Review of Regulatory Updates and CySEC Circulars Quarter 1, 2025

1.What are the applicable circulars for CIFs?

Cyprus Investment Firms (CIFs) are financial entities regulated by the Cyprus Securities and Exchange Commission (CySEC). CIFs play a crucial role in providing financial and investment services across the European Economic Area. Under CySEC’s oversight, CIFs are required to adhere to strict compliance standards, including transparency, investor protection, and risk management, aligning with the broader framework of EU financial regulations such as MiFID II. 

During the first quarter of 2025, CySEC issued a total of 11 circulars relevant to regulated Cyprus Investment Firms (CIFs). These circulars address key regulatory areas, including Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT), Prudential Supervision, Cross-Border Activity, the Sustainable Finance Disclosure Regulation (SFDR), and the Markets in Financial Instruments Directive II (MiFID II). The following is a summary of the updates and obligations introduced through these circulars.  

AML/CFT: Strengthening Supervision & Engagement

CySEC’s emphasis on AML/CFT compliance remained strong with five circulars (C679, C685, C686, C687, C695) spanning guidance, consultations, and workshops. 

Notable updates include: 

• Circular C679: The EBA has launched a public consultation on draft Regulatory Technical Standards (RTS) that amend Commission Delegated Regulation (EU) 2018/1108. These amendments introduce criteria for appointing a Central Contact Point (CCP) by CASPs operating in other EU Member States. 
• Circular C685: Guidance from CySEC following thematic inspections highlights deficiencies in sanctions screening systems and recommends best practices for system tuning, real-time monitoring, and QA.
• Circular C686 & C687: FATF and EBA consultations urge regulated entities to engage in shaping the future framework of proliferation financing controls and AMLA mandates. 
• Circular C695: A joint EU workshop introduces the use of Open Source Intelligence (OSINT) to support sanctions enforcement against Russia. 

Action point for regulated entities: Actively participate in public consultations, upgrade screening mechanisms, and use CySEC’s guidance as a benchmark for ongoing improvements. 

Take note that the above circulars are also applicable for Funds and CASPs. 

Prudential Supervision: Enhancing Data Accuracy & Diversity Reporting

Two key circulars (C677 & C689) addressed critical supervisory expectations:

• Circular C677: Emphasizes timely resubmission of erroneous regulatory data as per EBA/GL/2024/04 guidelines. 
• Circular C689: Launches diversity benchmarking under EBA/GL/2023/08, requiring selected CIFs to submit gender pay gap data and diversity metrics via CySEC’s XBRL portal.

Action point for regulated entities: Promptly correct and resubmit any inaccurate data, ensuring all affected reports (regardless of type or frequency) are included, and that the resubmission fully complies with all validation rules. 

MiFID II & SFDR: Aligning with Sustainable Finance Regulations

ESMA’s sustainability push was reinforced via:

• Circular C680: Launches a supervisory action with national authorities to assess how CIFs integrate sustainability factors into client assessments, product governance, and advice. 
• Circular C683: Summarizes CIFs’ obligations under SFDR, the EU Taxonomy, and MiFID II amendments. 

Action point for regulated entities: Ensure disclosures comply with the SFDR Delegated Regulation’s templates and refer to latest ESMA Q&As. 

Cross-Border Activity and General Regulation: New Reporting Expectations

For Cross-Border activity regulation, we have one circular: 

• Circular C694: CIFs with >50 active retail clients in any EEA country must complete an updated cross-border activity questionnaire via an online ESMA platform. 

Under the General regulation, we also have one: 

• Circular C691: Inform CIFs of the quarterly statistics reporting obligation. 

Action point for regulated entities: CIFs must prepare and submit their quarterly statistics reports by the provided deadline and ensure they receive a feedback file with no error indication. 

2. What are the applicable circulars for Funds?

CySEC oversees a diverse range of fund management entities operating under EU and national frameworks, each serving distinct investor profiles and regulatory obligations. These include Alternative Investment Fund Managers (AIFMs), which manage large-scale AIFs; Small AIFMs, subject to lighter regulatory requirements; and Investment Managers of AIFs (IM AIF), which provide discretionary portfolio management to AIFs.  

