This seems to be not just for VPN providers, basically applying to service providers which do not have any tangible items as they may be of higher risk.
As of yet it's not applicable to all vpn providers and those who are p2p focused may be a bigger target.