The fintech market in the Cayman Islands has continued to develop significantly over the past 12 months.
Technology Talent Pool
The Cayman Islands has cultivated a technology talent pool of experienced professionals and service providers. Its increasingly mature technology industry is playing a pivotal role in strengthening the financial services sector. The availability of skilled professionals has facilitated the growth of fintech companies and their innovative solutions.
Attractiveness for Fintech and Crypto Businesses
The Cayman Islands has positioned itself as an emerging hub for both fintech and crypto businesses. Its well-regarded financial services framework, coupled with robust technology infrastructure, attracts companies worldwide to domicile in the Cayman Islands.
Stable Political Environment and Tax Neutrality
The Cayman Islands’ stable political environment provides a conducive backdrop for fintech ventures. Its tax neutrality further enhances its appeal as a business-friendly destination for fintech start-ups and established players.
Challenges
While the fintech market in the Cayman Islands continues to make significant strides, there are several challenges which may impact it in the next 12 months:
AI
Artificial intelligence models continue to be regarded as a highly disruptive influence in financial services and associated processes, as investors and developers pursue innovation in this field. Adapting legal regimes to tailor specifically to the challenges and opportunities of AI would be a positive step to set responsible development and deployment parameters.
There are a number of verticals for new and legacy players, which include the following.
The financial services sector in the Cayman Islands is regulated primarily by CIMA. Key regulatory laws provide for a registration or licensing process whereby entities and individuals conducting regulated activity are required to obtain a registration or a licence from CIMA.
The key regulatory laws of the Cayman Islands (as amended, in each case) that could apply to an industry participant include:
CIMA holds significant supervision powers within the financial services industry across a number of key aspects.
There are no restrictions in the Cayman Islands on the compensation models that industry participants are allowed to use to charge customers. Compensation must be clearly disclosed to customers and not be charged in a manner that is misleading or deceptive.
The underlying regulatory regime for fintech industry participants is substantially the same as it is for legacy players.
The Cayman Islands offers a time-limited (up to one year) regulatory sandbox licence for both virtual asset service providers and fintech companies. This sandbox allows innovative services to be tested with certain restrictions without requiring a full licence. The primary aim of the regulatory sandbox is to facilitate innovation in a safe and responsible manner. It allows companies to experiment with new products, services, solutions, technologies, business models and policies. By providing a controlled space for testing, it encourages creativity and the development of cutting-edge solutions. CIMA assesses, monitors and supervises the innovative service, technology or method of delivery of a sandbox licensee with a view to ensuring that:
CIMA is the primary regulator in the Cayman Islands and has broad regulatory oversight of regulated entities in the Cayman Islands.
In performing this regulatory function, CIMA shall:
In addition, the Department for International Tax Co-operation is a department in the Ministry of Financial Services and Commerce. It is responsible for administering all of the Cayman Islands’ legal frameworks for international co-operation in tax matters, and for carrying out the functions of the Tax Information Authority, the Cayman Islands’ competent authority. The Tax Information Authority’s function is to collect information on tax matters and exchange that information with other Competent Authorities pursuant to relevant international agreements. Broadly speaking it covers supervision of:
Finally, the Office of the Ombudsman is the supervisory authority for data protection-related matters and is empowered to investigate, mediate and decide complaints under the Data Protection Act.
CIMA does not currently issue “no-action” letters.
While outsourcing is permitted to regulated or unregulated entities, CIMA emphasises that responsibility and accountability for effective oversight of all regulated activities, whether outsourced or not, rests with the governing body and senior management of the regulated entity. The recent Statement of Guidance (April 2023) applies to most entities regulated by CIMA. The Guidance applies regardless of whether the outsourcing arrangement established by a regulated entity is with a related or unrelated entity.
A regulated entity should assess the materiality of its outsourcing arrangements, and without limiting the scope of its assessments, should consider:
The extent to which fintech providers are deemed to be “gatekeepers” will depend on the nature of the platform. If, for example, the platform is unregulated and is merely a venue to share information, then it is expected that there would be little in the way of “gatekeeper” responsibility. If, however, the information being shared on the platform amounts to investment advice (either from the platform provider or between users of the platform) then the platform may be subject to licensing or registration requirements under SIBA.
CIMA may take action to enforce the requirements of the regulatory laws and other relevant legislation. Enforcement options available to CIMA include: (i) suspension of the licence of a licensee and preservation of its records, (ii) revocation of the licence of a licensee, (iii) requiring the substitution of a director, operator, senior officer, general partner, promoter, insurance manager or shareholder of the licensee (as applicable), (iv) appointing a person to assume control of the affairs of the licensee, (v) appointing a person to advise the licensee on the proper conduct of its affairs, (vi) applying to the Grand Court of the Cayman Islands for orders directing the winding up of the relevant entity, and (vii) the imposition of administrative fines.
