Stablecoins have become a critical part of the evolving cryptocurrency landscape. Given their significance, it's crucial to grasp their role concerning the Crypto Travel Rule.This final article in our three-part series compares perspectives from both the Financial Action Task Force (FATF) and the European Union's (EU) positions on decentralized finance (DeFi), Stablecoins, and non-fungible tokens (NFTs).

This article covers Stablecoins, the EU’s and FATF’s general stance on whether they are regulated virtual assets, if stablecoin issuers are regulated as VASPs, and covers noteworthy developments over 2022. 

What are Stablecoins?

Firstly, let's understand what stablecoins are. Stablecoins are a specialized type of cryptocurrency crafted to minimize price volatility. Unlike virtual currencies such as Bitcoin or Ethereum, which are known for their price fluctuations, stablecoins aim to maintain a consistent value. They achieve this stability by tying their value to a reserve asset, often a fiat currency like the US Dollar or the Euro, or other types of assets like gold. In essence, the value of a stablecoin is tied to the value of the underlying asset or group of assets to maintain a 1:1 ratio or another predetermined ratio.

Types of Stablecoins

Stablecoins can be categorized into three main types based on what backs them:

1. Fiat-Collateralized Stablecoins: These stablecoins are backed by a reserve of a specific fiat currency, kept in a bank or another regulated financial institution. In simple terms, for each stablecoin in circulation, an equivalent amount of fiat currency is held as a reserve.

2. Crypto-Collateralized Stablecoins: These are stablecoins that are backed by other cryptocurrencies. Given the volatile nature of cryptocurrencies, these stablecoins are typically over-collateralized to account for price swings.

3. Algorithmic Stablecoins: These stablecoins aren't backed by any collateral. They use smart contracts and other mechanisms to automatically tweak the stablecoin supply in reaction to demand changes, with the end goal of maintaining a stable price.

The primary uses of Stablecoins

Stablecoins serve multiple functions, including facilitating transactions, acting as a stable store of value within the cryptocurrency market, and forming a bridge between traditional fiat currencies and cryptocurrencies. Importantly, they are often used in DeFi applications for various financial activities like lending, borrowing, and earning interest on crypto assets.

The Rise and Scrutiny of Stablecoins in 2022

Stablecoin usage surged in early 2022 but faced scrutiny in the latter half of the year after the collapse of TerraUSD. TerraUSD was a popular algorithmic stablecoin whose dollar peg broke down due to massive concurrent withdrawals from Anchor and Curve crypto exchanges, causing a broader selloff that wiped off $200 billion from the market value of all crypto-assets.

The collapse of TerraUSD generated new concerns over stablecoins' safety, leading policymakers to impose rules on stablecoin issuers. Moreover, regulators and central banks became concerned about the rise of stablecoins eroding their monetary monopoly. Below we highlight relevant stablecoin events in 2022:

Stablecoin Legal & Regulatory Spotlight in 2022

• January 12, 2022 📋- The Hong Kong Monetary Authority (HKMA) released a discussion paper that provided insight into the HKMA’s plans for the future of stablecoin regulation in Hong Kong. 
• May 9, 2022 - UST's peg to USD broke, leading to the price of UST and its sister token LUNA crashing. This wiped $200 billion from the market value of all crypto assets.
• June 3, 2022 - Japan’s parliament passed a bill to ban stablecoin issuance by non-banking institutions.
• July 13, 2022 📋- The Committee on Payments and Market Infrastructures (CPMI) and International Organization of Securities Commission (IOSCO) affirmed that the Principles for Financial Market Infrastructures apply to ‘systemically important’ stablecoin arrangements and transfers. 
• July 19, 2022 - The UK Chancellor announced the planning of a bill that sets out how stablecoins may be used as a payment method.
• September 21, 2022 - Members of the U.S. Congress began working on legislation that would temporarily ban certain types of algorithmic stablecoins.
• October 5, 2022 📋- The EU’s MiCA laid out strict stipulations for stablecoin issuers due to their potential for mass adoption as a means of exchange as well as their associated market integrity risks.

‍

N.B. The dates that are accompanied by a clipboard icon indicate a document that was produced by a regulator.

How Does the Crypto Travel Rule Apply to Stablecoins?

Both the FATF and the EU have established significant stances regarding stablecoins. The FATF views stablecoins with concern due to their potential for anonymity, global reach, and potential misuse for illegal fund transfers. As such, it calls for a risk-based approach for identifying obliged entities. The EU's Markets in Crypto-assets (MiCA) regulation provides a more differentiated treatment, distinguishing stablecoins based on whether they qualify as significant asset-referenced or e-money tokens, each carrying distinct regulatory requirements. Notably, the FATF classifies stablecoins as securities or VAs, whereas the EU determines if a crypto-asset falls within the scope of MiCA depending on the nature of the token, including algorithmic stablecoins.

