DASP - AMF 2019-24

AMF DOC-2019-24 serves as a cybersecurity framework specifically tailored for Digital Asset Service Providers (DASP). Established by the Autorité des Marchés Financiers (AMF), this document outlines the criteria and procedures that DASP must follow to obtain enhanced registration or authorization, in compliance with regulations effective from January 1, 2024. It addresses crucial aspects like system resilience, information security against cyber threats, including electronic wallet breaches, data leaks, and denial-of-service attacks. 

The instruction also covers subcontracting responsibilities, the need for a comprehensive cybersecurity program, cyber risk assessments, data protection, and incident response protocols. This framework aims to ensure the reliability and security of operations and services offered by DASP, thereby enhancing protection against cyber risks within the digital asset ecosystem.