There have been a number of enforcement actions in the recent past, including:
In relation to virtual asset service providers in particular, an action was commenced in January 2023 by Nexo Capital Inc. (“Nexo”) challenging the decision of CIMA to deny Nexo’s application for VASP registration. This dispute remains ongoing and is being closely monitored as the only action brought under the VASP Act thus far.
Key areas include the following.
Certain regulated entities (such as investment funds and licensed service providers) are required to appoint a local auditor and have their audited financial statement filed with CIMA on an annual basis.
While certain fintech businesses may not be doing “relevant financial business” (see 2.11 Implications of Additional, Non-Financial Services Regulations) they may determine to apply certain AML/CFT provisions to their business as a matter of best commercial practice although there is no regulatory oversight of those voluntary regimes for unregulated entities.
Generally, unregulated business lines would be separated from regulated business lines and run through separate legal entities. This is done:
Virtual asset service providers will be doing “relevant financial business” (see 2.11 Implications of Additional, Non-Financial Services Regulations) and will be required to comply with AML and sanctions rules. This requires them to perform KYC identity verification and (in some instances) source-of-funds checks on their customers. In traditional financial services industries, this has been the norm for many years – while for fintech companies this could impose significant additional regulatory costs, a loss of market share to unregulated entities in the Cayman Islands or in other jurisdictions, and a tension with their proposed business model and/or customer base. In addition, care should be taken with affiliates of virtual asset service providers, such as those facilitating real world asset tokenisation, as they may also be subject to anti-money laundering and sanctions rules even if they are not regulated as virtual asset service providers because they are deemed to conduct “relevant financial business”.
Unregulated companies providing technology services will generally not be doing “relevant financial business” (see 2.11 Implications of Additional, Non-Financial Services Regulations) and will therefore not be required to comply with the AML rules, however, the sanctions regimes will still apply and so some form of KYC is generally undertaken.
The anti-money laundering and sanctions rules in the Cayman Islands generally follow the standards imposed by the Financial Action Task Force (FATF). All Cayman Islands persons are required to observe Cayman Islands sanctions provisions (which are essentially the same as the sanctions provisions in the United Kingdom) extended to the Cayman Islands by statutory instruments. The list of sanctions regimes currently in force in the Cayman Islands is available on the Financial Reporting Authority website.
Under Cayman Islands law, there is no explicit reverse solicitation safe harbour, but as a general principle, the regulatory regime will only capture persons that have a Cayman Islands nexus (ie, either they are Cayman Islands persons or they are foreign persons soliciting business or marketing their business in the Cayman Islands).
Cayman Islands law does not expressly contemplate or regulate robo-advisers, although they could be regulated depending on how they are implemented. For example, if a robo-adviser platform was set up in order to provide investment advice on securities to its customers then it would be regulated as a securities adviser under SIBA.
It is difficult to determine whether legacy players are implementing solutions introduced by robo-advisers. However, it is not uncommon for crypto funds and high-frequency and algorithmic trading funds to be managed by entities that rely on proprietary robo-advice algorithms or licensed software.
This is not applicable in the Cayman Islands.
As a general matter, Cayman Islands law does not specifically regulate lending to individuals or otherwise, so there are no significant differences which vary with the nature of the borrower, save that the provision of lending business would likely fall within the scope of the AML Regulations as “relevant financial business” and which will consequently result in AML/CFT obligations on the lender. Such AML Regulations do not apply differently based on the category of the borrower. It is also important to note that lending could be considered a financing and leasing business under the economic substance regime of the Cayman Islands unless an exemption applies, and the jurisdiction does have laws regulating deposit-taking business (which could be used by some banking models as a source of funds for loans, see 4.3 Sources of Funds for Fiat Currency Loans for more detail).
The underwriting process is not currently dictated by regulation in the Cayman Islands. To the extent a lender is participating in underwriting under the laws of another jurisdiction, CIMA is likely to require such lender to be in compliance with the laws of such jurisdiction in relation to such underwriting.
The classic retail banking model of accepting deposits to fund lending is one of a number of different ways to raise funds. As there are no general prohibitions on the method a participant uses to fund its lending in the Cayman Islands, any method of raising capital could theoretically be possible (including through entering into or executing digital asset transactions, structured arrangements or more traditional financing methods).
