AML REQ for Crypto-Asset Service Providers (CASPs)
The Risk Evaluation Questionnaire (REQ) for Crypto-Asset Service Providers (CASPs) is an annual AML/CFT/FS return issued by the Central Bank of Ireland.
The REQ is used to collect information on:
Inherent ML/TF/FS risks within a CASPâs business model- Customer, product, transaction and geographic exposure
- Crypto-asset services and activity
- AML/CFT/FS governance, controls and oversight arrangements
- Compliance with AML/CFT and financial sanctions obligations
The return must be submitted through the Central Bank Portal using the prescribed XML schema. Only XML submissions are accepted.
Whatâs the scope?
Entities in scope
- CASPs regulated by the Central Bank of Ireland
- Each regulated institution must submit its own REQ
- CASPs that were formerly registered as VASPs must include relevant data for former VASP activity and CASP activity, where crypto-asset services commenced in 2025
- Reporting scope depends on the institutionâs legal structure and whether EEA-wide aggregation applies
Activity covered
The REQ covers crypto-asset custody and administration, trading platforms, exchanges, order execution and transmission, placement, advisory and portfolio management, transfer services, correspondent relationships, and transaction monitoring and sanctions controls.
Reporting dates
Reference date: 31 December of the preceding calendar year
First submission deadline: 31 July 2026
Reporting frequency
Annual reporting
File format
- XML only
- Must conform to the prescribed XSD schema
- Submitted via the Central Bank Portal
- Excel files are provided for reference only and cannot be submitted
Customer / Geographic nexus
Reporting includes:
- EEA customer exposure
- High-risk jurisdictions
- Cross-border activity under FOE/FOS
- Customer residence and establishment
- Geography of funds flows
- Self-hosted addresses and certain crypto-asset transaction channels
Key data areas
The REQ captures information relating to:
- Legal structure and business model
- CASP services and activity comments
- Customer segments and risk ratings
- Transaction volumes and values
- High-risk customers and sectors
- Crypto-assets traded and gross traded value
- Cash transactions and prepaid cards
- Funding methods and payment instruments
- Intermediaries and distribution channels
- Remote onboarding
- Correspondent relationships
- BWRA and risk appetite
- AML/CFT policies and procedures
- Transaction monitoring and STR controls
- Governance, audit and training arrangements
- Compliance with the Fund Transfers Regulation
Reporting considerations to keep in mind
- All data points are mandatory, including non-applicable fields
- Non-applicable fields must use prescribed default values, such as 0, N/A or 2000-01-01
- All values should be reported in EUR
- XML submissions must follow the required schema, table structures and table ordering
- Files must be validated before submission
- Firms must complete both âFinaliseâ and âSign-Offâ steps within the portal
- The REQ is not the channel for sole communication of material issues; these should be raised through normal supervisory channels
Steps to submission
A high-level overview of the key stages involved in preparing, validating and submitting the CASP AML REQ return to the Central Bank of Ireland.
Determine reporting scope and applicable legal structure
Identify whether reporting should be completed on an Irish-only or aggregated EEA basis, and confirm whether former VASP activity must be included.
Gather required AML/CFT, customer and transaction data
Collect the required data across customers, crypto-asset services, transactions, products, geographies, governance and AML/CFT controls.
Map data to the required XML schema and REF fields
Align all data points to the prescribed XML taxonomy, including the relevant REF identifiers, enumerations and table structures.
Generate and validate the XML file
Create the XML return in line with the XSD schema requirements and validate the file against formatting, structure and mandatory field rules.
Upload the return via the Central Bank Portal
Submit the validated XML file through the Central Bank of Ireland Portal using the required naming convention.
Finalise and sign off the submission
Complete the Portal âFinaliseâ and âSign-Offâ steps to ensure the REQ is formally submitted and transmitted successfully.