Central Bank rules begin overhaul of Brazil’s crypto market

Companies in the sector are reviewing their structures, recalculating costs, and assessing whether they will have enough capacity to operate with their own license or whether they will need to team up with larger players to continue offering services in the country.

The deadline to apply for a license ends in late October. Until then, companies involved in intermediation, custody, infrastructure, tokenization, or other services linked to virtual assets will have to decide which business model they will follow under the country’s new regulatory framework.

Industry executives say the regulation provides legal certainty and tends to raise governance standards, but it also imposes a more expensive and complex transition than part of the market had expected. The main concern is the increase in regulatory costs.

For virtual asset service providers, known as VASPs, the new minimum capital requirements range from about R$10 million to R$37 million, depending on the activity. Before the Central Bank published the final rules, industry sources estimated that between 150 and 200 companies could seek authorization.

The current forecast is that not much more than 50 companies will file applications. Some companies are expected to seek partnerships, operate through licensed structures, assess mergers and acquisitions, or reduce the scope of their activities in the country.

Costs drive consolidation

For Julia Rosin, CEO of the Brazilian Association of Crypto Economy (ABcripto) and policy manager for Latin America at Coinbase, the sector already expected regulation to arrive, but some of the requirements ended up far from the expectations formed during the public consultations.

“Everybody knew the rules were coming, since we had public consultations. What happened were two things: some items came out very different from what emerged from the consultations, and problems were identified when companies started implementing the rules internally,” she said.

Rosin said the increase in regulatory costs has led companies to seek alternatives to make market entry cheaper, whether through the hiring of third parties, internationalization, mergers, or the sale of operations.

“You end up creating layers of complexity in the provision of a service because of the demand created by regulatory costs,” she said.

According to people familiar with the matter, the trend is toward concentration. Smaller companies are considering seeking investors, selling portfolios, signing agreements with larger companies, or operating through licensed structures.

At the same time, companies with more capital have begun strengthening areas such as compliance, risk, internal controls, regulatory legal teams, technology, cybersecurity, and auditing. Industry sources also report a shortage of professionals who combine experience in the regulated financial market with technical knowledge of blockchain and virtual assets.

Technology infrastructure has also become another focus beyond staffing. Companies report doubts about certifications, audits, security tests, contingency plans, and system validation.

Support structures

According to João Dunin, chief operating officer of Z.ro Bank, domestic and international exchanges have been looking for providers capable of offering infrastructure for Pix, Brazil’s instant payment system,, individualized accounts, segregation of funds, compliance, know your customer (KYC), procedures, and reporting to the Central Bank. “You regularize the crypto side, but there are also many little legs in the traditional fiat world,” he said.

Dunin said some companies are trying to avoid having to build a full local operation only to handle payments and regulatory obligations. “You will focus on your business. Your business is crypto. Pix transfers, reporting to the Central Bank, that stays in-house,” he said.

Dunin said he has noticed an increase in demand for this type of structure since the regulation was published. According to him, companies began reviewing their models before the final deadline to request authorization.

“We have a deadline. That deadline is October 29,” he said. “The Central Bank is defining the form of the audit, how it will work, evidence and so on. But to audit an exchange operation, it will take two months, maybe three, depending on the level of the audit.”

Among the points that still raise questions among companies in the sector are how information should be reported to the regulator, transition rules for certain services, requirements linked to certifiers, and integration with already regulated structures such as Pix.

For ABcripto, delays in resolving these issues could also affect the regulator itself.

“The longer they take to give these answers, the later people will apply. So they will have an overload of applications,” Rosin said.

Central Bank rules out step-by-step manual

On the Central Bank side, Gustavo Martins dos Santos, a representative of the Financial System Regulation Department said in an interview with Valor in early April that there will not be a detailed manual to guide companies through each step.

“There will be no manual. The rule sets out what is required in an open way, and we will deal with it case by case,” Martins dos Santos said.

He also said the required certification and controls help give the regulator greater confidence that companies seeking to operate in the market have minimum requirements in place.

“The problem when someone enters the market is this: they enter, but removing them is difficult. The administrative cost for society of removing someone from the market is very high,” Martins dos Santos said.

Even among sources critical of the transition design, there is consensus that regulation is necessary. The Central Bank’s entry is expected to raise standards for anti-money-laundering prevention, governance, information security, and accountability.