- Latest available (Revised)
- Original (As made)
The Money Laundering and Terrorist Financing (Amendment) (No. 2) Regulations 2022
You are here:
- UK Statutory Instruments
- 2022 No. 860
- PART 2
- Regulation 5
What Version
Opening Options
More Resources
Status:
This is the original version (as it was originally made). This item of legislation is currently only available in its original format.
Cryptoasset transfers
This section has no associated Explanatory Memorandum
5.—(1) In the definition of “relevant person” in regulation 3(1) (general interpretation), after “6” insert “, 7A”.
(2) In regulation 8(1) (application)(1), after “6” insert “, 7A”.
(3) In regulation 27 (customer due diligence)(2)—
(a)in paragraph (2), after “cryptoasset exchange provider of the kind referred to in paragraph (7D)” insert “or (7E), a custodian wallet provider of the kind referred to in paragraph (7E)”;
(b)after paragraph (7D) insert—
“(7E) Without prejudice to paragraph (7D), a cryptoasset exchange provider and a custodian wallet provider must also apply customer due diligence measures in relation to a cryptoasset transfer which is equal to or exceeds the equivalent in cryptoassets of 1,000 euros in value (taken together with any other cryptoasset transfer which appears to be linked).”;
(c)after paragraph (9) insert—
“(10) In this regulation, “cryptoasset” and “cryptoasset transfer” have the meanings given by regulation 64B (cryptoasset transfers: interpretation).”.
(4) In regulation 40 (record-keeping)(3)—
(a)in paragraph (2)(a), after “regulation 30A” insert “, and of regulations 64C and 64G(1)”;
(b)after paragraph (2)(b) insert—
“(c)in the case of an inter-cryptoasset business transfer, in addition to the records referred to in sub-paragraphs (a) and (b), any documents and information received by an intermediary cryptoasset business and the cryptoasset business of a beneficiary by virtue of the obligations under regulations 64C(1), (2) and (7), or received by them pursuant to a request under regulation 64D(2)(a) or 64E(2)(a); and
(d)in the case of an unhosted wallet transfer, in addition to the records referred to in sub-paragraphs (a) and (b), any documents and information received by a cryptoasset business pursuant to a request under regulation 64G(1).”;
(c)after paragraph (9)(d) insert—
“(e)“beneficiary”, “cryptoasset business”, “inter-cryptoasset business transfer”, “intermediary cryptoasset business” and “unhosted wallet transfer” have the meanings given by regulation 64B.”.
(5) After regulation 64 (obligations of payment service providers)(4) insert—
“PART 7ACryptoasset Transfers
Chapter 1Application and interpretation
Application of this Part
64A.—(1) This Part applies in respect of a cryptoasset transfer which is not excluded by paragraph (2) or (3).
(2) This Part does not apply in respect of a transfer of funds within the meaning of Article 3.9 of the funds transfer regulation(5).
(3) This Part does not apply to a cryptoasset transfer where both the originator and the beneficiary is a cryptoasset business acting on its own behalf.
Interpretation
64B. In this Part—
“batch file transfer” means a bundle of individual inter-cryptoasset business transfers from a single originator put together by a cryptoasset business of the originator for transmission to a cryptoasset business of a beneficiary or beneficiaries;
“beneficiary” means the intended recipient of a cryptoasset from an originator;
“cryptoasset” has the meaning given in regulation 14A(3)(a) (cryptoasset exchange providers and custodian wallet providers)(6) and includes a right to, or interest in, the cryptoasset;
“cryptoasset business” means a cryptoasset exchange provider or a custodian wallet provider;
“cryptoasset transfer” means an inter-cryptoasset business transfer or an unhosted wallet transfer;
“inter-cryptoasset business transfer” means a transaction carried out by two or more cryptoasset businesses which involves the making available of a cryptoasset of an originator to a beneficiary, provided that at least one of the cryptoasset businesses involved in the transaction is carrying on business in the United Kingdom in respect of the transaction (whether that is a cryptoasset business acting for the originator or a cryptoasset business acting for the beneficiary or an intermediary cryptoasset business);
“intermediary cryptoasset business” means a cryptoasset business which, in the course of an inter-cryptoasset business transfer—
(a)
is not acting for the originator or the beneficiary; and
(b)
receives and transmits a cryptoasset on behalf of a cryptoasset business;
“originator” means a person who owns a cryptoasset and allows a transfer of that cryptoasset;
“unhosted wallet” means software or hardware that enables a person to store and transfer a cryptoasset on their own behalf, and in relation to which a private cryptographic key is administered by that person;
“unhosted wallet transfer” means the transfer of a cryptoasset either—
(a)
by an originator from an unhosted wallet to the cryptoasset business of a beneficiary, or
(b)
by the cryptoasset business of the originator to the unhosted wallet of a beneficiary,
with a view to making the cryptoasset available to the beneficiary;
“unique transaction identifier” means the combination of letters, numbers or symbols determined by a cryptoasset business which permits the traceability of the transaction from the originator to the beneficiary;
“working day” means any day other than a Saturday, a Sunday, Christmas Day, Good Friday or a day which is a bank holiday under the Banking and Financial Dealings Act 1971(7) in any part of the United Kingdom.
