Back to All Articles

CrypTech Writings: EU agrees on landmark crypto regulation, MiCA, just day after hammering out decried, dreaded virtual value AML ‘travel rule’

EU flag and bitcoin leaning on a gavel

The skinny:

  • In our latest installment of the CrypTech Writings series, key thought leaders analyze what many are calling a landmark development in the European Union to create an expansive, creative and rigorous regulatory framework, including financial crime compliance duties, for crypto assets, service providers and virtual currency exchanges.
  • In a whirlwind 24 hours for the crypto world, European Union policymakers tackled two massive and entwined legal and regulatory initiatives: a broad overarching regulation covering the crypto asset sector and a thorny fincrime compliance tangle requiring virtual exchanges to capture and share customer details, called the “Travel Rule.”
  • This updated regulatory framework is designed to bring “clarity” and harmony across EU member states, making it more difficult for criminals and scofflaw exchanges to game anti-money laundering (AML) laws – and is a further bid to prevent the embarrassment of bloc bank examining authorities that have been excoriated in the face of multi-billion dollar Baltic and Nordic banking scandals.

The ACFCS CrypTech Writings Series offers key updates on crypto, fintech, compliance and related regulation ruminations, tips, trends and more

In our latest installment of the CrypTech Writings series, key thought leaders analyze what many are calling a landmark set of rules in the European Union to create an expansive, creative and rigorous regulatory framework, including financial crime compliance duties, for crypto assets, service providers and virtual currency exchanges.

In a whirlwind 24 hours for the crypto world, European Union policymakers tackled two massive and entwined legal and regulatory initiatives: a broad overarching regulation covering the crypto asset sector and a thorny fincrime compliance tangle requiring virtual exchanges to capture and share customer details, called the “Travel Rule.”

On Thursday, the EU Council presidency and the European Parliament reached a provisional agreement on the Markets in Crypto-Assets (MiCA) proposal, which covers issuers of unbacked crypto-assets, and so-called “stablecoins,” as well as the trading venues and the wallets where crypto-assets are held, according to EU officials.

To read the full release, click here.

This updated regulatory framework is designed to bring “clarity” and harmony across EU member states, making it more difficult for criminals and scofflaw exchanges to game anti-money laundering (AML) laws – and is a further bid to prevent the embarrassment of bloc bank examiners that have been excoriated in the face of multi-billion dollar Baltic and Nordic money laundering scandals.

“Recent developments on this quickly evolving sector have confirmed the urgent need for an EU-wide regulation,” said Bruno Le Maire, French Minister for the Economy, Finance and Industrial and Digital Sovereignty, in a statement.

His comment is a veiled nod to the much ballyhooed “crypto winter” that has seen many crypto coins plummet precipitously in recent weeks.

How much?

The most popular cryptocurrency, Bitcoin, has shed about 70 percent of its value since hitting an all-time high of roughly $69,000 in November, according to media reports.

“The entire crypto market is feeling similar pain,” according to CNBC, with the overall market capitalization of crypto assets dipping to less than $1 trillion from its November 2021 peak of $3 trillion.

Against this backdrop, EU lawmakers believe MiCA will “better protect Europeans who have invested in these assets, and prevent the misuse of crypto-assets, while being innovation-friendly to maintain the EU’s attractiveness.”

This landmark regulation “will put an end to the crypto wild west and confirms the EU’s role as a standard-setter for digital topics,” Le Maire said.

The Council adopted its negotiating mandate on MiCA in November.

Trilogues between the co-legislators started in late March and ended in the provisional agreement reached Thursday.

The provisional agreement is subject to approval by the Council and the European Parliament before going through the formal adoption procedure.

Man in front of city skyline and crypto world representation

After months of wailing, gnashing of teeth by critics, AML ‘Travel Rule’ arrives

On Wednesday, negotiators from the EU Council presidency and the European Parliament reached a provisional agreement on information accompanying the transfers of funds by extending the scope of those rules to transfers of crypto assets.

