Today the European Banking Authority released a document on proposed changes to its risk-based guidelines for supervisors regarding anti money laundering (AML) and countering the financing of terrorism (CFT). Crypto-asset service providers are to be included in the definition of financial institutions for the purposes of AML, and they also get some special treatment. The EBA launched a consultation on the guidelines, which runs until June 29.
As reported yesterday, four pending pieces of EU AML legislation bring crypto asset service providers into the fold. Three were voted on yesterday, and there’s a separate piece of legislation at a more advanced stage that deals with AML for crypto-assets in detail that will be voted in Parliament at the same time as the Markets in Crypto-Assets Regulation (MiCAR) on April 19.
Recent legislation aims to apply the same AML rules to crypto-asset service providers (CASPs) as apply to other institutions. However, there are additional sources of information for crypto, such as blockchain analytics, which are included in the guidelines.
MiCAR imposes some requirements on the management of crypto asset service providers, such as no conviction for AML offences or “other offences that would affect their good repute.” But the EBA doesn’t want to wait for MiCAR to come into force, so in the meantime, it proposes using standard fit and proper tests applied to other financial institutions.
One of the ongoing debates highlighted in yesterday’s article is who qualifies as a crypto-asset service provider. Usually, it’s an organization or individual. It’s not expected that DeFi protocols are specifically included. However, whether or not a developer of a DeFi protocol is considered a CASP could become fertile ground for litigation. It will come down to the extent of control exerted by the developer.
It’s notable that a U.S. legal ruling this week involving a decentralized autonomous organization (DAO) considered the DAO developer might be a partnership.