- Countries should consider virtual assets as “property,” “proceeds,” “funds,” “funds or other assets,” or other “corresponding value”. |
There is still no certainty about virtual asset’s legal status. However, as it has stated by Law 10/2010, virtual currencies are accepted as a means of exchange. It is considered by some legal doctrine as digital movable property. |
Countries should identify, assess, and understand the money laundering and terrorist financing risks emerging from virtual asset activities and the activities or operations of virtual asset service providers. Based on that assessment, countries should apply a risk-based approach to ensure that measures to prevent or mitigate money laundering and terrorist financing are commensurate with the risks identified. - Countries should require virtual asset service providers to identify, assess, and take effective action to mitigate their money laundering and terrorist financing risks. |
In accordance with this, the Directive UE 2018/843 has stated some risks and measures to prevent them. For instance, the pseudo anonymity of the users or clients can be solved by the implementation of remote mechanisms based on real identification. Anonymity is closely related to red flags because it allows virtual asset service providers to develop other measures related to anti-money laundering legislation, such as “know your client” or “Customer Due Diligence”. The lack of knowledge about the client’s real identity forces virtual asset service providers to operate blindly, placing them in a dangerous position in the face of money laundering among other crimes. |
|
The Directive mentioned above, also obligates virtual asset service providers to identify suspicious activity. However, this ruling clearly states that the anonymity of virtual assets will prevent a complete assessment of risky activities and therefore, the service of the national Financial Intelligence Units “should be able to associate virtual currency address to the identity of the owner of the virtual currency”. Furthermore, it stipulates an assessment of the risks of money laundering to be conducted by the Commission and by each Member-State, that shall have its own authority designated to that end.
|
- Virtual asset service providers should be required to be licensed or registered. At a minimum, virtual asset service providers should be required to be licensed or registered in the jurisdiction where they are created. In cases where the virtual asset service providers area natural person, they should be required to be licensed or registered in the jurisdiction where their place of business is located. Jurisdictions may also require virtual asset service providers that offer products or services to customers in, or conduct operations from, their jurisdiction to be licensed or registered in this jurisdiction. Competent authorities should take the necessary legal or regulatory measures to prevent criminals or their associates from holding, or being the beneficial owner of, a significant or controlling interest, or holding a management function in, a virtual asset service provider. Countries should take action to identify natural or legal persons that carry out Virtual Asset Service Provider activities without the requisite license or registration, and apply appropriate sanctions. |
Accordingly, the second additional provision of the Real Decree 7/2021 requires virtual asset service providers to enroll in a registry set up for this purpose within the Bank of Spain. established that any legal or natural person of any nationality offering or supplying the following services in Spain must be enrolled in the registry set up for this purpose at the Bank of Spain: - Exchange of virtual currency into fiat currency. - Cryptographic key safekeeping or custody services on behalf of its customers for the holding, storage and transfer of virtual currencies. To sum up, registration of natural persons providing these services is also mandatory when they settle their activity, the address or administration in Spain, regardless the location of the customers receiving the service. The same rule applies to legal persons that provide these services and are established in Spain. |
- Virtual asset service providers should be subject to effective systems for monitoring and ensuring compliance with national anti-money laundering requirements. They should also be supervised or monitored by a competent authority which should conduct risk-based supervision or monitoring. It excludes the possibility of self-regulation. Supervisors should have adequate powers to supervise or monitor and ensure compliance by virtual asset service providers with requirements to combat money laundering and terrorist financing including the authority to conduct inspections, compel the production of information, and impose sanctions. Supervisors should have powers to impose a range of disciplinary and financial sanctions, including the power to withdraw, restrict or suspend the virtual asset service providers ´s license or registration, where applicable. |
Since the inclusion of the vasps to the law 10/2010, they are subject to the administrative bodies for the prevention on money laundering. Specifically, they are subject to the commission for the prevention of money laundering; to the secretary of the commission; and to the SEPBLAC, which is the FIU of Spain. |
- Countries should ensure that there is a range of effective, proportionate and dissuasive sanctions, whether criminal, civil or administrative, available to deal with the virtual asset service providers that fail to comply with anti-money laundering requirements, in line with Recommendation 35. Sanctions should be applicable not only to the virtual asset service providers, but also to their directors and senior management. |
As it was analyzed before, in Spain coexist two different legal frameworks aiming to prevent and punish money laundering. It is also important to mention that according article 31 bis and 301 and following of its Penal Code, this legal framework applies to both legal and natural persons. It also needs to be underscored that Law 10/2010 established compliance programs applied to virtual assets service providers according to articles 26, 26 bis and following. |
- Finally, it strengthens international cooperation. In particular, it provides that supervisors must share information “rapidly, constructively and effectively” with their foreign counterparts regardless of the supervisor´s nature or status and differences in virtual asset service provider´s nomenclature or status. |
Among other provisions in this area, it is important to highlight that the Directive EU 2018/849 provides the establishment of a central registry for data consultation and several times mentions the cooperation and the sharing of information between the member states’s FIUs. |