It has received so much feedback on it, the organization said it will not make the VASP rules final until its next plenary meeting in October. In March, the FATF issued draft guidance that included additional wording on decentralized finance (DeFi) and stable coins. “The report also identifies possible future actions by the FATF to prevent the misuse of virtual assets for criminal activities, including by emphasizing actions to help mitigate the risk of the use of virtual assets related to ransomware,” said the FATF. The role cryptocurrencies play in ransomware, very much in the news lately, also received a mention. Gaps in implementation, the FATF said, mean that global safeguards do not yet exist to prevent the misuse of VASPs for money laundering or terrorist financing, leading to “jurisdictional arbitration.”
“This discourages further investment in the necessary technology solutions and compliance infrastructure.” “However, most jurisdictions have not yet implemented the FATF requirements, including the ‘travel rule’,” the FATF said in a press release. The private sector was praised for its progress in developing technology to implement the FATF “travel rule”, which requires companies to identify and share data on those involved in crypto transactions above a certain amount. That said, it has been more than two years since the FATF announced that cryptocurrencies would be subject to its AML rules, and the regulator is now asking laggards to get their houses in order. Implementing regulations created for traditional finance in pseudonymous crypto by design has been challenging. Of these, 52 regulate Virtual Asset Service Providers (VASPs) and six prohibit the operation of VASPs. Speaking on Friday on the occasion of its second 12-month review of progress in crypto regulation, the intergovernmental watchdog against money laundering (AML) said that so far, 58 out of 128 reporting jurisdictions have implemented its standards.
Most of the countries supervised by the Financial Action Task Force (FATF) have not yet established their requirements for companies that handle cryptocurrencies.
The EU has been under increased pressure to crack down on money laundering since the Danske Bank scandal of 2007–2015, in which €200 billion ($235 billion) of suspicious transactions occurred through an Estonian branch of a Danish bank. Until now, anti-money-laundering regulation has been the authority of the 27 EU member states, but the commission says problems such as terrorist financing and organized crime should be addressed centrally.