LogoRegulatory Alerts
2023-02-03 | 130298

Procedure for Providing Services Related to Virtual Assets (Decision of the Board of NBKR dated February 3, 2023 No. 2023-P-14/8-2-(NPA))

The National Bank of the Kyrgyz Republic issued this Procedure to regulate commercial banks acting as virtual asset service providers (VASPs), establishing mandatory licensing, consent, and operational requirements. It mandates that banks restrict their virtual asset services to transfers, custody, management, control, and issuer-related financial operations while prohibiting direct trading or asset-to-asset exchanges. Furthermore, the document enforces strict compliance with anti-money laundering and counter-financing of terrorism rules, detailed record-keeping, real-time agent oversight, and standardized monthly reporting to ensure system stability and consumer protection.

National Bank of the Kyrgyz Republic logo

Kyrgyzstan

National Bank of the Kyrgyz Republic

Click to view thumbnail

Back Print Version Date created: 2026-02-12

Appendix to the Decision of the Board of the National Bank of the Kyrgyz Republic dated February 3, 2023 No. 2023-P-14/8-2-(NPA)

PROCEDURE for providing services related to virtual assets (As amended by the Decision of the Board of NBKR dated December 26, 2025 No. 2025-P-12/70-6-(PS))

  1. General Provisions

  2. Activities related to providing services concerning virtual assets constitute a licensed type of activity and are carried out based on a license issued by the authorized state body in the field of virtual assets (hereinafter - the authorized body) in accordance with the legislation of the Kyrgyz Republic concerning virtual assets.

  3. A virtual asset service provider (hereinafter - VASP) is a legal entity registered on the territory of the Kyrgyz Republic and providing as an entrepreneurial activity one or more types of services related to virtual assets, based on a license issued by the authorized body in accordance with the legislation of the Kyrgyz Republic concerning virtual assets.

  4. The National Bank of the Kyrgyz Republic (hereinafter - the National Bank) carries out regulation and supervision over the activities of legal entities under the supervision of the National Bank providing services related to virtual assets as VASPs, in accordance with requirements established by normative legal acts of the National Bank.

  5. Regulation and supervision over the activities of other legal entities providing services related to virtual assets as VASPs are carried out by the authorized body in accordance with the legislation of the Kyrgyz Republic concerning virtual assets and normative legal acts of the authorized body.

  6. This Procedure for providing services related to virtual assets (hereinafter - the Procedure) establishes minimum requirements for commercial banks (banks) when providing services related to virtual assets, in accordance with the Constitutional Law of the Kyrgyz Republic "On the National Bank of the Kyrgyz Republic", the Law of the Kyrgyz Republic "On Banks and Banking Activity", the legislation of the Kyrgyz Republic concerning virtual assets, and other normative legal acts of the Kyrgyz Republic.

  7. The scope of this Procedure extends to banks providing services related to virtual assets as VASPs.

  8. A bank may provide services related to virtual assets as a VASP upon obtaining the consent of the National Bank and receiving the corresponding license from the authorized body.

  9. A bank may provide only the following list of services related to virtual assets, in accordance with the established requirements of this Procedure:

  1. transfer of virtual assets;
  2. custody, management and control of virtual assets;
  3. provision of financial services related to the initial placement and/or sale of virtual assets by an issuer. A bank is prohibited from providing services related to virtual assets not provided for by the legislation of the Kyrgyz Republic and this Procedure, including:
  4. purchase and sale (exchange) of virtual assets;
  5. exchange between virtual assets.

  1. In case of a bank's violation of the requirements of this Procedure, the National Bank may apply enforcement measures in accordance with normative legal acts of the Kyrgyz Republic and initiate a procedure for suspension/revocation of the bank's license at the authorized body.

  2. Terms and Definitions

  3. Terms and definitions used in this Procedure are understood in the sense in which they are used in the legislation of the Kyrgyz Republic concerning virtual assets.

