Transactions with a non-EU registered crypto service provider
Published: 06 October 2022
We have established that crypto providers registered in the Netherlands conduct transactions with non-EU registered crypto service providers, for example buying/selling cryptos as part of their own inventory management. We regard this as an integrity risk, as this involves working with companies that may not have committed to complying with European anti-money laundering regulations.
If a registered crypto service provider (Party A) conducts transactions with a non-EU registered crypto service provider (Party B), it must include a relevant risk scenario in the integrity risk analysis it is required to prepare under Section 2b of the Wwft. Such a risk scenario could consider the risk of Party B selling cryptos it obtained through criminal activities, for example because Party B does not carry out customer due diligence in accordance with the requirements of European anti-money laundering regulations.
Party A must also specify adequate risk-mitigating measures (e.g. 'counterparty due diligence'), taking into account the inherently increased risk of money laundering/terrorist financing when doing business with a non-EU registered provider.
We may check whether party A has adequately specified this risk in its integrity risk analysis, and whether it has implemented sufficient risk-mitigating measures. If we find shortcomings in this regard we may take enforcement action.