Serbia -- Travel Rule Implementation Regulatory Overview

Serbia has adopted and implemented the FATF Travel Rule through its legal framework for digital assets.

Here's a breakdown of the status:

• Whether Adopted: Yes, adopted. Serbia incorporated the FATF Travel Rule principles into its national legislation, primarily through the Law on Digital Assets (Zakon o digitalnoj imovini). This law specifically designates the National Bank of Serbia (NBS) as the supervisory authority for virtual asset service providers (VASPs) concerning AML/CFT compliance.

• Effective Date: The Law on Digital Assets (Zakon o digitalnoj imovini) entered into force on June 29, 2021. The provisions related to AML/CFT, including those implementing the Travel Rule, became effective from this date.

• Threshold Amounts: Serbia generally follows the FATF Recommendation 16 for the Travel Rule. This means:

  • For cross-border transfers of digital assets: The Travel Rule applies to transactions with a value of EUR 1,000 or more.
  • For domestic transfers of digital assets: The Travel Rule also applies to transactions with a value of EUR 1,000 or more.
  • The thresholds are typically calculated based on the value of the digital assets at the time of the transaction.

• Which VASPs are Covered: The Law on Digital Assets defines and covers a broad range of "providers of services related to digital assets" (VASPs) that are subject to AML/CFT obligations, including the Travel Rule. These typically include, but are not limited to:

  • Digital asset exchanges (fiat-to-crypto, crypto-to-crypto).
  • Custodial wallet providers.
  • Providers facilitating the transfer of digital assets.
  • Issuers of digital assets (under certain conditions).
  • Entities providing services for offering and selling digital assets.
  • Any other entity conducting activities related to digital assets as defined by the law.

• Technical Implementation Requirements: The Serbian legal framework mandates that VASPs must:

  • Collect and hold required information: This includes accurate and verifiable information about both the originator (sender) and the beneficiary (receiver) of a digital asset transfer.
    • Originator information: Name, address, official personal document number or customer identification number (if applicable), virtual asset account number (or transaction ID if no account), and sometimes the purpose of the transaction.
    • Beneficiary information: Name, virtual asset account number (or transaction ID).
  • Transmit this information: The originator VASP must transmit the required originator and beneficiary information to the beneficiary VASP during or before the transaction.
  • Receive and hold information: The beneficiary VASP must receive and securely hold the transmitted information.
  • Screen transactions: Both originator and beneficiary VASPs are expected to screen transactions and involved parties against sanctions lists and for suspicious activity.
  • Secure Storage: VASPs must establish robust systems for the secure storage of collected data for a period of 5 years, as required by AML/CFT laws.
  • While the law does not prescribe a specific technical solution (e.g., TRISA, Sygna, Travel Rule Protocol), VASPs are expected to adopt interoperable solutions that enable the secure, real-time, or near-real-time transfer of the required data.

• Penalties for Non-Compliance: Non-compliance with AML/CFT obligations, including the Travel Rule, can result in significant penalties, as outlined in the Law on Digital Assets and the general Law on Prevention of Money Laundering and Financing of Terrorism (Zakon o sprečavanju pranja novca i finansiranja terorizma). These penalties can include:

  • Administrative fines: Substantial monetary fines imposed on legal entities (VASPs) and responsible persons within them.
  • Revocation of licenses: The National Bank of Serbia has the authority to revoke licenses or permits for VASPs that fail to comply with regulatory requirements.
  • Prohibition from operating: Temporary or permanent bans on providing digital asset services.
  • Criminal liability: In cases of severe and intentional breaches, especially those linked to actual money laundering or terrorist financing, individuals involved could face criminal prosecution.

References to Specific Legislation/Guidance:

1. Law on Digital Assets (Zakon o digitalnoj imovini)

   • Official Gazette: "Službeni glasnik RS", br. 115/2020 i 89/2021 - ispravka
   • General source (Serbian Parliament): https://www.parlament.gov.rs/upload/documents/2020/26_2020/Zakon%20o%20digitalnoj%20imovini.pdf (Note: This links to the initial version, amendments may exist)

2. Law on Prevention of Money Laundering and Financing of Terrorism (Zakon o sprečavanju pranja novca i finansiranja terorizma)

   • Official Gazette: "Službeni glasnik RS", br. 113/2017, 91/2019, 153/2020, 153/2020 – dr. zakon i 92/2023
   • General source (Ministry of Finance - Administration for the Prevention of Money Laundering): https://www.apml.org.rs/zakoni-i-propisi/ (You'd need to navigate to find the latest consolidated version)

3. National Bank of Serbia (NBS) Regulations and Decisions: The NBS issues detailed regulations and decisions to implement the Law on Digital Assets, particularly regarding VASP licensing, supervision, and AML/CFT compliance. These can be found on the official NBS website:

   • NBS Official Website (Laws and Regulations - Digital Assets): https://www.nbs.rs/sr_RS/scripts/showContent/index.html?id=16023 (This page provides links to relevant NBS decisions and instructions related to digital assets.)

It's important for VASPs operating in or with Serbian customers to consult the latest versions of these legislative acts and any specific guidance issued by the National Bank of Serbia to ensure full compliance.