Last week, Germany became one of the first European countries to require crypto businesses to comply with the FATF Travel Rule. While the Germany regulator may grant VASPs grace periods for up to one year - perhaps due to the lack of a viable, working solution — VASPs would need to take steps to ensure risk mitigation, such as the prevention of certain types of transfer.
In May 2021, an uptick in crypto crime triggered the German Federal Ministry of Finance (BMF) to publish a working ordinance draft bill, the Crypto Securities Transfer Regulation (KryptoTransferV). The ordinance draft bill lays down enhanced the due diligence requirements for the transfer of crypto values.
According to the Federal Ministry of Finance, crypto assets are increasingly used as a means of payment for illegal transactions via the ‘dark web’. Further, tracing crypto-asset transactions is severely hindered by the use of so-called 'tumbler' or 'mixer' services, which blend crypto assets from different sources.
In order to ensure that funds transfers are fully traceable and to prevent, detect and investigate money laundering and terrorist financing, Germany, on 29 September 2021 published KryptoWTransverV. The ordinance came into effect on 1 October 2021.
Here are some Important Highlights from the Crypto Asset Transfer Regulations.
Provisions of European Union’s Money Transfer Ordinance Will Apply to Crypto Value Service Providers with Necessary Changes
As per the KryptoWTransverV, Money Transfer Ordinance refers to regulation 2015/847 issued by the European parliament and council on the transmission of information on money transfers.
If crypto value service providers are involved in making the transfer on behalf of the payer then rules on the obligations of the payer’s payment service provider under Articles 4 and 6 of the Money Transfer Ordinance will apply to them with the necessary changes.
Crypto value service providers include those entities that carry out banking transactions, financial services, or security services in relation to crypto values. Article 4 of the Funds Transfer Regulation requires payment service providers to ensure that the transfer of funds is accompanied by the following information:
- For Payers - name, payment account number, address, official personal document number, customer identification number, date, and place of birth.
- For Payee's - name of the payee and payment account number
Information disclosure obligations for payment service providers laid down in Article 4, will now be applicable to crypto value service providers as well. Since the ordinance requires the payer/payee’s payment account number to be disclosed, then crypto value service providers may have to record the payer/payee’s blockchain address or public key.
As per Article 4(4) crypto value service providers will also have to verify the accuracy of the information provided by the payer/payee on the basis of documents, data, or information obtained from a reliable and independent source.
In line with the FATF, Germany has also set a threshold of Eur 1000 for implementation of the Travel Rule. With regards to Article 6 and Recital 16, Travel Rule will also apply to “batch transactions” where the asset appears to be linked to other transfers which together would exceed EUR 1000 or where there are reasonable grounds for suspecting money laundering or terrorist financing..
To Mitigate AML/CFT Risks German VASPs Must Collect, Store, and Verify the Name and Address of Non-Custodial Beneficiaries and Principles
VASPs are required to assess the risk of misuse for the purpose of money laundering and terrorist financing associated with risk transfer and take risk-appropriate measures to manage and mitigate the risks of money laundering and terrorist financing. To achieve this German VASPs are required to collect, store, and verify the name and addresses of non-custodial beneficiaries and originators.
As per the ordinance draft regulation, the information on the beneficiary or originator of crypto transfer must be collected and stored if the transfer is from or to an electronic wallet that is not managed by the crypto custodian (such as a self-managed electronic wallet or unhosted wallet). In this case, the Federal Ministry stated that imposing Travel Rule would be more effective than banning self-hosted wallets due to their cross-border nature.
Crypto Value Service Providers Required to Comply with Travel Rule Obligations by 30 November 2021
Obligated entities such as crypto value service providers who are unable to immediately comply with the Travel Rule obligations have to notify relevant supervisory authorities in accordance with Section 50(1) of the German Money Laundering Act by 30 November 2021.
They also have to provide justification for non-compliance by 31 December 2021. This justification should detail the reasons for the impediments faced in the implementation of the Travel Rule and the measures taken to remove the impediment. Timelines for the removal of such impediments should also be provided. Further, in the absence of travel rule compliance, crypto value service providers will be required to put in place other risk-appropriate measures. The justification will be subject to the assessment of the supervisory authority, who may decide whether or not an exemption period should be granted to the VASP.
Why Merkle Science
German regulators have placed an obligation on crypto value service providers to ensure strict and timely implementation of the Travel Rule, Merkle Science stands in support of the crypto value service providers as they gear up for implementation of the FATF recommendation.
With German regulatory bodies looking to strengthen their crypto regulatory regime, it is essential for crypto value service providers should proactively put robust compliance frameworks in place. Merkle Science’s highly customizable and easy-to-use platform provides VASPs with 360-degree compliance support. Our predictive cryptocurrency risk and intelligence platform set the standard for the next generation of financial safeguards and criminal detection. Merkle Science proprietary Behavioral Rule Engine allows users to tailor the tool according to VASP’s own risk policies based on the FATF standards so that businesses may stay ahead of emerging illicit activities and fulfill their local compliance obligations.