StateBay
BlogCrypto

EU Crypto Travel Rule Takes Effect: Compliance Requirements for 2026

3 min read
Crypto transfer illustration showing Travel Rule information flow between exchanges

No minimum threshold. All crypto transfers must include sender and recipient data. Unhosted wallet transfers face special requirements.

The recast Transfer of Funds Regulation (TFR), applying the FATF Travel Rule to crypto-assets, has been in force since December 2024. By 2026, enforcement is active and MiCA-authorized CASPs must have compliant processes for collecting, verifying, and transmitting required information with every transfer.

What the rule requires

The EU Travel Rule regulation mandates that crypto-asset transfers include:

Originator information: Name, account number (wallet address), and either address, national ID number, customer ID number, or date and place of birth.

Beneficiary information: Name and account number (wallet address).

Unlike the traditional banking Travel Rule (which applies only to transfers over USD/EUR 1,000), the EU crypto Travel Rule has no minimum threshold. Every transfer, regardless of amount, requires this information.

CASP-to-CASP transfers

When a customer sends crypto from one licensed CASP to another, the originating CASP must:

  • Verify the originator's identity (already required under AML rules)
  • Collect the beneficiary's name and wallet address
  • Transmit this information to the receiving CASP along with the transfer

The receiving CASP must:

  • Verify the information received matches their customer records
  • Reject or flag transfers with missing or inconsistent information
  • Report suspicious transfers to their national FIU

In practice, this requires integration with Travel Rule messaging protocols (TRUST, Shyft, Notabene, etc.) or direct bilateral arrangements with counterparty CASPs.

The unhosted wallet problem

Transfers to and from unhosted (self-custody) wallets face additional requirements. When a customer sends to their own external wallet or receives from one, the CASP must:

  • Collect a statement from the customer identifying the wallet's owner
  • For transfers over EUR 1,000, verify ownership through blockchain analytics, signed messages, or micro-deposits
  • Maintain records for potential regulatory review

CASPs cannot simply block unhosted wallet transfers. The regulation permits them but requires additional due diligence.

Technical implementation

Compliance requires changes at multiple levels:

User interface: Withdrawal and deposit flows must capture beneficiary/originator information. Users sending to external addresses must provide recipient details.

Backend systems: Integration with Travel Rule protocols for messaging between CASPs. Most platforms use third-party solutions (Notabene, Shyft Network, etc.) rather than building from scratch.

Analytics: Blockchain analytics tools to assess unhosted wallet ownership claims and flag inconsistencies.

Compliance workflows: Processes for handling incomplete information, escalating suspicious transfers, and maintaining audit trails.

Enforcement reality

National competent authorities are beginning to audit Travel Rule compliance as part of broader MiCA supervision. The first enforcement actions for Travel Rule failures are expected in 2026.

The European Banking Authority (EBA) has issued guidance on Travel Rule implementation, including what constitutes "best efforts" when counterparty CASPs don't respond to information requests.

Exchanges that block transfers to non-compliant counterparties or unhosted wallets rather than implementing proper Travel Rule processes may face criticism from regulators and users alike. The regulation doesn't prohibit these transfers. It requires information collection.

For compliant CASPs, the Travel Rule adds friction and cost but doesn't fundamentally change the business model. For non-compliant operators, it's another reason why operating in the EU without proper authorization becomes increasingly difficult.

Related Jurisdictions

Germany flagGermanyFrance flagFranceNetherlands flagNetherlandsIreland flagIrelandLithuania flagLithuania

Related Articles

ESMA reverse solicitation guidelines under MiCA showing narrow exemption for non-EU crypto firms serving European clients
BlogCrypto
Mar 26, 2026

Reverse Solicitation Under MiCA: When Crypto Firms Can Serve EU Clients Without a License

ESMA's guidelines on MiCA reverse solicitation make one thing clear: Article 61 is an exception so narrow it barely exists. Non-EU crypto firms treating it as a business model are building on sand.

Global crypto mining regulation map showing licensing requirements energy compliance rules and jurisdiction comparisons for 2026
BlogCrypto
Mar 14, 2026

Crypto Mining Regulation 2026: Licensing and Energy Compliance

Crypto mining regulation has moved from an afterthought to a frontline policy issue. Energy reporting mandates, licensing requirements, and outright bans are reshaping where mining operations can profitably exist.

World map with tax rate indicators for different countries showing varied approaches to cryptocurrency taxation
BlogCrypto
Mar 10, 2026

Crypto Tax Treatment 2026: How 15 Countries Tax Digital Assets

A country-by-country breakdown of how 15 jurisdictions actually tax crypto in 2026, from Germany's one-year exemption to Japan's punishing 55% top rate.

Legal classification framework showing crypto tokens evaluated against securities regulations across multiple jurisdictions
BlogCrypto
Feb 28, 2026

Crypto Token Classification 2026: When Your Token Needs a Securities License

The line between utility token and security depends on jurisdiction, token structure, and how you sell it. Misclassifying costs more than getting a license would have.