top of page
  • Writer's pictureThe Legal Opinions

Identifying, Assessing and Understanding Terrorist Financing Risks in Crypto Asset Activities

Following the issuance of Circular C580, the Cyprus Securities and Exchange Commission (‘CySEC’) wishes to draw all Regulated Entities attention to the published Guidance on identifying, assessing and understanding Terrorist Financing risks in the context of crypto-asset activities. The Guidance aims to assist Regulated Entities engaging or seeking to engage in crypto-asset activities to support their understanding of their obligation to prevent and combat the financing of terrorism and how they can effectively comply with relevant obligations. The information contained in the guidance is not supposed to be exhaustive, but instead aims to provide helpful consideration for CySEC’s Regulated Entities to identify, assess and understand terrorist financing risks in order to effectively implement a risk-based approach.

Similar to other financial products, crypto assets have features which present risks for facilitating criminality including terrorist financing and money laundering, Regulated Entities are expected to take into account the particular nature of crypto assets as well as the underlying and associated technologies that can impact the risks arising from them. The heightened risk involved in crypto asset services may stem from the anonymous and global nature of the transactions, as well as other factors.

At a minimum, the following risk factors should be considered:

  • Is the customer or beneficial owner a listed person or subject to any restrictive measures or sanctions, or linked to any such person?

  • Is the customer or beneficial owner a person who is publicly known to be under investigation or convicted of terrorist activity or has links to such a person?

  • Does the customer carry out transactions involving countries where groups committing terrorist offences are known to be operating or are known to be sources of terrorist funding?

  • Is the customer a non-profit organisation whose activities are known to be associated with extremism or terrorist sympathies; or whose transaction behaviour is characterised as bulk transfers of large amounts of funds to jurisdictions associated with Money Laundering (‘ML’) / Terrorist Financing (‘TF’) risk?

  • Does the customer carry out transactions characterised by large flows of money in a short period of time, involving non-profit organisations with ambiguous links?

Despite the low number of Suspicious Activity Reports and Suspicious Transaction Reports related to crypto assets, various studies indicate that the TF risk does exist, albeit international evidence illustrates that the use of crypto assets has not replaced traditional TF methods, as criminals tend to use pre-existing financial services for TF. The Council or Europe’s Committee of Experts on the Evaluation of Anti-Money Laundering Measures and the Financing of Terrorism (‘Moneyval’), noted that due to Cyprus being an International Financial Centre and its proximity to conflict areas, it is rated as medium TF risk.

Pursuant to Article 58(A) of the AML /CFT Law, Regulated Entities should apply appropriate policies, controls and procedures in relation to risk assessment and management in proportion to the nature and size of the Regulated Entity. In addition to carrying out customer due diligence measures under Article 60 of the AML/CFT Law, customer due diligence measures, should also be carried out when there is suspicion of AML /TF; in such instances, customer identification and due diligence procedures should be applied regardless of the amount of any derogation, exemption or minimum threshold pursuant to the provisions of the Law.

Transactional analysis tools using blockchain technologies allow transactions and crypto assets to be traced, such tools are essential elements when dealing with crypto assets; although necessary, the use of such tools is not adequate in itself, Regulated Entities are expected to understand the risks of crypto assets in relation to TF across the spectrum of their operations; the level of transaction monitoring should be based on the CASP’s institutional risk assessment and individual customer risk profiles on a risk based approach, this should be reviewed regularly to ensure that they are in line with the CASP’s TF /AML risk program. Transaction monitoring is an essential element in identifying transactions that do not align with the expected behaviour relating to the customer’s profile or deviate from the usual pattern of transactions. Particularly, Regulated Entities should be aware of common trigger events, such as transactions involving individuals or entities on terrorism watchlists or sanctions lists or adverse media, customer information involving high risk countries which may be known for terrorist activity.

The following are Red Flag indicators which the FATF highlight in their Report among others:

  • Technological features that increase anonymity

  • Geographical risks

  • Transaction patterns,

  • Transaction size and frequency

  • Sender or recipient profiles

  • Source of funds or wealth

The Regulated Entities should have full comprehension of the customer’s economic profile and account activity to enable them to identify suspicious transactions. Where suspicious transactions are identified the Compliance Officer should notify the Unit for Combating Money Laundering (MOKAS) via a report as soon as possible, the report should be produced in a way which would allow it to be printed at any time. In order to assist in the detection of suspicious activity, Regulated Entities must ensure their staff are appropriately trained and have awareness of trigger events, red flags, Terrorist Financing typologies and what could constitute as unusual activity.


For advice and assistance with matters relating to the information in this article, please contact our team of professionals.


Written by Andie Henderson - Legal and Compliance Associate | The Legal Opinions



bottom of page