The UK government has taken an innovative approach to regulating crypto assets and stablecoins, by working with industry experts and regulators to come up with an evidence-based plan for cryptocurrencies and other virtual assets. The HM Treasury recently released a consultation, Amendments to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 Statutory Instrument 2022, that mandated the crypto travel rule. This consultation updated existing UK Money Laundering Regulations rather than attempting to amend the EU Funds Transfer Regulations, making Recommendation 16, crypto Travel Rule easier and faster to implement. Read our assessment of the HM Treasury's Amendments to the Money Laundering, Terrorist Financing and Transfer of Funds Regulations to learn more.

On July 15 2022, the United Kingdom Treasury finished their 2021 consultation and provided final guidelines about the UK’s implementation of the Travel Rule. The United Kingdom considered the widespread support for a grace period and deferred the Travel Rule requirement by 12 months. By September 1, 2023, crypto firms registered in the United Kingdom must implement the FATF Travel Rule.

1. Is cryptocurrency legal in the United Kingdom?

The United Kingdom considers crypto assets as property, not as legal tender. The British anti-money laundering regulator, the Financial Conduct Authority (FCA), has a pro-crypto stance and pushes for a supportive regulatory environment for digital assets.  

2. Are there any AML crypto regulations in the United Kingdom?

Yes. On July 22, 2021, HM Treasury released the Amendments to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 Statutory Instrument 2022. Chapter six of the consultation focuses on transfers of crypto assets.

Sign up for the latest insights on developments in Crypto Law

learn more


3. Is the Crypto Travel Rule mandated in the United Kingdom?

Yes. Chapter 6 of the HM Treasury’s recent consultation, Amendments to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 Statutory Instrument 2022, laid forth provisions poised to implement the FATF’s Crypto Travel Rule into UK law.

4. Who regulates cryptocurrency in the United Kingdom? 

The Financial Conduct Authority (FCA) regulates cryptocurrency in the United Kingdom.


FATF Travel Rule requirements in the United Kingdom

1. Are there licensing or registration requirements for VASPs in the United Kingdom?

Yes. Similar to financial institutions, crypto exchanges that do not have an e-money license must register with the Financial Conduct Authority (FCA) to operate within the UK. UK-based VASPs must adhere to several compliance rules, including KYC (Know-Your-Customer), AML (Anti-Money Laundering), and CTF (Combatting the Financing of Terrorism).

2. When does the Crypto Travel Rule go into effect in the United Kingdom?

Crypto firms registered in the United Kingdom must implement the FATF Travel Rule by September 1, 2023.

3. Does the United Kingdom permit a grace period to comply with the Crypto Travel Rule?

Yes. The HM Treasury mentions a grace period allowing firms to integrate compliance solutions in chapter 6 of the HM Treasury’s ​​Amendments to the Money Laundering, Terrorist Financing, and Transfer of Funds (Information on the Payer) Regulations. 

6.7:

Reflecting the consensus in favour of a grace period, and taking into account the current status of compliance technology, the government has decided to allow a 12-month grace period, to run from the point at which the amendments to the MLRs take effect until 1 September 2023, subject to Parliamentary approval, during which cryptoasset businesses will be expected to implement solutions to enable compliance with the Travel Rule.


Complying with the FATF Crypto Travel Rule in the United Kingdom

1. What is the minimum threshold for the Crypto Travel Rule in the United Kingdom?

Full Travel Rule data transfer requirements will apply to all VASP-to-VASP transfers over £1,000. Meanwhile, transfers below £1,000 will still require the collection of less PII. 

6.12:

In line with INR.16 and the approach taken in the FTR, the government proposes that the following information should be required to be sent with a transfer of cryptoassets.

2. What personally identifiable information is required to be shared for the Crypto Travel Rule in the United Kingdom?

PII requirements for crypto-asset transfers above £1,000

Information on the originator:
• Name
• Address
• Account number or unique transaction identifier
• Personal document number
• Customer identification number or date and place of birth.

Information on the beneficiary:

• Name
• Account number/unique transaction identifier

PII requirements for crypto-asset transfers below £1,000

Information on the originator:
• Name
• Account number/unique transaction identifier

Information on the beneficiary:

• Name
• Account number/unique transaction identifier

3. Are there differences in customer PII requirements for cross-border transfers versus transfers within the United Kingdom?

Yes. If all crypto asset service providers involved in the transaction are UK-based, less PII is required.
HM Treasury 6.12:

Information on the originator: 
• Account number/unique transaction identifier (subject to a requirement to provide full information to beneficiary crypto asset service provider on request.)

Information on the beneficiary: 

• Account number/unique transaction identifier

4. What are the non-custodial or self-hosted wallet requirements in the United Kingdom?

There are currently no non-custodial or self-hosted wallet requirements in the United Kingdom.

6.27:

Where a transfer is being made from a cryptoassets service provider to an unhosted wallet, the originating provider is not expected to send information to an unhosted wallet, though it should still collect information on the intended beneficiary.

5. Does customer PII fall within the scope of the UK GDPR?

Yes, customer personally identifiable information (PII) falls within the scope of the UK GDPR. According to chapter 6.22 of the HM Treasury’s latest consultation, UK VASPs must uphold the General Data Protection Regulation when performing Travel Rule transfers. 

6.22:

Personal data received, transmitted, or retained pursuant to these provisions is within the scope of the UK General Data Protection Regulation (GDPR), and crypto-asset service providers will therefore need to process it in line with the requirements in that legislation. 

6. Why choose Notabene for Crypto Travel Rule Compliance in the United Kingdom?

Notabene’s tools help British VASPs and financial institutions comply with the FATF’s Recommendation 16 “Crypto Travel Rule” as required by the HM Treasury. Our protocol-agnostic solution securely permits VASPs to send, store and maintain required PII for Travel Rule transactions around the globe. We offer two GDPR-compliant methods to store and manage data as mandated by the HM Treasury.

Notabene clients in the United Kingdom: