Armenia -- AML/CFT Compliance Regulatory Overview

**Law of the Republic of Armenia on Combating Money Laundering and Terrorist Financing (ՀՀ օրենքը «Փողերի լվացման և ահաբեկչության ֆինանսավորման դեմ պայքարի մասին»):** This is the primary legislation. It mandates financial institutions, including VASPs, to implement robust AML/CFT measures, which inherently include sanctions screening.

These amendments align Armenia with FATF Recommendation 15 on new technologies, which requires countries to regulate and supervise VASPs for AML/CFT purposes. The Travel Rule application to VASPs has been clarified as distinct from the core Recommendation 15 VASP regulatory requirements.

**Regulations and Decisions of the Central Bank of Armenia (CBA):** The CBA issues specific rules and guidelines that obligated entities, including VASPs, must follow to comply with the AML/CFT Law. These provide practical guidance on implementing customer due diligence, suspicious transaction reporting, and record-keeping.

The Central Bank of Armenia (CBA) is Armenia's central bank and national financial authority, responsible for monetary policy, financial stability, regulation and supervision of the financial sector, issuance and circulation of the national currency, payment-system oversight, and AML/CFT oversight through the Financial Monitoring Center.

**Role:** The CBA is the main financial regulator in Armenia and is responsible for licensing, supervision, and enforcement of AML/CFT requirements for financial institutions, and now, VASPs. It sets the regulatory framework and conducts oversight to ensure compliance.

**Financial Monitoring Center (FMC) of the Central Bank of Armenia**

**Role:** The FMC acts as Armenia's Financial Intelligence Unit (FIU). It is responsible for receiving, analyzing, and disseminating suspicious transaction reports (STRs) to law enforcement agencies for investigation. Obligated entities, including VASPs, must report all suspicious activities to the FMC.

**URL (within CBA website):** Information about the FMC can typically be found on the CBA's official website, under sections related to financial stability or supervision. While it doesn't have a separate top-level domain, its functions are integral to the CBA's mandate.

**Identification and Verification of Identity:**

**Individuals:** Obtain and verify the customer's full name, date of birth, place of birth, nationality, residential address, and unique identification number (e.g., passport, national ID card details). Verification typically requires reliable, independent source documents, data, or information.

**Legal Entities:** Obtain and verify the legal entity's name, legal form, address of registered office, registration number, and the names of individuals authorized to act on behalf of the entity.

**Beneficial Ownership:** Identify and take reasonable measures to verify the identity of the beneficial owner(s) of the customer, especially for legal entities and complex structures. This includes understanding the ownership and control structure.

**Purpose and Nature of the Business Relationship:** Understand the purpose and intended nature of the business relationship or transaction.

**Source of Funds/Wealth:** For higher-risk customers or transactions, VASPs may be required to ascertain the source of funds or source of wealth involved.

**Ongoing Monitoring:** Continuously monitor the business relationship and transactions undertaken by the customer to ensure they are consistent with the VASP's knowledge of the customer, their business, and risk profile. This includes reviewing transactions for unusual patterns and ensuring documents, data, or information collected under the CDD process remain current and relevant.

**Politically Exposed Persons (PEPs):** Implement enhanced due diligence measures for customers identified as PEPs, their family members, and close associates.

**Sanctions Screening:** Screen customers and transactions against national and international sanctions lists.

**Risk-Based Approach:** Apply CDD measures according to the level of risk identified for each customer or transaction. This means higher-risk customers or transactions will require Enhanced Due Diligence (EDD), while lower-risk ones may permit Simplified Due Diligence (SDD) under specific conditions.

**Reporting Obligation:** If a VASP knows, suspects, or has reasonable grounds to suspect that funds, virtual assets, or other assets are the proceeds of a criminal activity, or are related to terrorist financing, it must immediately file a Suspicious Transaction Report (STR) with the Financial Monitoring Center (FMC) of the CBA.

