The UK government has taken an innovative approach to regulating crypto assets and stablecoins by working with industry experts and regulators to develop an evidence-based plan.

Timeline of regulatory action:

• July 22, 2021: The HM Treasury released a consultation seeking views on amendments to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs.) Read Notabene's assessment of the amendments.

• October 14, 2021: The HM Treasury concluded its consultation. 

• July 21, 2022: The UK published the Money Laundering and Terrorist Financing (Amendment) (No. 2) Regulations 2022 (“MLTFR 2022”), introducing Travel Rule obligations to UK VASPs.

• July 28, 2023: JMLSG launches public consultation on crypto Travel Rule guidance.

• August 17, 2023: FCA sets out expectations for UK VASPs complying with the Travel Rule

• August 25, 2023: End of JMLSG consultation period. See Notabene's public response.

• September 1, 2023: Travel Rule requirements enter into force in the UK

‍

‍

1. Is cryptocurrency legal in the United Kingdom?

Yes. The Financial Conduct Authority (FCA) put out a policy statement called "Guidance on Cryptoassets" (PS19/22) that describes the types of cryptoassets that fall under the FCA's regulatory authority, as well as the resulting obligations on firms and protections for consumers.

‍

2. Are there any AML crypto regulations in the United Kingdom?

Yes. As of January 10, 2020, businesses operating in the UK involved in cryptoasset activities must register with the FCA under the MLRs and comply with the anti-money laundering (AML) requirements. More recently, the MLTFR 2022 notably extended Travel Rule obligations to UK VASPs.

‍

3. Is the Crypto Travel Rule mandated in the United Kingdom?

The Crypto Travel Rule was passed into law in the UK on July 21, 2022. It will enter into force on September 1st, 2023. (MLTFR 2022, pg.1, para 3)

‍

4. Who regulates cryptocurrency in the United Kingdom? 

The Financial Conduct Authority (FCA) regulates cryptocurrency in the United Kingdom.

‍

‍

FATF Travel Rule requirements in the United Kingdom

‍

1. Are there licensing or registration requirements for VASPs in the United Kingdom?

Yes. Since January 10, 2020, businesses seeking to carry on cryptoasset activity in the UK that do not have an e-money license must register with the FCA under the MLRs. UK-based VASPs must adhere to several compliance rules, including know-your-customer, AML, and combating the financing of terrorism.

‍

2. When does the Crypto Travel Rule go into effect in the United Kingdom?

The Crypto Travel Rule will enter into force in the UK on September 1, 2023. (MLTFR 2022, pg.1, para 3)

‍

3. Does the United Kingdom permit a grace period to comply with the Crypto Travel Rule?

Yes. The United Kingdom considered the widespread support for a grace period and deferred the Travel Rule requirement by 12 months. The FATF crypto Travel Rule was passed on July 21, 2022, but UK VASPs have until September 1, 2023, to comply.

6.7:

Reflecting the consensus in favour of a grace period, and taking into account the current status of compliance technology, the government has decided to allow a 12-month grace period, to run from the point at which the amendments to the MLRs take effect until 1 September 2023, subject to Parliamentary approval, during which cryptoasset businesses will be expected to implement solutions to enable compliance with the Travel Rule.

‍

Complying with the FATF Crypto Travel Rule in the United Kingdom

‍

1. What is the minimum threshold for the Crypto Travel Rule in the United Kingdom?

UK VASPs must transfer Travel Rule information regardless of the transaction amount. However, there is a requirement to transmit a broader scope of data when the following conditions are met:

1. At least one counterparty (the Originator VASP, the Beneficiary VASP, or the Intermediary VASP) carries out business outside the UK with respect to the transaction; and
2. The transfer is equal to or exceeds the equivalent in cryptoassets of 1,000 euros. (MLTFR 2022, pg.5, para. 64C (1), (4))

More information is provided in the table below.

‍

2. What personally identifiable information is required to be shared for the Crypto Travel Rule in the United Kingdom?

When transferring cryptocurrency between businesses, the Originator VASp must include specific information as required by UK regulations. The rules vary depending on whether all businesses involved are based in the UK, or if at least one is located outside the UK:
‍

‍

Source: The Money Laundering and Terrorist Financing (Amendment) (No. 2) Regulations 2022, pg. 4, para 64B-C.

3. Are there differences in customer PII requirements for cross-border transfers versus transfers within the United Kingdom?

Yes. UK-transfers require less PII. The Originator VASP must provide additional information within three working days if the Beneficiary VASP requests. The table above describes the information required and that may be requested. (MLTFR 2022, pg. 4, para 64C (2))

‍

{{training2="/cta-components"}}

‍

4. What are the non-custodial or self-hosted wallet requirements in the United Kingdom?

UK VASPs are not required to transmit any information when conducting transactions with self-hosted wallets. This approach aligns with FATF standards and mirrors how many jurisdictions have incorporated the crypto Travel Rule requirements into their national regulations.

6.27:

Where a transfer is being made from a cryptoassets service provider to an unhosted wallet, the originating provider is not expected to send information to an unhosted wallet, though it should still collect information on the intended beneficiary. (HM Treasury 2022. pg. 37, para 6.27)

‍

However, different obligations–set forth in the MLTFR 2022–apply in transactions with self-hosted wallets:

1. When transacting with self-hosted wallets, UK VASPs may request missing information specified in I.A (1-2) from customers. If the customer is the transfer originator, the VASP must acquire missing Beneficiary Customer information (name and account number), and vice versa;
2. When the VASP's customer is the Beneficiary of a self-hosted wallet transfer that exceeds 1,000 euros, the VASP may also collect the Originator's information in II.B of the table above. (MLTFR 2022, pg. 7-8, para 64G)

‍

Collecting this information from the end customer is not set as a mandatory requirement, but rather as a measure that VASPs shall assess whether to adopt based on a risk assessment that takes into account the following:

• the purpose, nature, and duration of the relationship with the customer,
• the purpose and value of the unhosted wallet transfer, and 
• how frequently the customer transacts. 

‍

5. What are the Travel Rule Obligations for a Beneficiary VASP?

When receiving a inter-cryptoasset business transfer, Beneficiary VASPs shall:

1. Confirm all required information was received;
2. Match received Beneficiary information against their customer due diligence information.

In case there is missing information or any mismatch in the Beneficiary information is identified, the Beneficiary VASP should consider the following steps:

1. Send missing information request to Originator VASP;
2. Make enquiries about the discrepancy 
3. Consider withholding funds until the information is received / discrepancy resolved
4. Consider returning funds to Originator VASP. 

It is worth noting that Beneficiary VASPs must report to the FCA any repeated failure by another VASP to provide required information and any steps the Beneficiary VASP has taken in response to such failures. (MLTFR 2022, pg. 6, para 64D)

Why choose Notabene for Crypto Travel Rule Compliance in the United Kingdom?

Notabene’s tools help British VASPs and financial institutions comply with the FATF’s Recommendation 16 “Crypto Travel Rule” as required by the HM Treasury. Our protocol-agnostic solution securely permits VASPs to send, store and maintain required PII for Travel Rule transactions around the globe. We offer two GDPR-compliant methods to store and manage data as mandated by the HM Treasury. Additionally, our award-winning Travel Rule solution was recently accepted into The Financial Conduct Authority (FCA)’s Regulatory Sandbox initiative. Reach out to chris@notabene.id to participate in testing Travel Rule procedures in line with UK rules.