The introduction of this “travel rule” will “ensure financial transparency on exchanges in crypto-assets and will provide the EU with a solid and proportional framework that complies with the most demanding international standards on the exchange of crypto-assets,” according to EU officials.

The EU is “making it more difficult for criminals to misuse crypto currencies for criminal purposes,” by cementing recommendations 15 and 16 of the Financial Action Task Force (FATF), the global money laundering and terrorist financing watchdog.

The update “especially timely in the current geopolitical context,” according to EU policymakers, noting that with sanctions orchestrated by the EU, U.S. and its allies, against Russia for its war in Ukraine, leaky crypto portals can open evasion avenues for blacklisted individuals, corporates and regions.

To read the full release, click here.

At the heart of the AML travel rule, crypto asset service providers must collect and make accessible key details about the originator and the beneficiary of the transfers of crypto assets they operate – similar to what is done now by global banks for wire transfers.

When finalized, the new crypto exchange regime will “ensure traceability of crypto-asset transfers in order to be able to better identify possible suspicious transactions and block them.

One of the biggest sticking points for industry, though requires that the full set of originator information travel with the crypto-asset transfer, regardless of the amount of crypto assets being transacted as well as information capture requirements for crypto-asset transfers between crypto-asset service providers and un-hosted wallets.

Some of the key pain points, according to critics, is that an EU exchange could be dealing with a foreign exchange that did not have to collect such information.

The potential result: the transaction would be held up until a full AML know-your-customer or due diligence exercise is performed.

As well, there is no industrywide set of sharing standards and frameworks to capture, share and safeguard information, while also respecting privacy-conscious users drawn to pseudo-anonymous crypto transactions.

This is the case even though finding an answer to this dilemma has been a concerted effort by many of the brightest minds in the crypto world.

Overall, while not perfect, great progress has been made through such initiatives, including potential regulatory workarounds such as the “Travel Rule Information Sharing Architecture,” or TRISA.

Even so, EU lawmakers are forging ahead and believe they could be setting the pace for the rest of the world when it comes to fincrime crypto compliance.  

“This new regulation strengthens the European framework to fight money-laundering, reduces the risks of fraud and makes crypto-asset transactions more secure,” said Ernest Urtasun (Greens/EFA, ES), co-rapporteur for ECON, in a statement.  

“The EU travel rule will ensure that CASPs can prevent and detect sanctioned addresses and that transfers of crypto-assets are fully traceable,” he said.

“This regulation introduces one of the most ambitious travel rules for transfers of crypto assets in the world. We hope other jurisdictions will follow the ambitious and rigorous approach the co-legislators agreed today.”

This crypto travel rule proposal is part of a broader EU package of legislative proposals to bolster the bloc’s AML defenses, originally presented by the Commission in July 2021.

What many consider the centerpiece of the package is a proposal to create a new EU-wide authority to fight money laundering, currently spearheaded by the European Banking Authority (EBA).

The EU council agreed on the transfer of funds proposal in December. Trilogue negotiations started in late April and ended in the provisional agreement reached Wednesday.

Even so, the updates still need to be confirmed by the Council and the Parliament before it can be formally adopted by EU member states.

Parliament, Council and Commission are now working on the technical aspects of the text.

Thereafter, the agreement must be approved by the Economic and Monetary Affairs and Civil Liberties and Justice Committees and Parliament as a whole, before it can enter into force.

Here are some insights, analyses and guidance from current and former regulators, compliance officers and government investigators, culled from social postings, interviews and public comments.

Bitcoin currency with a red background

David Carlisle, Vice President of Policy and Regulatory Affairs at Elliptic, a blockchain analytics firm

To read the original post and be part of the conversation, click here.

David Carlisle Headshot

The past 24 hours must be the greatest 24 hours ever for #crypto compliance geeks.

Just now, EU policymakers reached an agreement on the gargantuan Markets in Crypto-Assets (MiCA) regulation.

Alongside last night’s approval to extend AML requirements to crypto transfers, the EU is set now to adopt one of the most comprehensive, some might even say stringent, #cryptoasset regulatory regimes in the world.

