There are specific rules in place to regulate and supervise credit institutions and payment service providers across Europe. Banks and other license holders are required to cooperate with their national supervisors, who coordinate their work through the network of national financial supervisors. The biggest European banks (numbering in the hundreds) are directly supervised by the European Central Bank, headquartered in Frankfurt, Germany.
When it comes to cryptocurrencies and other virtual assets, no such framework for supervision currently exists. Risks with crypto assets providers increased as more firms entered the market. The EU has decided to treat all crypto firms as an ‘obligated person’ defined in its Fifth AML Directive (5AMLD). Estonia was the first country in the EU that transposed the 5AMLD into local anti-money laundering (AML) law and began offering crypto licenses. The national supervisor was quickly bombarded with thousands of license requests. Two years ago, 1,300 firms had a cryptolicense.
To provide some context, Germany has issued only three cryptocurrency licenses so far, France has issued 26, the Netherlands 24 and Malta around a dozen. Against that backdrop, it is easy to imagine that Estonian supervisors, with a relatively small supervisory team,are overwhelmed.
Problems with cryptocurrencies in Estonia have arisen in the past. Now the government is taking steps to reduce money laundering risks with crypto firms and going back to the drawing board. Estonia has revoked many licenses and set up a new licensing system with dramatically tighter rules, markingthe end of an era for easyone-stop-shop services that offer the packages online.
Under the new crypto license requirements that go into effect this year, capital requirements will be considerably higher. Instead of 12,000euros, a capitalof at least 100 000 euros is needed. A two-year businessplan is required, IT systems need to be assessed and auditors need to be appointed. A travel rule will be in place.
That prospect already discourages those who would like to have a crypto license. As of today, Estonia has recognised only 340 license holders in the crypto business.Less than half the number of last year, butstill a significant number.
The new regime certainly makes things more manageable for supervisors; however, it would be naive to expect that criminals using crypto firms to launder money would suddenly stop. There is a real risk in the activities moving underground. After all, these license holders have customers who will seek other channels to handle their transactions. Alternative systems are abundant and close by, such as in Lithuania.
Today’s reality is that money launderers consider the crypto markets attractive, not just in Estonia but everywhere. It is only naturalthat this surge of attractiveness in the crypto markets has implications and additional demands on supervisors.
The EU is slowly but surely drafting new rules for crypto supervision. Brussels foresees an increased role for the European Banking Authority/European Securities and Markets Authority, which connects national financial supervisors. The reality of EU legislation means another three years of wait time before a firm framework is in place. Cryptocriminals pretty much have a free hand for the time being.
AML has an international scope. It is too much for a single country to handle. A solid EU framework and global cooperation are prerequisites for AML. Supervising cryptos effectively cannot be done without international cooperation. Until that is the case, supervisors in Estonia and elsewhere, can only try to deal with a genie that is out of the bottle.