The crypto travel rule was formulated by the Financial Action Task Force (FATF) to guide crypto companies and Virtual assets service providers (VASPs). In this article, the concept and how it operates have been discussed extensively.
The Financial Action Task Force (FATF) amended its recommendations in 2019 to include virtual assets (VAs) and Virtual assets service providers (VASPs) in the Travel Rule).
People who operate in the crypto and defi industries must comprehend and abide by these regulatory systems, which are not intended to burden enterprises but rather to stop activities that have serious implications for national security, including terrorist acts and human and drug trafficking.
What are Virtual assets providers (VASPs)?
The FATF, an international organization with an intergovernmental mandate, is the source of the abbreviation “VASP” which means Virtual assets providers. A VASP is a platform used to connect with the crypto market through buying, selling, exchanging, and other means. In other words, VASPs are crypto exchanges, or, at the very least, the conceptual foundations of an exchange for digital currencies.
The FATF is stepping in to establish certain regulations and frameworks for players in the cryptocurrency industry to operate within, taking into account the fact that various forms of virtual currency can and may be used for illegitimate or unlawful operations.
Many bitcoin platforms may be required to follow additional standards and scrutiny from the FATF, in addition to existing rules and compliance measures.
What is the Crypto Travel Rule ?
According to the Travel Rule for Crypto Assets, organizations that deal in cryptocurrencies must send, receive, and sanction-screen client personal information together with any cryptotransactions that exceed a specific threshold.
With the 1996 Bank Secrecy Act (BSA), which obliged all financial institutions to pass on specific information involving certain funds from one financial institution to the next financial institution, FinCEN introduced the first Travel Rule. As part of the initiatives to reduce money laundering, the regulation initially targeted banks and financial firms.
A coordinated strategy to combat money laundering and terrorist funding was advocated in 2019 by the Financial Action Task Force, an intergovernmental organization that develops anti-money laundering (AML) regulations for the G-7 and an additional 30 developed countries.
The FATF crypto travel rule guideline
For cryptocurrency transactions worth more than USD/EUR 1000 worldwide, the new Travel Rule guidance advises Virtual Asset Service Providers (VASPs), such as exchanges, banks, OTC desks, hosted wallets, and other financial institutions, to share specific identifying information about the sender and receiver. For crypto transactions, the regulations mandate that VASPs securely transmit specific sender and receiver information.
The following should be included in originator and beneficiary information, per the FATF Interpretive Note to Recommendation 16:
- The originator’s name and account number
- Date and place of birth, national identification number, customer identification number, or originator’s (physical) address
- Beneficiary’s name and account number
The names and account numbers of the originator and beneficiary should also be included in cross-border payments under the USD/EUR 1,000 barrier. However, unless there is a suspicion of money laundering or terrorist financing, this information does not need to be confirmed for authenticity.
How the crypto travel rule operates
In summary, if crypto worth more than $1,000 is exchanged between two parties, the crypto service provider of the sender is expected to share the recipient’s crypto service provider with personally identifiable information (PII) about the sender.
While this is a precondition, member states are free to apply their own interpretations and variations of this advise that best serve their particular crypto sectors.
For instance, in South Africa, the $1,650 barrier is the point at which the crypto travel regulation takes effect (i.e., the rules apply once the amount of the crypto transaction surpasses $1,650 or ZAR 25,000).
In such circumstances, VASPs must exchange data on the transactional amount, the date of execution, and the identity of the crypto service provider.
Importance of Crypto travel rule
The Travel Rule is designed to facilitate information exchange so that participants may:
- Allow law enforcement to demand transaction information
- Preventing the laundering of cryptocurrency funds
- Stop making payments to businesses, people, and nations that have been sanctioned.
- Stop terrorism funding
- Encourage the reporting of ominous activity
- The travel rule makes sure that cryptocurrency businesses follow the law.
Countries that have adopted the crypto travel rule
Since the second half of 2019, numerous nations have approved or presented legislation that, in almost every way, reflects these FATF crypto travel rules. among them are:
- European Union
- United States
- South Korea
- The philippines
- South Africa
One of the most forward-thinking cryptocurrency regulators, Japan, published AML standards for digital assets in February 2021. The Japanese Virtual Currency Exchange Association (JVCEA), the country’s self-regulatory organization (SRO) for the cryptocurrency business, was asked to create regulations for the Crypto Travel Rule by the Financial Services Agency (FSA) of Japan. The JVCEA, has implemented the rule by April 2022.
