redemption of currency notes, and the management of currency reserves;
• regulatory functions, including regulating and supervising financial services business carried on in or from the Cayman Islands and monitoring compliance with the Anti-Money Laundering Regulations; and
• co-operative functions, such as providing assistance to overseas regulators.

The Monetary Authority Act also empowers CIMA to issue regulatory measures such as rules, statements of principle and statements of guidance. Finally, the Monetary Authority Act empowers CIMA to issue administrative fines for breaches of Regulatory Laws, the Anti-Money Laundering Regulations and various rules issued by CIMA. In this regard, the Monetary Authority Act is supplemented by the Monetary Authority (Administrative Fines) Regulations.

As stated above, CIMA administers the Regulatory Laws. Each Regulatory Law contains CIMA’s powers in relation to that industry sector, including the powers to grant licences or registrations, collect annual fees, collect periodic returns, carry out on-site inspections and take enforcement action for breaches of regulatory requirements.

In addition to CIMA, several other bodies play key roles in maintaining regulatory integrity and compliance across the industry:

• The Department for International Tax Cooperation (DITC) oversees compliance with the Economic Substance Act and international tax transparency frameworks, including CRS and FATCA reporting. DITC acts as the Cayman Islands’ Competent Authority for CRS, administers entity registration on the AEOI Portal, and may impose penalties for non-compliance under the CRS Regulations.
• The Registrar of Companies (ROC) administers the incorporation and registration of companies, partnerships, and other entities, and maintains the beneficial ownership register. ROC enforces filing obligations under the BOT Act 2023 and ensures registered entities comply with statutory disclosure and reporting requirements.
• The Department of Commerce and Investment (DCI) supervises designated non-financial businesses and professions (DNFBPs), including real estate brokers, dealers in precious metals and stones, company formation agents, and independent directors, for compliance with AML/CFT requirements. All real estate agents and brokers, and dealers in precious metals or stones conducting business in or from the Cayman Islands, must register as DNFBPs.
• The Cayman Islands Institute of Professional Accountants (CIIPA) regulates the accountancy and audit profession under the Accountants Act (2024 Revision), issuing practising certificates, enforcing ethical and professional standards, and conducting quality assurance inspections. It is a professional and supervisory body, rather than a financial regulator like CIMA.
• The Legal Services Supervisory Authority (LSSA) oversees AML/CFT compliance and professional conduct within the legal sector under the Legal Services Act 2020, supervising law firms and attorneys conducting relevant financial business for adherence to client due diligence and reporting obligations. Like CIIPA, it is a professional oversight body rather than a financial regulator.

The rules, statements of guidance, and other regulatory measures issued by CIMA are published on its website.

Rules are enforceable; statements of guidance are not.

• CIMA Rules and Statements of Guidance (SOGs), Statements of Principle, Regulatory Policies and Regulatory Procedures: These set out mandatory requirements and best practices on matters such as corporate governance, internal controls, risk management, outsourcing, cybersecurity, market conduct, and the management of conflicts of interest. CIMA maintains both general rules applicable to all licencees and sector-specific guidance for, inter alia, banks, insurers, fund administrators, and securities firms.
• CIMA AML/CFT Guidance Notes (February 2024): These provide detailed guidance on CIMA’s expectations relating to the implementation of the Anti-Money Laundering Regulations. The Guidance Notes include explanations of CIMA’s expectations relating to risk-based customer due diligence, ongoing monitoring, and reporting obligations. The Guidance Notes are not directly enforceable; however, the courts may refer to them to assess whether a breach of the Anti-Money Laundering Regulations has occurred. The Guidance Notes may be found on the CIMA website.
• Cayman Islands Stock Exchange (CSX) Listing Rules: For entities listed on the CSX, these rules govern disclosure, continuing obligations, and corporate governance standards for listed issuers, particularly investment funds and debt securities. They can be found on the CSX website.
• DCI AML/CFT Guidance for DNFBPs: DCI issues AML guidance for real estate brokers, dealers in precious metals and stones, and company formation providers, aligning non-financial sectors with the same FATF standards applied to financial institutions, which may be found on the DCI website.
• DITC Guidance Notes and CRS/FATCA Manuals: These outline reporting procedures, definitions, and compliance expectations for entities subject to the Economic Substance Act and international tax information exchange frameworks, and are available on the DITC website under the relevant Framework section.
• CIIPA Guidance/Inspection Framework/Code of Ethics and Professional Conduct: CIIPA issues guidance and professional standards for the accounting and audit sector under the Accountants Act (2024 Revision). These include AML/CFT guidance for the accountancy profession, quality assurance and inspection frameworks, and ethical and professional conduct standards based on international (IFAC/IESBA) principles. Collectively, these instruments define CIIPA’s supervisory expectations for audit quality, AML compliance, and professional integrity across the accounting sector. They are found on the CIIPA website.
• LSSA AML/CFT Guidance for Legal Practitioners; CDD/Recordkeeping Guidance: So far, the LSSA has only issued informational or procedural notices and online statements, rather than prescriptive guidance. It is expected to issue directives, procedures, and guidance to help law firms and sole practitioners understand how to comply with AMLRs. The website states that AML Guidance will soon be available on the LSSA website.