**No Tipping-Off:** VASPs and their employees are prohibited from disclosing to the customer or to third parties that an STR has been filed or that an AML/CFT investigation is being conducted (the "no tipping-off" rule).

**Reporting Format:** The FMC typically provides specific forms and electronic channels for submitting STRs.

**Period:** Records related to customer identification data, beneficial ownership information, transaction data (including virtual asset addresses, transaction hashes, amounts, and timestamps), and any STRs filed must be kept for a minimum of **five (5) years** after the business relationship has ended or after the date of the transaction.

**Accessibility:** Records must be easily accessible and provided to competent authorities (CBA, FMC, law enforcement) upon request.

**Data Security:** VASPs must ensure the security and confidentiality of all collected data.

**FATF Travel Rule:** With the 2022 amendments, VASPs in Armenia are also expected to comply with the FATF "Travel Rule" (Recommendation 16). This requires VASPs to obtain, hold, and transmit required originator and beneficiary information (name, account number/virtual asset address, physical address, national ID number or date of birth, and place of birth) for virtual asset transfers above a de minimis threshold (currently USD/EUR 1,000 equivalent).

**Internal Controls and Training:** VASPs are required to establish robust internal AML/CFT policies, procedures, and controls, appoint a dedicated AML/CFT officer, and provide regular training to employees on AML/CFT risks and obligations.

**Licensing:** While specific VASP licensing requirements are still evolving in some aspects, VASPs operating in Armenia are increasingly subject to licensing or registration requirements by the Central Bank of Armenia, similar to other financial service providers.

*While a direct English government link is hard to find for the latest version, the Armenian text is authoritative.*

**General Information on Armenian Legislation:** Legal Acts of the Republic of Armenia (Arlis) (Users can search for the specific law here).

**Central Bank of Armenia (CBA) Regulations:** The CBA issues sub-legal acts, regulations, and guidelines that detail the specific obligations for financial institutions regarding AML/CFT, including for VASPs.

CBA Official Website: Central Bank of Armenia (Look for sections on Financial Supervision, Legal Acts, and AML/CFT). The CBA regulates the financial system with a risk-based approach and AML/CFT guidelines aligned with FATF standards, but shows no evidence of active cryptocurrency or VASP licensing regulation.

**FATF Recommendation 15 (New Technologies) and its Interpretive Note:** This mandates that countries regulate and supervise VASPs for AML/CFT purposes. Key requirements include:

Customer Due Diligence (CDD), including beneficial ownership, has been rewritten by three major regulators by 2026 to shift from a static, checklist-driven obligation to a dynamic, risk-based control framework, with intensified enforcement and evolving expectations beyond traditional fixed filings.

The Travel Rule continues to apply to crypto transfers, but its application has evolved: in the US FinCEN applies the Bank Secrecy Act Travel Rule to convertible virtual currency transactions at and above a $3,000 threshold, while many other jurisdictions (notably the EU and UK) now apply a zero or very low threshold and require Travel Rule data collection and transmission for virtually all cryptoasset transfers, with differing requirements below and above FATF’s recommended $1,000/€1,000 de minimis limit.

**Sanctions screening is an inherent part of CDD and ongoing monitoring for FATF-compliant jurisdictions.**

**UN Sanctions:** These are directly binding on all UN member states, including Armenia. The Armenian government *must* implement UN Security Council resolutions, particularly those related to terrorism financing and proliferation financing (e.g., designations under UNSCR 1267 for Al-Qaeda/ISIS and UNSCR 1988 for the Taliban, and various resolutions concerning Iran, North Korea, etc.).

Armenian VASPs are legally required to screen against and freeze assets of individuals and entities designated by the UN.