  4. Procedure for Obtaining National Bank Consent to Apply to the Authorized Body in the Field of Virtual Assets for a License to Carry Out VASP Activities

  5. To carry out activities as a VASP, a bank must obtain the consent of the National Bank. After obtaining the National Bank's consent, the bank submits an application for the issuance of a license to carry out activities as a VASP to the authorized body, in accordance with the requirements of the legislation of the Kyrgyz Republic concerning virtual assets and normative legal acts of the authorized body.

  6. To obtain the National Bank's consent to carry out activities as a VASP, a bank must submit a package of documents to the National Bank, including:

  • an application for consideration of the question of providing consent to carry out activities as a VASP, signed by the chairman of the board of the bank and sealed with the bank's seal;
  • a detailed extract from the minutes of the board of directors' meeting, which contains the board's decision authorizing activities as a VASP, as well as information that the board of directors has conducted a comprehensive analysis of the proposed operations and their impact on the bank's activities, and that risks associated with new operations have been identified by the bank based on a risk management service report - a certified copy sealed with the bank's seal;
  • an approved business plan of the bank for carrying out activities as a VASP, containing economic justification for the necessity of such activities, a marketing plan for implementing measures, forecasted economic calculations, and a risk management strategy;
  • the bank's organizational structure, revised in connection with the planned expansion of activities (if necessary);
  • forecasted profitability related to the proposed operations;
  • internal normative documents regulating the procedure for carrying out activities as a VASP and including elements of an internal control system;
  • rules and procedures regulating the procedure for ensuring information security (cybersecurity) and business continuity;
  • an internal control program, internal rules and procedures for financial monitoring, and other procedures aimed at preventing the financing of criminal activities and the legalization (money laundering) of criminal proceeds in accordance with the current legislation of the Kyrgyz Republic. (As amended by the Decision of the Board of NBKR dated December 26, 2025 No. 2025-P-12/70-6-(PS))

  1. The National Bank may conduct a readiness check of the bank for carrying out activities related to virtual assets.

  2. The term for the National Bank to consider an application for obtaining consent to carry out activities as a VASP is 30 (thirty) calendar days. The National Bank's decision to approve/reject the application for consent is made by the Deputy Chairman/Board Member overseeing banking supervision and licensing. The National Bank notifies the bank in writing of the adopted decision within 3 (three) working days from the date the decision is made.

  3. Documents submitted to the National Bank in accordance with this Procedure and containing more than one page must be paginated, bound, numbered, signed, and properly certified. If necessary upon the National Bank's request, individual documents must be provided in electronic form.

  4. The term for document consideration by the National Bank does not include time spent by the applicant on revising documents, as well as the verification term specified in paragraph 14 of this Procedure. If documents received by the National Bank do not meet the requirements imposed by the National Bank, the term for document consideration starts from the date of receiving documents that meet the imposed requirements.

  5. Additional/revised documents taking into account comments must be submitted to the National Bank within no more than 10 (ten) working days from the date of receiving documents for revision.

  6. Requirements for Banks Providing Services Related to Virtual Assets

  7. Services related to virtual assets are provided on specialized platforms.

  8. A bank may provide one or more services specified in paragraph 20, and/or under a contract with a VASP as an agent, in accordance with the requirements of this Procedure.

  9. A bank, holding a license from the authorized body in the field of virtual assets, may provide the following services:

  1. transfer (movement) of virtual assets (moving from one address or account of a virtual asset to another) on behalf and in the interests of the client through specialized platforms;
  2. responsible custody and/or administration (management) of virtual assets or the use of instruments allowing control over virtual assets. Custody, management and control of virtual assets must ensure the safety of virtual assets and/or instruments controlling virtual assets with the ability to independently move virtual assets in the interests and on behalf of third parties. A bank providing custody, management and control services moves virtual assets only if such management or movement is carried out in accordance with the instruction of the owner of the virtual asset;
  3. provision and/or participation in providing financial services related to the initial placement and/or sale of virtual assets by an issuer. A bank carrying out activities related to providing financial services concerning the placement and/or sale of virtual assets has the right to conclude transactions regarding the placement or sale of virtual assets on behalf, at its own expense and in the interests of the issuer.

