By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Beneficiary VASPs: Key Requirements Under the EU Transfer of Funds Regulation

Catarina Veloso
Catarina Veloso
May 27, 2024
Catarina, Regulatory & Compliance Senior Associate at Notabene, specializes in global crypto regulations. With roles including co-chair of the CryptoUK Travel Rule group and part of the EBA Expert Group, she shapes Travel Rule compliance. Holds Masters in Energy Law and BA in Law.
Summary

The European Union's Transfer of Funds Regulation (TFR) imposes stringent requirements on Virtual Asset Service Providers (VASPs) to ensure transparency and security in crypto-asset transactions. Beneficiary VASPs, in particular, have critical responsibilities when it comes to managing incoming transactions. 

This blog outlines what the TFR requires from beneficiary VASPs regarding transaction information, monitoring systems, handling non-compliant transactions, and managing non-compliant counterparties.


Required Information for Transactions

Under the TFR, beneficiary VASPs are obligated to receive specific information about both the originator and the beneficiary of each transaction. Articles 14(1) and 16(1) of the TFR specify the required information, including:

  • Full name of the originator and beneficiary
  • Distributed ledger address and account number
  • Address and official personal document number of the originator
  • Additional optional information, such as customer identification number or date and place of birth to ensure unambiguous identification [1].

Beneficiary VASPs must ensure they receive all this information from the originator VASPs. This comprehensive data collection helps in identifying and preventing illicit activities such as money laundering and terrorist financing [1].


Monitoring Systems for Detecting Non-Compliance

The TFR mandates that beneficiary VASPs implement robust monitoring systems to detect non-compliant transactions. According to the Travel Rule Guidelines (§29), these systems should include:

  1. Methods for detecting missing, incomplete, or meaningless information.
  2. Pre- and post-monitoring practices aligned with money laundering and terrorist financing (ML/TF) risk levels.
  3. Criteria for recognizing risk-increasing factors.
  4. Clear responsibilities for staff in managing transactions with missing information [2].

Effective monitoring systems are crucial for ensuring that all required information is present and valid. This involves not just initial checks but ongoing monitoring to adapt to evolving risk profiles [2].


Managing Non-Compliant Transactions

Beneficiary VASPs must follow specific procedures when they detect a transaction lacking the required information. Article 17 of the TFR outlines four possible actions:

  1. Execute: The VASP can proceed with the transaction if the risk assessment allows it.
  2. Reject: The transaction can be rejected if it does not meet compliance standards.
  3. Return: The funds can be returned to the originator if the necessary information is not provided.
  4. Suspend: The transaction can be temporarily suspended while additional information is requested [3].

The Travel Rule Guidelines provide further details on handling non-compliant transactions. For instance, beneficiary VASPs can request the missing information from the originator VASP rather than outright rejecting or returning the transfer. If the information is still not provided within a set timeframe (three working days for EU transfers, five for others), the VASP must decide whether to proceed based on a risk assessment [3].


Managing Non-Compliant Counterparties

Repeated non-compliance by counterparties requires beneficiary VASPs to reassess their relationships. Article 17/2 of the TFR suggests that VASPs should:

  1. Reassess the Relationship: Consider the percentage of non-compliant transactions and the counterparty's cooperation level.
  2. Enhanced Due Diligence: Apply stricter monitoring and verification measures for non-compliant counterparties.
  3. Terminate the Relationship: If necessary, terminate business relationships with consistently non-compliant counterparties.
  4. Report Non-Compliance: Report non-compliant counterparties to the relevant authorities within three months, detailing the nature and frequency of the breaches and actions taken [4].


Conclusion

The TFR imposes a comprehensive set of obligations on beneficiary VASPs to ensure the integrity of crypto-asset transactions. By adhering to these requirements, beneficiary VASPs can effectively manage transaction information, monitor compliance, handle non-compliant transactions, and manage relationships with non-compliant counterparties. This regulatory framework not only helps in mitigating risks associated with money laundering and terrorist financing but also fosters a more secure and transparent crypto-asset ecosystem in the European Union.

References

  1. EU Travel Rule Compliance Guide. (2023). Travel Rule Compliance Guide: The European Union.
  2. European Union. (2023). Regulation (EU) 2023/1113 on information accompanying transfers of funds and certain crypto-assets (Transfer of Funds Regulation or TFR).
  3. European Banking Authority (EBA). (2023). Draft Guidelines on preventing the abuse of funds and certain crypto-assets transfers for money laundering and terrorist financing purposes under Regulation (EU) 2023/1113 (Travel Rule Guidelines).
  4. Article 17/2 of the TFR.

Interested in learning more? Check out our blog on Self-Hosted Wallet Transaction Requirements Under the EU TFR and Top 6-10 Things European CASPs Need to Know About the Upcoming Travel Rule Compliance Regulation.



References

FAQs