The UK National Crime Agency has concluded that virtual currencies are predominantly used to buy and sell illegal goods and services, but that they are increasingly used for money laundering purposes.
Increasing regulation
With no central agency overseeing cryptoassets or transactions using the various cryptocurrencies, there are obvious difficulties with supervising and regulating this market.
The FCA in the UK has, to date, had limited oversight. In 2018, it wrote a ‘Dear CEO’ letter to the banking industry highlighting that they needed to take “reasonable and proportionate measures” to lessen the risk of facilitating financial crimes enabled by cryptoassets.
On January 10 2020, the FCA became the anti-money-laundering and counter-terrorist-financing supervisor for businesses that undertake cryptoasset activities, including cryptoasset exchange providers and custodian wallet providers.
These specific activities have been brought within the AML and CTF laws due to the risks identified as a result of the features set out above and the apparent higher risks associated when cryptocurrencies are exchanged for real or fiat currencies (such as the US dollar and pound sterling).
Companies carrying out the above activities must register with the FCA by January 2021 in order to continue trading, with an application deadline of October 2020. More information can be found at the FCA’s webpage.
This widening power is as a result of the Fifth Anti‑Money Laundering Directive (EU) 2018/843 (5MLD) in the UK. MLD5 has been implemented via an update to the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017.
This change will require exchange providers and custodian wallet providers to comply with the MLRs. In addition, the Financial Action Task Force has called on its members to look to regulate cryptoassets.
Recently, on July 27 2020, the Joint Money Laundering Steering Group published new sectoral guidance for cryptoasset exchange providers and custodian wallet providers regarding compliance with the MLRs. The guidance sets out a risk-based approach, taking into account customer risk, product risk and transaction risk along with suggested mitigation measures.
The guidance is not legally binding but, once it is approved by the UK Treasury, the UK courts will be able to consider a company’s compliance with it when considering money laundering offences.
For companies regulated by the FCA, the regulator will also consider compliance with the guidance when considering rule breaches in the future. It is likely the FCA will want to show the industry that these new powers have teeth and we may begin to see more supervisory and enforcement activity in this area.
How can companies protect themselves?
Even financial services companies not involved in cryptoassets still need to pay heed to the potential dangers and risks associated with financial crime perpetrated using any form of cryptoasset.