Here are some snapshots and key takeaways for fincrime compliance stakeholders:

Cryptoasset Service Providers (CASPs): Will have to meet fit and proper tests, undertake stress testing, and must safeguard customer funds.

EU Member states will be the main supervisors, but the European Securities and Markets Authority (ESMA) and European Banking Authority will have intervention powers to limit CASP activities.

CASPs will also have to meet the significant AML requirements under the Transfer of Funds Regulation, which I wrote about earlier today here: https://lnkd.in/ejhgVMc5

#Stablecoins: Under the provisions, stablecoin issuers will need to obtain authorization based on the nature of their arrangement, and will be subject to disclosure requirements do demonstrate they maintain fully backed, 1:1 reserves.

The deal will reportedly prohibit interest on stablecoin products, and will prevent stablecoins that are used for payment from becoming too large (i.e. no more than €200 million in transactions per day).

#NFTs: Are mostly set to be excluded from the scope of MiCA, except where ownership is fractionalized.

This is one of the items that was most up in the air over the past several weeks, so good to see that addressed – though imagine it will very much be a “case-by-case” situation in terms of assessing specific projects.

The European Commission has given authorities 18 months to come up with a more comprehensive regime for NFTs.

DeFi: As expected, the EU has kicked the can down the road for now on DeFi and lending, to be taken up further down the line.

A landmark day for crypto regulation in Europe. Whatever you think of the specific measures, a major acheivement to get such a mammoth piece regulation accomplished.

Measures are not expected to enter into force until early 2024, but time to start preparing now!

Cyber Blockchain image above Earth

Carlisle’s analysis of the EU AML ‘Travel Rule,’ also called the Transfer of Funds regulation:

To read the original post and be part of the conversation, click here.

Last night European policymakers reached a deal on applying the Transfer of Funds Regulation to #cryptoassets.

This will have major consequences for crypto businesses operating in the EU. While technical aspects of the text must be finalized and approved before they enter into force, the key provisions agreed last night are likely to stay.

So, what’s covered, and what does this mean for crypto businesses in the EU?

Travel Rule

All Cryptoasset Service Providers (CASPs) will need to comply with the Travel Rule and share relevant originator and beneficiary information for ALL crypto transfers, with no de minimus threshold.

This goes beyond the Financial Action Task Force (FATF)‘s Standards, which only require Travel Rule on transfers over EUR 1,000.

CASPs in the EU will need to ensure that they can comply with the Travel Rule for any transaction where the direct transfer is made to another CASP, and must also adhere to the EU’s General Data Protection Regulation #GDPR in the process.

That means having a reliable Travel Rule compliance solution in place, such as Elliptic partners Notabene and Sygna.

Verifying source of funds

Prior to making deposited funds available to their customers, CASPs must assess the source of funds.

They must also determine that they do not involve exposure to sanctioned actors, and must also check for indicators of money laundering and other illicit finance risks. CASPs should have a blockchain analytics capability that allows them to evaluate these risks.

Counterparty CASP due diligence

CASPs will need to conduct due diligence counterparty CASPs outside the EU.

The EU will publish a list of non-compliant and non-supervised CASPs that EU-based CASPs must not trade with.

This is where solutions like Elliptic Discovery (our database of information on more than 1,300 CASPs) come in, enabling CASPs to identify potential risk factors among counterparties.

Unhosted Wallets

The good news is that the EU backed away from a previous proposal to require that CASPs verify identities for all unhosted wallet transfers.

However, CASPs will still face stringent expectations when it comes to unhosted wallets.

The measures agreed yesterday will require that for any transaction with an unhosted wallet over EUR 1,000, a CASP must verify that the wallet is owned and controlled by their own customer.

This is aligned with the approach on unhosted wallets taken in Switzerland, where regulated entities must verify whether transfers to third party unhosted wallets are controlled by their customers.

CASPs will also need to assess the illicit finance risks for all transactions with unhosted wallets, and apply appropriate risk based due diligence measures. Again, blockchain analytics can help CASPs identify and manage risks.