P2P Lending
Peer-to-peer lending is not currently regulated in the Cayman Islands. Digital platforms offering decentralised finance operated by Cayman Islands entities are not regulated in the Cayman Islands (assuming that there is no exchange, transfer or custodying of virtual assets on such platforms).
Lender-Raised Capital
Borrowing through debt is not regulated in the Cayman Islands, although all entities should be aware of and comply with applicable sanctions regimes when receiving funds. Cayman Islands entities are also free to raise funds through issuing investment interests such as through shares (in the case of a company) or membership or partnership interests (in the case of a limited liability company or exempted partnership), although Cayman Islands entities should take advice on whether such arrangements are caught by the Private Funds Act or Mutual Funds Act of the Cayman Islands.
Capital Markets/Securitisations
The issuance of debt instruments (eg, bonds, notes and commercial paper) by a Cayman Islands entity is not a regulated activity in and of itself in the Cayman Islands. There are, however, other ancillary regulations which may apply including in relation to AML, data protection and sanctions.
Deposit Taking
Banking business in the Cayman Islands (which in summary is defined to mean the business of receiving and holding on deposits or other similar account money which is repayable and may be invested by way of advances to customers or otherwise) is regulated in the Cayman Islands and may require a licence under the Banks and Trust Companies Act under the supervision of CIMA.
At present, there is not a substantial market for the syndication of loans in the Cayman Islands, although as a general matter there is no regulation, prohibition or restrictions on loan syndication. The jurisdiction would welcome more syndication of loans in the future as more and more Cayman Islands lenders are established.
There are no specific prohibitions under Cayman Islands law on creating or implementing new payment rails. That being said, as further described in 5.2 Regulation of Cross-Border Payments and Remittances, payment processing is likely to be a regulated activity requiring licensing and supervision by CIMA. A grant of such licence involves CIMA approving the licensee’s proposed accounting processes and systems of business and may be subject to such conditions and requirements as CIMA may require (including in relation to the payment rails intended to be used by the payment processor). Any material change to the application and business plan approved by CIMA could trigger the necessity for prior consent and/or a re-examination by CIMA of the licensee’s business model. CIMA may refuse to grant or renew a licence if it is of the opinion that the person applying for the licence would fail to fulfil the obligations of a licensee under the law.
Banks are involved in cross-border payments in the ordinary course, but in addition, cross-border payments would constitute a “money services business” which is a regulated activity in the Cayman Islands pursuant to the Money Services Act. Money services business is defined as the business of providing any or all of the following services:
Section 4(a)(i) of the Stock Exchange Company Law provides that the Cayman Islands Stock Exchange has the sole and exclusive right to operate one or more securities markets in the Cayman Islands.
In contrast, a marketplace, exchange and trading platform for virtual assets is likely to be a “virtual asset trading platform” and regulated under the VASP Act.
Marketplaces, exchanges and trading platforms for securities versus virtual assets will be regulated in a different manner.
A securities trading platform is likely to be regulated under SIBA – although careful consideration would be needed as Section 4(a)(i) of the Stock Exchange Company Law provides that the Cayman Islands Stock Exchange has the sole and exclusive right to operate one or more securities markets in the Cayman Islands.
In contrast, a marketplace, exchange and trading platform for virtual assets is likely to be a “virtual asset trading platform” and regulated under the VASP Act.
The VASP Act came into effect in October 2020, and established a framework for regulating businesses providing virtual asset services (VASPs) in the Cayman Islands. This includes cryptocurrency exchanges which are regulated as Virtual Asset Trading Platforms under the VASP Act. VASPs need to register or obtain a licence depending on their business activities.
VASPs are also subject to AML and CTF regulations, which are designed to ensure transparency and combat financial crime. In addition, depending on the structure and activities of the exchange, other laws such as SIBA or the Mutual Funds Act might also apply.
The question of whether a decentralised (ie, DeFi) exchange will be regulated under the VASP Act depends on whether it falls into the definition of a “Virtual Asset Trading Platform”, which means a centralised or decentralised digital platform:
Having regard to the above, and given the fact that most decentralised exchanges do not hold custody of or control of virtual assets on behalf of clients to facilitate an exchange, it is generally expected that most decentralised exchanges will not be regulated under the VASP Act.
In relation to virtual asset trading platforms, the authority has the ability under the VASP Act to impose listing standards for virtual assets and has issued proposed listing rules in the context of a proposed conduct of business Rule (not yet finalised). Further, the VASP Act provides that a virtual asset trading platform is to assure itself that a virtual asset to be traded on the platform is not fraudulent or deceitful and is required to carry out reasonable due diligence on such virtual assets and their issuers.
