In a significant development, the European Banking Authority (EBA) has expanded its Guidelines on money laundering (ML) and terrorist financing (TF) risk factors to include crypto-asset service providers (CASPs).

This move, aligned with the upcoming European Union’s Markets in Crypto Assets regulation (MiCA) set to take effect in 2024, establishes the EU as the first major jurisdiction globally to introduce comprehensive rules tailored to the crypto sector.

Mitigating ML/FT with blockchain analytics tools

The new EBA Guidelines underscore the ML/TF risk factors and corresponding mitigating measures that CASPs must incorporate. This marks a crucial stride in the EU’s ongoing efforts to combat financial crime, recognizing the potential abuse of CASPs for illicit purposes, such as money laundering and terrorist financing.

The risks associated with CASPs can be exacerbated due to the rapid nature of crypto-asset transfers and the presence of features that conceal user identities. The EBA’s amendments aim to equip CASPs with tools to identify these risks by offering a non-exhaustive list of factors indicating exposure levels to ML/TF risk based on customers, products, delivery channels, and geographical locations.

Crucially, the Guidelines provide clarity on adjusting mitigating measures, including the use of blockchain analytics tools. The interconnectedness of the financial sector is acknowledged, prompting the inclusion of guidance for other credit and financial institutions engaged with CASPs or exposed to crypto assets, particularly those dealing with unauthorized providers under Regulation (EU) 2023/1114.

By broadening the scope of the ML/TF Risk Factors Guidelines, the EBA ensures a harmonized approach across the EU, aligning CASPs’ implementation of the risk-based approach to anti-money laundering and countering the financing of terrorism (AML/CFT) with MiCA regulations. Competent authorities are expected to report compliance within two months of official EU language translations, and the amending Guidelines will be effective from 30 December 2024.

The EBA’s initiatives, grounded in the legal basis of Directive (EU) 2015/849 and subsequent regulations, demonstrate a commitment to the risk-based approach in the EU’s AML/CFT regime. Regulation (EU) 2023/1113 and Regulation (EU) 2023/1114 provide the legislative framework empowering the EBA to issue guidelines, ensuring that CASPs fall under EU AML/CFT obligations and supervision.

This development positions the EU at the forefront of crypto regulation, setting the stage for a comprehensive and tailored framework in line with international recommendations to effectively manage ML/TF risks associated with crypto assets.