What will MLD5 mean for the regulation of Cryptoassets?

In April 2019, the UK government opened its consultation on transposing the Fifth Money Laundering Directive ("MLD5") into national law by the 10 January 2020 deadline for transposition. MLD5 changes include, among other things, requirements for cryptoasset exchanges and custodian wallet providers. The “gold-plating” of MLD5 that the UK government is considering has ramifications for virtual currency exchanges and custodian wallet providers; the FCA is seeking views on this approach.

Besides cryptoasset exchanges and custodian wallet providers other businesses involved in the cryptoasset/virtual currency industry may also fall within the scope of UK legislation when MLD5 is implemented. Any firm that will be potentially caught within the UK’s new regulatory perimeter needs to keep abreast of developments and may wish to consider making representations in response to the government’s Consultation Paper.

What is driving the UK’s approach to implementation of MLD5?

With the Fintech sector evolving at pace, it is perhaps unsurprising that anti-money laundering and anti-terrorist financing regulation is playing catch-up. On 15 April 2019, the UK government, through its “Cryptoasset Taskforce”, published its Consultation Paper on the transposition of the MLD5 into UK law. This consultation follows from the UK Cryptoassets Taskforce (consisting of HM Treasury, the FCA and the Bank of England) work to identify types of cryptoassets, and the UK government now seeks views on whether this definition may need to be broadened.

MLD5 will amend MLD4 and Member States are required to transpose it by 10 January 2020. Among other things, it expands the scope of regulation, clarifies the enhanced due diligence measures needed for high-risk third countries, limits the scope of the client due diligence (“CDD“) exemption for electronic money products, and improves access to beneficial ownership information for CDD purposes. MLD5 is a minimum harmonisation directive, meaning that Member States can implement measures that are more stringent than those that it sets out.

The Consultation Paper makes clear the UK government is considering “gold-plating” the requirements of MLD5 well beyond the “minimum harmonisation” required. While MLD5 has direct ramifications for virtual currency exchanges and custodian wallet providers (“CWPs“), the views requested in the Consultation Paper indicate that other businesses involved in the cryptoasset/virtual currency industry may also fall within the scope of UK legislation when MLD5 is implemented.

The European Council has highlighted previously how “certain modern technology services are becoming increasingly popular as alternative financial systems” for funding terrorist and criminal organisations. It is understandable, then, that MLD5 extends the scope of MLD4, requiring providers of exchange services between virtual currencies and fiat currencies (“VCEPs“) or CWPs to carry out client due diligence, identify suspicious activity and monitor transactions in relation to money laundering and terrorist financing.

MLD5 versus FATF Recommendations

In October 2018, the Financial Action Task Force on Money Laundering (“FATF“) (an intergovernmental organisation currently comprising 36 member jurisdictions representing the majority of the worlds key financial centres, including the UK) adopted changes to its “FATF Recommendations” and Glossary to encompass financial activities involving a new, broad definition of “virtual assets” explicitly. Getting this definition right is fundamental to addressing the money laundering and terrorist financing risks posed by new technologies, both today and in future. The different definitions used in MLD5 and by the FATF indicate that new risks are still being identified.

MLD5 defines virtual currencies as “a digital representation of value that is not issued or guaranteed by a central bank or a public authority, is not necessarily attached to a legally established currency and does not possess a legal status of currency or money, but is accepted by natural or legal persons as a means of exchange and which can be transferred, stored and traded electronically“.

By contrast, the FATF has decided to adopt the broader term, “virtual asset”, as a basis for its Recommendations, defined as “a digital representation of value that can be digitally traded, or transferred, and can be used for payment or investment purposes“. This is intended to include the technologies referred to in the G20 as “cryptoassets” and those referred to as “virtual currencies” in some national legislation. The FATF has set out its desire to ensure the revised FATF Recommendations are neutral with respect to different technologies, and can accommodate future developments.

In February 2019, the FATF agreed on the text of a binding Interpretive Note which included the following clarifications in relation to its broad new definitions:

  • countries should consider virtual assets as “property,” “proceeds,” “funds,” “funds or assets,” or other “corresponding value” for the purposes of applying the various FATF Recommendations that contain these or other similar funds or value-based terms; and
  • virtual asset service providers should be required to be licenced or registered in the jurisdiction where they are created, and should be supervised or monitored by a competent authority (not through self-regulation).

It is clear that the FATF considers it necessary to impose a broader regulatory framework (broader than the framework introduced by MLD5) to address money laundering and terrorist financing risks posed by new technologies.

UK consultation: a wider regulatory perimeter?

In its Consultation Paper, the UK government also expressed its view that the scope of MLD5 may not extend far enough to catch every type of cryptoasset currently posing a money laundering and terrorist financing risk. The Consultation Paper states that due to “the broad scope of the revised recommendations, and in keeping up to date with evolving global standards, the UK government is consulting widely on regulating the sector“. This affirms the possibility that the UK government is open to extending the scope of the regulatory perimeter beyond that set out in MLD5 to anticipate emerging global standards and accommodate FATF’s Recommendations.

The UK government has established that the greatest risk of criminal activity is at the point of exchange. However, looking beyond VCEPs and CWPs, the government has asked for views in response to its Consultation Paper on whether to bring within the scope of the regulatory perimeter:

  • crypto-to-crypto exchange service providers (firms engaged in exchange services between one cryptoasset and another, or services allowing value transactions within one cryptoasset);
  • peer-to-peer exchange service providers (firms that facilitate the exchange of fiat currencies and cryptoassets (both fiat-to-crypto and crypto-to-crypto) between prospective “buyers” and “sellers”);
  • cryptoasset Automated Teller Machines (physical kiosks that allow users to exchange cryptoassets and fiat currencies);
  • the issuance of new cryptoassets, for example through Initial Coin Offerings; and
  • the publication of open-source software (which includes, but is not limited to, non-custodian wallet software and other types of cryptoasset related software).

The UK government has also noted its concern regarding cross-border risks posed by cryptoassets and associated service providers, in so far that firms based outside the UK would theoretically avoid UK regulatory standards and would not be compelled to CDD checks. While acknowledging limitations in practice, the Consultation Paper also seeks views on potential regulatory solutions to this cross-border challenge.

Osborne Clarke comment

The implementation of MLD5 will disrupt the on-boarding process for VCEPs and CWPs as well as any other virtual asset service providers caught by the UK’s new regulatory perimeter. There are serious repercussions for businesses that do not take reasonable steps to prevent money laundering and terrorist financing – with the designated supervisory authority (expected to be the FCA) able to impose civil penalties. Firms and individuals may also face criminal sanctions. If you are a VCEP or a CWP then you should be starting to prepare for the implementation of MLD5. If you are a business operating in the virtual currency space, you may wish to consider making representations in response to the government’s Consultation Paper. It is also important for any virtual asset service provider to keep abreast of developments whilst the full scope and date of UK implementation is finalised.

By June 2019, the FATF is expected to update its 2015 Risk-based Approach Guidance on Virtual Currencies, to continue assisting jurisdictions and the private sector in implementing a risk-based approach to regulating virtual asset service providers, including their supervision and monitoring. This is intended to help countries exercise oversight of this sector, including through guidance on risk indicators and supervisory arrangements. The UK government intends to engage actively and internationally with the FATF to ensure there is a global response that mitigates the risks posed by the use of cryptoassets for illicit activity. As a result, the updated FATF Risk-based Approach Guidance is expected to shed light on the future shape of the crypto/virtual assets regulatory perimeter.