‍

FATF vs. EU: General Stance on Stablecoins

‍

FATF: Stablecoins rank high on the list of the FATF’s concerns “because of their potential for anonymity, global reach, and use to layer illicit funds.” The FATF also calls out their “greater potential for mass adoption” as stablecoins overcome the volatility issues associated with other crypto-assets and, therefore, constitute a more suitable option for payments. The FATF expects countries to “take a functional approach to identify obliged entities” and “mitigate the relevant risks based on a risk-based approach (RBA) regardless of institutional design and names.” ^[1]

EU: MiCA distinguishes the treatment of stablecoins depending on whether they qualify as significant asset-referenced tokens or significant e-money tokens, as these  “can pose greater risks to financial stability.” ^[2] Issuers of significant asset-referenced tokens or significant e-money tokens are subject to more stringent requirements including “higher capital requirements, to interoperability requirements and they should establish a liquidity management policy.” ^[3]

‍

FATF vs EU: Are Stablecoins considered Virtual Assets?

FATF: FATF classifies stablecoins as securities or VAs.

EU: Where a crypto-asset falls within the definition of an asset-referenced token or e-money token, it falls under MiCA’s scope, irrespective of how the issuer designed the crypto-asset, including the mechanism to maintain a stable value - this includes algorithmic stablecoins. ^[4]

‍

FATF vs. EU: Are Stablecoin issuers regulated as VASPs? 

‍

FATF: Entities involved in the governance of stablecoins, whether centralized or decentralized, could be categorized as VASPs depending on their position and the terms of the stablecoin arrangement. In situations where decentralized entities manage the stablecoin (e.g., MKR token holders who monitor Maker Protocol), it becomes more difficult to identify the entity responsible for AML/CTF. In these cases, entities that could fall within the scope for regulatory or supervisory action are the following: 

1. The initial driver of the development and launch of the arrangement that eventually becomes decentralized.
2. One that facilitates trading with stablecoins.
3. Custodial wallet services that support stablecoins. ^[1]

EU: Algorithmic stablecoins issuers that aim at maintaining a stable value in relation to an official currency of a country or to one or several assets, via protocols, are subject to the rules applicable to asset-referenced tokens or e-money issuers. Offerers or persons seeking admission to trading of algorithmic crypto-assets that do not aim at stabilizing the value of the crypto-assets by referencing one or several assets are, in any event, subject to the requirements applicable to the issuance of other crypto-assets (set in Title II of MiCA). ^[4] 

‍

FATF vs. EU: Noteworthy Stablecoin Developments

‍

FATF: In it’s Targeted Update, the FATF states, “As the liquidity of stablecoins increases in parallel with the growth of DeFi markets, FATF will continue to facilitate discussion between jurisdictions and other standard setting bodies on implementation issues.” ^[5]

EU: Stablecoin issuers should have a custody policy that ensures asset segregations, prevents tokens from being used as collateral, and provides holders with prompt access to their funds. Credit institutions, investment firms, or VASPs should custody the insulated reserves.  The credit institution, an investment firm, or a VASP that custodies the segregated reserve should be responsible for the loss of reserve assets. ^[6]

‍

In summary, the Crypto Travel Rule has far-reaching implications for stablecoins. Both the FATF and EU offer varied approaches in their regulations, primarily distinguishing stablecoins based on their nature, usage, and associated risks. As stablecoins continue to gain prominence in the crypto market, further evolution of regulatory stances is anticipated. Understanding these rules and how they apply to stablecoins will play a significant role in shaping the future trajectory of these digital assets.

Discover the link between the crypto Travel Rule and Stablecoins in Notabene's comprehensive 2023 State of Crypto Travel Rule Compliance Report.

{{cta-learnmore6="/cta-components"}}

‍

This article was initially produced when the "Markets in Crypto-Assets" document was still in draft form. However, the content has been updated to reflect the final regulation as published by the EU Parliament in 2023 [EU Parliament (2023). Markets in Crypto-Assets, various pages and paragraphs].

[Originally posted by FOMO Pay, see here]

‍

SINGAPORE, 29 Aug, 2023 – FOMO Pay, a leading digital payment and digital banking solutions provider headquartered in Singapore, announces its strategic partnership with Notabene. The implementation of Notabene’s end-to-end solution for global Travel Rule compliance enables FOMO Pay to further enhance its know-your-transaction (KYT) capabilities and highlights FOMO Pay’s commitment to compliance and customer security. In addition, through comprehensive licensing and adherence to regulatory requirements, FOMO Pay has obtained “Super VASP” status in Notabene’s Virtual Asset Service Providers (VASP) network. This milestone empowers the public with streamlined access to accurate and verified business information, aligning with FOMO Pay’s consistent efforts to foster trust in the digital payment and digital asset fields.