In the context of a virtual asset trading platform, there are no detailed order handling rules. What governs are general requirements concerning fair treatment of clients (including disclosure rules).
In the case that a virtual asset service provider is a licensee under SIBA, it will be subject to various additional rules under SIBA and the Statement of Guidance relating to Client Understanding, Suitability, Dealing and Disclosure for Securities Investment Business. The Securities Investment Business Regulations establish guidelines for interactions with clients, necessitating that client agreements encompass specific details, such as transaction execution methods, and mandating the issuance of a contract note to the client under certain post-transaction scenarios. The Statement of Guidance complements the Regulations by providing additional directives for client interactions, safeguarding client order priority, prohibiting actions that may disadvantage client transactions, and enforcing fair and prompt allocation, along with timely and optimal execution.
Generally speaking, the VASP Act excludes platforms that merely connect buyers and sellers and do not hold custody of or control virtual assets. Nonetheless, peer-to-peer trading platforms can impact traditional market participants in various ways, such as through:
In addition, peer-to-peer trading platforms can impact fintech participants in various ways, such as through:
Regulatory challenges can include:
There are no specific rules relating to payment for order flow. The default is to the rules discussed in 6.5 Order Handling Rules.
In relation to virtual asset trading platforms, the authority has the ability under the VASP Act to impose market integrity standards and has issued proposed standards in the context of a proposed conduct of business Rule (not yet finalised). These standards go to the prevention of insider dealing, market manipulation and unfair trading practices.
As it stands, SIBA has two main focuses when it comes to upholding market integrity principles: preventing the creation of a false or misleading market and preventing insider trading. Committing either of these is an offence under SIBA. SIBA will apply to the provision of virtual asset securities if it falls under the category of “securities investment business” as defined by SIBA.
The creation of high-frequency and algorithmic trading strategies is not itself regulated – but the manner in which they are used could be regulated. As an example, a proprietary trader that has created and deploys their own high-frequency or algorithmic trading strategy will not be regulated – however if that same strategy is deployed by an investment fund it will be regulated – as a result of being an investment fund – rather than as a result of the investment fund deploying a high-frequency or algorithmic trading strategy.
A crypto market maker operating in a principal capacity will generally be outside the scope of the VASP Act.
Investment funds will generally be regulated pursuant to the Mutual Funds Act or the Private Funds Act, whereas dealers are generally regulated under SIBA.
The Cayman Islands regulatory regime does not regard investment funds as market makers.
Generally speaking, programmers who develop and create trading algorithms and other electronic trading tools will not be regulated – see for example 7.1 Creation and Usage Regulations. The manner in which the trading algorithms and other electronic trading tools are deployed will determine whether the activity is regulated – see again for example 7.1 Creation and Usage Regulations.
At present, there are no specific and material insurtech underwriting initiatives or developments in the Cayman Islands, but conditions are conducive for this to change given the efficiencies achieved in banking and financial services generally through utilising blockchain technology. It may only be a matter of time before the insurance sector also starts involving itself – the Cayman Islands has a significant insurance sector and a growing number of reinsurers are being licensed in the Cayman Islands.
In general, the Cayman Islands’ supervisory and legislative framework adopts international standards, but also has in-built flexibility to enable CIMA and licensees to apply requirements according to the nature, size and risk profile of licensees.
It may be useful to note that CIMA adopts a risk-based approach to regulating the insurance sector in the Cayman Islands. In particular, the Cayman Islands has elected not to seek Solvency II equivalency, which gives CIMA discretion to apply risk-based prudential standards, thus allowing insurers and reinsurers to implement their own internal regulatory capital model and structure their capital efficiently according to their risk profile.
The primary classes of insurance and reinsurance available in the Cayman Islands consist of (i) general insurance (which includes motor property damage and liability; crime; general liability; healthcare; hospital professional liability and physicians’ liability; marine and aviation; medical malpractice liability; product liability; professional liability; property; surety bonds; and worker’s compensation) and (ii) long-term insurance (which includes life; annuity; accident and health; and deferred variable annuities).
Any person carrying on insurance business, reinsurance business or business as an insurance agent, insurance broker or insurance manager in or from the Cayman Islands is required to hold a valid licence issued for that purpose under the Insurance Act. Amongst other things, each class of licence will have its own regulatory capital and liquidity requirements (which may be adjusted by CIMA following their assessment of the business model of the licensee).
