EBA Sets New Rules for Crypto Services to Combat Money Laundering

The European Banking Authority (EBA) has taken a significant step in strengthening the fight against financial crimes in the European Union by extending its Guidelines on money laundering (ML) and terrorist financing (TF) to include crypto-asset service providers (CASPs). This initiative reflects the growing recognition of the unique risks and challenges posed by the rapidly evolving crypto-asset sector.

CASPs, due to their nature, may be vulnerable to financial crimes, including ML and TF. The inherent risks associated with crypto-asset transfers, such as their speed and the potential for anonymity, necessitate robust countermeasures. The EBA’s new guidelines are designed to aid CASPs in identifying these risks and implementing effective strategies to mitigate them.

Guidelines Aim to Mitigate ML/TF Risks in the Crypto Sector

The amendments provided by the EBA offer CASPs a comprehensive, albeit non-exhaustive, list of risk factors to consider. These factors include customer profiles, the nature of the products offered, delivery channels, and the geographical regions of operation. By understanding these elements, CASPs can gain insights into their customer base and identify parts of their business that are more susceptible to ML/TF risks.

The guidelines also outline measures for CASPs to adjust their risk mitigation strategies. This includes the adoption of blockchain analytics tools, which can be instrumental in monitoring and analyzing crypto-asset transactions for suspicious activities. The EBA emphasizes the importance of a tailored approach, where measures are adjusted based on the level of risk assessed.

The EBA’s guidelines also address other financial institutions, such as banks and credit organizations, that have business relationships with CASPs or are directly involved with crypto assets. This extension is crucial because the interconnected nature of the financial sector means that vulnerabilities in one area can have far-reaching implications across the industry.

Financial institutions dealing with unregulated CASPs or those outside the purview of Regulation (EU) 2023/1114 are particularly at risk. Therefore, these new guidelines aim to harmonize the approach adopted by CASPs across the EU for implementing a risk-based anti-money laundering and counter-terrorist financing (AML/CFT) framework.

Compliance Timeline and Future Developments

The EBA has set a deadline for competent authorities to report on their compliance with the guidelines, which will be two months after their translation into the official EU languages. The amending Guidelines will be applicable from 30 December 2024, providing a timeline for CASPs and related financial institutions to align with the new regulatory framework.

In addition to these guidelines, the EBA is actively working on other regulatory measures. This includes guidelines for risk-based AML/CFT supervision of CASPs, consulting on guidelines to prevent the misuse of fund and crypto-asset transfers for ML/TF purposes (the ‘Travel Rule Guidelines’), and guidelines on internal policies and procedures for CASPs to comply with restrictive measures.