Much like the EU, the United States was also compelled to act on this emerging asset class when, in 2013, the Financial Crimes Enforcement Network, or FinCEN, for the first time introduced an interpretive guidance for cryptocurrency industry participants, mainly exchangers and administrators. Exchangers are persons or entities who engage as a business in the exchange of digital currency for real currency, whereas administrators are persons or entities that engage as a business in issuing or redeeming a digital currency.
In January 2020, the regulatory landscape for crypto businesses will completely change in the European Union in comparison with the last decade – and these changes will touch all those who store clients’ crypto funds or provide fiat-to-crypto exchange services, at minimum.
Not long ago, the Anti-Money Laundering regulations were extended to cover cryptocurrency custodian wallet service providers and crypto-to-fiat exchanges in the EU. The legislation known as the EU Fifth Anti-Money Laundering Directive entered into force on July 9, 2018, and shall be transposed into the national legislation of each EU member state by Jan. 10, 2020. Before that, cryptocurrencies, in most cases, fell outside of the EU regulatory regime.
As the EU member states transpose the new directive into their national legislation, it will already be over half a decade since cryptocurrency regulation came into force in the U.S. What should we learn from this long-standing experience? And what should we expect from the regulation of the EU market as compared to the U.S.?
On the same page
Studying both the EU and the U.S. cases, we can note the explicit resemblance of regulatory approaches. Both jurisdictions stress the significance of cryptocurrency regulation to combat money laundering and counter the financing of terrorism. Back in June, the G-20 held a meeting in Japan and underlined some concerns about crypto assets, stating:
“While crypto-assets do not pose a threat to global financial stability at this point, we remain vigilant to risks, including those related to consumer and investor protection, anti-money laundering (AML) and countering the financing of terrorism (CFT).”
As such, specific crypto service providers face the same requirements as traditional financial institutions in terms of authorization from a financial regulator, customer identification (KYC), ongoing account monitoring, recordkeeping and suspicious activity reporting.
Notably, EU member states are free to impose stricter anti-money laundering measures in their national legislation much like the U.S., where states are permitted to impose more stringent regulations as long as they do not conflict with U.S. federal law.
In this way, competent authorities in the EU and the U.S. can more closely monitor the use of cryptocurrency. It allows for the prevention of placing illicit money into the financial system and excludes concealing transfers with unlawful purposes because of the certain degree of anonymity associated with cryptocurrency.
Nevertheless, both jurisdictions aim to make such monitoring balanced and proportional to safeguard the technical advances of fintech.
Some of the key differences
Definitions – Despite the EU and the U.S. following the same approach to regulating crypto, there are some differences, and they start from the definition. Crypto service providers obtain the status of “obliged entities” under the Fifth Anti-Money Laundering Directive, or 5AMLD, in the EU, which is equal to “covered financial institutions” in the U.S. – both definitions have the same purpose, which is to make crypto service providers comply with the established banking rules in each regulatory jurisdiction.
Focus of regulation – 5AMLD covers custodian wallet service providers and crypto-to-fiat exchanges, while the U.S. federal regulatory regime applies to providers exchanging or transmitting crypto regardless of fiat currency involvement.
Legislative compliance – The U.S. has two levels of regulation: federal and state. Therefore, crypto service providers must ensure two levels of compliance. Interestingly, a crypto service provider may be exempt by local laws in some U.S. states. Comparably, this is not possible in the EU, where the legislation in each member state must be equal or stricter to 5AMLD provisions.
Data protection – The final distinction is the attitude toward data protection. In the EU, the General Data Protection Regulation applies to the processing of personal data collected for the purposes of AML/CFT under 5AMLD, which means that crypto exchanges and wallet providers are obliged to ensure appropriate measures to protect the information they collect on their customers. To date, no federal privacy or data collection regulation has been enacted in the U.S., although privacy laws have started to appear in some U.S. states.
Beneficial ownership vs. customer due-diligence
Another important thing is the introduction of the beneficial ownership rule. In the EU, it requires obliged entities to collect information about the identity of the beneficial owners of its customers.
Analogous to this, we have the Customer Due Diligence rule in the U.S., which requires financial institutions to collect the beneficial owner information on all legal entity customers. In fact, in the U.S., this rule does not cover crypto service providers directly. Nevertheless, crypto businesses usually consider the CDD rule as a part of their risk-based approach. This also helps to meet the expectations of financial partners.
Besides this, 5AMLD obliges EU member states to make information on beneficial owners available on state public registers, which should be interconnected on the EU level to facilitate cross-border cooperation and access to information by regulators and financial intelligence units.
To the contrary, many in the U.S. have speculated that states will soon follow suit and create a national database that tracks the beneficial ownership of entities. Currently, there is only the optional FinCEN program under the USA PATRIOT Act’s Section 314(b), allowing financial institutions to share beneficial ownership information on customer entities among the interested parties, including other financial institutions and law enforcement, but exclusively for the purpose of money laundering and terrorism financing prevention.
What can we learn from the U.S. experience?
Cryptocurrency has been regulated in the U.S. under existing money transmitter laws for six years now. Apart from FinCEN, other U.S. regulators like the Securities and Exchange Commission and the Commodities Futures Trading Commission have sought to bring crypto partially under their jurisdictions.
As the market evolves, and as financial products built on top of this emerging asset class continue to innovate, the impetus to solve this regulatory overlap may become more pronounced. Regulation also gives a certain level of protection to customers, which extends trust to reliable service providers who seek to avail themselves of the regulated market.
We believe the regulation of crypto in the EU will lead to the same results of bringing greater adoption to the crypto market and facilitating the stability of the EU financial system. We also think that much like in U.S. states, we may see varying degrees of rigidity in regard to crypto service providers and the specifics of their regulation from one EU member state to another.
The EU is catching up and becoming more harmonized, analogous to what happened after FinCEN provided initial guidance in the U.S. back in 2013, by broadening the definition of regulated institutions and bringing them under the umbrella of AML/CFT requirements. The main difference between the EU and the U.S. approaches lies in the scope of regulation. 5AMLD extends to custodian wallet service providers and crypto-to-fiat exchanges, while FinCEN covers crypto exchange and transmission activity regardless of fiat currency involvement.