Blog

5AMLD: Implications for Cryptocurrency

James Efron
October 14, 2019
5 minutes read
5739

What is 5AMLD?

As part of the Action Plan against terrorism, the 5th Anti-Money Laundering Directive (5AMLD) proposed by the European Commission aims to address risks associated with virtual currencies and wallet providers. The proposal augments the 4th Directive in its efforts to enact EU rules designed to combat Anti Money Laundering (AML) and financing of terrorist activities (CFT).

The indication is of thorough regulatory change as digital currency exchange platforms and e-wallet providers are now required to comply with AML and CFT requirements. Collecting and monitoring customer data will be part of their compliance operations.

Under the new law, the general public will have access to beneficial ownership information of EU companies, and due diligence measures for financial flows from high-risk countries will be beefed up.

Cryptocurrency – Safe or Not?

Virtual currencies such as bitcoin provide efficient ways of data sharing and user interaction for a wide customer base. However, the inherent way in which cryptocurrencies are able to hide user identity opens up opportunities for suspicious transactions online.

This implies that authorities cannot trace the identity behind any kind of transaction, and financial transfers can therefore be concealed easily. The risk of such services being used by terrorist organisations looms large on the horizon, leading to strict scrutiny measures for the crypto realm in 5AMLD. Virtual currency remittance systems are also at the risk of being used for terrorist and illegal activity financing.

As safety of digital transactions dwindles, KYC for identity verification becomes an increasingly important part of the security equation. In contrast, at the very heart of cryptocurrency is the counter-intuitive idea of decentralisation that allows a user to create a disconnect between his identity and e-money. The key here is finding the middle ground between privacy and legality.

Currently, only a third of all businesses across Europe and the US perform background checks on their users. And this is about to change after the implementation of 5AMLD.

Before this commission, no other EU Laws were directed at monitoring digital currencies or e-wallets. Previously absent in 4AMLD, the new directive includes a definition of virtual currencies:

‘a digital representation of value that is not issued or guaranteed by a central bank or a public authority, is not necessarily attached to a legally established currency and does not possess a legal status of currency or money, but is accepted by natural or legal persons as a means of exchange and which can be transferred, stored and traded electronically’.

This covers a wide range of virtual money – coins, tokens, custodial wallets – to ensure that no form of electronic value escapes monitoring. Although the definition is all-encompassing, it is useful to note that it merely views cryptocurrency as a means of exchange online and not as assets, securities or commodities.

There is no clarification for ‘virtual currency exchanges’, but individual entities are identified as providing services between virtual and fiat currencies. Again, the scope of such transactions under AML/CFT compliance is unclear, and the commission almost overlooks crypto-to-crypto exchanges. For Initial Coin Offering (ICO) organisers, brokers and other platforms, this underscores the need for detailed checks under 5AMLD Compliance.

In this respect, the UK has warned against the use of crypto assets in illegal activities, and hinted at using a broader regulatory framework.

Next in importance to cryptocurrencies are e-wallets. A custodian wallet is explained by the law as:

“An entity that provides services to safeguard private cryptographic keys on behalf of their customers, to hold, store and transfer virtual currencies”.

Following this interpretation, a service provider shall not be liable under CFT/AML laws unless it holds the user’s private key. Obliged entities include centralised cryptocurrency exchanges such as Mist, Ledger Nano S and Trezor.

Under 5AMLD, previously unlicensed exchange services and e-wallet providers now need to be authorised through a registration process. This means that common AML practices such as customer due diligence, transaction monitoring, and fraud detection will need to become part of company compliance processes. Countries are obliged to create central databases, with complete lists of virtual currency users and their self-declaration forms.

As ironic as it may seem, cryptocurrency providers will collect, store and monitor information of customers, as well as any beneficiary owners that may be involved. For the purpose of AML/CFT screening, this puts an end to any anonymity in the currency space, and enables concerned national authorities to collect such data and verify it against relevant account holders.

The law also lowers the threshold for identifying users of e-money, to further empower Financial Intelligence Units (FIUs) by facilitating information exchange. In addition, when performing a KYC before a business relationship, the corresponding beneficial register in the EU must be accessed.

Onwards and Safer

After the 5th AML Directive of the EU is rolled out, crypto exchanges, e-wallets and trading platforms will require efficient identity verification processes and AML monitoring tools for enhanced customer experience.

For smooth sailing amid regulatory change, digital currency providers are better off adopting reliable KYC/AML/Customer Due Diligence and financial crime control strategies well in time. Cybercrime and terrorism need to be rooted out at source, and compliance officers must carefully identify their exposure to the risk of criminal activity. Keeping in view the products and services being offered, cryptocurrencies must conduct a risk assessment and take pre-emptive action against high-risk transactions and users.

Regulating cryptocurrency space will not be as easy as controlling its non-digital counterpart. Regulators, financial institutions and crypto providers equally face technical challenges in ensuring compliance of AML laws. Sharing relevant, open and transparent information, as well as establishing partnerships at each level, will, therefore, be central to the process of regulation and innovation.

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
Bank of Spain Issues New Cryptocurrency Regulations
What is 5AMLD?
Virtual asset service providers, banks, and other financial institutions are now required to register through the AML registry of the Bank of Spain

The Central Bank of Spain initially announced the registration process back in June, and on October 19, guidelines were published for financial institutions to follow. In August, an initiative to legalize cryptocurrency for insurance and mortgage was backed by Spanish lawmakers.

The registration process is aimed at preventing money laundering by requiring institutions to report their anti-money laundering measures, as well as reporting illicit activities like terror financing or crimes involving the personal information of their customers. According to the guidelines, all institutions dealing with money or providing assets in any form are obliged to submit registration details.

According to the Bank of Spain, these guidelines apply to “all individuals and institutions providing virtual currency exchange services” including trading and custody. The proposed obligations are applicable even to the banking institutions that have customers located outside Spain.

The Spanish Bank also stated that virtual asset providers are required to register “regardless of whether they are also registered in other administrative records in the Bank of Spain or other related authorities.” Although individuals can request registration via mail, they are advised to follow the electronic registry form.

Based on the statement from the Bank of Spain, institutional data will be analyzed for risk analysis while considering the types of clients and the countries in which their services are being provided. Moreover, the purpose of their corporate relationships must be defined along with products and operating volumes.

Additional requirements include documentation with the identification details of those in charge of the respective institution’s compliance regimes. Penalties of up to $11.6 million will be imposed on the individuals and firms that continue providing services without registration with the Bank of Spain.

Suggested read: AML Program Risks Highlighted by the Pandora Papers Scandal

5AMLD: Implications for Cryptocurrency

What is 5AMLD?

Cryptocurrency – Safe or Not?

Onwards and Safer

Five Technologies to Embrace For a Customer-focused Digital Experience

1- OCR Technology

2- NFC Verification

3- Video Interview KYC

4- Digital COVID Certificate Verification

5- Facial Biometric Authentication

Summing it Up

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.

5AMLD: Implications for Cryptocurrency

What is 5AMLD?

Cryptocurrency – Safe or Not?

Onwards and Safer

What does a Good Digital Experience Mean?

Five Technologies to Embrace For a Customer-focused Digital Experience

1- OCR Technology

2- NFC Verification

3- Video Interview KYC

4- Digital COVID Certificate Verification

5- Facial Biometric Authentication

Summing it Up

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.