Where to start and how to set up a due diligence routine for your blockchain business.
The growing global need for AML procedures, particularly in crypto
According to a recent analysis, conducted in 2020, global organizations spent nearly US$213 billion on financial crime compliance. This spending was substantially distributed to anti-money laundering (AML) and associated know your customer (KYC) instruments.
While total spending in these areas is challenging to pinpoint precisely, anecdotal evidence points to a substantial bill for financial institutions. For instance, the same study calculated that mid-to-large size financial institutions in the most developed EMEA markets typically invest between US$45-48 million yearly on AML compliance, divided across people and technology.
This increase has doubled since 2019 and reflects the growing need for solid AML/ KYC defenses in the face of rising levels of financial crime, however, accurate calculations are complex to approximate the money laundering activity each year. This is the case due to the confidential nature of illicit activities.
Nevertheless, the United Nations Office on Drugs and Crime (UNODC) provides a broadly accurate guide each year, estimating that 2-5% of global GDP of laundered funds. Their latest findings account for US$0.8-2.0 trillion yearly, fuelled by the impact of the pandemic.
Despite the problem of this scale, the efforts of global law enforcement and the increasing funds being allocated to manage the challenge of money laundering suggest that the existing framework for managing AML is grossly underperforming. One academic study pointed to the lack of precise data in this area.
In its Statement on Effectiveness, the Wolfsberg Group points out the problems arising from organizations being investigated by national supervisors exclusively based on technical compliance. The company’s AML/ CTF standards make a valuable difference in the fight against financial crime and are secondary to achieving technical compliance.
To enable more businesses to optimize the detection and deterrence of illegal activity, the Wolfsberg Group points to FATF’s guidance on effective outcomes, encouraging all jurisdictions to promote AML/CTF programs that:
- Comply with all AML/CTF laws and regulations;
- Provide helpful information to relevant government agencies in defined priority areas;
- Establish a reasonable and risk-based set of controls to mitigate the risks of an institution being used to facilitate illicit activity
In the absence of standardized effectiveness measures, various organizations cite additional statistics when considering the effect of their efforts. Outcomes might vary depending on the illicit activity, and ‘assets seized’ or ‘assets confiscated’ represent an indicator of the market.
As AML via crypto became more prevalent, the FATF needed to address this issue by introducing due diligence guidance.
In June 2019, they adopted an Interpretive Note to Recommendation 15 (INR.15) to further clarify how the FATF requirements apply to virtual assets and VASPs. A new Guidance accompanied these changes for a Risk-Based Approach for Virtual Assets and VASPs. Finally, in October 2019, the FATF updated its Methodology for Assessing Technical Compliance with the FATF Recommendations and the Effectiveness of AML/CFT Systems to reflect the revised Standards.
The FATF Guidance on virtual assets and VASPs published in June 2019 lists a range of technologies that may enable VASPs to comply with aspects of the travel rule requirements that were available when the FATF Standards were revised in June 2019. However, there is no technological solution that enables VASPs to comply with all aspects of the travel rule in a holistic, instantaneous, and secure manner.
Crypto compliance – what is it & how is it changing in 2022?
Cryptocurrency compliance refers to the requirements outlined in anti-money laundering (AML) cryptocurrency regulations. VASPs implement suitable internal policies that are used with the right set of tools to stop money laundering (ML) and terrorism financing (TF). With more regulations instated, crypto compliance becomes crucial, and companies that deal with virtual assets must be able to fully rely on AML compliance tools and services to help them navigate through different regulatory environments.
For this reason, more demands for better and more effective anti-money laundering measures come from regulators and supervisory bodies. The core of the existing framework is a risk-based approach to managing financial crime, and to comprehend the problem entirely; we need to look at how this operates and why.
