GERMANY Law and Practice Contributed by: Stephan D. Meyer, Lars Fidan, Elisa Otto and Christian Meisser, LEXR
2.14 Impact of AML and Sanctions Rules AML and sanctions compliance is one of the heaviest operational burdens in German fintech. The Money Laundering Act (GwG) requires all regulated entities to maintain KYC programmes, transaction monitor - ing, suspicious activity reporting and record-keeping. Germany’s requirements exceed the EU minimum in certain areas, especially for crypto-asset service pro - viders. For unregulated fintechs, the impact is indirect but real: banking partners routinely impose contractual AML obligations that extend the compliance perimeter beyond formally regulated entities. The forthcoming EU AML Regulation and AMLA will tighten the frame - work further from 2026. Early investment in AML infrastructure pays off. Com - panies that treat compliance as a core operational function rather than a cost centre are better positioned both for regulatory interactions and for maintaining banking relationships. 2.15 Financial Action Task Force (FATF) Standards Germany is a founding FATF member and its AML framework closely follows FATF standards, imple - mented through EU anti-money laundering direc - tives and national law. Germany’s last FATF Mutual Evaluation Report (2022) rated the country as largely compliant, though it identified areas for improvement in beneficial ownership transparency and the effec - tiveness of sanctions enforcement. The FATF Travel Rule is implemented through the EU Transfer of Funds Regulation (recast), which requires the transmission of originator and beneficiary information for crypto-asset transfers, a requirement that applies directly to MiCA- licensed CASPs since 30 December 2024. 2.16 Reverse Solicitation The reverse solicitation exception exists but offers far less protection than many non-EU firms assume. MiCA Article 61 permits non-EU firms to serve EU cli - ents only where the client acts on their own exclusive initiative. ESMA’s 2025 guidance confirmed that any marketing directed at EU audiences, whether through websites, apps, social media or influencers, disquali -
fies a firm from relying on this exception. BaFin’s posi - tion mirrors this: foreign providers actively targeting German clients need a German licence. As a practical matter, reverse solicitation is not a mar - ket entry strategy. It may cover isolated, genuinely unsolicited transactions, but any firm planning to build a business in Germany should plan for full licensing from the outset. 3. Robo-Advisers 3.1 Requirement for Different Business Models Different asset classes require different regulatory setups. Robo-advisers managing traditional financial instruments need MiFID II authorisation through the WpIG or KWG, with full suitability testing, best execu - tion and inducement compliance. For crypto-assets, portfolio management and invest - ment advice now fall under MiCA’s CASP regime. Security tokens qualifying as financial instruments remain under the traditional securities framework (see 10.3 Classification of Blockchain Assets for the clas - sification framework). The complexity arises where a platform spans both worlds. A robo-adviser offering a mixed portfolio of ETFs and crypto-assets must comply with both MiFID II and MiCA, each with its own conduct and disclo - sure requirements. The initial asset classification is the single most important structuring decision for any robo-adviser entering this space. 3.2 Legacy Players’ Implementation of Solutions Introduced by Robo-Advisers Major German banks and asset managers have widely adopted robo-advisory capabilities, though mostly as extensions of their existing platforms rather than standalone products. Several large institutions offer algorithmic portfolio management through their digi - tal banking interfaces, typically combining automated asset allocation with the option for human advice on more complex decisions.
317 CHAMBERS.COM
Powered by FlippingBook