Blog

The FATF Travel Rule. What Are the Requirements and Viable Solutions?

On June 21, 2019, the FATF adopted Travel Rule by updating its Recommendation 16 related to cross-border and domestic wire transfers. The above update enlarged the scope of the Travel Rule (that was initially related only to wire transfers) to the cryptocurrency exchanges and cryptocurrency wallet providers. 

What is the Travel Rule and what does it mean for the crypto industry? 

Before June 2019, the Travel Rule used to be a requirement for banks to share information about their customers conducting wire transfers and assume the responsibility to report suspicious activities. After June 2019, crypto companies should also share information about their clients and obtain information about beneficiaries conducting crypto transactions. 

What are the requirements of the Travel Rule for crypto companies? 

Crypto companies should:
  • Perform identification, assessment, and take effective action to mitigate money laundering risks.
  • Be licensed/registered in the relevant jurisdiction.
  • Share the identities of users involved with any crypto transfers of $1000 USD/EUR or more with other crypto companies or the authorities.
  • Obtain and verify customer identification (KYC/KYCC).
  • Perform ongoing crypto transaction monitoring.
  • Screen customer crypto wallets.
  • Potentially share any blacklists with other crypto companies.

Originators (clients of crypto companies) must submit to the beneficiaries of the crypto operations the following data: 
  • Originator name.
  • Account number (where it is necessary to process the transaction).
  • Physical address.
  • National identity number, customer identification or alternative number.
  • Date and place of birth.

Beneficiaries of the crypto operations must submit to the originators:
  • Beneficiary name.
  • Account number or virtual wallet number (where it is necessary to process the transaction).

What are the implications for crypto companies?

Due to the lack of crypto regulations and relevant AML technologies to ensure compliance with the Travel Rule and data protection regulations such as the General Data Protection Regulation and California’s Consumer Privacy Act, crypto companies have faced a significant challenge. 

Saying nothing about harsh competition in the crypto market and various barriers, crypto companies use different blockchains, however, require a unified solution. 

Are there any solutions? 

FATF suggested the use of existing technology including public and private keys, transport layer security/secure sockets layers, X.509 certification, API technology. It was also proposed to create a global list of crypto companies, where each company will receive a unique identification number (similar to SWIFT code), so the companies can identify each other when processing a transaction and verify whether the counterparty is properly licensed.

There is still a long way for the adoption of the technologies, however, there are several companies and partnerships in the market developing and providing the relevant technology to the crypto companies, including InterVASP Messaging Standard, a coordinated effort between industry bodies U.S. Digital Chamber, Global Digital Finance, and IDAXA to provide uniform messaging standards for the transmission of said data.

Should you require further information or our assistance with the adoption of the Travel Rule within your company, feel free to contact our experts at info@zrtolerance.com