AML/CTF/CPF
Industry News
The report draws on several examples that draw attention to risks such as:
➡️ Entities operating without required regulatory approvals, either from EU Member States or Third Countries.
➡️ Entities applying for registration in several countries and withdrawing in those that challenged the applications
➡️ Misuse of the reverse solicitation exemption by giving the appearance of relationships being at the clients' initiative despite communications indicating targeting of EU customers
➡️ Opaque governance or shareholding structures, including incoherent information in applications to several member states
➡️ Use of linked entities or third parties to provide services and avoid regulatory scrutiny
The report also zooms into AML/CFT deficiencies identified through supervision, including:
➡️ Ineffective implementation of AML/CFT policies and procedures in application files
➡️ Failure to assess or mitigate to risks related to new technologies and DeFi-related exposure
➡️ Weak governance and under-resources Compliance teams
➡️ Deficiencies in outsourcing and delegation arrangements covering key AML/CFT duties
➡️ Deficiencies in record-keeping, suspicious activity reporting and adherence to the Travel Rule
✅ Obtaining a license is not the end of the road, but rather the beginning: CASPs should ensure that their AML/CFT frameworks remain effective at all times, and keep in mind that the crypto sector is under significant scrutiny from regulators, who are unwilling to tolerate uneven standards in the application or AML/CFT regulation.
