1.   When establishing the business continuity policy, including the plans, procedures and measures, crypto-asset service providers shall take into account elements of increased complexity or risk, including:

(a)	the type and range of crypto-asset services offered;

(b)	the extent to which the services of the crypto-asset service provider rely on permissionless distributed ledger;

(c)	the potential impact of any disruptions on the continuity of the crypto-asset service provider’s activities and availability of its services.

2.   For the purposes of paragraph 1, crypto-asset service providers shall conduct a self-assessment of the scale, the nature, and range of their services annually. Crypto-asset service providers shall base that self-assessment on the criteria set out in the Annex and any other criteria that the crypto-asset service provider considers relevant.