Chapter 2Inter-cryptoasset business transfers
Information accompanying an inter-cryptoasset business transfer
64C.—(1) In respect of an inter-cryptoasset business transfer, the cryptoasset business of the originator must ensure that the cryptoasset transfer is accompanied by the information specified in paragraph (5).
(2) Where paragraph (3) applies, if the cryptoasset business of the beneficiary makes a request for the information specified in paragraph (6), the cryptoasset business of the originator must, within three working days of the request, also provide the information specified in paragraph (6).
(3) This paragraph applies where each of the cryptoasset businesses executing the inter-cryptoasset business transfer (including any intermediary cryptoasset business) is carrying on business in the United Kingdom in respect of the transaction.
(4) Where paragraph (3) does not apply and the transfer is equal to or exceeds the equivalent in cryptoassets of 1,000 euros in value (taken together with any other cryptoasset transfer which appears to be linked), the cryptoasset business of the originator must ensure that the inter-cryptoasset business transfer is also accompanied by the information specified in paragraph (6).
(5) The information specified in this paragraph is—
(a)the name of the originator and the beneficiary;
(b)if the originator or beneficiary is a firm, the registered name of the originator or beneficiary (as the case may be), or if there is no registered name, the trading name; and
(c)the account number of the originator and the beneficiary, or if there is no account number, the unique transaction identifier.
(6) The information specified in this paragraph is—
(a)if the originator is a firm—
(i)the customer identification number; or
(ii)the address of the originator’s registered office, or, if different, or if there is none, its principal place of business;
(b)if the originator is an individual, one of the following—
(i)the customer identification number;
(ii)the individual’s address;
(iii)the individual’s birth certificate number, passport number or national identity card number;
(iv)the individual’s date and place of birth.
(7) In the case of a batch file transfer where the cryptoasset business of the beneficiary is carrying on business wholly outside the United Kingdom, paragraphs (1) and (4) do not apply to each of the individual business transfers, provided that—
(a)the batch is accompanied by the information required by paragraphs (1) and (4); and
(b)each individual transfer within the batch is accompanied by the account number of the originator, or if there is no account number, the unique transaction identifier.
(8) Information relating to the originator required under this regulation must have been verified by the cryptoasset business of the originator on the basis of documents or information in either case obtained from a reliable source which is independent of the person whose identity is being verified.
(9) A cryptoasset business of an originator must not make an inter-cryptoasset business transfer before ensuring full compliance with this regulation.
Missing or non-corresponding information: the cryptoasset business of a beneficiary
64D.—(1) When a cryptoasset business of a beneficiary receives a cryptoasset as part of an inter-cryptoasset business transfer it must, before making the cryptoasset available to the beneficiary, check whether—
(a)it has received the information required by regulation 64C to be provided; and
(b)the information relating to the beneficiary corresponds with information verified by it under Part 3 (customer due diligence)(8).
(2) Where the cryptoasset business of the beneficiary becomes aware that any information required by regulation 64C to be provided is missing or does not correspond with information verified by it under Part 3, the cryptoasset business of the beneficiary must—
(a)request the cryptoasset business of the originator to provide the missing information;
(b)consider whether to make enquiries as to any discrepancy between information received and information verified by it under Part 3; and
(c)consider whether—
(i)to delay making the cryptoasset available to the beneficiary until the information is received or any discrepancy resolved; and
(ii)if the information is not received or discrepancy resolved within a reasonable time, to return the cryptoasset to the cryptoasset business of the originator.