The Cayman Islands has substantially implemented the Basel II and Basel III capital adequacy frameworks through CIMA. The Banks and Trust Companies Act allows CIMA to prescribe the rules relating to capital adequacy. CIMA has incorporated the key Basel III capital and liquidity standards into its prudential rules for banks. From 2010, upon the issuance of the Rules, Conditions and Guidelines on Minimum Capital Requirements (Pillar 1), CIMA has required a minimum capital adequacy ratio of at least 10% and a Tier 1 capital ratio of at least 6% for all banks, surpassing the Basel III requirements.

Other components of Basel III are already in force: the Leverage Ratio (effective 1 December 2019) was implemented through the Rule and Statement of Guidance on Leverage Ratio, while the Liquidity Coverage Ratio (LCR) and Net Stable Funding Ratio (NSFR) (effective February 2022) were implemented via the Rule and Guidelines – Liquidity Risk Management. 

Furthermore, effective 23 May 2025, CIMA issued a Rule on Domestic Systemically Important Deposit Taking Institutions (D-SIDTIs). This Rule requires all entities that have been designated by CIMA as being domestic systemically important deposit-taking institutions to maintain a capital buffer for higher loss absorbency purposes. The accompanying Regulatory Policy on Domestic Systemically Important Deposit-Taking Institutions sets out the criteria that CIMA will use to designate D-SIDTIs and calculate the capital buffer requirement. CIMA has a dedicated Basel II Plus/Basel III resource page on its website.

The Cayman Islands Stock Exchange procedures provide for a T+3 settlement cycle. However, trades on the Cayman Islands Stock Exchange are limited and, in practice, investments take place through securities markets in North America, where a T+1 settlement has been implemented.

There are no laws or regulatory rules yet in place to encourage ESG investments or greenwashing. In April 2022, CIMA released a supervisory issues and information circular on environmental, social and governance considerations. This circular is only for information purposes and does not have the force of law. In this circular, CIMA noted the need for investor education on ESG and for investment funds to be aware of ESG-related risks. CIMA has also amended its Fund Annual Return, an annual filing required to be made pursuant to the Mutual Funds (Annual Returns) Regulations and Private Funds (Annual Returns) Regulations, to add ESG as a primary or secondary investment strategy that can be employed by a fund. This change was effective 15 November 2023. Finally, in its Regulatory Update – January to June 2024, CIMA noted it is continuing its ESG efforts through its internal Working Group on climate risk and ESG risks.

To date, CIMA has not issued any official position, guidance or regulatory measure on the use of artificial intelligence.

The Virtual Assets Service Providers Act makes a provision for the issuance of a sandbox licence by CIMA. This sandbox licence regime is not yet in force. When it is activated, a sandbox licence would allow a person intending to carry out an activity connected with virtual assets to apply for a trial licence, for a period of up to one year. The Act allows CIMA to exempt a sandbox licencee from requirements that are otherwise applicable to licenced or registered virtual asset service providers or modify any such requirement. There have been no moves to develop a central bank digital currency in the Cayman Islands.

