As was recently reported, the European Parliament is poised to vote on regulation pertaining to the Transfer of Funds that will impact crypto-assets.
The quote the European Commission:
“The anonymity associated with crypto assets, as well as their speed and global reach bring obvious risks of their being used for criminal purposes, especially cybercrime. Europol’s Internet Organised Crime Threat Assessment states that cryptocurrencies have become the default payment method for victim-to-criminal payments in ransomware, as well as criminal-to-criminal payments on the Darkweb. The Commission’s AML Package provides for the Revision of the 2015 Regulation on Transfers of Funds. The revised Regulation will extend the obligation of payment service providers to accompany transfers of funds with information on the payer and payee to crypto assets, giving effect to the Financial Action Taskforce (FATF)’s recommendation 16 on wire transfers and Recommendation 15 on virtual assets.”
The actual legislation is viewable here.
The current language has been deemed as nearly “unworkable” by some engaged in the digital asset sector.
Today, Global Digital Finance (GDF), an association representing digital asset firms, has distributed an open letter addressed to Members of European Parliament, expressing their concern about the proposal. The GDF letter is republished below, in its entirety.
Dear Member of European Parliament,
Re: Transfer of Funds Rule
I am writing on behalf of the members of Global Digital Finance (“GDF”), a leading global industry association that promotes the adoption of market standards for the use of crypto and digital assets, through the development of best practice and governance standards in a shared engagement forum with industry, policymakers and regulators.
I am writing to you in relation to the latest set of compromises in the Parliament for the Regulation on Transfer of Funds, which extends the obligation of payment service providers to accompany transfers of funds with information on the payer and payee to crypto assets, giving effect to the Financial Action Taskforce (FATF)’s recommendation 16 on wire transfers and Recommendation 15 on virtual assets. Having analysed the text, GDF wants to highlight:The need to take a proportionate approach on unhosted wallets
The need to reinstate the EUR 1,000 threshold and removal of blanket reporting to competent authorities
The need for an extension of the phase-in period
1. The need to take a proportionate approach on unhosted wallets.
In the latest draft of the Parliament text, compromises D and E suggest:
‘In the case of a transfer of crypto-assets made to an unhosted wallet, the provider of cryptoasset transfers of the [originator / beneficiary] shall collect and retain information referred to paragraph 1 and 2, including from its customer, verify the accuracy of this information’.
GDF is concerned with this measure. First of all, from a practical perspective, where the CASPs and the CASP customer is receiving a transfer from an unhosted wallet, it would not be possible to mandate the sender to provide the required information to satisfy this rule. Secondly, it seems inappropriate from the principles of data minimisation that CASPS be required to collect information on every unhosted wallet transaction, regardless of whether the activity is suspicious or not. At present, CASPs are required to assess AML / CTF risks under current rules and take the appropriate action to mitigate this, that would include transactions in unhosted wallets. This additional measure does not seem effective in mitigating risks.
GDF proposes that the European Parliament removes this requirement and instead seeks to implement a screening process whereby the CASP would need to run checks on the data provided by the customer by running it through AML / CTF databases and sanctions lists. In addition to this, GDF proposes that there can be a review after 12 months of this rule coming fully into effect, i.e. after the phase in period to assess whether requirements need to be changed.
2. The need to reinstate the EUR 1,000 threshold and removal of blanket reporting to competent authorities.
Compromise E in the updated Parliament text suggests that:
‘the provider of crypto-asset transfers shall maintain a record of all transfers of crypto-assets from unhosted wallets and notify the competent authority of any customer having received an amount of EUR 1 000 or more from unhosted wallets.’
GDF urges the Parliament to take a technology neutral approach. As highlighted above, CASPs are already subject to AML / CTF requirements and are obliged to file suspicious activity reports. By nature of the technology, the use of a distributed ledger means that transactions are recorded on a transparent, immutable ledger. This coupled with an ever-growing blockchain analytics industry helps the industry combat financial crime. Considering this, it seems disproportionate to include these more stringent requirements on the cryptoasset industry in comparison to traditional finance services.
GDF proposes that the Parliament reinstates the EUR 1,000 threshold for recording transactions and only require CASPs to report transactions which are deemed to be suspicious to the competent authority as per current processes.
3. The need for an extension of the phase-in period.
Finally, GDF welcomes the progress made within Compromise L of the latest set of compromises, where the phase in period is extended to 9 months with a view to ensure full compliance by 18 months after entry into force. However, should the measures above remain, GDF considers this to still be too short to make the necessary changes. It will take time for exchanges to implement the necessary system and controls to be able to collect, process, and report the information on unhosted wallets and there will need to be fundamental changes to the user journey. It should be noted that during this phase-in period, as per current AML / CTF requirements CASPs will still be conducting risked-based monitoring requirements.
GDF proposes that a period of 12 months for phase-in requirements and 24 months for implementation are put in place. This will give exchanges enough time to put in place the measures to deal with this.
All in all, GDF welcomes the AML package. However, there is a concern that the requirements highlighted above may lead to exchanges deeming it commercially unviable to engage with unhosted wallets; creating a de facto ban. This would not achieve the regulatory outcomes intended of this regulation. GDF urges the European Parliament to take the innovation-friendly, risk-based approach that it took when looking at strong customer authentication under PSD2. Here the Parliament acknowledged the advanced measures and techniques that the industry had developed to go above and beyond the traditional processes that the EBA requirements were looking to implement and edited positions accordingly. We ask that the Parliament take a similar stance here and GDF is happy to send a delegation of our global membership group to highlight processes that are already in place and that can be implemented.
As always, GDF remains at your disposal for any further questions or clarifications you may have, and we look forward to hearing from you soon.
Yours Faithfully,
Lavan Thasarathakumar
Director of Government and Regulatory Affairs, Global Digital Finance