New “travel rule” guidelines to combat money laundering in fund transfers and crypto assets

The European Banking Authority (EBA) has issued new “travel rule” guidelines. They play a key role in regulating information accompanying fund transfers and certain crypto assets.

Their aim is to curb the misuse of such transfers for money laundering and terrorist financing (ML and TF). They oblige crypto-asset service providers (CASPs) to comply with the same AML/CTF requirements and supervision as credit and financial institutions.

The guidelines specify what information must accompany the transfer of funds or crypto assets. They also describe the necessary steps that:

• payment service providers (PSPs),
• intermediary payment service providers,
• crypto asset service providers (CASPs),
• intermediary CASPs

should take to identify and correct cases of missing information.

In addition, the guidelines provide detailed instructions on actions to be taken if the transfer of funds or crypto assets does not meet information standards.

Competent authorities are required to report compliance with the guidelines within two months of the publication of translations into EU official languages. The revised guidelines will enter into force on December 30, 2024.

What is the legal basis and additional guidelines?

The EBA has also published additional guidance on risk-based AML and CTF supervision for CASPs and guidance to help CASPs effectively manage their exposure to money laundering and terrorist financing risks.

In addition, the EBA is finalizing guidance on internal policies, procedures, and controls to ensure compliance with the restrictive measures applicable to CASPs and other financial institutions.

The legal basis for these recommendations is Article 36 (first and second paragraphs) of Regulation (EU) 2023/1113 and Article 19a(2) of Directive (EU) 2015/849. These provisions authorize the EBA to issue guidance to competent authorities, payment service providers and CASPs on compliance measures related to certain articles of Regulation (EU) 2023/1113.

This includes technical aspects of the regulation’s application to direct debits and measures to identify and verify the identity of the initiator or beneficiary of a transfer made to, or from, a self-hosted address.

The new recommendations represent a significant step forward in the EU’s efforts to combat ML and FT by enhancing the traceability of money transfers and crypto-assets. They ensure that PSPs and CASPs across the EU adhere to a uniform set of standards, thereby strengthening the integrity and security of the entire financial system.

To ensure compliance with the new guidelines, contact our specialists. We offer comprehensive assistance on a one-stop-shop basis to ensure compliance and security for your company.