Regtech providers may be regulated depending on their activities and whether they fall within the scope of a regulatory law in the Cayman Islands.
As an example, a regtech provider focusing on identity verification may not be regulated, but if that technology is deployed in the course of that provider performing an activity that is regulated (eg, mutual fund administration), then the regtech activity will be regulated.
Clear obligations with respect to timing of deliverables from the technology provider remain the key area of focus. Financial services firms seek to impose indemnification and liquidated damages provisions to assure performance and accuracy. These are primarily driven by industry custom.
In the financial services industry, there are a number of approaches being taken to implement blockchain – including:
The Cayman Islands was an early adopter of the FATF requirements for a virtual asset service provider regime.
Not all blockchain assets in the Cayman Islands will be regulated financial instruments.
The key classifications of blockchain assets cover:
The complexity and challenges in classification include (by way of example):
Issuances by investment funds will generally be subject to regulation pursuant to the Mutual Funds Act or the Private Funds Act.
No invitation (whether directly or indirectly) may be made to the public in the Cayman Islands to subscribe for debt securities unless the debt securities are listed on the Cayman Islands Stock Exchange.
The Cayman Islands, while considered progressive in this space, has a nuanced regulatory framework for “blockchain assets” and their issuance/sale.
The key legislation is:
Under the VASP Act an “issuance of virtual assets” or “virtual asset issuance” means the sale of newly created virtual assets to the public in or from within the Cayman Islands in exchange for fiat currency, other virtual assets or other consideration, but does not include the sale of virtual service tokens. A “virtual service token” is narrowly defined as a digital representation of value which is not transferrable or exchangeable with a third party at any time and includes digital tokens whose sole function is to provide access to an application or service or to provide a service or function directly to its owner.
Having regard to the above – generally speaking – most fungible blockchain assets will fall within the definition of a virtual asset service provider which will require the issuer – if formed in the Cayman Islands – to be regulated under the VASP Act. Additionally, if the blockchain asset meets the definition of a “security” under SIBA, additional SIBA licensing and prospectus requirements might apply. This requires careful analysis of the asset’s features and function.
The VASP Act regulates “virtual asset trading platforms” which means a centralised or decentralised digital platform:
If the secondary market trading of blockchain assets amounts to a “virtual asset service” under the VASP Act then it will not be regulated.
As noted in the definition of “virtual asset trading platforms” – trading in a peer-to-peer manner is not regulated.
The Cayman Islands does not currently impose any specific restrictions on staking per se. However, staking generally involves the process of depositing or locking up virtual assets and in return, participants earn rewards, which can be in the form of additional virtual assets or otherwise as may be agreed.
Where staking is undertaken by a person for their own account, it is unlikely to fall under a regulatory regime. However, if a person provides staking as a service to other persons, then they would need to carefully consider whether they fall within a virtual asset service under the VASP Act – in particular, the provision of custodial services or the provision of financial services related to a virtual asset issuance.
Additionally, the staking arrangement must be carefully assessed to ensure it cannot be characterised as a securities investment business under SIBA or relevant financial business under the Proceeds of Crime Act which could trigger AML/CFT regulations.
The nature of the tokens, the types of rewards being earned and delivered and whether the issuer of the tokens provides or delivers such rewards on its own tokens or if the rewards are provided by a third party or independent protocol could all be relevant to the assessment.
As a general matter, Cayman Islands law does not specifically regulate lending as a standalone activity, so there are no significant specific regulations applying to lending services relating to cryptocurrencies. However, the provision of lending business would likely fall within the scope of the AML Regulations as “relevant financial business” and which will consequently result in AML/CFT obligations on the lender. Lending can also be considered a financing and leasing business under the economic substance regime of the Cayman Islands unless an exemption applies.
Offering derivatives denominated or settled in cryptocurrencies that meet the test of a “security” under SIBA may be regulated if other requirements of SIBA are met and no exemption applies.
Virtual assets representing or convertible into derivatives could also be subject to SIBA.
The question of whether a decentralised (ie, DeFi) exchange will be regulated under the VASP Act depends on whether it falls into the definition of a “virtual asset trading platform” which means a centralised or decentralised digital platform:
Having regard to the above, and given the fact that most decentralised exchanges do not hold custody of or control of virtual assets on behalf of clients to facilitate an exchange, it is generally expected that most decentralised exchanges will not be regulated under the VASP Act.
Subject to limited exemptions, such funds will either be regulated as a mutual fund under the Mutual Funds Act (for open-ended funds) or as a private fund under the Private Funds Act (for closed ended funds).
