The European Commission has set out new legislative proposals to make crypto transfers more traceable. While the plans will close some existing loopholes, the impact on cybercrime is likely to be minimal, experts say. Credit: MixMagic / Getty Images The European Commission (EC) has set out new legislative proposals to strengthen its anti-money laundering (AML) and countering terrorism financing (CFT) rules to tackle financial crime. A key element of those proposals includes changes to make crypto asset transfers more traceable and secure by forcing companies to collect certain details on recipients and senders and prohibiting the use of anonymous cryptocurrency wallets.In a press release announcing the legislative proposals, the EC explains how the new laws would enhance traceability of cryptocurrency and why the scale of the problem warrants such action.“At present, only certain categories of crypto asset service providers are included in the scope of EU AML/CFT rules. Today’s amendments will ensure full traceability of crypto asset transfers, such as Bitcoin, and will allow for prevention and detection of their possible use for money laundering or terrorism financing,” the EC writes. “In addition, anonymous crypto asset wallets will be prohibited, fully applying EU AML/CFT rules to the crypto sector.” Under the proposals, a new AML Authority will be created that will be central to coordinating national authorities to ensure the private sector correctly and consistently applies EU rules, with the goal of closing the loopholes that criminals can exploit, said the Commissioner responsible for financial services, financial stability and Capital Markets Union, Mairead McGuinness. The new proposals will be examined by the European Parliament and Council. If passed, they could come into force in 2024.New AML/CFT rules not enough to stop ransomwareWith the new rules, the EU clearly intends to “close loopholes in the existing AML/CFT regime,” says Martha Bennett, VP and principal analyst at Forrester, but she warns that loopholes may still remain that cybercriminals will take advantage of. “The prohibition on anonymous crypto asset wallets is in line with the latest FATF Travel Rule proposals, and hence no surprise,” Bennett tells CSO. “However, according to some unverified reports, non-custodial privacy wallets and unhosted wallets held by users themselves may be exempt from the proposals, which potentially leaves a loophole.”Bennett believes that any impact on reducing cybercrime such as ransomware will be small in the short term. “As long as cybercriminals can move their coins (as they are, mixed or changed to a different cryptocurrency) to a jurisdiction, or number of jurisdictions, with less oversight but sufficient liquidity, rules like these are an inconvenience, but not a showstopper.” Rather, coordinated, globally action is required to make it increasingly difficult for criminals to access cash and/or launder their coins, she argues. “Only once a certain threshold is reached will regulation act as a deterrent to the type of organized crime groups that are behind the current spate of attacks.”Erhan Temurkan, head of information security at FinTech company Bink, echoes similar sentiments, and while he views the legislation as a positive move that has been a long time coming, he says the overall impact on reducing cybercrime will likely be minimal. “Cybercriminals are known to use what is called Bitcoin tumbler/mixer services whereby an original cryptocurrency is taken and mixed into several microtransactions, and in some cases even into another cryptocurrency in order to conceal the true identity of the original sender. I can see these services being leveraged further when the legislation is introduced.” Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe