Russia’s Cross-border Crypto Bill, EU’s Sanctions Reaction and the DNB Sanctions Screening Best Practices

Recently, Russia’s Deputy Minister of Finance, Alexei Moiseev, announced that the Ministry of Finance and the Central Bank have agreed on a bill that allows cross-border settlements in cryptocurrency.

This announcement was not long after followed by the European Union’s 8th sanctions package against Russia, which included, amongst other bans, the ceasing of accepting any value of crypto-assets from Russian individuals by financial market players registered/operated in the EU (prior to this the amount was up to EUR 10,000).

The Dutch National Bank has also published a Q&A on crypto sanctions screening best practices.

_{Russia’s Central Bank and the MoF Passes Bill to Allow Cross-border Settlements in Cryptocurrencies}

At the XIX International Banking Forum “Banks of Russia – XXI Century”, Russia’s Deputy Minister of Finance, Alexei Moiseev, announced that the Ministry of Finance and the Central Bank have agreed on a bill that allows cross-border settlements in cryptocurrency. The bill was passed, and the legislation is being drafted.

“Now we have a bill agreed upon with the Central Bank. It generally describes how to acquire cryptocurrency, what can be done with it, and how it can or cannot be settled in the first place in cross-border payments”. – Russia’s Deputy Minister of Finance, Alexei Moiseev

Mr. Moiseev emphasized that since Russian nationals already make use of foreign VASPs to create and operate digital assets wallets and make use of cryptocurrencies, it would be better to allow them to have such access via Russian entities which are supervised by the Central Bank and thus under AML obligations.

This, however, does not mean that trading in cryptocurrencies will be allowed within the jurisdiction, but only to make cross-border payments.

_{EU’s 8th Sanctions Package Against Russia}

In light of Russia’s continued armed attack against Ukraine and its upcoming legalisation of cross-border crypto payments, the EU strengthened its Sanctions against Russia. So far, financial market players within the EU were permitted to accept crypto transactions from Russian individuals of up to EUR 10,000. This was amended to “banning all crypto-asset wallets, accounts, or custody services, irrespective of the amount of the wallet”.

Additionally, it is prohibited to provide IT consultancy, legal advisory, architecture and engineering services to the government of Russia or legal persons established in Russia.

_{DNB Q&A on Crypto Sanctions Screening Good Practices}

The Central Bank of the Netherlands (DNB) supervises and assesses crypto service providers’ effectiveness of internal procedures and controls aimed at ensuring compliance with sanctions regulations, including sanctions screening.

On September 16th they published Q&As and good practices providing recommendations to crypto service providers on sanctions screening implementation for crypto transactions. 

These address:

– The risk of sanctions violation,

– Managing related risks such as those related to registration, and enforcement as well as commercial and reputational risks.

Question 1:

Pursuant to Article 2 of the RtSw, providers of crypto services take measures to check whether ‘relations’ have been sanctioned. In addition to clients, who fall within the scope of the concept of ‘relationship’?

Answer:

The DNB clarifies that a ’relationship’ in the context of crypto service providers, is defined under the Sanctions Act 1977 (Sanctiewet 1977 – Sw) as all involved parties in the crypto transaction (both senders and recipients). Thus, apart from the providers’ clients, sanctions screening must be applied as well to other providers of crypto services, individuals, legal persons or entities identified in the transaction process.

Question 2:

What measures does a crypto service provider take when transacting with cryptos to check whether the (legal) persons or entities involved have been sanctioned?

Answer:

To prevent sanctions regulations violations, at minimum, senders/recipients and the crypto service providers who own the addresses of involved parties to the transaction must be screened against one or more sanctions list. A risk-based approach is recommended to achieve this scope. Regulations do not prescribe how to identify the identity of the counterparty and is left at the service provider’s capability to do so by any means available as long as the applied measure meets this requirement. Information to be obtained that would meet this criteria is name, date of birth, place of residence and business address. In the case where the service provider has doubts that the provided information by their customer is accurate, it must take additional measures to ensure its veracity. This countermeasure would also ensure that no identity theft or wallet hacking has taken place.

The Financial Sanctions Regulation Guideline of the Ministry of Finance states: “If no mitigating measures can be taken, if measures require too much effort or if there is too much residual risk, then the risk must not be taken. In the case of sanctions, there can be virtually no acceptable level of residual risk because the material prohibitions of the sanctions regulations must be observed.”

During the screening process of the counterparties, the service provider may hold the funds in an omnibus wallet before releasing them to the intended party.

Question 3:

What does the risk analysis consist of?

Answer:

Depending on the type of wallet that partakes in the transaction (hosted/unhosted) different risks emerge, hence different levels of risk analysis must be employed.

Risks that may be considered in the analysis include but are not limited to:

• Business models
• Supervisory status of the provider’s target customer group
• The payment and payout options for fiat money
• The customer’s risk and transaction profile
• Geographical risks
• Relevant metadata (e.g. IP address)
• Peer-to-peer transactions
• Characteristics of the supported crypto currencies