Estonia has joined the list of countries that have implemented the Financial Action Task Force’s (FATF’s) Travel Rule. Estonia’s Ministry of Interior Affairs first began issuing crypto licenses in 2017. In 2020, this responsibility shifted to the Ministry of Finance’s Financial Intelligence Unit (FIU).
On 15 March 2022, Estonia announced they would implement the Travel Rule (Recommendation 16). This implementation was one of the speediest to date; Estonian virtual asset service providers (VASPs) had a mere 3 months to get their organisations compliant.
Estonia has modelled their Travel Rule in line with the FATF’s Updated Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers with some significant differences; there is no de minimis threshold, and VASPs are not required to collect and transmit any personal info about the beneficiary person in the transaction.
Please note: The Money Laundering and Terrorist Financing Prevention Act uses the following terms in favour of the FATF’s choice of terms.
For the purpose of this article, we have followed the terms used by the FATF.
| Estonia’s Money Laundering & Terrorist Financing Prevention Act | Financial Action Task Force (FATF) |
|---|---|
| Provider | Originator |
| Recipient | Beneficiary |
| Virtual currency service provider | Virtual asset service provider |
What is the scope of the Travel Rule in Estonia?
Estonia’s Travel Rule amendments target VASPs operating and registered in Estonia.
Foreign VASPs wishing to provide services in Estonia will need to register their company in Estonia to operate.
Examples of VASPs include:
crypto exchanges.
crypto transfer providers.
any services related to the issuance of virtual currency.
In order to apply for the Estonian Cryptocurrency Exchange License, VASPs are to meet more stringent requirements; a full list is available in Chapter 8 of the Money Laundering and Terrorist Financing Prevention Act.
Who is the supervisory body for VASPs in Estonia?
The Estonian Ministry of Finance’s Financial Intelligence Unit (FIU)
What is the Travel Rule threshold in Estonia (FIU)?
EUR 0
Is the Travel Rule applicable to unhosted wallets in Estonia?
Yes, if the transaction involves an unhosted wallet (also known as a self-hosted wallet) and a VASP.
In the event of a beneficiary using an unhosted wallet, personally identifiable information (PII) will not need to be requested.
It is expected that the originator VASP performs a risk-based assessment (per the FATF’s guidelines) of the transaction before proceeding.
If the transfer takes place from an unhosted wallet to a VASP, regardless if the originator and beneficiary are one and the same, the VASP will be required to request PII from the originator (§10.2).
If the transaction to or from the unhosted wallet of that client takes place on a regular basis or if the value is high, flags may be raised, and PII can be requested from the beneficiary.
When do you need to comply with the Travel Rule in Estonia?
Now - the Estonian Travel Rule was implemented on 15 March 2022.
What are FIU's requirements for Travel Rule information to be exchanged?
Estonia is following the FATF’s Travel Rule list of information to be exchanged, with one exception: it does not require VASPs to collect and transmit any personal information about the beneficiary customer (§ 25) in certain circumstances.
When performing a transaction, the originator VASP is to collect and retain the following information about the originator customer:
full name,
unique transaction identifier (a combination of letters, numbers or symbols assigned by the virtual currency service provider),
identifier of payment account or virtual currency wallet,
identity number, as per identity document,
address or date of birth.
In normal circumstances - when the VASP does not suspect any nefarious activities - the VASP will be required to collect and retain the following information about the beneficiary customer:
unique transaction identifier,
identifier of payment account or virtual currency wallet.
As per the terms stipulated within the Money Laundering and Terrorist Financing Prevention Act, when the beneficiary’s VASP is unable to receive or process the required information, or if the beneficiary uses an unhosted wallet, the obligation to collect the data mentioned above will fall upon the originator VASP (§2.7).
Additionally, the originator VASP will need to prove that they have used an appropriate technical solution to monitor the transaction in real time and that a thorough risk analysis has been conducted (§25. 28).
Which regulations are applicable to the Estonian Travel Rule?
Estonia will rely on more than one regulatory body for the regulation of crypto companies, as various Estonian agencies regulate different cryptocurrency activities.
A list of responsible parties includes:
Ministry of Finance in Estonia, responsible for putting tax, fiscal, and financial policies into action and suggesting rules that would apply to virtual currencies.
Estonian Financial Supervision and Resolution Authority responsible for regulating those who work in the financial services sector and carrying out crisis-resolution duties. The Authority makes decisions on its own accord.
Estonian Financial Intelligence Unit, which falls under the Ministry of Finance's purview, is responsible for overseeing transactions to combat financial crime. The Unit has the authority to issue and cancel licenses for virtual currencies.
Estonian Tax and Customs Board, virtual assets are considered property (§15 (1) of Chapter 3 of the Income Tax Act) in Estonia and are taxed as such.
