Serbia -- Licensing Requirements Regulatory Overview

**Law on Digital Assets (Zakon o digitalnoj imovini):**

**Official Name:** Закон о дигиталној имовини

**Published:** "Official Gazette of RS", No. 153/2020 (came into effect June 29, 2021)

This law defines digital assets, regulates their issuance and trading, and explicitly designates Virtual Asset Service Providers (VASPs) as obliged entities under the general AML/CFT law. It also sets out the licensing requirements for VASPs.

**Law on the Prevention of Money Laundering and Terrorist Financing (Zakon o sprečavanju pranja novca i finansiranja terorizma)**

**Official Name:** Закон о спречавању прања новца и финансирања тероризма

**Published:** "Official Gazette of RS", No. 113/2017, 91/2019, 153/2020 (last amended)

This is the overarching AML/CFT law in Serbia, applying to all obliged entities, including VASPs. It sets out the general rules for customer due diligence, suspicious transaction reporting, record-keeping, and internal controls.

Exchange between virtual assets and fiat currencies.

Exchange between one or more forms of virtual assets.

Custody and/or administration of virtual assets or instruments enabling control over virtual assets.

Participation in and provision of financial services related to the offer and/or sale of virtual assets (e.g., initial coin offerings - ICOs, initial exchange offerings - IEOs).

**Identify and Verify the Identity of the Customer:**

**For natural persons:** Obtain and verify identity based on official documents (e.g., passport, national ID card) including name, surname, address, date and place of birth, and unique identification number.

**For legal entities:** Obtain and verify identity based on official documents (e.g., excerpt from the company register) including name, registered address, registration number, legal form, details of statutory representatives, and information on the ownership and control structure.

**Identify and Verify the Identity of the Beneficial Owner (BO):**

Identify the natural person(s) who ultimately own or control the customer (typically 25% ownership threshold for legal entities) or on whose behalf a transaction is being conducted.

Verify their identity using reliable, independent sources, as per natural person requirements. Serbia also has a Central Register of Beneficial Owners that obliged entities can consult.

**Obtain Information on the Purpose and Intended Nature of the Business Relationship:** Understand why the customer wants to use the VASP's services.

**Perform Ongoing Monitoring of the Business Relationship:**

Scrutinize transactions throughout the course of the relationship to ensure they are consistent with the VASP's knowledge of the customer, their business, and risk profile, including, where necessary, the source of funds.

Regularly update customer information and risk assessments.

**Politically Exposed Persons (PEPs):** For customers who are PEPs, their family members, or close associates.

**High-risk jurisdictions:** Customers from countries identified by FATF or other credible sources as having weak AML/CFT regimes.

**Complex, unusually large, or unusual patterns of transactions:** Those with no apparent economic or lawful purpose.

**Non-face-to-face relationships:** Unless adequate safeguards are in place.

**Transactions involving new or developing technologies:** Where the risks are not yet fully understood.

VASPs must take additional steps, such as:

Obtaining additional information on the customer and BO.

Obtaining additional information on the intended nature of the business relationship.

Obtaining information on the source of funds or wealth.

Obtaining approval from senior management to establish or continue the business relationship.

Conducting enhanced ongoing monitoring of the business relationship.

**Reporting Obligation:** Reports must be submitted without delay, typically within 24-48 hours of forming a suspicion.

**No Tipping-Off:** VASPs and their employees are prohibited from disclosing to the customer or any third party that a suspicious transaction report has been or will be submitted.

**Internal Procedures:** VASPs must establish internal policies and procedures for identifying, assessing, and reporting suspicious activities.

**Duration:** All records must be kept for a minimum of **10 years** after the completion of a transaction or the termination of a business relationship.

**Accessibility:** Records must be maintained in a way that allows them to be retrieved and provided to the competent authorities (FIU, supervisory bodies) without delay upon request.

**Administration for the Prevention of Money Laundering (APML - Uprava za sprečavanje pranja novca):** The body responsible for supervising AML/CTF compliance.

**Role:** This is Serbia's Financial Intelligence Unit (FIU) and the central authority for AML/CFT supervision. It oversees compliance with the Law on the Prevention of Money Laundering and Terrorist Financing across all obliged entities, including VASPs. It also receives and analyzes suspicious transaction reports.

**URL:** https://www.apml.org.rs/ (Official website, primarily in Serbian)

**Securities Commission of the Republic of Serbia (Komisija za hartije od vrednosti - KHOV)**

**Role:** Under the Law on Digital Assets, the Securities Commission is responsible for licensing and supervising VASPs, ensuring their adherence to the specific provisions of the digital assets law, including organizational requirements, capital adequacy, and certain aspects of their AML policies as required for licensing.

