No minimum threshold. All crypto transfers must include sender and recipient data. Unhosted wallet transfers face special requirements.

The recast Transfer of Funds Regulation (TFR), applying the FATF Travel Rule to crypto-assets, has been in force since December 2024. By 2026, enforcement is active and MiCA-authorized CASPs must have compliant processes for collecting, verifying, and transmitting required information with every transfer.

What the rule requires

The EU Travel Rule regulation mandates that crypto-asset transfers include:

Originator information: Name, account number (wallet address), and either address, national ID number, customer ID number, or date and place of birth.

Beneficiary information: Name and account number (wallet address).

Unlike the traditional banking Travel Rule (which applies only to transfers over USD/EUR 1,000), the EU crypto Travel Rule has no minimum threshold. Every transfer, regardless of amount, requires this information.

CASP-to-CASP transfers

When a customer sends crypto from one licensed CASP to another, the originating CASP must:

Verify the originator's identity (already required under AML rules)
Collect the beneficiary's name and wallet address
Transmit this information to the receiving CASP along with the transfer

The receiving CASP must:

Verify the information received matches their customer records
Reject or flag transfers with missing or inconsistent information
Report suspicious transfers to their national FIU

In practice, this requires integration with Travel Rule messaging protocols (TRUST, Shyft, Notabene, etc.) or direct bilateral arrangements with counterparty CASPs.

The unhosted wallet problem

Transfers to and from unhosted (self-custody) wallets face additional requirements. When a customer sends to their own external wallet or receives from one, the CASP must:

Collect a statement from the customer identifying the wallet's owner
For transfers over EUR 1,000, verify ownership through blockchain analytics, signed messages, or micro-deposits
Maintain records for potential regulatory review

CASPs cannot simply block unhosted wallet transfers. The regulation permits them but requires additional due diligence.

Technical implementation

Compliance requires changes at multiple levels:

User interface: Withdrawal and deposit flows must capture beneficiary/originator information. Users sending to external addresses must provide recipient details.

Backend systems: Integration with Travel Rule protocols for messaging between CASPs. Most platforms use third-party solutions (Notabene, Shyft Network, etc.) rather than building from scratch.

Analytics: Blockchain analytics tools to assess unhosted wallet ownership claims and flag inconsistencies.

Compliance workflows: Processes for handling incomplete information, escalating suspicious transfers, and maintaining audit trails.

Enforcement reality

National competent authorities are beginning to audit Travel Rule compliance as part of broader MiCA supervision. The first enforcement actions for Travel Rule failures are expected in 2026.

The European Banking Authority (EBA) has issued guidance on Travel Rule implementation, including what constitutes "best efforts" when counterparty CASPs don't respond to information requests.

Exchanges that block transfers to non-compliant counterparties or unhosted wallets rather than implementing proper Travel Rule processes may face criticism from regulators and users alike. The regulation doesn't prohibit these transfers. It requires information collection.

For compliant CASPs, the Travel Rule adds friction and cost but doesn't fundamentally change the business model. For non-compliant operators, it's another reason why operating in the EU without proper authorization becomes increasingly difficult.