EU AML Regulation Changes: New Requirements for Crypto Transfers

With the introduction of new rules associated with crypto transfers, the EU is attempting to better align crypto wire transfer rules with FATF

An effective anti-money laundering strategy is a crucial aspect for any organization within the financial sector.Money laundering can plague financial institutions and result in hefty fines or damaged reputations. The EU unveiled its largest AML package to date and is designed to help organizations limit the possibility of money laundering as well as limit its impact on the organization.

EU Commission Building (Source: Getty)

The EU’s package was originally unveiled in July of 2021 and consists of four legislative proposals that target four key areas: Introducing a single AML rulebook, new AMLA supervisory authority, FIU coordination and support mechanism, as well as new requirements for crypto transfers. In previous weeks we have covered three of the four key areas, introducing a single AML rulebook, a new AMLA supervisory authority, andFIU coordination and support mechanisms. This week we will cover the fourth and final area of the EU’s AML package, new requirements for crypto transfers.


New requirements for Crypto Transfers

With the introduction of new rules associated with crypto transfers, the EU is attempting to better align crypto wire transfer rules with those of the Financial Action Task Force (FATF).  

One major change to crypto transfers will be a crack-down on data collection in which prior to any transfer data must be provided that gives the originator’s name, address, and place, and date of birth, the data must also include the beneficiary’s name and account number.All of this information must be provided by the originator's Crypto AssetService Provider (CASP) and this data must be held for up to five years. This is intended to allow for any crypto transfer to be fully reliable and trackable. In addition, the beneficiary's CASP must verify that the beneficiary’s information is up to date prior to making any crypto-assets available to the beneficiary.

Throughout the process described above, if a CASP finds that there is any missing or insufficient information listed for the beneficiary their CASP must make a risk-based decision on whether to proceed with the crypto transfer. Regardless of whether the transfer is accepted or rejected the CASP will be required to report to AML/CTF authorities that there is missing information as well as the steps they are prepared to take in order to obtain the information.

Payment Service Providers within the scope of the EU will also be required to collect data on the originator and beneficiary of any crypto transaction, this data will include any legal entity identifiers for both the originator and the beneficiary.

Fortunately, these changes shouldn’t have a large effect on organizations as wire transfer regulations have existed for quite some time. Expanding data collection on both originator and beneficiary should be relatively easy for organizations to already existing AML practices.













More News Stories

February 13, 2024
The Digital Odyssey: Navigating Complexity and Triumphs in the Auditor's Tale

In the ever-shifting tides of modern business, the role of internal auditors has undergone a seismic transformation, navigating a labyrinth of complexity that rivals the twists and turns of a riveting thriller

Read story
May 22, 2023
Protecting Third-Party Data Within SaaS Solutions

Modern-day organizations have become increasingly reliant on various third-party software in order to operate effectively. The covid-19 pandemic and the newly blooming remote work environment brought a greater reliance on third-party software such as Microsoft Office or Salesforce

Read story
May 3, 2023
Is your Software Supply Chain Vulnerable to Cyber Threats?

It probably won't come as a surprise that modern organizations have had a growing reliance on various forms of software to operate effectively and efficiently

Read story