According to Normative Instruction No. 739, issued on Friday, VASPs will now need to undergo an audit by an approved third-party entity to obtain authorization to operate in Brazil. The requirement adds to an already stringent regulation, making the process of obtaining a license in Brazil more difficult.
Key Takeaways:
Central Bank of Brazil issued Instruction 739, forcing VASPs to get independent audits to secure licenses.Audits must ensure that each VASP is prepared to combat and prevent crypto-linked crime.Following the $5B Hidden Flow case, Brazil’s new rules will next tighten oversight to avoid crypto laundering.The Central Bank of Brazil has introduced yet another requirement to approve the operation of virtual asset service providers (VASPs) in the country.
The audits, referred to as “reasonable assurance reports,” must contain data assessing the VASP’s legal compliance in different aspects, including institutional policy, organizational structure, and employee training; internal risk assessment regarding the use of the company’s products and services in the commission of money laundering and terrorism financing crimes; and procedures designed to get to know your customers.
Furthermore, this report should also assess the readiness of the audited VASP on monitoring, selection, analysis, and reporting of operations and situations suspected of money laundering and the financing of terrorism and weapons of mass destruction; monitoring and analysis of evidence of the occurrence or attempted occurrence of fraud and scams; and administrative asset freezes.
The actions come after Operation Hidden Flow, a high-stakes operation that targeted six fintech companies moving over $5 billion irregularly, detected the use of digital assets for money laundering.