(3) In deciding what action to take under paragraph (2)(c) the cryptoasset business must have regard to—
(a)the risk assessments carried out by the cryptoasset business under regulations 18(1) (risk assessment by relevant persons) and 18A(1) (risk assessment by relevant persons in relation to proliferation financing); and
(b)its assessment of the level of risk of money laundering, terrorist financing and proliferation financing arising from the inter-cryptoasset business transfer.
(4) In assessing the level of risk for the purposes of paragraph (3)(b), the cryptoasset business must take account of factors including—
(a)the purpose and nature of its business relationship with the beneficiary and of the inter-cryptoasset business transfer;
(b)the value of the inter-cryptoasset business transfer and any cryptoasset transfer which appears to be linked;
(c)the frequency of cryptoasset transfers made by or to the beneficiary via the cryptoasset business of the beneficiary; and
(d)the duration of its business relationship with the beneficiary.
(5) The cryptoasset business of a beneficiary must report to the FCA repeated failure by a cryptoasset business to provide any information required by regulation 64C as well as any steps the cryptoasset business of the beneficiary has taken in respect of such failures.
Missing information: intermediaries
64E.—(1) When an intermediary cryptoasset business receives a cryptoasset as part of an inter-cryptoasset business transfer it must, before further transferring the cryptoasset, check whether it has received the information required by regulation 64C to be provided.
(2) Where an intermediary cryptoasset business becomes aware that any information required by regulation 64C to be provided is missing, the intermediary cryptoasset business must—
(a)request the cryptoasset business from which it received the transfer to provide the missing information; and
(b)consider whether—
(i)to delay the onward transfer of the cryptoasset until the information is received; and
(ii)if the information is not received within a reasonable time, to return the cryptoasset to the cryptoasset business from which it was received.
(3) In deciding what action to take under paragraph (2)(b) an intermediary cryptoasset business must have regard to—
(a)the risk assessments carried out by the intermediary cryptoasset business under regulations 18(1) and 18A(1); and
(b)its assessment of the level of risk of money laundering, terrorist financing and proliferation financing arising from the inter-cryptoasset business transfer.
(4) In assessing the level of risk under paragraph (3)(b) the intermediary cryptoasset business must take account of factors including—
(a)the purpose and nature of the business relationship with its customer cryptoasset business, and of the inter-cryptoasset business transfer; and
(b)the value of the inter-cryptoasset business transfer and any cryptoasset transfer which appears to be linked.
(5) An intermediary cryptoasset business must report to the FCA repeated failure by a cryptoasset business to provide any information required by regulation 64C as well as any steps the intermediary cryptoasset business has taken in respect of such failures.
Retention of information with an inter-cryptoasset business transfer: intermediaries
64F. An intermediary cryptoasset business must—
(a)ensure that all the information that is provided in relation to an inter-cryptoasset business transfer pursuant to regulation 64C, including any that is requested to be provided before the transfer is made under regulation 64E(2)(a), also accompanies the onward transfer (whether to another intermediary cryptoasset business or to the cryptoasset business of the beneficiary); and
(b)send on to the relevant cryptoasset business, as soon as practicable, any information requested under regulation 64E(2)(a) which is received after it has transferred the cryptoasset to the relevant cryptoasset business.
Chapter 3Unhosted wallet transfers
Requesting information: unhosted wallet transfers and cryptoasset businesses
64G.—(1) A cryptoasset business involved in an unhosted wallet transfer may request from its customer (whether the originator or the beneficiary)—
(a)such information specified in regulation 64C(5) as it does not already hold; and
(b)where the unhosted wallet transfer is equal to or exceeds the equivalent in cryptoassets of 1,000 euros in value (taken together with any other cryptoasset transfer which appears to be linked), and where its customer is the beneficiary, the information specified in regulation 64C(6) in respect of the originator.
(2) In determining under paragraph (1) whether to request information from its customer, the cryptoasset business must have regard to—
(a)the risk assessments carried out by the cryptoasset business under regulations 18(1) and 18A(1); and
(b)its assessment of the level of risk of money laundering, terrorist financing and proliferation financing arising from the unhosted wallet transfer.
(3) In assessing the level of risk under paragraph (2)(b), a cryptoasset business must take account of factors including—
(a)the purpose and nature of—
(i)the business relationship with its customer (whether beneficiary or originator); and
(ii)the unhosted wallet transfer;
(b)the value of the unhosted wallet transfer and any cryptoasset transfer which appears to be linked;
(c)the frequency of cryptoasset transfers made by or to the customer (whether beneficiary or originator) via the cryptoasset business; and
(d)the duration of the business relationship with its customer.