As a critical stakeholder, the Financial Action Task Force (FATF) is the inter-governmental body accountable for creating policies and establishing international standards to combat money laundering and terrorist financing activity. In a 2014 guidance note, they founded the risk-based approach to managing financial crime:
“A risk-based approach means that countries, competent authorities, and banks identify, assess, and understand the money laundering and terrorist financing risk to which they are exposed, and take the appropriate mitigation measures following the level of risk.” FATF (Financial Action Task Force)
Risk-based crypto compliance requirements in the EU in 2022
Cryptocurrencies are widely accepted as legal in the European Union, but different member states have different cryptocurrency exchange regulations. Cryptocurrency taxation varies, but many member-states charge capital gains tax on cryptocurrency-derived profits at 0-50% rates. In 2015, the EU Court of Justice passed the ruling which exempts cryptocurrency exchanges from VAT.
The EU Fifth Anti-Money Laundering Directive (AMLD) brought in January 2020, cryptocurrency-fiat currency exchanges under EU anti-money laundering legislation requiring businesses to perform KYC/CDD on customers and fulfill standard reporting requirements. In December 2020, the Anti Money Laundering Directive came into effect: the order made cryptocurrency compliance more strict by adding cybercrime to the money laundering predicate offenses list.
Cryptocurrency exchanges are still not comprehensively regulated at a regional level. Still, businesses have to register with their respective regulators in some member states, such as Germany’s Financial Supervisory Authority (BaFin), France’s Autorité des Marchés Financiers (AMF), or Italy’s Ministry of Finance.
These bodies’ authorization and licenses can then passport the exchanges, allowing them to operate under a single regime across the entire block, and AMLD also affects the cryptocurrency exchanges. Under the directive, liability for money laundering offenses is extended to legal persons and individuals. The leading cryptocurrency wallet providers and cryptocurrency exchange employees must exercise much greater oversight of their internal AML controls.
The way forward for international regulations as the EU activates
The EU is actively exploring further cryptocurrency regulations. An EU draft document expressed concerns about the risks associated with private digital currencies. It confirmed that the European Central Bank was considering issuing its digital currency.
In January 2020, the European Commission announced a public consultation initiative, seeking guidance on where and how crypto assets fit into the EU’s existing regulatory framework.
The Commission followed up in September 2020 with a new proposal known as the Markets in Crypto-Assets Regulation (MICA). The proposal drafted regulatory measures for cryptocurrencies, including introducing a new licensing system for crypto-asset issuers, industry conduct rules, and new consumer protections.
The European Commission proposed legislative additions in July 2021 affecting all virtual asset service providers (VASPs) across the block. The recommendations will see the transfer of fund regulations (TFR) outstretched to all VASPs in the EU and will mandate the collection of information about senders and recipients of cryptocurrency transfers.
So far, there has not yet been any internationally coordinated regulation of cryptocurrencies implemented in the sector, however international regulatory bodies have been working on assessing risks in the light of the rise of cryptos.
As cryptocurrencies are enabling global financial inclusion combined with their distinctive technological infrastructure, it brings once more the importance of prioritizing regulatory discussions and decisions, both at a national and a global level.
How Crystal can help your crypto business stay compliant
Crystal ensures AML/CTF compliance with all existing global and regional legislation, e.g., FATF & AMLD, and has a fast response time to regulatory changes. By adhering to compliance officers’ latest banking regulatory requirements, Crystal offers interoperable solutions, whether cloud-based or on-premise platforms, to keep all sensitive data within the secure network perimeter. Our tracking tools allow you to discover fund sources and destinations to protect your crypto business. Our customizable risk scoring will enable you to set up alerts for high-risk transactions so you can monitor them and investigate them thoroughly.
The monitoring system provides immutable logging for all historical data, updated in real-time, thus backing up evidence-based procedures. Crystal’s visualization and tracking tools enable case management in a user-friendly environment for practical case tracking and collaborative use. Crystal also covers a broad range of transactions, ensuring real-time information across all significant blockchains and thousands of entities, currently attributing to 90% of all active transactions.
As the blockchain industry keeps expanding and reshaping the global financial landscape, AML and KYC standards have become more than necessary. Reach out to Crystal to assist you with your blockchain compliance issues and mitigate risky and illicit activities.