On Wednesday, January 17, EU lawmakers reached a provisional deal on an AML package comprising both a regulation and a directive. Setting the stage for the most significant overhaul of the bloc’s AML rules in years, the move comes a day after the European Banking Authority (EBA) extended its guidelines on money laundering risk factors to crypto firms.
In the European Union (EU), anti-money laundering (AML) rules are dictated by regulations and directives. Once they enter into force, regulations automatically apply across the bloc. Directives, on the other hand, must be separately transposed into national law by member states.
Although the EU Council and European Parliament set the bloc’s overarching AML rules, their implementation is left to the EBA , which publishes guidance for affected companies and coordinates enforcement with the relevant authorities of each member state.
Every member of the EU has an assigned “competent authority” that acts as its AML regulator. In some countries, such as Ireland, this is the Central Bank. In others, responsibility for AML regulation falls on a separate agency, like Spain’s Sepblac.
The latest EBA guidance implements measures included in a previous AML package lawmakers agreed on in 2021. The updated rules introduce stricter due diligence requirements for crypto asset service providers (CASP), a class of business defined by the EU’s Markets in Crypto Assets (MiCA) regulation, passed last year.
Post-MiCA, the EBA plays a central role in overseeing the European crypto sector. As well as coordinating member states’ various crypto regulators, it is tasked with establishing technical standards in collaboration with the European Securities and Markets Authority (ESMA). The EBA is also able to investigate and impose penalties against large crypto businesses whose operations span multiple EU countries.
Once the latest package of AML rules is finalized, the regulator’s authority over EU crypto firms is set to be even further enhanced.
Among the provisions included in the EU’s latest proposed AML regulation , many are directed toward the bloc’s CASPs.
Arguing that “the anonymity of crypto-assets exposes them to risks of misuse for criminal purposes,” the anticipated legislation will “prohibit the provision and the custody of anonymous crypto-asset wallets.”
Considering that existing laws already bar CASPs from accepting money anonymously, the wording of the latest proposal raises the prospect that the EU could bring ordinary software developers within the scope of AML enforcement.
Read a certain way, the regulation could apply to popular self-custody wallets like Electrum. Enforcing such a wide-ranging ban would, of course, be impossible. Nonetheless, the proposal’s phrasing imbues the EU’s new AML rules with authoritarian undertones.