(4) In the event that the cryptoasset business involved in an unhosted wallet transfer does not receive information requested under paragraph (1) it must not make the cryptoasset available to the beneficiary.
Chapter 4Provision of information to law enforcement authorities
Provision of information
64H. A cryptoasset business must respond fully and without delay to a request in writing from a law enforcement authority (within the meaning of regulation 44(10)) for any information held in connection with this Part which that authority reasonably requires in connection with the authority’s functions.”.
(6) In regulation 74A(1)(a) (reporting requirements: cryptoasset businesses)(9), after “Parts 2 to 6” insert “and 7A”.
(7) In Schedule 6 (relevant requirements)(10) after paragraph 11 insert—
“11A. The requirements specified in this paragraph are those imposed in—
(a)regulation 64C (information accompanying an inter-cryptoasset business transfer);
(b)regulation 64D (missing or non-corresponding information: the cryptoasset business of a beneficiary);
(c)regulation 64E (missing information: intermediaries);
(d)regulation 64F (retention of information with an inter-cryptoasset business transfer: intermediaries);
(e)regulation 64G (requesting information: unhosted wallet transfers and cryptoasset businesses);
(f)regulation 64H (provision of information).”.
(1)
Regulation 8 was amended by S.I. 2019/1511.
(2)
Regulation 27 was amended by S.I. 2019/1511.
(3)
Regulation 40(2)(a) was amended by S.I. 2020/991. There is another amendment to regulation 40 but it is not relevant.
(4)
Regulation 64(1) was revoked by S.I. 2019/253. There are other amendments to regulation 64 but none are relevant.
(5)
This is defined in regulation 3 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017.
(6)
Regulation 14A was inserted by S.I. 2019/1511.
(7)
(8)
Amendments have been made to Part 3 but none are relevant.
(9)
Regulation 74A was inserted by S.I. 2019/1511.
(10)
Schedule 6 has been amended but none of the amendments are relevant.
Options/Help
Print Options
PrintThe Whole Instrument
PrintThe Whole Part
PrintThis Section only
Legislation is available in different versions:
Latest Available (revised):The latest available updated version of the legislation incorporating changes made by subsequent legislation and applied by our editorial team. Changes we have not yet applied to the text, can be found in the ‘Changes to Legislation’ area.
Original (As Enacted or Made): The original version of the legislation as it stood when it was enacted or made. No changes have been applied to the text.
Opening Options
Different options to open legislation in order to view more content on screen at once
Explanatory Memorandum
Explanatory Memorandum sets out a brief statement of the purpose of a Statutory Instrument and provides information about its policy objective and policy implications. They aim to make the Statutory Instrument accessible to readers who are not legally qualified and accompany any Statutory Instrument or Draft Statutory Instrument laid before Parliament from June 2004 onwards.
More Resources
Access essential accompanying documents and information for this legislation item from this tab. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as enacted version that was used for the print copy
- lists of changes made by and/or affecting this legislation item
- confers power and blanket amendment details
- all formats of all associated documents
- correction slips
- links to related legislation and further information resources
Impact Assessments
Impact Assessments generally accompany all UK Government interventions of a regulatory nature that affect the private sector, civil society organisations and public services. They apply regardless of whether the regulation originates from a domestic or international source and can accompany primary (Acts etc) and secondary legislation (SIs). An Impact Assessment allows those with an interest in the policy area to understand:
- Why the government is proposing to intervene;
- The main options the government is considering, and which one is preferred;
- How and to what extent new policies may impact on them; and,
- The estimated costs and benefits of proposed measures.
More Resources
Use this menu to access essential accompanying documents and information for this legislation item. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as made version that was used for the print copy
- correction slips
Click 'View More' or select 'More Resources' tab for additional information including:
- lists of changes made by and/or affecting this legislation item
- confers power and blanket amendment details
- all formats of all associated documents
- links to related legislation and further information resources
All content is available under the Open Government Licence v3.0 except where otherwise stated. This site additionally contains content derived from EUR-Lex, reused under the terms of the Commission Decision 2011/833/EU on the reuse of documents from the EU institutions. For more information see the EUR-Lex public statement on re-use.