66AObligations of ordering and beneficiary institutions relating to virtual asset transfers

#### 66A Obligations of ordering and beneficiary institutions relating to virtual asset transfers Scope (1) This section applies to the transfer of a virtual asset. Ordering institution obligations (2) Before commencing to provide the designated service covered by item 29 of table 1 in section 6, an ordering institution must undertake due diligence to determine, on reasonable grounds, whether the virtual asset wallet to which the virtual asset is being transferred is: (a) a custodial wallet controlled by a person who is licensed or registered under a law that gives effect to the FATF Recommendations; or (b) a custodial wallet controlled by a person who is not required to be licensed or registered under a law that gives effect to the FATF Recommendations; or (c) a custodial wallet controlled by a person who is required to be licensed or registered under a law that gives effect to the FATF Recommendations, but is not so licensed or registered; or (d) a self‑hosted wallet controlled by the payee. (3) The ordering institution must pass on the information specified in the AML/CTF Rules for the purposes of subsection 64(3) relating to the transfer of value to a beneficiary institution if the beneficiary institution is: (a) a person who is licensed or registered under a law that gives effect to the FATF Recommendations; or (b) a person who is not required to be licensed or registered under a law that gives effect to the FATF Recommendations. (4) An ordering institution must not provide the designated service covered by item 29 of table 1 in section 6 if this would involve passing on a transfer message for a transfer of value to a person: (a) who is required to be licensed or registered under a law that gives effect to the FATF Recommendations; but (b) is not so licensed or registered. Beneficiary institution obligations (5) Before commencing to provide the designated service covered by item 30 of table 1 in section 6, a beneficiary institution must undertake due diligence to determine, on reasonable grounds, whether the virtual asset wallet from which the virtual asset has been transferred is: (a) a custodial wallet controlled by a person who is licensed or registered under a law that gives effect to the FATF Recommendations; or (b) a custodial wallet controlled by a person who is not required to be licensed or registered under a law that gives effect to the FATF Recommendations; or (c) a custodial wallet controlled by a person who is required to be licensed or registered under a law that gives effect to the FATF Recommendations, but is not so licensed or registered; or (d) a self‑hosted wallet controlled by the payer. (6) A beneficiary institution must not provide the designated service covered by item 30 of table 1 in section 6 in relation to a transfer of value until the beneficiary institution has received or otherwise obtained the information specified in the AML/CTF Rules for the purposes of subsection 65(2) in relation to the transfer. (7) A beneficiary institution must not provide the designated service covered by item 30 of table 1 in section 6 if: (a) the virtual asset wallet from which the virtual asset has been transferred is a custodial wallet controlled by a person who is required to be licensed or registered under a law that gives effect to the FATF Recommendations; and (b) the person is not so licensed or registered. Civil penalty (8) Subsections (2) to (7) are civil penalty provisions. Exceptions (9) Subsection (3) does not apply if: (a) either: (i) the ordering institution has established on reasonable grounds that the beneficiary institution is not capable of receiving the information securely; or (ii) the ordering institution reasonably believes that there is a risk that the beneficiary institution is not capable of safeguarding the confidentiality of the information; and (b) the ordering institution makes and keeps a record of the reasons for not passing on the information. (10) Subsection (6) does not apply if: (a) the beneficiary institution has established on reasonable grounds that an institution in the value transfer chain is not capable of passing on the information securely; and (b) in accordance with the beneficiary institution’s AML/CTF program, the beneficiary institution appropriately identifies, assesses, mitigates and manages the risks of money laundering, financing of terrorism and proliferation financing that the beneficiary institution may reasonably face in providing the designated service. (11) A person who wishes to rely on subsection (9) or (10) bears an evidential burden in relation to that matter.