The European Commission (EC) claims that it is not targeting non-custodial cryptocurrency wallets; however, their new set of legislative proposals would still have an impact on such users, in addition to having an overall negative impact on the nascent cryptocurrency industry as a whole.
Niklas Schmidt, a lawyer and partner with the Austrian law firm Wolf Theiss, told us that “in the context of an overhaul of the EU’s anti-money laundering rules, the European Commission – in a desperate power struggle – wants to tighten the thumbscrews on cryptoassets, such as Bitcoin (BTC).”
“Don’t kid yourself and don’t let yourself be lulled into sleep,” warned Compliance Advisor at Dutch bitcoin exchange Bitonic, Simon Lelieveldt.
Those proposing these rules would require any entity transferring cryptoassets, similar to what is already required for wire transfers – and this so-called “travel rule” was introduced by the Financial Action Task Force (FATF) in June 2019 and is currently being considered by the U.S. Congress.
Schmidt asserted that the European Commission now wants EU Member States to implement it in order to achieve complete traceability of cryptographic transactions.
CASPs (cryptoasset services providers), as opposed to VASPs (virtual asset services providers), are what he considers to be “typical of the EU’s bureaucratic approach,” according to him (virtual asset service providers).
According to Schmidt,
“In the long run, this rule – if adopted – would likely lead to a bifurcation between fully compliant (and thus very expensive) centralized crypto actors such as centralized exchanges (CEXes) and a parallel universe of non-compliance consisting of alternatives such as decentralized exchanges (DEXes).”
The limited scope with far-reaching impact
The proposal itself does not apply to peer-to-peer (P2P) transfers of cryptoassets nor to transactions involving a cryptoasset services provider (CASP) and an “unhosted wallet” (just a regular crypto wallet where a user is in control of the private keys).
Affected transactions include cryptoasset transfers involving CASPs and other businesses, such as various payment service providers.
However, if the proposal is implemented, cryptocurrency exchanges would still be required to report if a customer is sending cryptoassets to a “unhosted wallet” if they suspect that the transaction is fraudulent.
At the same time, a transfer from this type of wallet will not be accepted unless the customer has performed due diligence on the transaction.
AML regulations would apply to CASPs, which include crypto-to-fiat exchanges as well as crypto to crypto exchanges. As a result, CASPs would be subject to customer due diligence and would be required to report any suspicious transactions, whether they occurred during the course of a business relationship or during an isolated transaction.
Receiving cryptocurrency from “unhosted wallets” is included in this category.
It is stated in the proposal that a “preventive approach” will be taken in full compliance with the free movement of capital.
For the time being, the Commission considers it “appropriate” to develop a system that would require payment service providers and CASPs to include information on the originator and beneficiary of each cryptocurrency transfer.
According to them, this is done in order to “ensure the transmission of information throughout the payment or transfer of cryptoasset chain.”
Member States, on the other hand, should be able to exempt from this regulation certain domestic low-value transfers of funds, such as low-value transfers of cryptoassets, that are used for the purchase of goods or services, provided that the transfer can always be traced back to the payer / beneficiary.
The obligation to verify the accuracy of the information about the originator and the beneficiary should be imposed only on individual transfers that exceed EUR 1,000 (USD 1,188), unless the following conditions are met:
- the transfer appears to be linked to other transfers which together would exceed EUR 1,000;
- cryptoassets have been received or paid out in cash or in “anonymous electronic money”;
- there are reasonable grounds for suspecting money laundering or terrorist financing.
This is done so the efficiency of payment systems and crypto-asset transfer services wouldn’t be impaired, argues the proposal, and to “balance” the risk of driving transactions underground as a result of “overly strict identification requirements against the potential terrorist threat posed by small transfers of cryptoassets.”
‘A major intrusion on human rights’
“The EU is fully taking all FATF principles on board. While they technically may not prohibit self-hosted wallets the trick is to be found in the obligation under article 58 to verify and KYC [know-your-customer] the beneficiary of wallets,” Simon Lelieveldt told CoinNewsDaily.
He added that this is the same “trick” that the Dutch Central Bank (DNB) pulled in the Netherlands to achieve almost the same goal.
As reported in May, a court order obtained by Bitonic succeeded in forcing the DNB to scrap its controversial wallet verification requirement.
This is big time gallery play.
— Simon Lelieveldt (@finhstamsterdam)
The European Banking Authority (EBA) has been calling out DNB for frontrunning FATF rules, said Lelieveldt, emphasizing paragraph 54 of the 2020 interim report of the FATF, which reads:
“The launch of new virtual assets however could materially change the ML/TF risks, particularly if there is mass adoption of a virtual asset that enables anonymous peer-to-peer transactions. There are a range of tools that are available at a national level to mitigate, to some extent, the risks posed by anonymous peer-to-peer transactions if national authorities consider the ML/TF risk to be unacceptably high. This includes banning or denying licensing of platforms if they allow unhosted wallet transfers, introducing transactional or volume limits on peer-to-peer transactions or mandating that transactions occur with the use of a VASP or financial institutions.” [Emphasis added.]
The report update also notes that “denying licensing of VASPs if they allow transactions to/from non-obliged entities (i.e., private / unhosted wallets) (e.g., oblige VASPs via the ‘travel rule’ to accept transactions only from/to other VASPs).”
Therefore, per Lelieveldt, the EU is forcing beneficiary KYC for P2P wallets as for safe deposit boxes, “for which it doesn’t make sense.”
Providing further insight in his Twitter threads, Lelieveldt argued that the reason we ended up with the travel rule on banking and now crypto too is because it’s “a tool to avoid and duck proper applicability of legal duties by government entities that wanted to free ride big data without caring about privacy,” describing it as the government imposing ransomware onto its citizens and financial institutions.
He also called the EU package “a major intrusion of human rights,” arguing that that is the reason the European Data Protection Board (EDPB) sent the EC a letter on the protection of personal data in the AML-CFT legislative proposals last May.
The EDPB told Cryptonews.com that,
The EC “has taken due note of our letter and of the concerns expressed therein and we are confident they will strive to address them within the next steps of the legislative process.”
The legislative package will now be discussed by the European Parliament and Council. Also, the EC hopes that the new EU-level Anti-Money Laundering Authority (AMLA) should be operational in 2024. But it would start its work of direct supervision “slightly later, once the Directive has been transposed and the new regulatory framework starts to apply.” AMLA would be the central authority coordinating national authorities “to ensure the private sector correctly and consistently applies EU rules.”