While virtual currencies are not defined in the VASP Act – the VASP Act does define a “virtual asset” as a digital representation of value that can be digitally traded or transferred and can be used for payment or investment purposes but does not include a digital representation of fiat currencies. Having regard to the above, a digital representation of a fiat currency (essentially, legal tender) is excluded from the definition of a “virtual asset”, however, creating a cryptocurrency may be “relevant financial business” and an issuer of such an asset is likely to be subject to the AML/CFT regime in the Cayman Islands.
The VASP Act regulates a “virtual asset” – which means a digital representation of value that can be digitally traded or transferred and can be used for payment or investment purposes, but does not include a digital representation of fiat currencies. Generally speaking, an NFT will fall outside this definition although that will depend on the features and characteristics of the NFT itself. As an example, an NFT of a cartoon ape will (generally speaking) not be a “virtual asset” although an NFT of a bearer bond or other security is likely to be regulated not as a “virtual asset” but as a security under SIBA.
The same analysis applies to NFT platforms – in that a trading platform for cartoon ape NFTs will not be regulated, while a trading platform for NFT-wrapped securities will be regulated.
There are currently no regulations in the Cayman Islands with respect to open banking.
Banks and technology providers are subject to the Data Protection Act – although it does not specifically regulate open banking. Accordingly, banks and technology providers may look to collaborate to develop and implement best practices for data security and privacy in open banking.
In the Cayman Islands, the elements of common law fraud align with those recognised in England and other common law jurisdictions and generally include:
As an example, Section 255(1) of the Penal Code provides that a person who dishonestly, with a view to gain for themselves or another or with intent to cause loss to another (a) destroys, defaces, conceals or falsifies any account or any record or document made or required for any accounting purpose; or (b) in furnishing information for any purpose, produces or makes use of any account, or any such record or document as aforesaid, which to that person’s knowledge is or may be misleading, false or deceptive in a material particular, commits an offence and is liable to imprisonment for seven years.
In addition, knowingly or wilfully supplying false or misleading information to the Cayman Islands Tax Information Authority (TIA) is an offence.
While CIMA does not publicly rank specific types of fraud in order of priority, there are several areas where it has demonstrably focused its efforts:
Additionally, CIMA works closely with industry participants to stay informed about emerging fraud trends and adapt their regulatory approach accordingly, and they actively engage in public education initiatives to raise awareness about common financial scams and empower individuals to protect themselves. In addition, CIMA collaborates with international counterparts to share information and best practices in combating financial crime.
The extent to which a fintech service provider would be responsible for losses suffered by a customer would depend on a mix of applicable regulation, contractual provisions, and the circumstances in which the customer’s loss was suffered. The legal position for damages closely follows that of English law.
Service providers typically seek to place contractual limits on their liability in agreements with customers, often excluding any losses caused by the customer themselves or by third parties, and imposing a financial cap. Losses caused by the fraud of a third party will usually (whether expressly or implicitly) be caught within the exclusion of losses caused by third parties.
A service provider typically will not seek to exclude liability arising from its own fraud (or those acting on its behalf), but depending on the service may well seek to exclude all other types of liability.
Harbour Place, 2nd Floor
103 South Church Street
Grand Cayman
KY1-1106
Cayman Islands
+1 345 949 0699
+1 345 949 8171
jta@tta.lawyer www.traversthorpalberga.comThe Rise of Borgs and Artificial Intelligence: Key Trends Shaping the Cayman Islands in 2025
One of the most exciting trends of 2025 is the rise of artificial intelligence (AI) capable of autonomously managing crypto wallets and participating in decentralised markets. AI agents are likely to begin operating or verifying nodes in decentralised physical infrastructure networks, engaging in Web3 gaming, managing pools of assets and even running their own blockchain networks.
The rapid evolution of AI and blockchain technology is leading to a fascinating convergence, unlocking new possibilities and new legal challenges. Key issues include the legal personality and accountability of AI and how to apply regulatory sanctions, data privacy and compliance with anti-money laundering (AML) and countering the financing of terrorism (CFT) regulations. Additionally, there will be the question of how to incentivise or penalise AI to shape its behaviour in alignment with legal and ethical standards.
In this article, Travers Thorp Alberga identifies several key trends that are expected to shape these aspects of the AI and Web3 ecosystem in 2025. Such developments have important implications for the Cayman Islands, which has positioned itself as a leader in providing vehicles for blockchain and digital asset innovation and now to accommodate the integration of artificial intelligence.
What is an AI Agent?