European Union (EU)
The Crypto Travel Rule was put forth in June 2021 and is currently with Parliament. It is being expedited via the customary parliamentary stalemate in Europe. The date of publishing in the official journal is still unknown, but it will become a reality on the 20th day following that.
The European Banking Authority will be in charge of regulating the Crypto Travel Rule (EBA). Contradictorily, the EU is considering the prospect of a zero-dollar requirement, which would make all VASP-to-VASP transfers into and out of the EU subject to the Travel Rule. This would go beyond the $1,000 minimum barrier suggested by the FATF.
The Crypto Travel Rule has been in effect for VASPs in the US since 2013, although no fines have ever been issued, as the Financial Crimes Enforcement Network (FinCEN) reminded the public in May 2019. Instead of the $1,000 suggested by the FATF, FinCEN recommends a $3,000 threshold. Additionally, a plan to lower the threshold to $250 is now being considered in the US.
While cryptocurrency legislation in South Korea have been in place since March 2021, current VASPs were given a six-month grace period to comply, which concluded in September 2021.
Regarding the Travel Rule, it was enforced on March 25, 2022, to implement measures that will be used for all transactions totaling KRW 1 million (about $830) or more. Up to 14 South Korean cryptocurrency exchanges may be impacted by the travel rule.
Singapore amended its Payment Services Notice (PSN02) in January 2020, including AML/CTF protocols for cryptocurrency. While the Travel Rule has theoretically been in effect in Singapore for more than two years, the majority of the country’s exchanges are only using the exemption while they wait for the approval of their license applications.
Many VASPs, including Binance, withdrew their applications due to the state’s application process and moved on to greener pastures.
Since August 2020, Indonesia has had laws requiring cryptocurrency companies to comply with AML/CTF standards. The Southeast Asian nation has selected April 2022 as the adoption date for the Travel Rule.
The nation has been preparing for full FATF membership for some years. All cryptocurrency transactions will be subject to the rule in a restricted sense (sender and recipient names and wallet addresses), but transactions with an Indonesian Rupiah value greater than or equal to $1,000 will also be subject to additional know-your-customer (KYC) checks, which may also include addresses and dates of birth.
In terms of cryptocurrency legislation, the Philippines has been slightly in front of the curve in the area. AML regulations have been in existence since 2017, and expansions were made in January 2021 to bring the nation closer to FATF compliance.
Since August 2021, the Crypto Travel Rule has been in effect, and VASPs have had six and a half months to comply after receiving the official notice. In the Philippines, VASPs can only interact with other VASPs who have received legal recognition.
In 2020, the Intergovernmental Fintech Working Group of South Africa published a position paper on crypto assets, urging the government to incorporate cryptocurrency into the Financial Intelligence Centre Act (FICA), the main AML-CTF law in the nation, in order to comply with the FATF’s Crypto Travel Rule.
The transaction threshold will be set at ZAR 25,000 (about $1,650), and transactions over that amount need the sharing of both parties’ names, account numbers, and other information for the originator, such as an address or a national identity number.
The Malaysian Securities Commission updated its Digital Assets Guidelines in January 2020 to better oversee crypto token issuers and put the responsibility on VASPs. The implementation of these rules began in October 2020. The nation, which closely identifies with FATF, has implemented the Crypto Travel Rule in April 2022.
Taiwan has had AML standards in place for cryptocurrency businesses since July 2021. The primary industry regulator is the Financial Supervisory Commission (FSC) of the country. No date for complying with the Crypto Travel Rule had been set as of February 2022. The nation is presently examining how transactions between local and foreign VASPs are carried out.
Challenges for the crypto travel rule compliance
When adopting the Travel Rule, VASPs must consider many significant strategic and operational risks.
- The “sunrise problem” ( Nonuniform approach to the implementation of this regulation in different regions) gradual implementation of crypto AML legislation
- Using blockchain analytics tools to comply with travel regulations
- How to determine if counterparty VASPs are registered and how to identify them
- How to handle the cybersecurity, privacy, and data privacy compliance issues that the travel regulation states clearly to VASPs while transporting users’ data