Unlike conventional currencies, cryptocurrencies are not issued by any monetary authority or financial institution. The price is determined by the supply and demand of the market.
The cryptocurrency landscape is evolving at a rapid pace, and sometimes it gets difficult to keep up with all these changes. There are different rules applicable to different countries and jurisdictions.
For instance, the EU Parliament has passed no specific legislation regarding cryptocurrencies. While cryptocurrencies are broadly considered legal, cryptocurrency exchange regulations depend on individual member states, part of the EU.
There’s also a difference in cryptocurrency taxation, there are some member states that charge capital gains tax on cryptocurrency-derived profits. In fact, way back in 2015, the Court of Justice of the European Union ruled that exchanges of traditional currency for cryptocurrency should be exempt from VAT.
Let's take a look at the rules and regulations prescribed cryptocurrencies and crypto-related entities.
Are Cryptocurrency exchanges regulated?
Cryptocurrency exchanges are not currently regulated at a European level. However, in April 2018, the EU agreed on the text for the Fifth Money Laundering Directive (5MLD), which was created with an objective to bring cryptocurrency-fiat currency exchanges under EU’s anti-money laundering legislation.
The 5AMLD came into force in January 2020 and in their attempt to address the Directive some Member States have introduced a framework, where exchanges need to register with their respective regulators.
For instance, Germany’s Financial Supervisory Authority (BaFin), France’s Autorité des Marchés Financiers (AMF), Italy’s Ministry of Finance, or Luxembourg Commission de Surveillance du Secteur Financier (CSSF).
However, the authorisation granted by these regulators allows the companies to operate only under a local regime subject to the local AML legislation. These type of authorisations are not passportable across EU unlike a full license.
In April 2018, the EU agreed on the text for the Fifth Money Laundering Directive (5MLD), which was created with an objective to bring cryptocurrency-fiat currency exchanges under EU’s anti-money laundering legislation.
Regulations for Crypto-related Entities
As ‘obliged entities’, crypto service providers are now covered by the same AML regulatory requirements, as banks and other financial institutions, including registering with financial authorities.
“The rules will now apply to entities which provide services that are in charge of holding, storing and transferring virtual currencies”
The European Commission clarified.
These new actors will have to identify their customers and report any suspicious activity to the Financial Intelligence Units,” clarified EU. Narrowing down, the FCA in the UK has clearly stated that crypto exchanges, ATMs, peer-to-peer platforms, custodian wallet providers and token issuers, including initial coin offerings (ICOs) and initial exchange offerings (IEOs), must comply with its rules.
The Austrian Financial Market Authority (FMA) had announced that it is the regulator of virtual currencies in Austria. Companies that issue, sell, transfer, trade, and exchange cryptocurrencies must register with the FMA. They include in-kind crypto service and custodian wallet providers. Registrants will comply with the due diligence and reporting obligations for the prevention of money laundering. The same goes for several other member states.
PSD2/GDPR laws
Crypto exchanges that come under the jurisdiction of the European Economic Area (EEA) must comply with the new Payment Service Directive (PSD2) and Global Data Protection Regulation (GDPR).
Under the PSD2 regulations, Strong Customer Authentication (SCA), meaning 2-factor authentication will be required for every electronic transaction, including when you buy crypto using fiat currency. This is aimed to lower the fraud rate and enhance the confidence of users in the payment system. The PSD2 rule is only applied to transactions that involve a credit or debit card - it does not work for crypto-to-crypto transactions.
GDPR is a law that revolves around data protection and privacy in the EU, whereas EEA is mandatory for EU/UK based crypto exchanges. Exchanges are now required to take permission from users before doing anything with their data. This forces all entities to treat the user's data with utmost care, reducing chances of commercialisation and incidents that violate the user's privacy.
Regulation in bitFlyer
As you may know, bitFlyer Europe has been a regulated Payment Institution under the supervision of the FSA of the Grand Duchy of Luxembourg (www.cssf.lu) since 2018. Our primary objective is to provide our customers with a secure and safe digital currency service, and as part of achieving this objective, we are legally obligated to implement regulatory compliance frameworks.
Reference:
- https://www.fca.org.uk/consumers/cryptoassets
- https://www.eurolatamlex.com/press/news/42-gdpr-vs-blockchain-technology-against-the-law.html
- https://www.pymnts.com/cryptocurrency/2020/uk-regulator-raises-requirements-for-crypto-firms/
- https://currency.com/cryptocurrency-regulation-in-the-uk
- https://paymentscompliance.com/premium-content/insights_analysis/uk-data-watchdog-reassures-financial-firms-psd2-gdpr-overlap
