EU Council reaches provisional agreement on digital asset AML regulations

European Union policymakers have reached a provisional agreement on parts of the broad anti-money laundering package that will also impact digital assets, including provisions affecting self-hosted wallets.

The anti-money laundering (AML) regulation is part of an increased effort to combat sanctions evasion, terrorist financing, and money laundering, which was given an extra sense of urgency in light of recent revelations about Hamas’ financing through digital assets.

The provisionally agreed deal includes the creation of a single rulebook and the setting up of a supervisory authority—to be aptly known as the Anti-Money Laundering Authority (AMLA)—that will also have oversight of the digital asset sector.

“This agreement is part and parcel of the EU’s new anti-money laundering system. It will improve the way national systems against money laundering and terrorist financing are organised and work together,” said Vincent Van Peteghem, Belgian Minister of Finance.

The European Parliament and Council (which brings together finance ministers from the bloc’s 27 member states) agreed to several digital asset measures, including for firms to apply “customer due diligence measures when carrying out transactions amounting to €1,000 ($1,090) or more.”

The agreement coincided with the European Banking Authority (EBA) extending the bloc’s anti-money laundering (AML) guidelines to digital asset firms in the hope that it “harmonizes” the industry’s approach to fighting financial crime.

The seemingly tougher stance from the EU and its regulators on money laundering will “ensure that fraudsters, organised crime and terrorists will have no space left for legitimising their proceeds through the financial system,” said Van Peteghem.

Self-hosted wallets

The provisionally agreed deal also “adds measures to mitigate risks in relation to transactions with self-hosted wallets.”

These measures remain unchanged from those proposed in a policy package titled ‘the prevention of the use of the financial system for the purposes of money laundering or terrorist financing,’ which passed a first vote in the EU Parliament last March.

The package included several pieces of legislation requiring crypto-asset service providers (CASP) to apply the same rules as banks to verify the identity and data of their customers.

According to Article 58 of the draft document:

“Credit institutions, financial institutions and crypto-asset service providers shall be prohibited from keeping anonymous bank and payment accounts, anonymous passbooks, anonymous safe-deposit boxes or anonymous crypto-asset accounts as well as any account otherwise allowing for the anonymisation of the customer account holder or the increased obfuscation of transactions.”

The clause also stated that owners and beneficiaries of existing anonymous accounts or wallets “shall be subject to customer due diligence measures before those accounts, passbooks, deposit boxes or crypto-asset accounts are used in any way.”

It also included a clause that would apply “any additional enhanced due diligence (EDD) measures adequate to the level of risk identified” if one side of a transaction incorporated a self-hosted wallet.

EDD goes beyond verifying identity, including questions about sources of funds and wealth —similar to EBA guidance that implements the ‘Travel Rule’ and requires transfers to carry data about the sender and recipient.

However, one area that seems to have changed from the version passed in March 2023 relates to non-fungible tokens (NFTs), which appear to have been temporarily dropped from the regulation.

NFTs left out

The draft AML and CTF policy package, which passed its first parliamentary vote in March 2023, included the Markets in Crypto Assets (MiCA) regulation definition of a digital asset service provider. Specifically, custodial wallets, exchanges for digital asset to digital asset transactions or digital asset to fiat transactions, digital asset-trading platforms, and digital asset advising firms and portfolio managers.

In terms of the assets themselves, MiCA included asset-referenced tokens (including stablecoins backed by commodities or one or several currencies), E-money tokens (stablecoins backed by a single fiat currency), and other tokens such as utility tokens.

An amendment to the document noted: “NFT platforms are not covered by the current definition of crypto-assets service providers under Regulation (EU) 2023/… [the MiCA Regulation] because they do not provide services in crypto-assets that are fungible and non unique. In order to close that gap and mitigate the associated risks of money laundering and terrorist financing, NFT platforms should therefore be included in the horizontal AML/CFT framework as a separate category of obliged entities.”

However, this paragraph on NFTs was removed in the AML regulation provisionally agreed on by the EU Council last week, according to a Ledger Insight report.

The report, which claims to have seen copies of the relevant clauses in the current version of the AML regulation, stated that the only mention of NFTs states: “On NFTs we will have a recital, indicating that the EC will consider inclusion of NFTs in the MiCA review report.”

This suggests that discussions are still ongoing amongst EU lawmakers regarding the nature and definition of NFTs, but leaves the door open to the asset type being integrated into AML regulations in the future.

The provisional deal, agreed on January 18, now needs to be formally adopted by the EU Parliament and Council before it can take effect.

Watch: Digital currency regulation and the role of BSV blockchain

YouTube video

New to blockchain? Check out CoinGeek’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.