The world has become increasingly familiar with AI chatbots such as ChatGPT, which can be fun and sometimes useful, but the next level of everyday AI goes beyond merely answering questions. For better or worse, and whether we are ready or not, AI agents are now capable of autonomously performing tasks on behalf of humans.
Major technology companies, including OpenAI, Microsoft, Google and Salesforce, have recently released or announced plans to develop and release AI agents. These innovations aim to bring newfound efficiency to technical and administrative processes across industries such as healthcare, robotics, gaming and finance.
Simple AI agents can be trained to reply to standard email enquiries, while more advanced ones can book travel and manage expenses. Google’s Project Mariner, for example, demonstrated how an AI agent can browse, analyse and interact with online content, such as adding items to a shopping cart while suggesting substitutions for unavailable ingredients.
AI agents function by perceiving an environment and taking action based on rules and goals. Some agents operate as simple reflex agents, reacting to immediate stimuli (eg, a smart thermostat adjusting temperature). Others, like robotic vacuums, are goal-based agents that adapt actions to achieve a pre-defined objective. More advanced AI agents use utility-based models, weighing multiple factors and risks before deciding on an optimal course of action.
Crucially, AI agents differ from chatbots and large language models because they are built to execute actions rather than just generate responses. OpenAI envisions a future where AI agents operate independently for extended periods, carrying out complex tasks without user intervention. As AI agents become more autonomous, they are increasingly being integrated into decentralised governance structures, including decentralised autonomous organisations (DAOs), where they can assist in executing governance decisions, automating treasury management, and enforcing smart contract protocols. The integration of AI into DAO models presents new opportunities for efficiency but also introduces legal and regulatory challenges, particularly around accountability and compliance.
Understanding Conventional DAOs
All DAOs are unique, but the common theme involves a community operating on a blockchain, with governance and decision-making processes managed through smart contracts. These organisations empower token holders to vote on proposals, theoretically ensuring a decentralised and democratic process. However, in practice, many DAOs have encountered significant hurdles, including centralisation tendencies, operational inefficiencies and most concerning of all, illegality and regulatory non-compliance. Notably, the Securities Exchange Commission, Commodity Futures Trading Commission (CFTC) and participants through the US courts have taken action against some DAOs (like the Ooki DAO – which operated a decentralised trading platform for margin and leverage trading and came under regulatory scrutiny when the CFTC charged it with operating an unregistered trading platform and violating Bank Secrecy Act (BSA) requirements – or the Lido DAO) highlighting the legal vulnerabilities DAOs may face.
A key legal issue in those cases was whether a DAO could be held responsible as a legal entity and whether DAO participants (often its token holders) could be liable for its actions. A critical concern is whether DAO participants function as partners in an unincorporated entity, exposing them to joint and several liability under partnership law. Privileges given to DAO participants, such as voting rights or governance actions, could be seen as managerial control, increasing regulatory risks. Both cases highlight the need, detailed in the UK Commission scoping paper on DAOs, for DAOs to utilise legal structures to mitigate liability risks. Regulators increasingly view governance participation as potential managerial control, raising concerns about unincorporated partnership liability.
Evolution of DAOs and Introduction to DAO Adjacent Entities (BORGs and Special Counsels)
To address the regulatory and operational challenges DAOs face, different kinds of legal vehicles have been implemented over the past few years. Initially, to address these issues, wrapped DAOs emerged, incorporating legal entities (often Cayman foundation companies) to provide liability protection and regulatory compliance. While this approach offers legitimacy, it compromises decentralisation. Partially wrapped DAOs take a middle ground, using legal structures for specific functions, such as treasury management, while maintaining decentralised governance. Meanwhile, DAO-adjacent entities interact with DAOs without being fully governed by them, providing legal, financial or operational support. Some employ “code deference”, linking legal decisions to DAO governance via smart contracts. In particular, DAO-adjacent entities known as “BORGs” and “Special Counsels” are becoming popular. Both enhance governance, accountability and regulatory compliance while preserving decentralisation.
BORGs
BORGs integrate autonomous technologies like smart contracts and AI, acting as intermediaries between DAOs and the traditional legal system. Notable features of a BORG include the following.
Special Counsels
Special Counsels serve as legal or advisory bodies that provide oversight and strategic guidance to DAOs. Notable features of a Special Counsel include the following.
Decentralised Autonomous Chatbots (DACBot)
Another significant emerging trend is the proliferation of DACBots – AI-driven agents capable of generating content, building online followings and managing assets in cryptocurrency without human intervention. As these autonomous AI entities become more sophisticated, they challenge traditional frameworks of identity verification, intellectual property rights and financial regulation. DACBot can engage with users on social media, generate content, interact with smart contracts and even negotiate transactions, creating a blurred line between human and machine activity in digital ecosystems.
