Implementation of the Transfer of Funds Regulation (TFR) timetable.
Currently, with AMLD5, cryptocurrency-to-fiat currency exchanges fall under the scope of EU anti-money laundering legislation, requiring exchanges to fulfill similar compliance obligations as financial institutions. In December 2020, AMLD6 came into effect, further tightening cryptocurrency compliance by including cybercrime in the list of money laundering predicate offenses.
In September 2020, the European Union began to proactively release the Digital Finance Package. Most comprehensive is the proposal for a regulation on "Markets in Crypto-Assets" (MiCA), aiming to create a fully harmonized European market for virtual assets by establishing a legal taxonomy for virtual assets and setting rules for issuers and service providers.
In July 2021, the European Commission introduced an AML Action Plan, envisioning the creation of an EU-wide AML supervisory authority to harmonize AML regulations across the 27 member states and expand anti-money laundering obligations to all Crypto-Asset Service Providers (CASPs).
On June 29, 2022, a preliminary agreement was reached between the European Parliament, the Council, and the Commission on the proposed revised Transfer of Funds Regulation (TFR). The purpose of this regulation is to implement Recommendation 16 (Travel Rule) of the Financial Action Task Force (FATF) – which previously only applied to traditional transfers – to virtual asset transfers involving CASPs in Europe. Therefore, the regulation applies to all CASPs operating in EU member countries without the need for local law implementation.
On the following day, June 30, 2022, an agreement was also reached on the MiCA regulation.
The difference between TFR and MiCA is that MiCA provides the legal framework for cryptocurrencies, including licensing regulations and definitions for Crypto-Asset Service Providers (CASPs), while TFR introduces the crypto travel rule into the European Union.
Finally, the European Union Parliament voted on the final versions of both documents on April 20, 2023, which are expected to come into effect in July 2023 with an 18-month transitional period before being fully enforceable in January 2025.
Both documents align with some additional points from their respective draft versions.
The European Union has chosen to use the term "Crypto Asset Service Provider" (CASP) instead of the Financial Action Task Force's customary designation "Virtual Asset Service Provider" (VASP).
What is the scope of the Travel Rule in the EU?
"Crypto Asset Service Provider" as defined in Article 3(1) of MiCA:
(8) "any person whose profession or business is the provision of one or more crypto-asset services to third parties on a professional basis;
(9) "crypto-asset service" means any of the services and activities related to a crypto-asset listed below:
(a) custody and administration of crypto-assets on behalf of third parties;
(b) operating a trading platform for crypto-assets;
(c) exchanging crypto-assets for fiat currency that is legal tender;
(d) exchanging crypto-assets for other crypto-assets;
(e) executing orders for crypto-assets on behalf of third parties;
(f) placement of crypto-assets;
(g) receiving and transmitting orders for crypto-assets on behalf of third parties
(h) advice on crypto-assets."
The regulation applies to "transfers of funds in any currency or crypto-assets sent or received by a payment service provider, a crypto-asset service provider, or an intermediary service provider (brokers and custodians) based in the European Union."
It does not apply to peer-to-peer (P2P) transfers. A "person-to-person transfer" is defined as "a transaction between natural persons acting as consumers for purposes other than trade, business, or profession, without the use or involvement" of a CASP. Examples include using cryptocurrency trading platforms and self-hosted wallet owners who transact on their own behalf - without any CASP involvement.
It also does not apply if "both the payer and payee are payment service providers or both the payer and payee are crypto-asset service providers acting in their own name." In other words, if the sender and the payee are payment service providers or a CASP acting in their own name, the Travel Rule does not apply.
Who is the regulatory authority for CASPs in the EU?
The competent authority of each member state
New EU AML Authority (AMLA) - planned to be established in 2023
What is the Travel Rule threshold in the EU?
0 euros
Every crypto asset transaction between two CASPs must comply with the Travel Rule. There is no transfer value exemption (de minimis threshold).
For all transfers, the originating CASP must provide the following information before or at the time of the crypto transfer:
- Name of the originator,
- Distributed ledger address of the sender,
- Crypto asset account number of the originator,
- Sender's address, including the country name, official personal identification number, and customer identification number, or alternatively, date and place of birth,
- LEI of the sender (if applicable or an equivalent official identifier).
- Name of the beneficiary,
- Distributed ledger address of the beneficiary,
- Crypto asset account number of the beneficiary,
- Beneficiary's LEI (if applicable or an equivalent official identifier).
Processing of personal data under this regulation should be in full compliance with the General Data Protection Regulation (GDPR). CASPs ensure that the transmission of personal data of the parties involved in a money transfer or transfer of crypto assets complies with the GDPR at all times. CASPs should take appropriate measures to protect personal data from accidental loss, alteration, or unauthorized disclosure.
Beneficiary CASPs are required to collect and store the aforementioned information and should implement effective risk-based procedures to determine whether a transfer should proceed without information, be rejected, returned, or suspended, and to take the appropriate follow-up actions.
Further guidelines on this will be published by the European Banking Authority (EBA).
Self-hosted wallets are included
Transfers to and from self-hosted wallets fall within the scope of the Transfer of Funds Regulation (TFR) when transactions involve CASPs. Therefore, CASPs must obtain the required information about the sender and recipient of the transfer, typically from the customer, when a self-hosted wallet owner sends or receives more than 1,000 EUR through a CASP.
When do you need to comply with the Travel Rule in the EU?
The MiCA and TFR texts were approved on April 20, 2023; the next step is the publication of the regulations in the Official Journal, which will most likely happen by June 2023, with the regulations coming into effect 20 days later.
CASPs have an 18-month grace period to implement their compliance regime before the Travel Rule comes into effect in the EU, expected to be in January 2025.
Further Reading
Information on money transfers and specific crypto assets
Markets in Crypto Assets (MiCA)
What are the regulations for the Travel Rule in the EU?
Comments
0 comments
Please sign in to leave a comment.