Response to the EBA's consultation on the EU's Travel Rule guidelines
Key considerations for the European Banking Authority (EBA) on due diligence, data sharing, GDPR compliance and other technical challenges for CASPs.
Key considerations for the European Banking Authority (EBA) on due diligence, data sharing, GDPR compliance and other technical challenges for CASPs.
In 2015, the European Union introduced the Transfer of Funds Regulation (ToFR), or Europe’s version of the Travel Rule, to fulfil the Financial Action Task Force (FATF) requirement for financial institutions to identify the originator and beneficiary at each end of a wire transfer and share required data.
In May 2023, the EU enacted an update to the ToFR obliging all European crypto-asset service providers (CASPs) to comply with Travel Rule requirements by the end of 2024.
On 24 November 2023, the European Banking Authority (EBA) launched a public consultation on the ToFR’s secondary legislative measures, the Guidelines on preventing the abuse of funds and certain crypto-assets transfers for money laundering and terrorist financing purposes (the Guidelines).
On 23 February 2024, VASPnet submitted a response to the EBA’s consultation that emphasises:
• the importance of enhancing the regulatory framework for crypto-assets and fund transfers to advance financial security and compliance.
• an appreciation of the clarity provided in the Guidelines, especially regarding payments for goods and services and handling incomplete information.
• the need for a risk-based approach to counterparty CASP due diligence.
• the adoption of industry data standards, such as IVMS 101.2023, to mitigate risks associated with handling varying data formats.
• further clarity is requested on interoperability features and the evaluation of protocols.
• guidance on data transfer in compliance with GDPR and the importance of GDPR compliance in maintaining trust and integrity in fund transfers.
• technical and operational challenges related to returning transfers and identifying self-hosted wallets with suggestions for improvement.
• the need for guidance on capturing customer data related to counterparty identification and leveraging third-party reference datasets for improved data management.
For a detailed look at VASPnet’s response and recommendations, download a report of our submission to the EBA’s consultation on the Travel Rule Guidelines.