  1. Conditions for the acquisition and transfer of rights to virtual assets may be expressed in accordance with smart contracts, pre-established algorithms and functions of distributed ledger technology and/or similar technology within which they are created, stored and circulated, provided this does not contradict the legislation of the Kyrgyz Republic.

  2. Relations between participants when providing services related to virtual assets are established in accordance with contracts concluded between participants, not contradicting the legislation of the Kyrgyz Republic.

  3. A bank must ensure a mechanism for storing and transferring virtual assets in the virtual asset wallet within the bank's software application or another mechanism/medium for storing and transferring virtual assets.

  4. Accounting for virtual assets must be maintained on specialized software capable of accounting for virtual assets, while for accounting purposes, the nature of operations performed must be taken into account.

  5. A bank must maintain separate accounting for virtual assets by each type (name) of virtual asset and by the holder of the virtual asset.

  6. A bank must ensure the safety of virtual assets transferred to it for custody by holders of virtual assets.

  7. When providing services related to virtual assets, a bank must comply with the requirements of the legislation of the Kyrgyz Republic concerning counteraction to financing criminal activities and legalization (money laundering) of criminal proceeds (hereinafter - AML/CFT). (As amended by the Decision of the Board of NBKR dated December 26, 2025 No. 2025-P-12/70-6-(PS))

  8. A bank must ensure confidentiality and storage of data on holders of virtual assets and operations conducted using virtual assets. Information on holders of virtual assets and their operations may be provided to third parties only in accordance with the legislation of the Kyrgyz Republic.

  9. A bank must take all necessary measures to protect the virtual asset database from unauthorized access.

  10. A bank is responsible for the safety and reliability of services provided related to virtual assets.

  11. A bank must have internal normative documents (regulations, policies, operational rules, procedures, etc.) regulating the process of providing virtual asset services, risk management (including information security), dispute resolution for erroneous or unauthorized operations, including AML/CFT aspects, and must ensure their compliance. (As amended by the Decision of the Board of NBKR dated December 26, 2025 No. 2025-P-12/70-6-(PS))

  12. A bank must ensure quality risk management related to its activities, which includes the distribution of responsibilities in the AML/CFT field and appointment of responsible employees from among management to ensure compliance with established requirements; continuous staff training; an internal independent audit service for verifying the proper functioning of the system. (As amended by the Decision of the Board of NBKR dated December 26, 2025 No. 2025-P-12/70-6-(PS))

  13. A bank must conduct customer due diligence in accordance with the legislation of the Kyrgyz Republic on AML/CFT. (As amended by the Decision of the Board of NBKR dated December 26, 2025 No. 2025-P-12/70-6-(PS))

  14. A bank must keep documents, data or information obtained and collected during customer due diligence up to date according to the term established in the legislation of the Kyrgyz Republic on AML/CFT. (As amended by the Decision of the Board of NBKR dated December 26, 2025 No. 2025-P-12/70-6-(PS))

  15. A bank must store records of operations and information obtained during customer due diligence, containing at least:

  • the sender's name (i.e., the client sending the transfer);
  • the sender's account number, if such an account was used during the operation (e.g., virtual asset wallet identification number);
  • the sender's physical (geographical) address or client identification number, date and place of birth;
  • the recipient's name;
  • the recipient's account number, if such an account was used during the operation (e.g., virtual asset wallet identification number);
  • detailed information on individual operations.

  1. A bank must provide the National Bank with information on services provided related to virtual assets no later than the 10th day of the month following the reporting month, in accordance with the form established in Appendix 1 to this Procedure.

  2. To expand the range of services provided related to virtual assets, a bank may engage other VASPs as agents based on a concluded contract and in accordance with the legislation of the Kyrgyz Republic.

  3. The National Bank, based on regular reports and during inspectorate checks, monitors compliance with operational rules and requirements of this Procedure.

  4. In case of license or permit revocation for carrying out VASP activities, as well as voluntary cessation of activities as a VASP, the bank must notify the National Bank no later than 3 (three) working days from the moment of cessation of activities as a VASP.

