General information only. CryptoRegHub provides summaries for informational purposes and does not constitute legal or compliance advice. Always verify with official sources and consult qualified legal counsel before making compliance decisions.
CryptoRegHub provides plain-English summaries of crypto regulations for informational purposes only. This does not constitute legal, compliance, or financial advice. Regulations change frequently — always verify information with official sources and consult qualified legal counsel before making any compliance decisions.
Under the Bank Secrecy Act (BSA) and FinCEN's regulations, crypto businesses that accept and transmit value — including centralised exchanges, custodial wallet providers and certain DeFi platforms — are classified as "money services businesses" (MSBs) and specifically as "money transmitters." FinCEN clarified in 2013 that virtual currency exchangers and administrators are MSBs. As of 2020, FinCEN extended BSA obligations to certain non-custodial wallet interactions. The GENIUS Act reinforces this by treating payment stablecoin issuers explicitly as financial institutions under the BSA. FinCEN's Travel Rule (31 CFR 1010.410) requires money transmitters to collect and transmit originator/beneficiary information on transfers of USD 3,000 or more.
Applies to any business in the United States (or doing business substantially within the US) that: exchanges virtual currency for real currency or other virtual currencies; or transmits virtual currency as a business. This includes centralised crypto exchanges, crypto ATM operators, custodial wallet providers, and certain DeFi platforms where a centralised party has control. Peer-to-peer users transacting for their own purposes are generally not in scope. Non-custodial wallet software providers are generally not MSBs absent other factors.
Key requirements: (1) Registration with FinCEN as a money services business (MSB) — renewal every two years. (2) Written AML programme covering: internal controls, independent audit, designation of a compliance officer, ongoing employee training. (3) Customer Identification Programme (CIP) — verify identity of customers at account opening. (4) Suspicious Activity Reports (SARs): file with FinCEN within 30 days of detecting a transaction of USD 2,000 or more that involves suspected illegal activity. (5) Currency Transaction Reports (CTRs): report transactions of over USD 10,000 in cash. (6) Travel Rule (31 CFR 1010.410): for transfers of USD 3,000 or more, must obtain and retain full originator and beneficiary information and transmit it to the receiving institution. (7) OFAC sanctions screening: screen all customers and transactions against OFAC SDN and other sanctions lists. (8) Recordkeeping: retain transaction records for 5 years.
Always refer to official sources to confirm current requirements. CryptoRegHub summaries are for general guidance only.
Large fines, licence revocation, or criminal referral risk
This summary is for general informational purposes only and does not constitute legal advice. Always verify with official sources and consult qualified legal counsel.