**UN Security Council Consolidated List:** UN Security Council

**OFAC (U.S. Department of the Treasury's Office of Foreign Assets Control) Sanctions:**

**Direct Impact:** OFAC sanctions directly apply to U.S. persons, wherever located, and to transactions involving a U.S. nexus (e.g., USD transactions, U.S. technology). If an Armenian VASP engages in transactions involving U.S. persons or the U.S. financial system, it is directly exposed to OFAC sanctions.

**Secondary Sanctions Risk:** OFAC also imposes secondary sanctions on non-U.S. persons who engage in certain activities with sanctioned entities or countries (e.g., Iran, Russia, North Korea, Syria). An Armenian VASP that facilitates transactions for a sanctioned entity (even if neither the VASP nor the counterparty is U.S. person) risks losing access to the U.S. financial system, having its assets frozen in the U.S., or being added to OFAC's Specially Designated Nationals (SDN) list.

**Compliance Requirement:** To avoid severe reputational, financial, and legal repercussions, Armenian VASPs dealing with international clients or currencies must screen against OFAC lists, especially the SDN list.

**OFAC Sanctions List (SDN List):** OFAC SDN List

**Direct Impact:** EU sanctions directly apply to EU persons (citizens, residents, entities) and to activities within EU jurisdiction. If an Armenian VASP has an EU nexus (e.g., EU customers, EU-based operations, EU banking relationships), it must comply with EU sanctions.

**Indirect Impact/Risk:** Similar to OFAC, non-compliance with EU sanctions when dealing with EU partners can lead to de-risking by EU financial institutions and loss of access to EU markets.

**Compliance Requirement:** Armenian VASPs with any EU exposure should screen against relevant EU sanctions lists.

**EU Sanctions Map:** EU Sanctions Map

**Implement a Risk-Based Approach:** Identify, assess, and understand their money laundering and terrorist financing risks, which includes sanctions risk.

**Conduct Sanctions Screening:** Screen all customers (new and existing) and, on an ongoing basis, all transactions against relevant sanctions lists. This includes:

The UN Security Council Consolidated List.

OFAC's SDN List and other relevant OFAC lists.

Any domestic lists published by the Armenian authorities (see below).

**Identify and Verify Beneficial Ownership:** Ensure that the true owners of customer accounts are identified and screened.

**Monitor Transactions:** Implement systems to monitor transactions for suspicious activities and patterns that might indicate sanctions evasion or sanctioned entities' involvement.

**Freeze Assets:** Immediately freeze assets of designated individuals/entities upon identification and report to the Financial Monitoring Center (FMC) of the CBA.

**Prohibit Transactions:** Refuse to process transactions for or with sanctioned individuals/entities.

Sanctioned Jurisdictions: Armenia does not impose explicit geographic restrictions on crypto independent of sanctions, and there is no domestic legal requirement for VASPs to block transactions from UN, OFAC, or EU sanctioned jurisdictions; compliance is driven by extraterritorial risks and international business practices.

**High-Risk Jurisdictions:** VASPs must apply enhanced due diligence (EDD) to transactions involving high-risk jurisdictions as identified by the FATF or the Armenian authorities.

**Internal Policies:** VASPs may also establish their own internal geographic restrictions based on their risk appetite and licensing conditions, refusing service to certain countries.

Fines imposed by the Central Bank of Armenia (CBA) on financial institutions and their management.

Suspension or revocation of licenses for VASPs.

Orders to cease and desist operations.

For serious violations, particularly involving money laundering or terrorist financing, individuals (including VASP management and employees) can face imprisonment.

Article 190 (Money Laundering) and Article 217 (Financing of Terrorism) of the Criminal Code of the Republic of Armenia define these offenses and their associated penalties.

**Criminal Code of the Republic of Armenia (Արդարադատության նախարարություն):** Arlis Legal Acts (Search for the Criminal Code).

**Domestic Designated Persons List:** The FMC is responsible for identifying, freezing, and reporting on assets related to terrorism financing and proliferation. This includes maintaining a list of designated persons and entities, which financial institutions, including VASPs, must screen against.

