Legal Updates

On 23 April 2021, crypto-asset services became subject to regulation in Ireland for the first time. On that date, the relevant sections of the Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Act 2021, which gives effect to provisions of the EU’s Fifth Money Laundering Directive (Directive 2018/843/EU), came into force.

Although focused on anti-money laundering compliance, the new supervisory regime will have wider implications for firms providing crypto-asset services, their managers and their owners.

What services are in scope?

The new legislation introduces the concept of a “virtual asset service provider” (VASP). A VASP is defined as a person or firm who by way of business carries out one or more of the following activities on behalf of another:

1. exchange between virtual assets and fiat currencies;
2. exchange between one or more forms of virtual assets;
3. transfer of virtual assets, that is to say, conduct a transaction on behalf of another person that moves a virtual asset from one virtual asset address or account to another;
4. custodian wallet provider, that is to say, provide services to safeguard private cryptographic keys on behalf of customers, to hold, store and transfer virtual currencies;
5. participation in, and provision of, financial services related to an issuer’s offer or sale of a virtual asset or both.

Registration with the CBI

VASPs are required to register with the Central Bank of Ireland (CBI) for AML/CFT purposes by submitting an application form together with supporting documentation. Before submitting the application, the CBI requires VASPs to submit a Pre-Registration Information Form to request a reference number. The CBI will undertake a detailed assessment of a proposed VASP’s policies and procedures, risk assessments, ownership and organisational structure and other relevant information before granting registration.

The CBI may refuse a registration in circumstances where it is not satisfied with the VASP's AML/CFT policies and procedures, and/or the fitness and probity of the senior management and/or beneficial owners of the VASP. The CBI has the power to revoke registrations and to impose any conditions that it considers necessary for the proper and orderly regulation of the business.

Transitional arrangements apply to those already operating as VASPs. Such VASPs can continue to provide services but must apply to be registered by 23 July 2021.

Once registered, the VASP is required to include a regulatory disclosure statement in the prescribed form in all advertisements for its services, stating that it is regulated by CBI for AML/CFT purposes only.

Beneficial owners of VASPs and changes of control

VASPs must take reasonable steps to ascertain that any beneficial owner of the VASP is a fit and proper person. A VASP must notify the CBI if, at any time, it reasonably suspects that any beneficial owner is not a fit and proper person.

The CBI will assess, as part of the registration stage, whether or not the beneficial owners are fit and proper and may refuse an application if the beneficial owners are not fit and proper. The CBI has the power to:

• to issue a direction to a beneficial owner who is exercising influence which is, or likely to be, prejudicial to the registered VASP’s compliance with its obligations; and
• to revoke a registration if any beneficial owner of the VASP is deemed to be not fit and proper.

Any proposed acquisition of a beneficial interest in a VASP, whether directly or indirectly, will require the prior approval of the CBI.

Ongoing AML / CFT requirements

VASPs are subject to the same AML/CFT requirements as other financial service providers. These requirements include:

• Conducting an AML/CFT business risk assessment;
• Carrying out customer due diligence (CDD) on their customers;
• Carrying out ongoing monitoring of customers and their transactions;
• Filing suspicious transaction reports (STRs);
• Implementing and maintaining appropriate AML/CFT policies and procedures;
• Retaining records as required; and
• Providing AML training to staff.

How can Dillon Eustace help?

Dillon Eustace’s Financial Regulation team can help incumbent or proposed VASPs:

• review and prepare their AML/CFT frameworks to comply the ongoing AML/CFT requirements; and
• assist with applications for registration to the CBI.