Legal Considerations in Relation to AI
Whilst AI offers vast opportunities for automated business models and AI-driven innovation, it also raises critical regulatory and legal questions, such as the following.
A detailed analysis of the questions raised are beyond the scope of this paper. In essence, however, the better view is that AI by itself lacks legal personhood, meaning it cannot independently enter into agreements or hold legal ownership unless it is deemed to be an agent or extension of another legal person as principal. It is therefore advisable to incorporate a legal entity that can act as the principal for the AI (an “AI-Driven Entity”). An AI-Driven Entity can then form the basis to address some of the other legal and regulatory issues.
Using a Cayman Islands Foundation Company as an AI-Driven Entity
A particularly effective legal structure for an AI-Driven Entity is the Cayman Islands foundation company. Unlike traditional companies, such foundation companies do not require shareholders, allowing them to function with a governance model that can be tailored to an AI’s decision-making models. Key advantages of using such foundation companies include the following.
Governance of an AI-Driven Entity
Under Cayman Islands law, a company can have domestic or foreign corporate entities acting as directors, officers or authorised agents, but these corporate entities must ultimately be represented by a human who bears responsibility for its actions. However, as AI agents take on increasingly complex roles in managing digital assets and decentralised networks, directors overseeing AI-Driven Entities must be particularly mindful of their responsibilities. The duties of a director under Cayman Islands law are well-established and stem from both fiduciary obligations and the duty of care and skill. Directors may be expected to demonstrate a greater level of technological literacy to effectively manage AI-Driven Entities.
Regulating an AI-Driven Entity
As AI-driven corporate governance structures and AI-Driven Entities become more common, regulatory authorities in the Cayman Islands and around the world may need to introduce additional guidance on AI accountability, transparency and liability. This could include requiring AI-Driven Entities to maintain explainable decision-making processes, clear audit trails and responsible human oversight mechanisms, and to have regulators with technology teams capable of examining and stress testing the code, algorithms and programming of an AI’s makeup.
A useful model to highlight the issues would be to consider the Cayman Islands investment funds and structured finance industry, where some analogies can be drawn. A common framework in these sectors involves a special purpose vehicle (SPV) delegating investment management responsibilities to a regulated investment manager. The investment manager determines and executes investment decisions, while the SPV’s directors approve and provide ultimate oversight. In this structure:
Whereas there are some commonalities above which could apply to AI-Driven Entities, there are also some unique challenges.
Potential Uses for an AI-Driven Entity
AI agents could potentially be integrated into governance and operational structures of an AI-Driven Entity for the following uses.
Conclusion
The evolution of DAOs reflects an ongoing shift from purely autonomous, unstructured digital collectives to legally integrated and compliant organisational forms. This transition can be understood across three key stages: unwrapped DAOs, wrapped DAOs and DAO-adjacent structures.
In addition, the integration of AI and blockchain is reshaping financial services, governance and decentralised ecosystems, offering both unprecedented opportunities and regulatory challenges. As AI-driven automation becomes more prevalent in DAOs, BORGs, tokenisation and DeFi, the need for robust legal frameworks and oversight mechanisms has never been greater.
What is really fascinating is how AI deployment is beginning to mirror the evolution of DAOs – both initially emerging as unwrapped entities: DAOs operating purely on smart contracts without legal recognition, and AI agents acting autonomously without oversight or defined legal personality. Just as wrapped DAOs evolved to integrate legal structures, AI-Driven Entities are becoming necessary to ensure accountability, regulatory adherence and institutional acceptance.
The emergence of BORGs as a bridge between DAOs and traditional legal entities offers a promising solution for addressing accountability, risk management and operational stability in this evolving landscape. Additionally, forming AI-Driven Entities can help anchor AI into more familiar legal territory providing greater clarity and legitimacy. Cayman Islands entities, particularly ownerless foundation companies, provide a viable pathway for integrating both smart contracts and AI into their operation while maintaining necessary regulatory compliance and human oversight.
By anticipating regulatory developments and implementing governance best practices, the Cayman Islands can reinforce its position as a global leader in blockchain, AI innovation, and digital asset regulation – ensuring that both businesses and regulators stay ahead in this rapidly advancing area.
Harbour Place, 2nd Floor
103 South Church Street
Grand Cayman
KY1-1106
Cayman Islands
+1 345 949 0699
+1 345 949 8171
jta@tta.lawyer www.traversthorpalberga.com