In 2019, the Financial Action Task Force (FATF) released crucial recommendations aimed at combating money laundering, terrorist and proliferation financing. FATF requires countries to assess and mitigate risks associated with virtual asset financial activities and providers. As part of the requirements, the Travel Rule mandates all VASPs to screen, record and communicate the information of both the sender and recipient of a digital asset transaction. In 2023, the global regulatory landscape has evolved with stricter enforcement of the Travel Rule for digital asset transactions, as governments and financial institutions worldwide take significant steps to enhance transaction integrity and overall financial ecosystem security.

In order to maintain comprehensive digital asset compliance capabilities in the ever-evolving digital asset industry, FOMO Pay adopts a proactive approach in investing in leading compliance solutions to continue to ensure strict adherence to global regulations. Integration with Notabene equips FOMO Pay to automate Travel Rule compliance in line with global regulations, allowing secure and efficient digital asset transactions.

“We are pleased to partner with Notabene and integrate their Travel Rule solution. This collaboration represents FOMO Pay’s commitment to strengthening our compliance capabilities in alignment with global regulations, enabling informed decisions to enhance our AML capabilities,” said Wee Teck Lim, Head of Compliance at FOMO Pay. “We firmly believe that our collaboration with Notabene will further enhance our ability to provide secure and reliable digital payment and digital asset solutions to our valued clients and partners.”

“We are excited to be working with FOMO Pay to enrich their compliance capabilities and ensure safer digital asset transactions for their clients. FOMO Pay’s commitment to bridging the gap between fiat and digital assets for business use cases is very aligned with our mission at Notabene. This collaboration demonstrates the significant impact of Travel Rule implementation in facilitating secure and efficient digital asset transactions to build a safer and more accessible digital asset ecosystem.” – Pelle Braendgaard, CEO of Notabene.

With this partnership, FOMO Pay demonstrates its steadfast commitment to upholding industry standards in compliance by ensuring safer transactions involving digital assets for merchants, corporates and financial institutions. FOMO Pay’s proactive approach to regulatory compliance and strategic investments in robust solutions solidify its position as a leading digital payment solutions provider.

‍

-ENDS

Media Contact

Sacha Lowenthal

Head of Marketing, Notabene

[email protected]

‍

About Notabene

Notabene developed the crypto industry’s only pre-transaction decision-making platform, enabling customers to identify and stop high-risk activity before it occurs. With a focus on security, privacy, and user experience, Notabene’s multi-source data and software enables real-time decision-making, counterparty sanctions screening, self-hosted wallet identification, and more.

SOC-2 security certified and trusted by over 100 companies, Notabene operates globally with headquarters in New York, and presence in Switzerland, Singapore, Germany, and the United Kingdom.

Companies like Copper, Luno, Crypto.com and Bitstamp leverage our SafeTransact platform for Travel Rule compliance, tailored to their needs and aligned with global and local regulations. Our platform builds trust in virtual asset transactions to foster financial growth with minimized risk.

Get started today; sign up for our free SafeTransact Rise Plan to respond to regulated transactions for free using the world’s largest VASP Network.

LinkedIn | Twitter

‍

About FOMO Pay

Founded in 2015, FOMO Pay Pte Ltd is a major payment institution (License No. PS20200145) regulated under the Payment Services Act in Singapore, licensed by the Monetary Authority of Singapore (MAS) to conduct Cross-border Money Transfer Services, Domestic Money Transfer Services, Digital Payment Token Services and Merchant Acquisition Services. The firm has become a leading one-stop digital payment and digital banking solution provider, and is currently building Asia’s first licensed gateway helping institutions and businesses to connect between fiat and digital currency. The company offers its three flagship products:

• FOMO Payment: a one-stop digital payment solution for merchants, corporates and financial institutions.
• FOMO iBank: facilitates businesses’ every-day requirements for transactional banking needs.
• FOMO Crypto: Asia’s first licensed gateway bridging fiat and digital currency.

Visit www.fomopay.com for more information.

‍

The world of crypto compliance has seen rapid changes over the past year. Since the Financial Action Task Force (FATF) extended Travel Rule compliance for crypto custodians, global events and pivotal moments have rapidly propelled Virtual Asset Service Providers (VASPs) from mere contemplation to active implementation of these AML compliance measures.

