English
עברית
Français
Deutsch
Русский
Español
简体中文
日本語
Dutch
Türkçe
Language
English
עברית
Français
Deutsch
Русский
Español
简体中文
日本語
Dutch
Türkçe
Home
About us
About us
CV at a glance
Global reach
Pro Bono
What we do
Practice area
The team
Knowledge center
Insights & News
Client updates
Credentials
Doing business in Israel
Join us
Contact
Barnea Blog
© All rights reserved to Barnea Jaffa Lande Law offices

Together is powerful

Client updates
12 November 2024
by Andrey Yanai
Avihai Tal
         
Antitrust and Competition
Banking & Finance
Capital Markets
Corporate
Employment
High Tech
Infrastructure
Internet
Litigation
NPO
Private Clients
Real Estate
Regulation
Tax

EU’s New Guidance: Travel Rule to Combat Money Laundering in Crypto

The EU is continuing to shape the regulatory landscape in the crypto market

After the Markets in Crypto-Assets Regulation (MiCA) entered into force in June 2024, a significant step took place last July with the publication of the European Banking Authority (EBA) final Travel Rule guidance, as part of Regulation (EU) 2023/1113. This guidance can be expected to affect the activities of cryptographic asset service-providers (CASPs) in the European Union, including crypto exchanges, crypto wallet-providers, cryptocurrency issuers and intermediary CASPs.

 

What is the Travel Rule?

The Travel Rule is an international regulation designed to combat money laundering and the financing of terrorism by enhancing supervision over money transfers. The regulation was formulated by the Financial Action Task Force (FATF) and obligates financial institutions to retain and transfer identifying information about originators of money transfers and their beneficiaries for any money transfers exceeding a particular sum.

 

Regulation (EU) 2023/1113

The main objective of Regulation (EU) 2023/1113 is to align the EU legal framework with the FATF’s AML/CFT standards (anti-money laundering and combating the financing of terrorism), which now also applies to CASPs. The new regulation makes CASPs subject to the same AML/CFT requirements in terms of supervision and risk management as are imposed on credit institutions and other financial institutions. In order to implement these constraints, the regulation has authorized the EBA to issue appropriate guidance for imposing the Travel Rule on the crypto industry.

 

Following are several key rules and requirements that will come into effect on December 31, 2024 as part of the Travel Rule imposed on the crypto market in the EU:

 

No exceptions for minimum sums – all crypto transactions, regardless of the sum, must comply with the specified requirements. Unlike regular money transfers for which the scope of reporting depends upon the transaction sum and the geographic location, for crypto transfers, uniform reporting rules apply to every single transaction. And obviously, it makes no difference if at issue is a cross-border transfer, and this due to the fact that crypto-asset transfers are borderless by nature.

 

Personally identifiable information is compulsory – crypto transfers must include the name, address recorded on the blockchain (required only for transactions recorded on the blockchain) and the account number of the payor and of the payee, and additional information about the originator of the transfer, such as address and official ID number to enable a check against a sanctions list. For corporations, the guidance explains the rules concerning the information required from these legal entities.

 

Policies and procedures are compulsory – CASPs must implement policies and procedures to spot incoming transactions that lack the required information. These procedures include methods for detecting missing or incomplete information, methods for timely monitoring of transactions depending upon the magnitude of the AML/CFT risk, as well as criteria for identifying factors that raise the level of risk.

 

Transaction management – if a CASP detects a transaction that lacks information, it may choose to execute, reject, return or suspend the transfer, while implementing adequate risk management procedures. If it cannot reject the transfer – for example, if the crypto assets have already been received – then the receiving CASP must return the transfer to the sender. If the CASP cannot return the transfer to the source address, it must implement alternative measures, such as holding the assets in a secure account and coordinating with the sender’s CASP to arrange the return. In instances when the information, while incomplete, still enables unequivocal identification of the parties to the transaction, the receiving CASP can decide whether to execute, reject or return the transfer. If it decides to execute the transfer, the CASP must adequately document its rationale for allowing the transfer.

 

Reporting requirements – whenever a CASP finds that a counterparty has failed to provide the compulsory information, it should consider reporting non-compliance to its competent AML/CFT authority.

 

Requirements for self-custodial wallets – the obligations applying to transactions between a CASP and non-custodial wallets depend upon the transaction sum and whether the transaction involves a CASP customer or a third party:

  • Ÿ   Transactions of EUR 1,000 or less: the CASP must collect and retain specific information about the payor or the payee.
  • Ÿ   Transactions exceeding EUR 1,000 when the wallet-owner is a CASP customer: the CASP must verify the owner or controller of the wallet using at least one method from a defined list.
  • Ÿ   In relation to transactions exceeding EUR 1,000 when the wallet-owner is not a CASP customer, the guidance states that the obligation to verify the identity of the payor or the payee can be fulfilled by collecting additional information from other sources or by other appropriate means.

 

For more information and expert advice on crypto matters, please contact a member of our team.

Tags: crypto | Cryptocurrency