Estonia Implements Stricter Regulations for Crypto Service Providers

Estonia, recognized as one of the world’s most advanced tech societies, is tightening its grip on the cryptocurrency market. The government recently just approved a bill, set to take effect in 2026, that will make cryptocurrency service providers subject to the country’s Financial Supervision Authority.

As of 2021, nearly half of the world’s cryptocurrency service providers were hosted in Estonia, according to the Estonian television program “Aktuaalne kaamera”. While this number has dropped over the past years, the country continues to be the headquarters for many crypto-based companies due to the lack of targeted regulation.

Estonia is Taking the Reins

Estonia’s intention to tighten regulation on the crypto industry has been public knowledge for over two years. Now, with the Financial Intelligence Unit (FIU) redoubling its efforts to bring crypto companies under regulation, these will have to start to comply with standards similar to those followed by banks.

Matis Mäeker, head of FIU, told Estonian news outlet ERR that these new rules will bring these companies “under real financial supervision”. According to the enforcer, the limited requirement to comply only with anti-money laundering rules made it easy to harm customers in the long term. This was the case with several bankruptcies and cybercrime in the small nation.

Under the new law, operational and reporting requirements will be bolstered, with potential fines reaching as much as €5 million. This represents a substantial increase from the previous cap of €40,000 companies could face under the Anti-Money Laundering Act.

The Financial Supervisory Authority is expected to start issuing licenses in 2025, one year before the new legislation comes into force. Those companies that fail to comply and obtain the licenses will no longer be able to operate in the country.

Estonia’s Regulatory Journey

Estonia’s regulatory journey in the cryptocurrency domain dates back to the adoption of the Fifth Anti-Money Laundering Directive (AMLD5) by the European Union (EU) in 2018. This directive came as a response to the Danske Bank scandal, which saw the financial institution forfeit over $2 billion.

AMLD5 introduced anti-money laundering (AML) and know-your-client (KYC) requirements for cryptocurrency exchanges and wallet providers across the EU. This was designed to prevent Russian money from passing through the European banking system as the country tried to evade sanctions.

In March 2020, Estonia implemented amendments to the Money Laundering and Terrorist Financing Prevention Act, bringing crypto-related activities under the oversight of the FIU. These amendments mandated compliance with AML regulations, due diligence, and KYC practices, all practices that have become standard for other financial institutions.

Subsequent regulatory actions led to the revocation of licenses for over 1,000 crypto companies by the end of 2020. Regulators discovered that many registered crypto companies were not active, prompting concerns about Estonia’s reputation as an offshore jurisdiction and its potential economic losses.

Additionally, late 2021 saw Estonia’s parliament approve amendments preventing Virtual Asset Service Providers (VASPs) from providing anonymous services. The move was meant to increase transparency as the country continued to fight the perception of the nation as an offshore financial haven.

A Few Bad Apples

Despite the many actions that the Estonia government has taken to separate itself from bad actors using crypto, the country’s reputation was recently tarnished. Cryptocurrency exchange Garantex, which Europe’s division was originally registered in Estonia was found to be operating “like a hawala network”, helping the Russian government evade sanctions.

Similarly, Estonia has recently approved the extradition of two of its citizens to the United States, following their presumed involvement in a crypto mining scam scheme. The previous request has been denied due to procedural errors. Now, the two suspects will face the U.S. Department of Justice for their involvement in the HashFlare and Polybius Ponzi scheme.