New money laundering rules are shaking up the European Union’s cryptocurrency landscape as its 28 member states rush to comply with AMLD5, the Fifth Anti-Money Laundering Directive, which came into force on Friday.

Last week, stringent new licensing rules set out by financial watchdogs in the UK, the Netherlands and Austria left some crypto businesses unwilling or unable to meet the requirements.

Amsterdam-based crypto derivatives exchange Deribit announced plans on Thursday to relocate to Panama, citing ”too-high barriers for the majority of traders, both regulatory and cost-wise." 

Meanwhile, UK-based Bitcoin payments startup Bottle Pay announced last month that it would shut up shop, for similar reasons.

Registration, KYC and AML for crypto exchanges

The new 5MLD rules mean that crypto exchanges and custodians must register with their local regulator and comply with know-your-customer (KYC) and anti money laundering (AML) procedures—the same regulatory requirements as banks and other financial institutions—to disclose their traders’ identities and report suspicious activity.

Unless determined to operate outside the new laws, crypto firms must either capitulate, partner up with a licensed institution, shutter or flee. 

Member states are also supplementing and beefing up the legislation in their jurisdiction to correspond with updated recommendations by the Financial Action Task Force (FATF), an international body with 39 member countries.

FATF guidance published in June goes further than AMLD5 and includes crypto-to-crypto exchanges within its definition of cryptocurrency businesses subject to the new anti-money laundering rules.  

Particularly onerous is its so-called “travel rule,” which requires cryptocurrency startups to produce details of senders and recipients of money transfers, including their names, addresses and bank accounts.  

Austria’s goes above and beyond AMLD5

Austria introduced stringent new rules for crypto-asset businesses on Thursday. Crypto-asset businesses in Austria will now have to apply for a license to the country's financial watchdog, the Financial Market Authority (FMA), as part of the AML rules. Failure to apply will incur a maximum fine of €200,000 (approximately $221,000.)

The new law applies to companies that issue, sell, transfer, trade, and exchange cryptocurrencies and includes crypto exchanges, ATMs, peer-to-peer platforms, custodian wallet providers and token issuers.

Austria’s rules are therefore a stricter implementation of AMLD5, which provides a broad definition of crypto assets and simply terms them “financial instruments.”

License applicants must show to the Austrian financial watchdog that they possess sufficient capability, coherence, and solvency to run the business.

Larger crypto exchanges like Bitstamp and Kraken are reportedly already registered and in compliance with the new requirements, as is brokerage firm Bitpanda.

Brexit complicates the UK’s 5MLD position

The UK’s situation is unique, with an imminent Brexit introducing additional complexity. 

For now, as part of the EU, AMLD5 is applicable. On Friday, the UK’s Financial Conduct Authority announced that it will supervise all AML crypto-related activity from January 10, and will require crypto firms to register and existing business not registered to cease trading. Businesses must submit a completed application for registration by June 2020.

The proposed cost of the registration is £5,000 (approx $6,500), with an annual fee yet to be decided upon. 

The announcement raised concerns that an extra-restrictive implementation of AMLD5 would also apply to non-custodial wallets, and that it would compromise firms such as crypto payment card provider Wirex, who would find it impossible to comply. 

Firms will have until 20 October 2020 to carry out the registration process. 

The Netherlands misses the EU’s deadline

The Netherlands will miss the EU deadline after a battle between legislators and the cryptocurrency industry. Feisty Dutch crypto startups argued that the strict interpretation of the law proposed would stifle fledgling businesses. 

The law is now under discussion in the Dutch Senate, amid fears that it may not be agreed until the end of February or even later. 

But some Dutch crypto businesses have already given up the ghost. Simplecoin, a crypto mining platform, shut down last month, blaming lack of privacy and bureaucratic licensing fees as a result of 5MLD.

France and Germany are ahead of the game

France is ahead of many other countries, as it adopted a regulatory framework for crypto assets in April 2019, and the new rules of digital asset service providers were published on December 20. The regulators also recently approved the country’s first initial coin offering (ICO).

Germany introduced new regulations in November, which insist that any service operating in Germany requires either a German license or for the provider to partner with license holder.

The regulations have already impacted major industry players. Bitpay, the payment processor, which facilitates both crypto and fiat transactions, announced last week that it will no longer provide services to German customers.

Finland started regulating the country’s crypto industry in May, and five crypto service providers, including Localbitcoins, were licensed by the country’s Financial Supervisory Authority (Fin-FSA) in November.

Malta, known as “Blockchain Island” for its welcoming approach to cryptocurrency businesses, issued regulations in 2018. It allowed crypto companies to apply to its regulator, the Malta Financial Services Conduct Authority, for a license by October last year, and operate under a provisional license until then. This transitionary period has since been extended, license applicants told Decrypt.

The MFSA did not reply to requests for further information and no licenses have been issued to date. 

AMLD5: the missed opportunity

The AMLD5 provides much-needed clarity and could persuade banks to become more open to servicing crypto companies, attracting more institutional capital. But it’s also introduced complexity, as it’s been implemented and interpreted differently from one European country to the next. 

Passporting has, to date, ensured that a crypto company with a license in one European jurisdiction is free to offer its services to other member states. But Germany, for instance, has beefed up its regulations by requiring companies to apply for a license or partner with a German license holder. 

Germany has sweetened the regulatory pill by allowing banks and other licensed entities to become cryptocurrency custodians, thus encouraging mainstream adoption. 

But increasing scrutiny, fees, the need to maintain an office and other requirements being heaped on European crypto-asset startups will limit the services that have been readily available to the crypto community in Europe to date. To what extent is not yet clear. Only as deadlines to apply for licenses expire will the consequences—both positive and negative—become fully apparent, with a new crypto map for Europe rising from the murk.