The European Union’s Transfer of Funds Regulation (TFR) and the European Banking Authority’s Travel Rule Guidelines enforce strict compliance for Crypto Asset Service Providers (CASPs). These rules prioritise transparency and security in crypto transactions.
While originating CASPs manage deposit flows, beneficiary CASPs face the challenge of handling non-compliant incoming deposits without proactive blocking mechanisms. This article examines the critical responsibilities of beneficiary CASPs under the TFR, effective from 30 December 2024, and outlines strategies to address non-compliance effectively.
Mandatory Originator and Beneficiary Details for Crypto Transfers
The Transfer of Funds Regulation (TFR) establishes consistent obligations for crypto transfers, applying uniformly across all transactions, whether domestic or cross-border. CASPs must include detailed information about both the originator and the beneficiary, ensuring compliance with transparency and security standards.
Originator Details
- Name: Full name of the originator.
- Address: Full address, country, or a personal document number.
- Account/Wallet Identifier: Distributed ledger address or crypto account number.
- Additional Identifiers: Legal Entity Identifier (LEI) or equivalent, if available.
Beneficiary Details
- Name: Full name of the beneficiary.
- Account/Wallet Identifier: Distributed ledger address or crypto account number.
- Additional Identifiers: LEI or an equivalent official identifier, where applicable.
What Is the EU Travel Rule Threshold?
The EU Travel Rule has a zero-threshold policy, requiring compliance for all cryptocurrency transactions between CASPs, regardless of the transfer amount. Under the TFR, CASPs registered within the EU must adhere to these obligations once the regulation comes into effect. Whether the transaction involves a single euro or a larger sum, full compliance with the Travel Rule ensures transparency and reinforces anti-money laundering (AML) and counter-terrorism financing (CTF) measures in every crypto transfer.
Travel Rule Obligations in Deposit Transactions
Upon receiving a transaction, beneficiary CASPs must ensure compliance with the Travel Rule. They must establish effective procedures to identify and address missing information in incoming transfers. If critical data is absent, CASPs have the discretion to execute, reject, return, or suspend the transaction, depending on the assessed risk level. A proactive, risk-based approach ensures that all transfers meet regulatory standards while mitigating potential risks associated with non-compliant transactions.
Handling Non-Compliant Counterparties Effectively
When transactions lack required Travel Rule data, CASPs must carefully assess their relationship with the non-compliant counterparty. Repeated breaches of obligations necessitate enhanced due diligence and may lead to the termination of the business relationship. Additionally, CASPs should promptly report continued non-compliance to the relevant authorities, ensuring regulatory integrity and reducing the risk of reputational damage.
Navigating Self-Hosted Wallet Transactions Under the TFR
Transactions involving self-hosted wallets fall within the purview of FATF's Recommendation 16, with specific requirements depending on the transaction amount and wallet ownership.
Transactions Up to €1,000
For transfers of €1,000 or less, CASPs must collect and hold essential information about both parties. Verification is crucial and can include blockchain analytics and third-party data sources to confirm identities.
Transactions Over €1,000 for CASP Customers
When exceeding €1,000, CASPs must verify wallet ownership using at least two methods, such as sending predefined amounts, message-signing, or advanced analytics, as outlined by the EBA guidelines.
Transactions Over €1,000 for Non-CASP Customers
For third-party wallets, CASPs should verify ownership and apply risk-mitigation measures proportional to identified risks. This may involve identity verification and requesting transfer details, ensuring compliance and security.
When Do the Requirements of the EU Transfer of Funds Regulation (TFR) Need to Be Implemented?
The EU Transfer of Funds Regulation (TFR) came into effect on 9 June 2023 and will be applicable from 30 December 2024. This deadline means that all CASPs must ensure full compliance with the new rules by this date. Given the tight timeline, CASPs are implementing the necessary changes to meet these requirements, ensuring that all crypto-asset transfers comply with the TFR well before the deadline.
Simplify Compliance: KYCAID’s Solution for the Travel Rule
As the crypto landscape evolves with increasing regulatory demands, staying compliant with the Travel Rule becomes crucial. KYCAID offers an advanced solution designed to streamline data exchange during transactions. With tools for asset tracking, wallet authentication, and customisable regulatory workflows, KYCAID empowers CASPs to navigate the complexities of compliance efficiently.
