Scope
The TFR applies to transfers of funds in any currency carried out by payment service providers (PSPs) or intermediary payment service providers within the EU (Article 2). The scope of the Regulation has been expanded to include transfers of crypto-assets where at least one of the crypto-asset service providers involved is established in the EU. A number of specific exemptions apply (Article 2(4) TFR).
Obligations for Service Providers
Payment service providers are required to ensure that specific information concerning the payer and the payee accompanies each transfer of funds. The information that must be collected and transmitted is set out in Article 4. In addition, PSPs are required to establish internal procedures and controls to ensure compliance with national and European sanctions legislation.
Similar obligations apply to crypto-asset service providers. For each transfer of crypto-assets, they must transmit information relating to both the originator and the beneficiary (Article 14). For transactions exceeding €1,000 to or from a self-hosted (unhosted) wallet, CASPs must also verify that the wallet is indeed owned or controlled by their customer. This verification requirement is specific to crypto-asset transactions and constitutes an important addition to the existing framework.
Detection and Assessment of Missing Information
PSPs and beneficiary CASPs must establish procedures to determine whether the information accompanying a transfer is complete (Articles 8 and 16). These procedures must be applied on a risk-based basis. Where information is found to be incomplete, the transfer must be suspended or rejected. The action taken depends on the specific information that is missing. Specific provisions apply to intermediary payment service providers (Articles 19, 20 and 21).
EBA Guidelines
On 4 July 2024, the European Banking Authority (EBA) published Guidelines on the TFR. These Guidelines provide direction on how financial institutions should deal with missing information concerning the payer or payee and which procedures they should implement for handling transfers where information is missing. These Guidelines replace the Joint Guidelines issued under WTR2.
FIU Reporting
Missing payer or payee information in a transfer of funds may constitute grounds for submitting a suspicious transaction report to the Financial Intelligence Unit (FIU). This obligation applies to (intermediary) payment service providers as well as to (intermediary) crypto-asset service providers (Articles 9, 13, 18 and 22).
AML/CFT Supervision
The obligations under the TFR should be considered in conjunction with the requirements of the Dutch Anti-Money Laundering and Anti-Terrorist Financing Act (Wwft). Financial institutions are expected to incorporate TFR requirements into their policies and procedures. De Nederlandsche Bank (DNB) supervises the institutions under its remit with regard to compliance with obligations arising, among other things, from the Wwft.