Virtual Asset Service Providers (or VASPs) are now regulated in Mauritius. The AML obligations have not yet been laid down in detail, but compliance professionals can expect that the minimum standards which will be prescribed will be as per FAFT recommendations and guidance.
It must be pointed out however that the new licensing regime applies only to centralized VASPs and cryptocurrency exchanges (those operating under a central authority). Decentralized cryptocurrency exchanges are not regulated (this is a challenge faced by regulators worldwide – and we will come back to the risks posed by such exchanges and how to address those later).
In broad terms, the AML/CFT obligations prescribed by the FATF for VASPs are like those required for other financial service providers. VASPS must implement suitable due diligence measures for customers using a risk-based approach and monitor their transactions throughout the business relationship based on their risk profiles.
Under the FATF recommendations, VASPs are required to:
👉 Conduct customer risk assessment: VASPs must conduct appropriate assessments of the AML/CFT risk that their customers present.
👉 Adhere to record-keeping and reporting: VASPs must comply with relevant record-keeping and reporting, audit, and disclosure requirements.
👉 Conduct customer due diligence: VASPs should establish and verify the identities of their customers prior to commencing business relationships. The CDD process should involve the identification and verification of names, addresses, dates of birth although, in a cryptocurrency context, digital identifiers such as scans of official documents and biometric information may also be necessary.
👉 Conduct transaction monitoring: VASPs should monitor the transactional behavior of their customers to spot activity that does not match their established risk profile and that could indicate criminal activity.
👉 Screen and monitor customers: VASPs should screen their customers against international sanctions and watchlists, for politically exposed person (PEP) status, and for their involvement in adverse media stories.
👉 Implement the ‘travel rule’: the so-called rule refers to recommendation 16 of the FATF guidelines which guards against money laundering and other illegal actions. The new Travel Rule guidance recommends Virtual Asset Service Providers (VASPs) to share certain identifying information about the recipient and receiver for cryptocurrency transactions over USD/EUR 1000 globally.
How can we help?
We can provide you with AML/CFT compliance assistance tailored to your business activities. Our expertise and experience in the sector enables us to design, manage, and audit the compliance framework to prevent impediments to future compliance. Thus, avoiding the risks and penalties of non-compliance and allowing for more efficient and effective compliance plans, policies and procedures moving forward.
Reach out to us on 5 255 8827 or contact@arrowheadsglobal.com for a quick chat.
Arrowheads Consultants Blog 