**URL:** https://www.sec.gov.rs/ (Official website, available in English)

**Regulator Name:** National Bank of Serbia (NBS)

**Entity Targeted:** Various domestic entities and individuals operating crypto asset exchange or custody services without the required licenses. While specific names are not always publicly disclosed with detailed penalties, the NBS has consistently emphasized its licensing requirements and taken steps against non-compliant entities.

**Violation Type:** Operating a virtual asset service provider (VASP) without obtaining the necessary operating license from the NBS, as mandated by the Digital Assets Law. This includes facilitating the exchange of virtual assets for fiat currency or other virtual assets, or providing custody services.

**Penalty Amount:** Administrative fines, cessation of operations. The Digital Assets Law (Article 109, Paragraph 1, Point 1 and 2) prescribes fines ranging from RSD 100,000 to RSD 5,000,000 for legal entities and RSD 10,000 to RSD 500,000 for responsible persons within the legal entity, along with potential protective measures like a ban on conducting business.

**Date:** Ongoing, particularly since June 2021 when the Digital Assets Law came into full effect. The NBS has issued general warnings and initiated proceedings throughout 2021, 2022, and 2023.

**Outcome:** Several entities have either ceased operations, come into compliance, or faced administrative proceedings. The NBS continues to monitor the market for unlicensed activity.

**NBS announcement on licensing requirements:** https://www.nbs.rs/sr_RS/scripts/showcontent/index.html?id=16265 (Serbian)

**Overview of Digital Assets Law and NBS role:** https://www.petosevic.com/resources/news/2021/07/serbia-first-licenses-issued-under-the-digital-assets-law (General context on implementation)

**Regulator Name:** Ministry of Internal Affairs (MUP), Public Prosecutor's Office for Organized Crime

**Entity Targeted:** Individuals and organized criminal groups involved in large-scale crypto Ponzi schemes, investment fraud, and money laundering using virtual assets. Examples include actions related to the "Infinity Economics" scheme and connections to other global crypto scams like "Finiko."

**Violation Type:** Fraud, money laundering, unauthorized organization of games of chance (depending on the nature of the scheme), cybercrime. These often fall under general criminal statutes rather than specific "crypto violations."

**Penalty Amount:** Arrests, pre-trial detention, asset freezes (including virtual assets), criminal charges leading to potential prison sentences if convicted. Specific final conviction penalties (amounts/sentences) are rarely publicly detailed for each individual case by Serbian authorities, especially if investigations are ongoing or multi-jurisdictional.

**Date:** Multiple actions throughout 2021, 2022, and 2023.

**November 2021:** MUP announced arrests related to the "Infinity Economics" pyramid scheme.

**June 2022:** MUP announced arrests related to an international scheme involving crypto fraud and money laundering.

**Throughout 2022-2023:** Various arrests for cybercrime and fraud where cryptocurrencies were used for payments or laundering.

**Outcome:** Numerous arrests have been made, leading to ongoing investigations, indictments, and trials. Assets, including cryptocurrencies, have been seized. These cases are often complex and lengthy.

**MUP announcement on "Infinity Economics" arrests (November 2021):** https://mup.gov.rs/wps/portal/sr/zaMedije/saopstenja/!ut/p/z1/jZDLDoIwEEW_xR-Q1Kk2NmxmExsQERvY3sTGUYqJk6gSfu8sYQ0ddu9w921gRQQG3tE4eT4N3004jL2U-gR7mD-jG8Yg6I-X_A50mQYI0lQyGz37F5eY_Xn6P-Vz1-5Hl-5m_o0pAov6YtX335uGz4C2v1k9Xw2R3c5-L51R8A3M_Yw!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/?id_vesti=306163 (Serbian)

**MUP announcement on cybercrime and money laundering arrests (June 2022):** https://mup.gov.rs/wps/portal/sr/zaMedije/saopstenja/!ut/p/z1/jZBBD4IwFIV_iX-B5Mv5M2ZlxsSABN42NhMziZNo0CTp35v4HjF02L253HvXgBQQG3lE4-T5dHRfUeXj0EvsYP6MbjEHxX25fG2hZJwk0yGz0bfvHl8A9efov5XPa_nNfRtzh5Rov6YjX1n3_3t7Dk8g6X42R3c5-H51BwA_w_iVfw!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/?id_vesti=313498 (Serbian)

**General article on crypto crime in Serbia (mentioning Finiko):** https://www.rts.rs/vesti/ekonomija/5081829/kripto-valute-prevare-investicije-srbija.html (Serbian, RTS - Serbian National Broadcaster)

**Regulator Name:** Tax Administration of the Republic of Serbia

**Entity Targeted:** Individuals and legal entities earning income from digital assets (e.g., capital gains from crypto trading, income from mining, staking, or providing crypto services).

