Entering into force in July 2018 after political agreement was reached by the EU Parliament, the Council and the Commission, the EU’s Fifth Money Laundering Directive (5MLD) is intended to be transposed into applicable national law no later than 10th January 2020.
The UK implemented 5MLD through the Money Laundering and Terrorist Financing (Amendment) Regulations 2019 (MLRs 2019) for the purpose of ensuring that the UK’s AML/CTF regime is ‘’kept up to date, effective and proportionate’’.
Perhaps the most interesting development is that regulatory scope has been widened to include firms offering cryptoasset services. As a result, cryptocurrency firms will now face more scrutiny than ever before and are required to implement measures to comply with the regulations to which they are subject.
Some much-needed clarity
The MLRs 2019 have defined “cryptoasset exchange providers” and “custodian wallet providers” as in-scope for regulatory supervision. Firstly, a “cryptoasset exchange provider” is defined as follows:
“a firm or sole practitioner who by way of business provides one or more of the following services, including where the firm or sole practitioner does so as creator or issuer of any of the cryptoassets involved —
- exchanging, or arranging or making arrangements with a view to the exchange of, cryptoassets for money or money for cryptoassets,
- exchanging, or arranging or making arrangements with a view to the exchange of, one cryptoasset for another, or
- operating a machine which utilises automated processes to exchange cryptoassets for money or money for cryptoasset”
Meanwhile, a “custodian wallet provider” has been defined as follows:
“a firm or sole practitioner who by way of business provides services to safeguard, or to safeguard and administer —
- cryptoassets on behalf of its customers, or
- private cryptographic keys on behalf of its customers in order to hold, store and transfer cryptoasset”.
In conjunction with the above, a clear definition of a cryptoasset has been introduced and is as follows:
‘’A cryptographically secured digital representation of value or contractual rights that uses a form of distributed ledger technology and can be transferred, stored or traded electronically’’.
What does this all mean for crypto businesses?
Firms which fulfil the above definitions are now to be regarded as ‘’relevant persons’’, meaning that they are obliged to comply with the prescriptions of the MLRs 2017 (as amended by the MLRs 2019) and the UK’s AML/CTF regime. This includes, but is not limited to, conducting an adequate level of customer due diligence at the point of onboarding and on a continuous basis thereafter (including periodic reviews and transaction monitoring).
Additionally, relevant firms must ensure that they abide by record keeping requirements and have mechanisms in place to determine and report suspicious activity (in this instance, to the UK’s FIU i.e. the NCA).
The MLRs 2019 have also specified additional obligations for crypto firms to include ensuring that an applicant, officer, manager or beneficial owner of a crypto business must be ‘’fit and proper’’ and other obligations which were not in place for relevant firms under the MLRs 2017.
FCA as supervisor
In October 2019, the FCA was announced as the supervisor for firms carrying out crypto activities. As such, all firms within this scope are required to register through the FCA Gateway from 10th January 2020 with a deadline of 10th October 2020. If firms are not registered by 10th January 2021, they will be required to cease business activities.
The FCA has confirmed the registration fees for cryptocurrency providers. As such, firms with UK cryptoasset income up to £250,000 must pay £2000, and, if greater than this amount, the firm must pay £10,000.
We are yet to see the FCA’s approach to supervision in this sphere; however, the supervisor has outlined that it will put an ‘’increased level of supervisory focus’’ on firms posing a higher level of ML/TF risk and will take enforcement action as necessary.
So….what’s next?
Firms should anticipate a hands–on approach from the FCA in the early months of its role as the supervisor and await further guidance should this be published; at a minimum, the Joint Money Laundering Steering Group (JMLSG) will be publishing updated industry guidance in relation to virtual currency exchanges and this will provide some clarity on best practice approaches to compliance.
In the interim, systems and controls should be put in place and then tested to ensure that operational efficacy. In addition, staff should be trained on their personal AML/CTF obligations under these upcoming regulations.
Finally, firms offering cryptoasset services should ensure that they register with the FCA from this Friday (10th January) with the hard deadline for this being October 2020.
Conclusion
The crypto domain has seen rapid growth throughout the last decade, with regulatory catch-up ensuing recently to subject firms providing crypto services to a higher level of regulatory focus than ever before.
If you require any advice or guidance on your regulatory obligations as per the MLRs 2019 please do not hesitate to contact me, or any of the team, at fscom.