The Situation
A Bogotá-based CASP was processing over USD 30 million per month in volume across BTC, ETH, and USDT pairs. The business had grown organically, built on a Colombian entity that had been invoicing customers directly for trading spreads.
As government oversight began signaling heightened scrutiny of virtual asset service providers in late 2024, the founding team faced a structural problem: their operating model created significant tax exposure and reclassification risk, while their AML/CFT procedures were insufficient for the regulatory review they anticipated.
The Core Problem
Under Colombian law, direct crypto-to-fiat conversions invoiced as service fees created a compound tax problem:
- GMF exposure: Each leg of a round-trip transaction (receive COP → convert → disburse) was potentially subject to the 4×1000 transactions tax
- VAT classification risk: DIAN had not formally excluded crypto services from VAT, leaving the company exposed to reclassification
- UIAF reporting gap: The company had limited procedures in place for virtual asset operations
What We Designed
Mandate/agency architecture
We restructured the operating model using an agency framework under the Colombian regulation. Under this structure:
- The exchange acts as agent executing transactions on behalf of clients
- Client funds in transit are not recognized as company revenue
- The company invoices only its spread/commission, reducing the taxable base and GMF exposure dramatically
This structure had been used successfully by other fintech operators in Colombia and was defensible under existing precedents.
Issuer/distributor separation
For USDT operations, we separated the stablecoin distribution function from the exchange function, creating two distinct operational flows with appropriate documentation — reducing regulatory surface and enabling cleaner UIAF reporting.
UIAF procedures
We designed a full virtual asset AML/CFT program including:
- Customer risk scoring for crypto wallet counterparty analysis
- FATF travel rule compliance protocol for transactions over thresholds
- UIAF filing procedures and system integration requirements
- Monthly self-assessment process aligned to anticipated regulation
Outcomes
Six months after implementation:
- GMF exposure reduced by approximately 70% through the new architecture
- No DIAN VAT assessment triggered in periodic review
- UIAF virtual asset reporting operational and current
- Banking relationships maintained with two tier-1 Colombian banks through the compliance period
The company subsequently expanded into Mexico using a similar structural blueprint adapted to CNBV's FINTECH Law framework.
This case study reflects the general nature of the engagement. Specific client details have been anonymized.
Want to discuss this topic?
Our advisors are available to help you navigate these challenges.