StateBay
BlogCrypto

EU Crypto Travel Rule Takes Effect: Compliance Requirements for 2026

3 min read
Crypto transfer illustration showing Travel Rule information flow between exchanges

No minimum threshold. All crypto transfers must include sender and recipient data. Unhosted wallet transfers face special requirements.

The recast Transfer of Funds Regulation (TFR), applying the FATF Travel Rule to crypto-assets, has been in force since December 2024. By 2026, enforcement is active and MiCA-authorized CASPs must have compliant processes for collecting, verifying, and transmitting required information with every transfer.

What the rule requires

The EU Travel Rule regulation mandates that crypto-asset transfers include:

Originator information: Name, account number (wallet address), and either address, national ID number, customer ID number, or date and place of birth.

Beneficiary information: Name and account number (wallet address).

Unlike the traditional banking Travel Rule (which applies only to transfers over USD/EUR 1,000), the EU crypto Travel Rule has no minimum threshold. Every transfer, regardless of amount, requires this information.

CASP-to-CASP transfers

When a customer sends crypto from one licensed CASP to another, the originating CASP must:

  • Verify the originator's identity (already required under AML rules)
  • Collect the beneficiary's name and wallet address
  • Transmit this information to the receiving CASP along with the transfer

The receiving CASP must:

  • Verify the information received matches their customer records
  • Reject or flag transfers with missing or inconsistent information
  • Report suspicious transfers to their national FIU

In practice, this requires integration with Travel Rule messaging protocols (TRUST, Shyft, Notabene, etc.) or direct bilateral arrangements with counterparty CASPs.

The unhosted wallet problem

Transfers to and from unhosted (self-custody) wallets face additional requirements. When a customer sends to their own external wallet or receives from one, the CASP must:

  • Collect a statement from the customer identifying the wallet's owner
  • For transfers over EUR 1,000, verify ownership through blockchain analytics, signed messages, or micro-deposits
  • Maintain records for potential regulatory review

CASPs cannot simply block unhosted wallet transfers. The regulation permits them but requires additional due diligence.

Technical implementation

Compliance requires changes at multiple levels:

User interface: Withdrawal and deposit flows must capture beneficiary/originator information. Users sending to external addresses must provide recipient details.

Backend systems: Integration with Travel Rule protocols for messaging between CASPs. Most platforms use third-party solutions (Notabene, Shyft Network, etc.) rather than building from scratch.

Analytics: Blockchain analytics tools to assess unhosted wallet ownership claims and flag inconsistencies.

Compliance workflows: Processes for handling incomplete information, escalating suspicious transfers, and maintaining audit trails.

Enforcement reality

National competent authorities are beginning to audit Travel Rule compliance as part of broader MiCA supervision. The first enforcement actions for Travel Rule failures are expected in 2026.

The European Banking Authority (EBA) has issued guidance on Travel Rule implementation, including what constitutes "best efforts" when counterparty CASPs don't respond to information requests.

Exchanges that block transfers to non-compliant counterparties or unhosted wallets rather than implementing proper Travel Rule processes may face criticism from regulators and users alike. The regulation doesn't prohibit these transfers. It requires information collection.

For compliant CASPs, the Travel Rule adds friction and cost but doesn't fundamentally change the business model. For non-compliant operators, it's another reason why operating in the EU without proper authorization becomes increasingly difficult.

Related Jurisdictions

Germany flagGermanyFrance flagFranceNetherlands flagNetherlandsIreland flagIrelandLithuania flagLithuania

Related Articles

Global digital currency landscape showing CBDC and stablecoin regulatory divergence across China US and EU approaches
BlogCrypto
Apr 14, 2026

CBDC Pilots Reshape the Stablecoin Landscape: Who Bans, Who Coexists, Who Retreats

China banned yuan-linked stablecoins and made its CBDC interest-bearing. The US banned CBDCs and legalized stablecoins. The EU wants both to coexist under caps. Three approaches, three different futures for digital money.

Institutional trading floor with digital screens representing crypto prime brokerage licensing across MiCA US and UK regulatory frameworks
BlogCrypto
Apr 11, 2026

Crypto Prime Brokerage Licensing 2026: What Institutional Intermediaries Need

No jurisdiction issues a dedicated crypto prime brokerage license. Firms piece together custody, execution, and financing permissions from existing frameworks. Here is what that actually looks like under MiCA, US rules, and the UK's incoming regime.

Astana Kazakhstan AIFC financial district with Expo buildings representing digital asset licensing and crypto exchange regulation
BlogCrypto
Apr 4, 2026

Kazakhstan AIFC Digital Asset License: What Crypto Firms Actually Need

Kazakhstan's AIFC has licensed 29 digital asset service providers including Binance and ByBit, with $6.8 billion in trading volume through September 2025. Here is what the license actually costs, how long it takes, and whether the tax exemption through 2066 is as good as it sounds.

ESMA reverse solicitation guidelines under MiCA showing narrow exemption for non-EU crypto firms serving European clients
BlogCrypto
Mar 26, 2026

Reverse Solicitation Under MiCA: When Crypto Firms Can Serve EU Clients Without a License

ESMA's guidelines on MiCA reverse solicitation make one thing clear: Article 61 is an exception so narrow it barely exists. Non-EU crypto firms treating it as a business model are building on sand.