The UK government has taken an innovative approach to regulating crypto assets and stablecoins by working with industry experts and regulators to develop an evidence-based plan.
Timeline of regulatory action:
July 22, 2021: The HM Treasury released a consultation seeking views on amendments to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs.) Read Notabene's assessment of the amendments.
October 14, 2021: The HM Treasury concluded its consultation.
July 21, 2022: The UK published the Money Laundering and Terrorist Financing (Amendment) (No. 2) Regulations 2022 (“MLTFR 2022”), introducing Travel Rule obligations to UK VASPs.
Yes. The Financial Conduct Authority (FCA) put out a policy statement called "Guidance on Cryptoassets" (PS19/22) that describes the types of cryptoassets that fall under the FCA's regulatory authority, as well as the resulting obligations on firms and protections for consumers.
2. Are there any AML crypto regulations in the United Kingdom?
Yes. As of January 10, 2020, businesses operating in the UK involved in cryptoasset activities must register with the FCA under the MLRs and comply with the anti-money laundering (AML) requirements. More recently, the MLTFR 2022 notably extended Travel Rule obligations to UK VASPs.
3. Is the Crypto Travel Rule mandated in the United Kingdom?
The Crypto Travel Rule was passed into law in the UK on July 21, 2022. It will enter into force on September 1st, 2023. (MLTFR 2022, pg.1, para 3)
4. Who regulates cryptocurrency in the United Kingdom?
The Financial Conduct Authority (FCA) regulates cryptocurrency in the United Kingdom.
FATF Travel Rule requirements in the United Kingdom
1. Are there licensing or registration requirements for VASPs in the United Kingdom?
3. Does the United Kingdom permit a grace period to comply with the Crypto Travel Rule?
Yes. The United Kingdom considered the widespread support for a grace period and deferred the Travel Rule requirement by 12 months. The FATF crypto Travel Rule was passed on July 21, 2022, but UK VASPs have until September 1, 2023, to comply.
Reflecting the consensus in favour of a grace period, and taking into account the current status of compliance technology, the government has decided to allow a 12-month grace period, to run from the point at which the amendments to the MLRs take effect until 1 September 2023, subject to Parliamentary approval, during which cryptoasset businesses will be expected to implement solutions to enable compliance with the Travel Rule.
2. What personally identifiable information is required to be shared for the Crypto Travel Rule in the United Kingdom?
When carrying out an “inter-cryptoasset business transfer”*, the Originating VASP must ensure that the cryptoasset transfer is accompanied by the information specified in the table below:
* An inter-crypto asset business transfer is defined as “a transaction carried out by two or more crypto asset businesses which involves the making available of a crypto asset of an originator to a beneficiary, provided that at least one of the crypto asset businesses involved in the transaction is carrying on business in the United Kingdom in respect of the transaction (whether that is a crypto asset business acting for the originator or a crypto asset business acting for the beneficiary or an intermediary crypto asset.” (MLTFR 2022, pg. 4, para 64B)
** UK transfers are defined as “The crypto asset businesses executing the inter-crypto asset business transfer (including any intermediary crypto asset business) is carrying on business in the United Kingdom. (MLTFR 2022, pg. 5, para 64C)
*** International transfers are defined as “At least one of the crypto asset businesses executing the inter-crypto asset business transfer (including any intermediary crypto asset business) is not carrying on business in the United Kingdom.” (MLTFR 2022, pg. 4, para 64B)
3. Are there differences in customer PII requirements for cross-border transfers versus transfers within the United Kingdom?
Yes. UK-transfers require less PII. The Originator VASP must provide additional information within three working days if the Beneficiary VASP requests. The table above describes the information required and that may be requested. (MLTFR 2022, pg. 4, para 64C (2))
4. What are the non-custodial or self-hosted wallet requirements in the United Kingdom?
UK VASPs are not required to transmit any information when conducting transactions with self-hosted wallets. This approach aligns with FATF standards and mirrors how many jurisdictions have incorporated the crypto Travel Rule requirements into their national regulations.
Where a transfer is being made from a cryptoassets service provider to an unhosted wallet, the originating provider is not expected to send information to an unhosted wallet, though it should still collect information on the intended beneficiary. (HM Treasury 2022. pg. 37, para 6.27)
However, different obligations–set forth in the MLTFR 2022–apply in transactions with self-hosted wallets:
When transacting with self-hosted wallets, UK VASPs may request missing information specified in I.A (1-2) from customers. If the customer is the transfer originator, the VASP must acquire missing Beneficiary Customer information (name and account number), and vice versa;
When the VASP's customer is the Beneficiary of a self-hosted wallet transfer that exceeds 1,000 euros, the VASP may also collect the Originator's information in II.B of the table above. (MLTFR 2022, pg. 7-8, para 64G)
Collecting this information from the end customer is not set as a mandatory requirement, but rather as a measure that VASPs shall assess whether to adopt based on a risk assessment that takes into account the following:
the purpose, nature, and duration of the relationship with the customer,
the purpose and value of the unhosted wallet transfer, and
how frequently the customer transacts.
5. What are the Travel Rule Obligations for a Beneficiary VASP?
When receiving a inter-cryptoasset business transfer, Beneficiary VASPs shall:
Confirm all required information was received;
Match received Beneficiary information against their customer due diligence information.
In case there is missing information or any mismatch in the Beneficiary information is identified, the Beneficiary VASP should consider the following steps:
Send missing information request to Originator VASP;
Make enquiries about the discrepancy
Consider withholding funds until the information is received / discrepancy resolved
Consider returning funds to Originator VASP.
It is worth noting that Beneficiary VASPs must report to the FCA any repeated failure by another VASP to provide required information and any steps the Beneficiary VASP has taken in response to such failures. (MLTFR 2022, pg. 6, para 64D)
Why choose Notabene for Crypto Travel Rule Compliance in the United Kingdom?
Notabene’s tools help British VASPs and financial institutions comply with the FATF’s Recommendation 16 “Crypto Travel Rule” as required by the HM Treasury. Our protocol-agnostic solution securely permits VASPs to send, store and maintain required PII for Travel Rule transactions around the globe. We offer two GDPR-compliant methods to store and manage data as mandated by the HM Treasury.
Additionally, our award-winning Travel Rule solution was recently accepted into The Financial Conduct Authority (FCA)’s Regulatory Sandbox initiative. Reach out to firstname.lastname@example.org to participate in testing Travel Rule procedures in line with UK rules.
HM Treasury 2021. Amendments to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 Statutory Instrument 2022 July 2021 | Consultation. Published July 22, 2021.
HM Treasury 2022. Amendments to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 Statutory Instrument 2022 | Response to the Consultation. Published June 2022.
This content is provided for general informational purposes only. By using the content, you agree that the information on this content does not constitute legal, financial or any other form of professional advice. No relationship is created with you, nor any duty of care assumed to you, when you use this content. The content is not a substitute for obtaining any legal, financial or any other form of professional advice from a suitably qualified and licensed advisor. The information on this content may be changed without notice and is not guaranteed to be complete, accurate, correct or up-to-date.
Help us keep this page up to date! Any comments, corrections or suggestions on this page can be sent to email@example.com.