After extensive negotiations, the European Union (EU) recently reached a provisional agreement on what will likely become the first major and most comprehensive crypto regulation framework globally.
For the first time, EU lawmakers intend to harmonize crypto regulations across the EU. While details regarding rule implementation and enforcement are to be determined, the aim is they will take effect over the next 18 months.
While the new EU Crypto regulations could be seen as a burden by some cryptocurrency businesses, their adoption is mostly welcomed across the industry, as they will bring a long-awaited clarity and will serve as a crypto regulatory benchmark for other major markets.
Subject-matter experts with decades of experience wrote this analysis, not freelance copywriters, third party agencies, or AI-based tools. We are global regulatory compliance experts.
InnReg offers a comprehensive overview of the key elements of the EU’s agreement.
- Markets in Crypto Assets Regulation (MiCA): MiCA provides for harmonized license requirements for cryptocurrency businesses in the EU and the associated “passporting rules” enabling an already licensed business to operate through the entire EU.
- Transfer of Funds Regulation (“TFR”): TFR is also known as the “EU Travel Rule”, which establishes the monetary threshold above which cryptocurrency transactions are subject to the rule.
What are the key elements of MiCA and the EU crypto license?
Once MiCA is adopted, crypto-asset issuers and service providers will benefit from harmonized crypto license requirements. Permission from each EU Member State will no longer be required to operate there. The EU crypto license regulation will closely mirror that of traditional EU financial institutions, namely complying with strict capital and ongoing disclosure requirements, along with “fit and proper” testing of their incumbent and prospective management.
Under the new crypto regulation, crypto-asset service providers will be liable to their customers for crypto-assets losses resulting from malfunctions or hacks up to their market value. MiCA will also cover market abuse such as market manipulation, insider trading, wash trading and front running.
Crypto businesses subject to MiCA will also be required to disclose information on their environmental and climate impact. The European Securities and Markets Authority (ESMA) is expected to develop draft regulatory technical standards on the content, methodologies and presentation of these disclosures.
And finally, under MiCA the European Banking Authority (EBA) will be required to maintain a public register of non-compliant crypto-asset service providers (e.g. operating in the EU without a crypto license).
Moreover, crypto businesses with a parent company located in countries listed on the EU lists of high risk third countries and non-cooperative jurisdictions for tax purposes will have to implement enhanced due diligence in line with the EU AML/CFT framework. Stricter requirements may also apply to shareholders and management concerning their location.
Who will be subject to MiCA crypto license requirements?
- Any individual providing crypto-asset services or issuing crypto assets looking to operate in the EU, regardless of where they are incorporated.
- Non-fungible tokens (NFTs) are excluded from the scope except if they fall under existing crypto-asset categories.
- DeFi protocols are also excluded from the scope.
NFTs and DeFi license rules are expected to be developed in the 18 months following MiCA’s coming into force (anticipated by December 2022 or early 2023).
What about stablecoins?
Regarding stablecoins, MiCA aims to protect consumers by introducing a mandatory right of redemption, a physical presence in the EU and strict requirements establishing an adequate minimum level of liquidity with a 1:1 ratio, partly in the form of deposits. Moreover, the issuer will offer every stablecoin a claim at any time and free of charge.
When will MiCA apply?
MiCA is expected to enter into force at the end of 2022. Most of its provisions will become applicable 18 months later, except for stablecoins which are expected to apply within 12 months of the MiCA’s entry into force.
What are the key elements of the TFR?
The Fifth Anti-Money Laundering Directive (AMLD) brought cryptocurrency-fiat currency exchanges under the scope of the EU AML legislation, requiring them to comply with the same AML obligations as traditional financial institutions.
Then the Sixth AMLD introduced even more stringent requirements for crypto businesses by extending the liability to include legal persons and individuals. They also impose harsher penalties, including a prison sentence of up to four years. With many regulatory changes in the last two years, it was clear that the EU started to take a more proactive and serious stance to AML/CFT compliance requirements for crypto businesses.
This is how in June 2022 the EU Parliament, Council and Commission reached an agreement on the proposed Transfer of Funds Regulation that aims to implement the Financial Action Task Force’s (FATF) Recommendation 16 (Travel Rule).
Two of the most notable elements of the EU Travel Rule are:
- The threshold above which transfer of funds will be subject to the Travel Rule
- The treatment of personal wallets
What is the Travel Rule threshold in the European Union (TFR)?
The EU is taking a very onerous approach to the Travel Rule, as the threshold above which transfer of funds will be subject to the TFR will be EUR 0. For comparison, the Travel Rule threshold in the US is currently USD 3,000. Also, the FATF has previously recommended a threshold of USD/EUR 1,000 for cryptocurrency transactions.
Practically speaking, EU crypto-licensed businesses will be required to collect information about the sender and recipient identity for all transactions involving the transfer of crypto assets, regardless of their amount. There is no transfer value exemption (de minimis threshold) for transactions involving at least one company registered in an EU Member State. This, of course, does not come without challenges.
For instance, an EU exchange may deal with a foreign exchange that is not required to capture all this information. In that case, the transaction would be delayed until a full AML due diligence is performed.
How does the Travel Rule apply to personal wallets?
It is worth exploring how the Travel Rule will apply to transactions between a cryptocurrency business and a personal wallet not hosted by a centralized service. Contrary to what many expected, the EU is not looking to impose the strictest reporting requirements on unhosted wallets. Instead, the Travel Rule will apply under the following circumstances:
- Transfers above EUR 1,000 involving a user’s own personal wallet: in this case the user will be asked to verify the ownership of their wallet. This only needs to happen once. All future transfers involving the same wallet address will be exempt from re-verification.
- Transfers between a crypto business and a third party’s personal wallet: in all cases, the cryptocurrency business will need to capture information on the personal wallet. In addition, a risk-based approach should be applied.
The details of the above requirements are expected to be further elaborated by the EBA in the next 18 months.
When will the TRF apply?
Like MiCA, the TRF is expected to enter into force towards the end of 2022. At that point, obliged entities will have nine months to perform phased rollouts to apply the EU Travel Rule. In any case, crypto businesses will be required to fully comply with the TRF in the 18 months following its entry into force.
What are the key takeaways for crypto businesses projecting to expand their services to the EU market?
Both EU Crypto Regulations are set to be enforced by 2024. US cryptocurrency businesses planning to expand to the EU in the near future by obtaining a crypto license are advised to prepare in advance.
Obtaining a crypto license application under the MiCA and communicating with Travel Rule software service providers should be key priorities.
How can InnReg support your expansion to the EU crypto market?
Having strong regulatory and compliance teams with EU subject-matter experts, InnReg is well positioned to offer the following support to comply with the new EU Crypto Regulations:
- Analyze the applicability of the EU Crypto Regulations;
- Plan the expansion of services, including advising on capital requirements;
- Prepare the EU crypto license application, including drafting of all necessary documents, policies and procedures;
- Submit the EU crypto license application to the relevant regulator and follow-up on all requests for additional information;
- Prepare all ancillary applications like “fit and proper” testings;
- Advise on ongoing disclosure requirements;
- Assist with the implementation of the Travel Rule;
- Provide employee training on the EU Crypto Regulations;
- Ongoing support on compliance with the EU Crypto Regulations;
- Support the CCO function and other key stakeholders in establishing an effective compliance governance and risk management framework.
The Author
InnReg is a team of over 30 Regulatory Compliance and Innovation Consulting experts helping fintechs succeed in highly regulated markets since 2013. InnReg specializes on mitigating regulatory risk while helping clients launch and grow innovative fintech products and services.