Mining a bitcoin in a gold mine
Ari Redbord Headshot

Ari Redbord, Head of Legal and Government Affairs at TRM Labs, the blockchain intelligence company.

Prior to joining TRM, he was the Senior Advisor to the Deputy Secretary and the Undersecretary for Terrorism and Financial Intelligence at the United States Treasury

To read the original post and be part of the conversation, click here.

This has been a breakneck week in crypto regulation!

Hours ago, officials from the EU, after two years of debate and discussion, agreed on the landmark Markets in Crypto Assets (MiCA) legislation which covers unbacked crypto-assets, stablecoins, exchanges and other CASPs, and wallets.

Here is everything you need to know:

Consumer Protection:

“With the new rules, crypto-asset service providers will have to respect strong requirements to protect consumers wallets and become liable in case they lose investors’ crypto-assets. MiCA will also cover any type of market abuse related to any type of transaction or service, notably for market manipulation and insider dealing.”

Environmental:

Actors in the crypto-assets market will be required to declare information on their environmental and climate footprint.

Anti-Money Laundering:

“To avoid any overlaps with updated legislation on anti-money laundering (AML), which will now also cover crypto-assets, MiCA does not duplicate the anti-money laundering provisions as set out in the newly updated transfer of funds rules agreed on 29 June.” Check out yesterday’s post!

Stablecoins:

MiCA will protect consumers by requesting stablecoins issuers to build up a sufficiently liquid reserve, with a 1/1 ratio and partly in the form of deposits.

Every so-called “stablecoin” holder will be offered a claim at any time and free of charge by the issuer, and the rules governing the operation of the reserve will also provide for an adequate minimum liquidity.

“The development of asset-referenced tokens (ARTs) based on a non-European currency, as a widely used means of payment, will be constrained to preserve our monetary sovereignty. Issuers of ARTs will need to have a registered office in the EU to ensure the proper supervision and monitoring of offers to the public of asset-referenced tokens.”

Passportable Licensing:

“Under the provisional agreement reached today, crypto-asset service providers (CASPs) will need an authorization in order to operate within the EU. National authorities will be required to issue authorizations within a timeframe of three months.”

NFTs:

Non-fungible tokens (NFTs) will be excluded from the scope except if they fall under existing crypto-asset categories.

Within 18 months the European Commission will be tasked to prepare a comprehensive assessment and, if necessary, create a regime for NFTs and address the emerging risks of such new market.

Insights: The big picture

MiCA is a watershed for crypto regulation.

It is the first, comprehensive framework for digital assets. While regulation will evolve over time, MiCA will always be a major chapter in the way global policy makers moved to regulate a quickly emerging space.

See What Certified Financial Crime Specialists Are Saying

"The CFCS tests the skills necessary to fight financial crime. It's comprehensive. Passing it should be considered a mark of high achievement, distinguishing qualified experts in this growing specialty area."

KENNETH E. BARDEN 

(JD, Washington)

"It's a vigorous exam. Anyone passing it should have a great sense of achievement."

DANIEL DWAIN

(CFCS, Official Superior

de Cumplimiento Cidel

Bank & Trust Inc. Nueva York)

"The exam tests one's ability to apply concepts in practical scenarios. Passing it can be a great asset for professionals in the converging disciplines of financial crime."

MORRIS GUY

(CFCS, Royal Band of

Canada, Montreal)

"The Exam is far-reaching. I love that the questions are scenario based. I recommend it to anyone in the financial crime detection and prevention profession."

BECKI LAPORTE

(CFCS, CAMS Lead Compliance

Trainer, FINRA, Member Regulation

Training, Washington, DC)

"This certification comes at a very ripe time. Professionals can no longer get away with having siloed knowledge. Compliance is all-encompassing and enterprise-driven."

KATYA HIROSE
CFCS, CAMS, CFE, CSAR
Director, Global Risk
& Investigation Practice
FTI Consulting, Los Angeles

READY TO BEGIN YOUR JOURNEY TOWARDS
CFCS CERTIFICATION?