Recast Funds Transfer Regulation – Notification Requirement for Payment Service Providers (PSP) and Crypto-asset Service Providers (CASP)

“PSPs and CASPs that repeatedly fail to provide required information on transfer of funds and certain Crypto-assets”

The Central Bank of Ireland (the Central Bank) is the competent authority in Ireland for the purposes of Regulation (EU) 2023/1113 of the European Parliament and of the Council of 31 May 2023 (The Recast Funds Transfer Regulation) (amending Directive (EU)) 2015/849), which sets out rules on the information on payers and payees which must accompany transfers of funds and information on the originator and beneficiary accompanying certain crypto-assets.  Its main objective is to make the abuse of funds and certain crypto-asset transfers for terrorist financing and other financial crime purposes more difficult, and to enable relevant authorities to fully trace such transfers where this is necessary to prevent, detect or investigate money laundering and terrorism financing (ML/TF).

Under the Recast FTR, payment service providers (to include intermediary payment service providers ‘IPSP’) (PSPs) and Crypto-asset service providers (to include intermediary crypto-asset providers ‘ICASPs’) (CASPs) must ensure the information required on the payer and/or the payee, or the originator and/or beneficiary, is not missing or incomplete.  PSPs and CASPs are also required to notify the Central Bank upon identifying a repeatedly failing PSP. 

A PSP and CASP (to include IPSP and ICASPs) are  more fully defined in Articles 3 (5), (6), (15) & (16) of the Recast FTR. ‘Transfer of funds’ and ‘Transfer of Crypto-assets’ are defined in Articles 3(9) & (10) of the Recast FTR.

This page explains the steps, which PSPs and CASPs should take, to meet the notification requirement under the Recast FTR.

If a PSP or CASP has identified another PSP or CASP as repeatedly failing to provide required information (e.g. the payer’s name, the beneficiary) a notification should be submitted to the Central Bank at the following email address: [email protected]

The notification should include:

1. The name of the PSP or CASP identified as repeatedly failing to provide the required information;
2. The country in which the PSP or CASP is authorised;
3. The nature of the breach, including:
   1. The frequency of transfers of funds or crypto-assets with missing information,
   2. The period of time during which the breaches were identified and
   3. Any reasons the PSP or CASP may have given to justify their repeated failure to provide the required information;
4. Details of the steps the reporting PSP or CASP has taken.

The material provided need only be a brief summary.  A report template for submission is provided here.  This notification should be made without undue delay, and no later than three months after identifying the repeatedly failing PSP.

Reporting should take place regardless of the reasons given by the repeatedly failing PSP or CASP, if any, to justify the breach, or their locations in the Union or outside.

Once the Central Bank has received notifications, it will assess what if any action is required based on the information provided, and it will pass them on to the European Banking Authority.

Further guidance on measures PSPs or CASPs can take to meet the Regulation’s requirements, including considerations for PSPs or CASPs in determining what may constitute a repeated failing by a PSP, is provided in the European Banking Authorities (EBAs)  Travel Rule Guidelines available here.

Any queries in relation to the requirements set out above, can also be submitted to the email address:  [email protected]