January 10, 2020 This is a critical deadline for all crypto service providers operating in the European Union.
This deadline is when EU member states will transpose the Fifth Anti-Money Laundering Directive (5AMLD). It is also when cryptocurrency exchanges and custodial wallet providers across the EU will be required to comply with regulatory anti-money laundering (AML) requirements for the first time.
This means service providers will have to carry out Know Your Customer (KYC) checks, monitor transactions and file Suspicious Activity Reports (SARs) with the police. In January 2020, failure to comply with these requirements will result in regulatory fines and penalties, or even the possibility of your business being shut down. Any crypto business that wants to thrive in Europe must take 5AMLD compliance seriously and take key steps to ensure successful compliance.
With just two months until the deadline, here are three concrete steps to get you started.
1. Secure all necessary registrations and licenses
5AMLD aims to create a standardized approach to crypto regulation across the EU. In practice, however, crypto regulatory frameworks across the bloc are likely to differ significantly from country to country as they implement 5AMLD.
Crypto companies need to be aware of these differences in regulation across Europe and prepare for any upcoming measures that could directly affect them.
Germany, for example, has proposed a rigorous licensing framework to authorize crypto businesses operating there, while France follows a licensing framework with options to choose from.
The Netherlands has indicated that it will only regulate crypto exchanges and custodial wallet providers, in accordance with the specific requirements of the 5AMLD. The UK, however, in light of the FATF’s extensive crypto guidelines in June, has made it clear that it will go beyond the 5AMLD requirements and oversee a much wider universe of service providers, including peer-to-peer ICOs and IEO issuers , crypto ATMs and others.
All crypto companies operating or providing services to EU countries must understand the specific local requirements in each country and ensure that they meet all relevant requirements that apply to them. Certain regulators, such as the UK’s Financial Conduct Authority (FCA), have already set out detailed deadlines and steps for registration, so be sure to check all relevant regulator websites for guidance on specific authorization requirements.
Failure to register or obtain the appropriate licenses in all jurisdictions in which they operate can pose problems for crypto businesses in the EU.
2. Carry out a risk assessment of your business
As we noted after the April 5AMLD breakfast briefing, proactive risk thinking is essential to ensure successful 5AMLD compliance. Money laundering, terrorist financing and sanctions evasion are among the risks cryptocurrencies face and must be combated directly.
Not understanding the typologies and risks that could directly affect your business could leave your business exposed to significant amounts of illegal activity, which in turn could lead to regulators knocking on your door.
For example, if your business faces sanctions risks and potential exposure to countries like Iran and North Korea, you need to make sure you have concrete solutions in place to counter those risks.
If you are unable to demonstrate to your regulator that you have the systems and policies in place needed to ensure you are prepared to mitigate the risks you face, you could face a visit from the regulator.
At Elliptic, we help crypto businesses conduct customized risk assessments that allow them to identify the threats most likely to affect their business and design proportionate controls to meet regulatory expectations.
3. Implement a robust blockchain monitoring solution for AML
Regulators around the world are increasingly looking to blockchain monitoring solutions like the ones we produce at Elliptic as a pillar of AML compliance for crypto businesses.
Block monitoring tools ensure that your business can identify high-risk or suspicious transactions, allowing you to mitigate your risk exposure.
At Elliptic, our blockchain analytics solutions enable customers to implement customizable risk rules, allowing you to undertake risk-based monitoring of customer activity as your business scales, and ensuring compliance with specific 5AMLD requirements.
Contact us to learn more about how we can help your crypto business successfully meet the challenge of EU 5AMLD compliance.
Compliance with Financial Services Regulations