But what's genuinely fueling this accelerated adoption? Join us as we explore the primary motivations prompting VASPs to invest in Travel Rule solutions.

The Six Reasons Pushing VASPs to Find Crypto Compliance Solutions:

‍

1. Upcoming enforcement deadlines

As deadlines approach, VASPs run out of time to develop a cohesive compliance strategy, test direct integration into various protocols, and evaluate end-to-end solutions. Integrating and testing different protocols slows down the path toward Travel Rule compliance, with Compliance Officers spending upward of 18 months trialing protocols to fit the company’s specific needs.

Additionally, Exchanges registered in a jurisdiction where the Travel Rule is already enforced: US, Singapore, Switzerland, Philippines, South Korea, Germany, Canada, Indonesia, Malaysia, Gibraltar, Estonia, Dubai, Liechtenstein, Malta, Portugal, Japan, Hong Hong, the United Kingdom, as well as exchanges that send a large volume of transactions to VASPs in those jurisdictions, must roll out Travel Rule compliance as soon as possible.

‍

2. Business preservation and transaction assurance

As more and more VASPs become compliant with the Travel Rule, the expectation for their counterparty VASPs to receive travel rule information and respond reciprocally is growing. If the counterparty VASP does not participate in travel rule flows, it's becoming increasingly likely that compliant VASPs will simply stop transacting with them. Proactive compliance is paramount to avoid business and, more specifically, transaction slowdowns. Additionally, per FATF guidance, VASPs can now restrict transactions with non-compliant counterparts. 

‍

Our 2023 State of Crypto Travel Rule Compliance Report highlights that about 61% of respondents enforce transaction restrictions with non-cooperative counterparties: 8% need a Travel Rule message sent to the beneficiary VASP, 41% employ a risk-based approach, and 12% await a response from the Beneficiary VASP. Non-responsive counterparties risk losing transactions from compliant VASPs, making this a critical reason for VASPs to invest in compliance solutions.

‍

3. Stakeholder demand

VASPs are rolling out Travel Rule solutions quickly to meet the demand from their banking partners, auditors, institutional customers, and other business stakeholders.

It is now a standard expectation for VASPs to be travel rule compliant when applying for new banking partners, getting audited, or establishing other business relationships. Demonstrating compliance with the Travel Rule improves a VASP's likelihood of passing the due diligence requirements to establish solid banking relationships. By including the Travel Rule in their compliance stacks, VASPs demonstrate their risk management strategies to auditors, align with industry standards, and meet regulatory expectations, bolstering their reputation as trusted market participants.

‍

4. Increased regulatory scrutiny due to sanctions

The Russia-Ukraine war accelerated crypto Travel Rule compliance.  Financial regulators have implemented fresh sanctions against Russian organizations and persons in response to the crisis between Russia and Ukraine. Although it is unknown to what extent sanctioned parties may turn to crypto, VASPs worldwide have acted upon the increased imperative to comply with sanctions obligations. Without crypto Travel Rule compliance, VASPs can—often unknowingly—facilitate transactions with sanctioned counterparties. Transactions associated with entities like Garantex, Bizlatzo, or any other sanctioned crypto service pose a substantial compliance risk for businesses in the U.S. and other jurisdictions, with potential fines and criminal charges as consequences.

Therefore, it's crucial for VASPs to be able to discern whether their clients are sending transactions to sanctioned entities, wallets, or jurisdictions. This can only be achieved by diligently implementing Travel Rule compliance, which enables transaction-level counterparty and sanction insight.

‍

5. To benefit from an incremental Travel Rule adoption

Forward-thinking VASPs are strategically using a phased rollout to their advantage. Ahead of their regulatory timelines, they are getting started with collecting the necessary counterparty data, putting in place the systems, and easing into the travel rule. This puts them in a great place to be ready without excessive strain on resources and with minimized impact on their customers.

Thanks to industry advocacy, some regulators are warming up to this staged approach to compliance. Recent surveys highlight an increasing preference for this phased approach: 31% in the current year, up from 18% in 2022.

‍

6. To gain a competitive edge

It goes without saying: regulated financial products distinctly outshine their unregulated counterparts by offering numerous advantages. Advantages include crucial investor protection, stringent legal compliance, unwavering financial stability, improved market confidence, effective dispute resolution mechanisms, and indispensable consumer safeguards. Additionally, crypto compliance ensures safer transactions, strengthens trust, and strategically positions VASPs as reputable market players for enhanced growth and reach.