*While a direct, publicly available English link to the real-time FMC designated persons list is not readily available, financial institutions would access this information via official channels and updates from the CBA/FMC.*

**Financial Monitoring Center (FMC) within the CBA:** CBA Official Website - AML/CFT Section

**Consumer Protection:** Issuing warnings about the risks associated with virtual assets (volatility, fraud, lack of investor protection).

**AML/CFT Compliance:** Integrating Virtual Asset Service Providers (VASPs) into the existing AML/CFT framework, largely driven by international standards set by the Financial Action Task Force (FATF).

**Cautious Stance:** The Central Bank generally advises against the use of cryptocurrencies due to their unregulated nature and associated risks.

**Central Bank of Armenia (CBA):**

**Role:** The primary financial regulator in Armenia. It is responsible for monetary policy, financial stability, and oversight of banks and financial institutions. It has been the main body issuing warnings and setting policy guidelines related to virtual assets.

**URL:** Central Bank of Armenia

**Financial Monitoring Center (FMC) of the CBA:**

**Role:** An independent unit within the Central Bank responsible for combating money laundering and terrorist financing. The FMC plays a crucial role in overseeing the compliance of reporting entities, including VASPs, with AML/CFT requirements.

**URL:** Information is typically integrated with the CBA's website under AML/CFT sections. See CBA's Money Laundering Prevention Page

**Ministry of High-Tech Industry (MHTI):**

**Role:** While not a direct *financial* regulator for crypto, the MHTI is responsible for fostering the development of the technology sector, including blockchain and DLT. They might be involved in policy discussions or proposals for future comprehensive frameworks.

**URL:** Ministry of High-Tech Industry

**Date:** Initially adopted in **2008**, and significantly amended over the years to align with international standards, including recent amendments to address virtual assets.

**Relevance:** This is the most critical piece of legislation. It explicitly designates Virtual Asset Service Providers (VASPs) as "reporting entities," meaning they are subject to AML/CFT obligations such as customer due diligence, suspicious transaction reporting, and record-keeping. The inclusion of VASPs was largely prompted by Armenia's commitments as a member of MONEYVAL (Council of Europe's AML body) to implement FATF Recommendations.

**URL:** Official Armenian legislation is primarily available on `www.arlis.am`. For official English translations, or summaries, international bodies often provide resources. A direct link to the latest consolidated English version might be difficult to provide, but the official source is `arlis.am`.

Civil Code of the Republic of Armenia provides specific recognition and frameworks for cryptoassets as property, alongside the Law on Crypto-Assets which regulates the crypto market and requires licensing for service providers.

Law on the Securities Market: Applies to crypto assets classified as securities under the SEC's 2026 framework, which provides clear guidance on crypto asset categories and the Howey test.

**CBA Decisions and Resolutions:** The Central Bank issues internal regulations, decisions, and public statements which serve as de facto guidance for financial institutions and the public regarding virtual assets.

Crypto trading for individuals in Armenia is now subject to a formal licensing, tax, and AML regulatory framework under the 2026 crypto regulation.

**Not illegal, but strongly discouraged and unregulated:** Armenian citizens are not explicitly prohibited from buying, selling, or holding cryptocurrencies. However, they do so at their own risk.

**CBA Warnings:** The Central Bank of Armenia has consistently issued strong warnings to the public about the high risks associated with cryptocurrencies, citing their high volatility, potential for fraud, absence of regulatory oversight, and lack of legal tender status. They explicitly state that the CBA does not regulate crypto and therefore cannot guarantee the safety of investments.

**AML/CFT Obligations:** Despite the lack of a licensing regime, VASPs operating in Armenia (or serving Armenian clients) are considered **"reporting entities"** under the Law on Combating Money Laundering and Terrorist Financing. This means they are legally required to:

Implement **Customer Due Diligence (CDD)** procedures (KYC - Know Your Customer).