CIMA has not issued any specific initiatives for vulnerable retail bank customers.

The Cayman Islands participates in the Global Non-Bank Financial Intermediation (formerly known as “shadow banking”) working group hosted by the Financial Stability Board. The Cayman Islands carries out an annual assessment of non-bank financial intermediation activities in the jurisdiction, which are mainly represented by the funds sector.  Given the existing comprehensive regulatory framework in the Cayman Islands for this sector, which includes the regulation of investment fund activities, no proposals have been made to enhance the regulation of non-bank financial intermediation activities.

In the Cayman Islands, any person or entity wishing to carry on regulated financial services business must obtain licensing or registration from CIMA under the relevant statute before commencing operations. The procedure and level of scrutiny vary according to the type of activity, but the core process is broadly consistent across sectors except the funds sector.

It must also be noted that the auditor selected by a prospective licensee or registrant must be approved by CIMA pursuant to CIMA’s Auditor Approval Policy.

Non-Fund Authorisations

Applications are made directly to CIMA via its online REEFS system and must include a detailed business plan, ownership and governance information, due diligence on directors, shareholders and other persons in control functions, such as the money laundering reporting officer and anti-money laundering compliance  officer (including completion of a completed Personal Questionnaire), audited financial statements, and evidence of adequate systems for capital, compliance, and anti-money laundering controls.

CIMA assesses each application for fitness and propriety, financial soundness, and the robustness of internal controls before granting a licence or registration. Many regulatory laws state that CIMA cannot grant a licence if it is not in the public interest to do so. Moreover, CIMA can grant licences or registrations with or without conditions.

CIMA has issued the following regulatory measures to assist potential applicants with their applications for authorisation:

• Regulatory Policy on Licensing Banks;
• Regulatory Policy on Registration or Licensing of Virtual Asset Service Providers;
• Regulatory Policy on Licensing and Approving Money Services Business;
• Statement of Guidance on Licensing – Unrestricted, Restricted and Nominee Trust Companies;
• Statement of Guidance on Licensing – Company Managers and Corporate Services Providers;
• Regulatory Policy – Licensing for Class D Insurers;
• Regulatory Policy – Licensing for Class B Insurers;
• Regulatory Policy – Licensing for Class C Insurance Companies;
• Regulatory Policy – Licensing Insurance Companies;
• Regulatory Policy – Licensing Insurance Managers;
• Regulatory Policy – Licensing Insurance Brokers, Agents and Agencies;
• Regulatory Policy – Licensing Mutual Funds;
• Regulatory Policy – Licensing Mutual Fund Administrators; and
• Regulatory Policy – Licensing Securities Investment Business.

Fund Authorisations

In order to register an open-ended fund under the Mutual Funds Act or a private fund under the Private Funds Act, applicants must complete an application form on the REEFS portal. The application must also attach:

• the fund’s certificate of incorporation;
• a Fund Administrator’s Letter of Consent;
• the Fund’s Auditor’s Letter of Consent;
• Offering Document; and
• MLRO Application Form.

The application must be accompanied by the required fees.

In addition, all funds must appoint a local auditor (one with a physical presence in the Cayman Islands) pursuant to CIMA’s Local Auditor Sign-Off Policies (for Funds and Private Funds).

Post Authorisation

Once authorised, financial service providers (FSPs) are subject to ongoing supervision through prudential reporting, annual audits, and periodic inspections, and must obtain prior approval for any material change in ownership, management or business plan. In addition, many sectors, such as banks, insurance companies, securities investment businesses and company managers, are subject to continuing financial resource requirements. These regulatory requirements seek to ensure that all regulated entities meet the jurisdiction’s standards of competence, integrity, and sound governance, and allow licensees and registrants to operate in a fit and proper manner, on an ongoing basis.

