You should be able to SnapVault from the FAS2650 to the FAS2520 without disabling encryption on the FAS2650.
NVE is data at rest and occurs below the WAFL layer, i.e. the data can't be read if you pull the disk and plug it in somewhere else. The data is unencrypted by the time it reaches the read/write operations level, i.e. snapmirror operations. I have converted hundreds of volumes and dozens of flexgroups to NVE. During this time, I had NVE volume snapmirroring unencrypted volumes, unencrypted volumes snapmirroring to NVE volumes, and the other two combinations.
https://www.netapp.com/us/media/ds-3899.pdf