**Violation Type:** Tax evasion related to income or capital gains derived from digital assets.

**Penalty Amount:** Varies significantly based on the amount of unpaid tax, plus interest and potential fines as per tax laws.

**Date:** Ongoing, particularly since the Digital Assets Law clarified the tax treatment of crypto assets in 2021.

**Outcome:** Increased tax compliance, with individuals and entities reporting and paying taxes on their crypto gains. Audits and enforcement actions against non-compliant taxpayers are conducted, though details are private unless criminal charges are filed.

**Tax Administration guidelines on taxing digital assets:** https://www.poreskauprava.gov.rs/aktuelnosti/vest%C4%8Di/1103/kako-se-oporezuje-imovinska-dobit-od-prenosa-digitalne-imovine.html (Serbian)

**Securities Commission (KHOV - Komisija za hartije od vrednosti):**

Published in the Official Gazette of the Republic of Serbia No. 115/2020.

**Serbian Official Gazette (Sluzbeni glasnik Republike Srbije):** https://www.pravno-informacioni-sistem.rs/SIGRID/prikazDokumenta?id=2333 (This link points to the Serbian text on the official legal information system).

**National Bank of Serbia (NBS):**

The NBS website contains information related to its regulatory role, including decisions and regulations concerning virtual currencies.

Look for sections related to "digital assets," "virtual currencies," or "financial services."

The KHOV website provides information related to digital tokens that fall under its purview.

Relevant sections often cover "digital assets," "issuance of digital tokens," or "investment services."

**Law on Prevention of Money Laundering and Terrorist Financing (Zakon o sprečavanju pranja novca i finansiranja terorizma):**

This law, and its subsequent amendments, apply to VASPs as obliged entities.

**National Bank of Serbia (Narodna banka Srbije - NBS):**

**Role:** Primarily responsible for virtual assets that qualify as "virtual currency" (i.e., **payment tokens** used as a medium of exchange). The NBS oversees the issuance of virtual currency and related payment services.

**Website:** Narodna banka Srbije (NBS)

**Securities Commission (Komisija za hartije od vrednosti - KHOV):**

**Role:** Primarily responsible for "digital tokens" (i.e., **investment tokens** or other assets representing rights) and the licensing and supervision of Virtual Asset Service Providers (VASPs). This includes crypto exchanges, brokerage firms, and custodians dealing with digital tokens. They also oversee initial offerings of digital tokens (IDOs).

**Website:** Komisija za hartije od vrednosti (KHOV)

**Effective Date:** June 29, 2021

Defines "virtual currency" (e.g., Bitcoin, Ethereum when used for payments) and "digital tokens" (e.g., security tokens, utility tokens representing rights).

Establishes requirements for issuing digital assets (initial offerings).

Mandates licensing for Virtual Asset Service Providers (VASPs), including platforms for trading, exchange, and custody of virtual assets.

Sets forth investor protection measures and rules for advertising virtual assets.

Integrates virtual asset services into the existing AML/CFT framework.

**Official Gazette Reference:** *Službeni glasnik RS*, No. 153/2020.

**URL (for reference, often hosted by legal information portals):** While an official direct government URL might be harder to find for the specific law text in English, the full text is widely available on Serbian legal portals. For example, a common reference: Zakon o digitalnoj imovini (Paragraf.rs) (Note: This link is in Serbian, as it's the official local legal database).

**Legal and Regulated:** Crypto trading is **legal** in Serbia. However, activities related to virtual assets, especially those involving offering services to third parties, are **highly regulated**.

**Licensing Required for VASPs:** Any entity wishing to operate as a Virtual Asset Service Provider (VASP) – which includes crypto exchanges, broker-dealers, custodians, and platforms for initial offerings – must obtain a **license from the Securities Commission (KHOV)**.

**Operational Requirements:** Licensed VASPs are subject to stringent operational, capital, organizational, and technological requirements, as well as robust AML/CFT compliance obligations.

**Investor Protection:** The regulatory framework includes provisions aimed at protecting investors, such as transparency requirements for virtual asset offerings and rules regarding information disclosure.

**Trading Platforms:** Several domestic exchanges have already received licenses or are in the process of obtaining them, allowing Serbian citizens to legally buy, sell, and exchange virtual assets through regulated entities. For example, ECD.rs and Bitpal are known licensed platforms operating in Serbia.