Additionally, Cyprus hosts UCITS Management Companies (UCITS MC) and Investment Managers of UCITS (IM UCITS), focused on retail-oriented collective investment schemes. Other key entities include Alternative Investment Funds with Limited Number of Persons (AIFLNPs) and their Management Companies (AIFLNP MCs), tailored for a smaller number of professional or well-informed investors. Together, these structures reflect Cyprus’s growing prominence as a flexible and EU-compliant hub for investment fund management under CySEC’s regulatory oversight. 

During the first quarter of 2025, CySEC issued a total of 9 circulars applicable to regulated Fund entities, 5 of which are already covered under the AML/CFT section above. These circulars address key regulatory areas, including Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT), Alternative Investment Fund Manager (AIFM) Law, and European Systemic Risk Board (ESRB). The following is a summary of the updates and obligations introduced through these circulars.  

AIFM Law: Stronger Oversight on ESG & Internal Functions

• Circular C678: ESMA guidelines on ESG-related fund naming. 
• Circular C688: Launch of a Common Supervisory Action targeting the effectiveness of compliance and internal audit functions. 

Action point for regulated entities: Ensure that compliance and internal audit functions are adequately resourced, independent, integrated into governance, and supported by robust internal controls, with corrective actions taken as needed.  

European Systemic Risk Board (ESRB) and General Regulation  

• Circular C684: Data collection under the European Systemic Risk Board (ESRB) Recommendation 2022/0, aimed at assessing vulnerabilities in the commercial real estate (CRE) sector. 
• Circular C693: Informing the regulated entities of quarterly statistics reporting obligation. 

Action point for regulated entities: They must prepare and submit their quarterly statistics reports by the provided deadline and ensure they receive a feedback file with no error indication. 

3. What are the applicable circulars for CASPs? 

Crypto Asset Services Providers (CASPs) in Cyprus are regulated by the Cyprus Securities and Exchange Commission (CySEC). CASPs must be registered with CySEC and meet strict operational, governance, and transparency standards to ensure investor protection and market integrity. With the upcoming enforcement of the EU Markets in Crypto-Assets Regulation (MiCAR), CySEC continues to enhance its supervisory framework to align CASP oversight with evolving European regulatory standards. 

During the first quarter of 2025, CySEC issued a total of 7 circulars applicable to regulated CASPs, 5 of which are already covered under the AML/CFT section above. These circulars address key regulatory areas, including Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) and Markets in Crypto-Assets Regulation (MiCAR). The following is a summary of the updates and obligations introduced through these circulars.

Markets in Crypto-Assets Regulation (MiCAR) and General Regulation 

As MiCA’s operational phase nears, CASPs must gear up for: 

• Circular C696: Adoption of EBA & ESMA’s joint guidelines on assessing the suitability of management and shareholders.
• Circular C682: Electronic submission of RBSF-CASP (Version 2) required by 19 March 2025.

Action point for regulated entities: Adhere to the guidelines and submit the required report timely.

4. How can SALVUS assist you?

The SALVUS Regulatory and Compliance team brings a wealth of specialized knowledge and experience in navigating the complexities of licensing and regulatory compliance within the financial services sector. Our expertise extends across a diverse spectrum of business models, investment strategies, and operational objectives, allowing us to deliver customized licensing solutions that align seamlessly with your organizational goals. 

We act as a strategic partner and regulatory liaison, guiding your organization through every step of the licensing process—from initial consultation to final approval—by managing documentation, regulator communications, and compliance standards. Beyond licensing, we help establish a robust operational framework by supporting the formation of a qualified management team and advising on optimal resource allocation to ensure long-term compliance, growth, and efficiency. 

In short, the SALVUS Funds Licensing team provides a comprehensive, end-to-end service that simplifies complex regulatory processes, minimizes risk, and positions your firm for long-term success. 

Contact us at info@salvusfunds.com if you would like more information about our licensing services and supporting you with the reporting obligations. We are always ready to answer your questions and support you in achieving regulatory compliance. 

#StayAhead

Should you be interested to read more about relevant topics in the CySEC Circular, feel free to visit our earlier news and articles: 

• CySEC’s Circular C685: Guidance on Sanctions Screening Systems
• CySEC Circular C689 & Remuneration Diversity Form for CIF entities 
• CySEC issues Circular C700: DORA Reporting Requirements for Regulated Entities 
• CySEC Circular C700: Reporting Obligations of Regulated Entities under DORA 

The information provided in this article is for general information purposes only. You should always seek professional advice suitable to your needs.