The time required to obtain authorisation from CIMA depends on the type and complexity of the application. Straightforward registrations, such as private funds or mutual funds, are typically processed within one to three weeks once all documentation is complete. More complex licence applications, for banks, insurers, securities investment businesses, or VASPs, usually take between two and six months, depending on the responsiveness of the applicant and whether CIMA requests further information or amendments.

Application and annual fees are prescribed in the relevant regulations to each statute. These range from approximately KYD5,000–KYD10,000 for smaller licensees (such as company managers or insurance brokers) to KYD75,000 or more for banks and large insurers, with additional fees payable for registration of directors, controlled functions, or segregated portfolios. Registered entities, such as mutual funds and private funds, pay lower one-off and annual fees (generally between KYD300 and KYD4,000 depending on structure).

In practice, applicants should budget for two to six months to complete the licensing process and to meet both the CIMA application fees and the annual supervisory and renewal fees required under the relevant regulatory law.

Senior officers, directors, and controllers of regulated FSPs in the Cayman Islands are subject to oversight by CIMA. Under the relevant Regulatory Laws, these individuals must meet CIMA’s fit and proper standards of honesty, integrity, competence, and financial soundness. Applicants for key roles such as directors, shareholders with significant influence, and compliance or AML officers, must submit Personal Questionnaires (PQs) and undergo due diligence before approval. The Fitness and Propriety Assessment Process is described in CIMA’s Regulatory Policy and Regulatory Procedure on Fitness and Propriety. This process applies to directors or proposed directors of all entities except mutual funds registered or licensed under the Mutual Funds Act and registered persons under the SIBA.

Directors of mutual funds and registered persons under SIBA are required to register or be licensed under the Directors Registration and Licensing Act [Act 10 of 2014]. The registration process is available to natural persons who hold fewer than 20 directorship appointments, while natural persons who hold 20 or more appointments, as well as corporate directors, must seek a licence under this Act. CIMA monitors directors on an ongoing basis and may refuse, revoke, or condition approvals, ensuring that only suitably qualified and trustworthy persons manage regulated entities.

In relation to the liability of partners, directors and officers of regulated entities, the Regulatory Laws state that where an offence is committed by a regulated entity with the consent or connivance of a director or partner, or is attributable to any neglect on their part, the director or partner, as the case may be, also commits the offence and is liable to be proceeded against and punished accordingly.  Furthermore, the Monetary Authority Act allows CIMA to impose an administrative fine on a director, manager, secretary or similar officer of a body corporate for breaches of the regulatory framework if the breach was committed with their consent or connivance or was attributable to any neglect on their part.

Several reforms are expected to further shape the Cayman Islands’ financial services landscape over the coming year.

Regulations under the Proceeds of Crime Act related to the defence against money laundering regime (DAML) are expected to be issued. Those regulations would provide helpful guidance to industry on how they should operationalise the DAML regime, which came into force in January 2025.

The VASP Act (2024 Revision) has now entered its full licensing phase, and CIMA is expected to issue additional rules and conduct standards as the regime moves into full implementation, alongside the roll-out of the Sandbox Regime. In addition, in relation to the VASP sector, the  government is developing a legislative framework to accommodate tokenised investment funds, integrating digital issuance and custody within the existing funds legislation as opposed to the VASP Act.

CIMA is also expected to enhance the supervisory regime for credit unions and the Development Bank and issue further guidance on ESG, and to finalise a new rule on recovery and resolution planning for deposit-taking institutions and Class A (domestic) insurers and Class D (reinsurers) incorporated in the Cayman Islands.

Further refinements are expected under the Beneficial Ownership Transparency Act and associated regulations to enhance the clarity of the regime in respect of the information that should be provided in the beneficial ownership filing, the process for issuing restriction notices and who can access the information in the beneficial ownership register.

Finally, CIIPA is expected to update its guidance on AML/CFT compliance for the accounting profession in light of the upcoming Caribbean Financial Task Force Assessment of the Cayman Islands in 2027, and the LSSA is preparing to issue its first comprehensive AML/CFT guidance for the legal profession, completing the transition of AML supervision within the sector.