Monitor transactions and report Suspicious Activity Reports (SARs) to FinCEN (in the US) or the relevant Financial Intelligence Unit (FIU).

Comply with other AML/CFT requirements to prevent the use of virtual assets for illicit purposes.

Operating in a Grey Area: The absence of a comprehensive licensing and regulatory framework places crypto exchanges and other VASPs in a regulatory "grey area." While they must comply with AML/CFT, they do not benefit from a clear regulatory status that could instill greater trust or provide legal certainty for their operations beyond anti-money laundering. This often makes it challenging for them to access traditional banking services.

**Adopted:** Yes, Armenia has adopted the FATF Travel Rule by amending its primary AML/CFT legislation to include virtual assets and regulate VASPs.

**Effective Date:** The key legislative changes, including specific regulations for VASPs, became effective around **January 2022**. This followed amendments to the **Law of the Republic of Armenia on Combating Money Laundering and Terrorist Financing** and the issuance of specific regulatory acts by the Central Bank of Armenia.

**Cross-border transfers:** **USD/EUR 1,000** or more.

Entities that exchange virtual assets for fiat currency or other virtual assets.

Entities that transfer virtual assets.

Custodians of virtual assets (i.e., those providing safekeeping and/or administration services for virtual assets or instruments enabling control over virtual assets).

Entities providing financial services related to an issuer's offer and/or sale of a virtual asset.

**Obtain and Transmit Information:** For transactions exceeding the threshold, VASPs must obtain required originator and beneficiary information and transmit it to the beneficiary VASP. This includes:

**Originator Information:** Name, physical address, unique identification number (e.g., passport number), customer identification number (if applicable), and the virtual asset wallet address.

**Beneficiary Information:** Name, physical address, unique identification number, customer identification number (if applicable), and the virtual asset wallet address.

**Secure Data Transfer:** The method of information transfer must be secure, immediate, and compliant with data protection and privacy regulations. VASPs are expected to implement robust systems to ensure the integrity and confidentiality of this data.

**Record-Keeping:** VASPs must maintain records of all collected information for a prescribed period (typically 5 years) to be available to authorities upon request.

**Risk-Based Approach:** VASPs are expected to integrate the Travel Rule data into their overall AML/CFT risk assessment framework, identifying and reporting suspicious transactions.

**Compliance with Data Protection:** Adherence to Armenian data protection laws (e.g., the Law on Protection of Personal Data) is paramount when collecting, storing, and transmitting personal information.

**Administrative Fines:** Significant monetary penalties can be imposed on non-compliant VASPs.

**Sanctions against Management:** Fines or other administrative measures may also be directed at the management or responsible individuals within the VASP.

**Suspension or Revocation of License:** The Central Bank of Armenia has the authority to suspend or revoke the operating license of a non-compliant VASP.

**Other Enforcement Actions:** This can include written warnings, demands for corrective actions, and increased supervisory oversight.

**Criminal Charges:** In cases of severe or repeated breaches, especially those linked to actual money laundering or terrorist financing activities, criminal proceedings against the VASP and/or its personnel may be initiated.

While finding a direct, up-to-date English translation on an official government website can be challenging, the law is generally referred to as *Հայաստանի Հանրապետության օրենքը փողերի լվացման և ահաբեկչության ֆինանսավորման դեմ պայքարի մասին* (Law of the Republic of Armenia on Combating Money Laundering and Terrorist Financing).

It can be found on legal information systems like ARLEX (Ministry of Justice): http://www.arlis.am/DocumentView.aspx?docID=141834 (Armenian)

**Central Bank of Armenia (CBA) Official Website:**

The CBA is the primary regulator for VASPs. Their official website is the best source for regulations and guidance.

**CBA Decision No. 44-N of January 26, 2022, "On Approving the Procedure for Licensing, Regulation, and Supervision of Virtual Asset Service Providers":**