Home » Crypto Licenses » New Cryptocurrency Laws in Estonia

New Cryptocurrency Laws in Estonia

Estonia has become a pioneer in regulation for cryptocurrency-related businesses.
The regulatory environment has been quite liberal, with a relatively small entrance threshold. After a revision of the existing laws and successful adoption of proposed amendments, the standards for providing virtual currency services are shifting. Existing and future licensed businesses who provide custodial services, exchanges, trading, transfer and others, will have to comply with regulations similar to financial service providers such as payment service providers and electronic money institutions.

On the 15th of March, 2022, the Estonian AML Act and State fee Act which both oversee virtual currency services were amended. The modifications strive to effectively limit the dangers of money laundering and terrorist financing. As new standards for virtual asset service providers (VASPs) are adopted to achieve this goal, both existing VASPs and new applicants will be required to bring their actions and documents in line with the modifications.

In order to apply for a VASP license in Estonia, the applicant must complete the following steps:

a) Implement a robust internal compliance and risk management framework, which includes anti-money laundering rules, risk management policies, business
and financial strategy for the minimum of the following 24-36 months

b) showing no prior convictions for economic activities and a healthy business reputation, which applies to both corporate management and shareholders;

c) share capital of EUR 250,000 if performing a virtual currency transfer service, or EUR 100,000 if providing other VASP services. The source of financing must be fully disclosed.

d) local establishment – management, Compliance Officer, staff, office, etc.

e) having a solid IT system framework and a delivery of services plan.

In review, candidates must establish a functional business unit in Estonia which is also supervised from the country.
The prerequisites listed above will be familiar to those who have previously worked in the financial sector, as the new regulations strongly match the requirements of existing financial service providers.

Licensed VASP apart from new applications as well must comply with the new requirements. The active service providers are encouraged to review their internal and external structures to evaluate if improvements or adjustments are necessary.
Importance is placed on the management board, company’s risk assessment, internal controls policies and procedures and others.

Existing VASPs will have to meet new regulations, here are some of the main AML Act amendments:

1) Transaction monitoring will be tied to the Financial Action Task Force (FATF) ‘Travel rule’. Surveillance of exchanges and transactions must be saved and stored e.g., transaction ID as well as information about originators and recipients. The information must be shared with the recipient’s service provider, when there is an inability of sharing information, the VASP must maintain transaction data and monitor in real-time to prevent any suspicious activities.

2) Requirements for the businesses management board, all members must possess a higher education degree and professional work experience for at least 2 years.

3) Ascertain if the VASP services you supply are covered under the updated AML law. It will be vital to figure out how much the share capital must be expected to raise and what the precise requirements for own funds are.
For instance, the virtual currency transfer service requires a EUR 250,000 share capital and sufficient own cash based on the proportion of transaction volume.
While it is self-evident that this transfer service will be used for a variety of crypto payment services, it is important to remember that transfer refers to any type of exchange between two wallets.
As a result, if a crypto exchange allows off-exchange account withdrawals in cryptocurrencies, this transaction will be considered a transfer service due to the fact that virtual currency has been moved.

4) Compulsory Auditing, it is important to note that the obligation to perform an audit will be implemented from 2023 onwards to organisations whose fiscal year began before 10.03.2022. If the company’s fiscal year begins after 10.03.2022 the requirement is enforced immediately. It is as well mandatory for VASPs to hire an independent internal audit servicer provider.

5) Compliance officers are restricted to serving not more than two companies. AML Officers will be able to serve only two separate legal entities after the recent amendments, one additional company can be added with the permission of the Financial Intelligence Unit (FIU), however, the supervisory body will not be obliged to accept such an addition.

6) Fee for changes and restructuring. It becomes cost-prohibitive for VASPs to make changes, any change in the board of directors, shareholders and others will cost €4000. As a result, it is feasible to make any adjustments infrequently and in bulk.

The majority of these requirements will take effect in the middle of June 2022.

The obligation for transaction monitoring, on the other hand, took effect on March 15, 2022. As a result, existing VASPs should begin working on improving their level of compliance as soon as possible. VASPs must give documentation to the FIU that additional measures have been adopted and that VASPs are complying with the new standards by 15.06.2022.

Photo by chris robert

About the author, Deyvid Stoyanov

Deyvid developed his passion for technology, innovation, blockchain and decentralization throughout his bachelor and masters degree studies in Bulgaria and Italy. With several years of experience in the private sector, he is currently part of the FinTech Legal Center Tallinn-based team and remains immersed in the transformation of the financial and banking sector, the adoption of blockchain and cryptographic technologies as well as their interrelationship with state supervisory authorities and the European regulatory structure.

Content Quality Supervisor

Marcello Silvestri

Copywriting and SEO review

Mario Palmieri

Leave a Reply

Your email address will not be published.

About Estonian Crypto Licenses

Estonian Crypto Licenses is a trading name of TechIuris OÜ, a company based in Tallinn, Estonia and specialised in legal and compliance solutions for European FinTech companies. We are a fully licensed company, and EVEA and e-Residency marketplace members. Here on our blog, we share the latest news on topics such as NFTs, cryptocurrencies, blockchain and much more.

Have a question or need any of our services?

Related posts