By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Top 10 Insights for European CASPs on Upcoming Travel Rule Compliance

Catarina Veloso
Catarina Veloso
May 30, 2024
Catarina, Regulatory & Compliance Senior Associate at Notabene, specializes in global crypto regulations. With roles including co-chair of the CryptoUK Travel Rule group and part of the EBA Expert Group, she shapes Travel Rule compliance. Holds Masters in Energy Law and BA in Law.
Summary

The European Union's Transfer of Funds Regulation (TFR) and the associated Travel Rule Guidelines from the European Banking Authority (EBA) are set to significantly impact how Crypto Asset Service Providers (CASPs) handle crypto-asset transactions. As these regulations come into effect, it is crucial for CASPs to understand the key requirements and prepare for compliance. 

This blog highlights the top 10 things European CASPs need to know about the upcoming Travel Rule compliance enforcement.


1. Comprehensive Data Collection Requirements

The TFR mandates that CASPs collect and transmit detailed information about the originator and beneficiary for every crypto-asset transfer. This includes:

Natural persons

Legal persons

This comprehensive data collection ensures that all parties in a transaction can be unambiguously identified. ¹


2. Robust Monitoring Systems

Beneficiary CASPs must implement robust monitoring systems to detect and manage non-compliant transactions. These systems should be capable of identifying missing, incomplete, or meaningless information and should align with the risk levels associated with money laundering and terrorist financing. ²

{{european2="/cta-components"}}


3. Handling Non-Compliant Transactions

When a transaction lacks required information, CASPs have four options: execute, reject, return, or suspend the transfer. The appropriate action depends on the specific circumstances and the results of the risk assessment. ³

4. Managing Non-Compliant Counterparties

Repeated non-compliance by counterparties requires CASPs to reassess their relationships. This includes applying stricter monitoring and verification measures, potentially terminating business relationships, and reporting non-compliant counterparties to the relevant authorities. ⁴

5. Verifying Self-Hosted Wallet Transactions

For transactions involving self-hosted wallets, CASPs must verify whether the wallet is owned or controlled by their customer. This involves using at least two technical methods, such as advanced analytical tools or sending a predefined amount from the wallet to the CASP. ⁵


6. Understanding Different Self-Hosted Wallet Transaction Scenarios 

The TFR categorizes self-hosted wallet obligations based on the transaction amount and whether the wallet owner is a customer of the CASP. These scenarios include transactions of 1,000 euros or less, transactions over 1,000 euros where the wallet owner is a CASP customer, and transactions over 1,000 euros where the wallet owner is not a CASP customer. ⁶

7. Implementing Appropriate Risk Mitigation Measures

In addition to verifying wallet ownership, CASPs must implement risk mitigation measures proportionate to the identified risks. These measures may include verifying the identity of the transfer's originator or beneficiary, requesting additional information, and conducting enhanced ongoing monitoring of transactions. ⁷


8. Ensuring Compliance with General Obligations

CASPs must ensure compliance with several general obligations, such as:

  • Information transmission infrastructure: Must be fully capable of transmitting information without technical limitations. A transitional period until July 31, 2025, allows for exceptions with compensatory policies in place. ⁸
  • Compliance timing: Information must be transmitted immediately and securely, before or at the same time the crypto-asset transfer is completed. ⁹
  • Joint accounts: Transfers from joint accounts, addresses, or wallets must include information about all holders. ¹⁰
  • Protocol interoperability: Messaging protocols must enable seamless and interoperable information transmission, compatible with industry standards and blockchains. ¹¹
  • Information submission changes: Initial information submissions cannot be changed unless requested by the beneficiary CASP or if an error is identified. Subsequent CASPs must be informed and required to detect any missing or incomplete information. ¹²


9. Ensuring Protocol Interoperability

Selected messaging protocols must enable seamless and interoperable transmission of information. CASPs should evaluate these protocols to ensure they can communicate effectively with other systems and comply with industry standards, protocols, and blockchains. ¹¹


10. Preparing for the Future

By July 1, 2026, the European Commission will assess the necessity for additional measures to mitigate risks associated with self-hosted wallet transactions. This evaluation will encompass examining the efficacy and proportionality of verification mechanisms and considering potential restrictions. ¹³


{{european1="/cta-components"}}


The upcoming Travel Rule compliance regulation imposes comprehensive requirements on CASPs to ensure the integrity of crypto-asset transactions. By understanding and adhering to these requirements, CASPs can effectively manage transaction information, monitor compliance, handle non-compliant transactions, and manage relationships with non-compliant counterparties. This regulatory framework not only helps in mitigating risks associated with money laundering and terrorist financing but also fosters a more secure and transparent crypto-asset ecosystem in the European Union.


Want to learn more? Read our blogs on beneficiary VASPs' transaction requirements under the TFR and the upcoming self-hosted wallet requirements.


References
1. Regulation (EU) 2023/1113 on information accompanying transfers of funds and certain crypto-assets (Transfer of Funds Regulation or TFR).
2. Travel Rule Guidelines, §29.
3. Article 17 of the TFR.
4. Article 17/2 of the TFR.
5. Travel Rule Guidelines, §69.
6. EU Travel Rule Compliance Guide. (2023). Travel Rule Compliance Guide: The European Union.
7. Article 19a of the AMLD.
8. Travel Rule Guidelines (§§10, 13).
9. TFR (Article 14/4); Travel Rule Guidelines (§14.b).
10. Travel Rule Guidelines (§14.c, 27).
11. Travel Rule Guidelines (§15).
12. Travel Rule Guidelines (§20).
13. Regulation (EU) 2023/1113.

FAQs