May 20, 2024

FATF Travel Rule Compliance in Germany

FATF Travel Rule Compliance in Germany
  • Germany has a minimum threshold of EUR 1000 for the FATF Travel Rule, requiring identification information for crypto transactions.
  • VASPs and crypto wallet providers must comply with stringent AML and CFT directives, including KYC and EDD requirements.
  • Germany monitors all virtual asset transfers, including self-custody wallets, to mitigate money laundering and terrorist financing risks.

Germany is a major hub of cryptocurrency activity in Europe, with over a million participants engaging in daily crypto trading. The country has a transparent regulatory environment and open policies on blockchain technology and crypto, aligning with EU and MiCA regulations. As a member of the Financial Action Task Force (FATF), Germany also implements anti-money laundering (AML) and counter-terrorist financing (CFT) directives, including the FATF Travel Rule.

Background of the Crypto Travel Rule in Germany

In 2021, Germany published a bill on the transfer of crypto assets and enforced the FATF Travel Rule, requiring compliance from crypto companies by October 2021. However, once the EU's Transfer of Funds Regulation (TFR) is implemented, Germany will evaluate and potentially repeal its ordinance to ensure a coordinated approach to crypto regulation within the EU.

Key Features of the Travel Rule

In the EU, Germany is one of the first jurisdictions to authorize the Crypto Travel Rule. To ensure the traceability of fund transfers and mitigate money laundering and terrorist financing using crypto, the country’s regulators introduced the Money Transfer Regulation. Germany considers all virtual asset transfers as cross-border transfers.

Under the Travel Rule, virtual asset service providers (VASPs) and crypto wallet providers must acquire, hold, and submit certain information on crypto asset transfers, making it available to appropriate authorities when requested. Licensed financial institutions, securities firms, and credit institutions that send or receive crypto on behalf of their customers must also adhere to these obligations.

Additionally, Germany follows stringent risk-based approach (RBA) policies, including Know Your Customer (KYC) and Enhanced Due Diligence (EDD) requirements. The country’s AML rules require crypto companies to follow risk management procedures, detect suspicious transactions, implement customer due diligence (CDD) processes, and engage in continuous monitoring and reporting of suspicious business transactions to the authorities.

Compliance Requirements

Germany adheres to FATF’s recommendations for the Travel Rule, applying a minimum threshold of EUR 1000 for collecting and sharing identifying information about the originator and beneficiary of a crypto transaction.

For transactions above this limit, VASPs must obtain, send, and retain the following PII:

For the originator:

  • Name
  • Account number or unique transaction number
  • Date and place of birth or address, official personal document number, or customer identification number

For the beneficiary:

  • Name
  • Account number or unique transaction number

However, even for crypto transfers below EUR 1000, the name and account number or unique transaction number of both the originator and beneficiary must be recorded. All this information must be provided to the official authorities or the beneficiary VASP within three business days.

Impact on Cryptocurrency Exchanges and Wallets

For a VASP to operate in Germany and offer its services to natural citizens and legal entities, it must apply for a license with BaFin, as per the amendments made to its Banking Act. Not complying with the German Banking Act makes it a felony offense.

When it comes to the custody of crypto, the financial regulator defines it as the custody, management, and security of crypto or the private keys used to keep, store, or transfer crypto for others. Much like a VASP, a crypto custodian also needs a license from BaFin to operate.

The regulator requires enhanced due diligence (EDD) for self-hosted or unhosted wallets. These wallet providers need to take risk-appropriate measures to mitigate money laundering and terrorist financing risks. 

Global Context and Comparisons

As per FATF’s latest report on the implementation of the Crypto Travel Rule, Germany is “Largely Complaint.” This puts Germany in the same category as Canada, France, Israel, Japan, the UK, and the US, which have fully embraced the rule with proper checks and systems in place.

This European country strictly follows FATF recommendations in regard to the personal data that must be collected during transactions and the threshold.

Unlike other countries, Germany has clarified rules and requires monitoring of crypto asset transfers even when users store and manage their virtual assets themselves in a self-custody wallet. In such cases, the individual is in control of their private keys and the security of their crypto assets.

German regulators see self-managed digital asset wallets “with increased risk” and believe it to be “a starting point for a suspicious transaction.”

Concluding Thoughts

Overall, Germany's implementation of the Crypto Travel Rule aims to enhance the traceability and security of cryptocurrency transactions, adhering to international standards. This impacts service providers and wallet providers, ensuring compliance with anti-money laundering and counter-terrorist financing directives. 

___________________________

FAQs on Crypto Travel Rule in Germany

Q1: What is the minimum threshold for identifying information under Germany's FATF Travel Rule?

Germany has a minimum threshold of EUR 1000 for the FATF Travel Rule, requiring VASPs to collect and share identifying information for crypto transactions above this amount.

Q2: What is the purpose of the Money Transfer Regulation in Germany?

The Money Transfer Regulation in Germany aims to ensure the traceability of fund transfers and mitigate money laundering and terrorist financing using cryptocurrencies.

Q3: What are the obligations of financial institutions dealing with crypto in Germany?

Financial institutions, securities firms, and credit institutions in Germany must comply with AML and CFT directives, implement risk management procedures, detect suspicious transactions, and report any suspicious activity to the authorities.

___________________________

About Veriscope

‍Veriscope, the compliance infrastructure on Shyft Network, empowers Virtual Asset Service Providers (VASPs) with the only frictionless solution for complying with the FATF Travel Rule. Enhanced by User Signing, it enables VASPs to directly request cryptographic proof from users’ non-custodial wallets, streamlining the compliance process.

For more information, visit our website and contact our team for a discussion. To keep up-to-date on all things crypto regulations, sign up for our newsletter and follow us on X (Formerly Twitter), LinkedIn, Telegram, and Medium.