  5. Basic Requirements for Bank Agents Carrying Out VASP Activities

  6. To expand public access to services provided related to virtual assets, a bank may engage legal entities carrying out activities as VASPs as agents to provide on behalf of the bank only the following services:

  1. transfer of virtual assets;
  2. provision of financial services related to the initial placement and/or sale of virtual assets by an issuer.

  1. An agent on behalf of the bank may provide only those services related to virtual assets provided for in the contract with the bank, this Procedure and the legislation of the Kyrgyz Republic. An agent is prohibited from providing services related to virtual assets not provided for in the contract with the bank, this Procedure and the legislation of the Kyrgyz Republic.

  2. An agent must have internal normative documents (regulations, policies, operational rules, procedures, etc.) regulating the process of providing virtual asset services, including risk management (including information security), dispute resolution for erroneous or unauthorized operations, and must ensure their compliance.

  3. An agent must ensure proper risk management related to its activities, with a clear distribution of responsibilities in the AML/CFT field and appointment of responsible employees from among management to ensure compliance with established requirements; continuous staff training; an internal independent audit service for verifying the proper functioning of the system. (As amended by the Decision of the Board of NBKR dated December 26, 2025 No. 2025-P-12/70-6-(PS))

  4. An agent must conduct customer due diligence in accordance with the legislation of the Kyrgyz Republic on AML/CFT. (As amended by the Decision of the Board of NBKR dated December 26, 2025 No. 2025-P-12/70-6-(PS))

  5. An agent must ensure the bank has real-time access to information on holders of virtual assets and operations.

  6. An agent must ensure confidentiality and storage of data on holders of virtual assets and operations conducted using virtual assets. Information on holders of virtual assets and their operations may be provided to third parties only in accordance with the requirements of the legislation of the Kyrgyz Republic.

  7. An agent must take all necessary measures to protect the virtual asset database from unauthorized access.

  8. An agent is responsible for the safety and reliability of services provided related to virtual assets.

  9. The bank bears responsibility for services provided by agents related to virtual assets.

  10. A bank must provide the National Bank with information on agents providing services related to virtual assets no later than the 10th day of the month following the reporting month, in accordance with the form established in Appendix 2 to this Procedure.

  11. Final Provisions

  12. A bank providing services related to virtual assets must monitor compliance by holders of virtual assets and agents with the conditions of relevant contracts and the legislation of the Kyrgyz Republic.

  13. Disputes arising in the field of circulation of virtual assets are resolved in the manner established by the legislation of the Kyrgyz Republic.

Appendix 1 to the Procedure for providing services related to virtual assets

REPORT on the bank's activities when providing services related to virtual assets Bank Name Reporting Period: (DD.MM.YYYY) Name of Virtual Asset Number of Virtual Asset Wallets Volume of Virtual Assets (Number of Tokens) Volume of Transfers Conducted Using Virtual Assets Volume of Operations Related to Initial Placement and/or Sale of Virtual Assets by Issuer Total

Appendix 2 to the Procedure for providing services related to virtual assets

REPORT on the bank agent's activities when providing services related to virtual assets Bank Agent Name Reporting Period: (DD.MM.YYYY) Agent Name Name of Virtual Asset Number of Virtual Asset Wallets Volume of Virtual Assets (Number of Tokens) Volume of Transfers Conducted Using Virtual Assets Volume of Operations Related to Initial Placement and/or Sale of Virtual Assets by Issuer Total

Contacts Public Reception: +996 (312) 61-04-86, +996 (312) 66-90-15 ext. +1257, +1256 Consumer Protection Department: +996 (312) 66-90-15 ext. +1671, +1666 Report Corruption: +996 (312) 66-90-15 ext. +2120, +996 (312) 61-04-00 Auto-informer of Official Exchange Rates: +996 (312) 61-07-11 Numismatic Museum: +996 (312) 66-90-15 ext. +1232, +996 (312) 61-24-14 E-mail: mail@nbkr.kg Media Relations: press@nbkr.kg 720010, Kyrgyz Republic, Bishkek, Kievskaya St., 189

Share