Demystifying Crypto AML:Understanding the FATF Travel Rule

The Financial Action Task Force (FATF), an international organization focused on combating money laundering and terrorist financing, introduced the Travel Rule.

This rule has a long history, originating from regulations like the Bank Secrecy Act in the 1970s that required banks to collect data for investigations.

The FATF updated the Travel Rule in 2019 to address the specific needs of virtual asset service providers (VASPs), which are companies dealing with cryptocurrency and other digital assets.

Understanding the Travel Rule empowers VASPs to ensure implementation of the necessary procedures to avoid hefty fines, array commitment in combating money laundering, and adapt to the evolving regulatory framework.

Let’s get started

What is the FAFT travel rule regulation?

Originally, the Travel Rule applied solely to traditional financial institutions, requiring them to collect and share customer information during wire transfers.

This information typically includes details like names and account numbers for both the sender and receiver. For virtual assets, the information contains names of the originator and beneficiary, as well as the transaction reference number.

Recognizing the rise of virtual assets and the potential for misuse, the FATF expanded Recommendation 16 in 2019 to encompass Virtual Asset Service Providers (VASPs). This Recommendation 16 is what we call Travel Rule.

A VASP is any business dealing with virtual assets, such as cryptocurrency, that performs one or more of the following activities:

• Exchanging virtual assets for traditional currencies (fiat)
• Exchanging different types of virtual assets
• Transferring virtual assets between accounts
• Holding or managing virtual assets for clients
• Providing financial services related to the issuance or sale of virtual assets
• The activities listed above also trigger the application of the travel rule for crypto businesses.

By including VASPs in the Travel Rule, the FATF aims to bring greater transparency to virtual asset transactions.

How does Travel Rule combat money laundering?

Cryptocurrencies have become increasingly popular, but with that rise comes the concern of their potential use in illegal activities, particularly money laundering.

Anti-Money Laundering (AML) regulations are crucial in combating this, and the Travel Rule is a new tool specifically designed to address money laundering in the crypto sector.

Traditionally, AML regulations target traditional financial institutions. These institutions are required to collect customer information (Know Your Customer – KYC) and report suspicious activity.

However, crypto transactions often occur between anonymous wallets, making it difficult to track the origin and destination of funds. The Travel Rule aims to bridge this gap.

Here’s how Travel Rules are expected to combat money laundering:

• Increased transparency: By requiring the collection and sharing of customer data, Travel Rules make it harder for criminals to hide the source and destination of illicit funds. Law enforcement can trace transactions and identify suspicious activity more easily.
• Reduced anonymity: Anonymity is a feature often associated with cryptocurrencies, but it can also be a tool for money launderers. Travel Rules reduce anonymity by requiring identification of participants in transactions.
• Improved risk assessment: VASPs can use the collected data to assess the risk of money laundering associated with specific transactions or customers. This allows them to take appropriate actions, such as reporting suspicious activity to authorities.

Who needs to comply with the Travel Rule?

The FATF has established the crypto Travel Rule as a key weapon in the fight against money laundering. But who exactly needs to comply with this regulation?

The primary targets of the FATF crypto Travel Rule are two categories:

• Traditional financial institutions: These include banks and any other institution involved in transferring virtual assets (VAs), like Bitcoin or Ethereum. Even if a bank doesn’t directly deal in cryptocurrency itself, they fall under the Travel Rule if they are facilitating a transfer of VAs on behalf of a customer.
• VASPs: This term encompasses a broader range of businesses dealing in crypto. It includes cryptocurrency exchanges, custodial wallet providers, and any other entity offering services related to the buying, selling, or transfer of virtual assets.

It’s important to note that the specific definition of a VASP can vary depending on the jurisdiction. The FATF recommendations serve as a guideline, but individual countries have the flexibility to implement the Travel Rule within their own legal framework.

The state of FAFT Travel Rule in the UK

The United Kingdom has been proactive in implementing the FAFT Travel Rule. The travel rule applies to all UK-registered VASPs, or crypto businesses (CB) as it is called in the UK.

The UK implemented the travel rule on September 1, 2023. This followed a grace period granted by the Financial Conduct Authority (FCA) to allow VASPs time to adapt their systems and processes.

Unlike some jurisdictions, the UK has a tiered approach based on the transfer value and whether both involved CBs are UK-based. Here’s the breakdown:

• Below €1,000: For transfers below this threshold, UK CBs must collect and share basic information such as the names and account numbers of both originator and beneficiary.
• Above €1,000: For transfers exceeding €1,000, UK CBs must collect and share the basic information and the originator based on their legal structure. For firms, customer identification number or address of the registered office is needed. For individuals, they need to submit a customer identification number, address, or birth certificate number, passport number, or national identity card number, or date and place of birth.
• Above €1,000 (UK CBs only): For transfers exceeding €1,000 but only involving UK-based CBs, basic information must be collected and shared. However, the beneficiary CB can request further information within three business days.
• Multiple linked transactions: Transactions from the same originator that collectively exceed the €1,000 threshold will be considered as exceeding the threshold and require full compliance.

The challenges and the futures

Currently, there’s no single, standardized way for VASPs to exchange customer information.

Different VASPs use various messaging protocols, some within closed networks. This lack of interoperability makes it difficult for them to share data seamlessly, hindering compliance efforts.

While the FATF sets the overall framework, individual countries have the flexibility to implement the Travel Rule differently. This inconsistency in regional regulations can create confusion for VASPs operating globally.

The cost and technology are other issues. Implementing the Travel Rule requires investments in technology and personnel to handle data collection, secure storage, and transmission. This can be a significant burden for smaller VASPs.

Also, there’s still a privacy concern. Sharing customer information raises privacy concerns. VASPs need to ensure they comply with data protection laws while adhering to the Travel Rule’s information-sharing requirements.

However, ongoing efforts are underway to develop standardized protocols and improve regulatory clarity to create a more efficient and effective system in the future.

Conclusion

Introduced by The Financial Action Task Force back in 2019, the Travel Rule has become an effective tool in combating money laundering and other types of illegal financial activities.

That being said, the lack of a standardized way of collecting and exchanging customer data makes it difficult for VASPs to comply with the rule. Not to mention the technology and workforce needed to implement the Travel Rule might be beyond the reach of smaller companies.

This is where Complaer’s RegTech solution can help you navigate the complexities of Travel Rule. Our Rule Engine is designed to not only address current risks, but also adapt to evolving financial threats and regulatory changes in real time.

Offering continuous transaction monitoring and real-time alerts, you can quickly identify any suspicious activity before it’s too late. Complaer also automates 60% of your compliance workflows, which significantly reduces manual labor costs.

So, what’s holding you back? Try Complaer today and let’s take your fight against money laundering to the next level!