‍

How Notabene Addresses the Six Reasons VASPs Are Considering Travel Rule Solutions

‍

1. Notabene’s multi-jurisdictional approach facilitates seamless onboarding for VASPs across various jurisdictions

With imminent deadlines, globally-operating VASPs confront the challenge of staggered Travel Rule enforcement across their jurisdictions. This leaves them scrambling to craft a unified compliance strategy in each location, integrate protocols for each entity, and assess comprehensive solutions. 

For example, a VASP located across three jurisdictions may need a Money Services Business (MSB) license in the United States in Canada, a Digital Payment Token (DPT) license in Singapore, and a license from the Federal Financial Supervisory Authority (BaFin) in Germany—each with distinct compliance requirements.

‍

‍

‍

Notabene's SafeTransact provides a streamlined solution tailored for global businesses, offering support across 20+ jurisdictions and counting. VASPs choose us to expedite their Travel Rule compliance with multiple regions. Additionally, VASPs can leverage our SAFE Implementation program; VASPs can seamlessly integrate and fast-track their regulatory adherence, ensuring business continuity and regulatory alignment. Learn more below.

2. SafeTransact Rise: Notabene’s answer to business preservation and transaction assurance

Our customers’ success is our primary goal, and we understand that without responses to their Travel Rule transactions, our VASPs may not be able to achieve full compliance. Recognizing that many businesses may not have the tools to handle these responses, we offer SafeTransact Rise - a complimentary Sunrise Plan that provides transaction beneficiaries access to our comprehensive Travel Rule compliance dashboard to respond to unlimited inbound messages, as well as and send up to USD 10k in outgoing transactions. While on our platform, Compliance Officers can test out setting up safe, automated compliance workflows and utilize award-winning partnerships with blockchain analytics and sanctions screening providers.

‍

3. Demonstrating Travel Rule compliance readiness with Notabene's SafeTransact

When implemented correctly—pre-transaction settlement— Travel Rule compliance equips VASPs with detailed insights into transactional counterparties and allows VASPs to ascertain if clients transact with sanctioned entities, wallets, or regions.

As the industry’s only pre-transaction decision-making platform, Notabene's SafeTransact preemptively identifies and halts high-risk activity before reaching the exchange. Our platform offers a comprehensive view of crypto transactions, allowing users to automate real-time decisions, screen counterparties for sanctions, recognize self-hosted wallets, and ensure seamless global Travel Rule compliance following international regulations.

Additionally, VASPs use our reporting tools to demonstrate their Travel Rule compliance programs, including verified data about their transactions, counterparties, and VASPs’ steps to build robust compliance measures.

‍

4. Set rules to automatically stop transactions to sanctioned actors

Our customers can effectively identify sanctioned counterparties and block ensuing transactions by performing the following checks before the transaction occurs: 

1. Identifying counterparty VASP
2. Performing VASP due diligence
3. Identifying and sanction screening counterparty customers 
4. Monitoring wallet risk scores

‍

To automate this process, customers head to the Rules Engine to encode their risk-based rules to restrict incoming or outgoing Travel Rule data transfers with VASPs that do not meet their diligence criteria. This step also allows them to identify and block suspicious transactions at scale. By tying this mechanism into the transaction flow, this functionality boosts transaction efficiency and provides Compliance Officers with robust tools to mitigate AML-related risks effectively.

‍

‍

‍

5. SAFE Implementation phases: benefit from a comfortable Travel Rule adoption

We advocate for a phased, data-driven approach to Travel Rule implementation. Our SAFE Implementation process offers Notabene clients a tailored pathway to compliance based on their business needs. Customers can meet regulatory guidelines and evolve their own risk-based approach and needs over time - with the first phase requiring less than a week with only minimal technical integration. Furthermore, as part of the implementation phases, Notabene's SafeTransact platform provides industry-unique support for multiple legal entities, allowing VASPs to easily expand into multiple jurisdictions without worrying about complex legal and compliance issues. Our goal with SAFE Implementation is to make a comfortable Travel Rule technical rollout so VASPs can focus on other matters, such as incorporating new compliance requirements into their business workflows.

Learn more about SAFE Implementation

6. Notabene: competitive edge through specialized Travel Rule training & solutions

Due to its novelty and operational intricacies, fully harnessing the advantages of Travel Rule compliance requires learning a new set of rules. For the latest training on this regulation, Notabene offers a Travel Rule Compliance Certification, equipping Compliance Officers with the tools they need to succeed in 2023 and beyond.

‍

{{cta-bookademo="/cta-components"}}

As the Travel Rule deadline approaches, UK has made significant strides that directly impact UK VASPs’ compliance programs. In this article will highlight the key milestones and takeaways from recent regulatory publications and how Notabene is responding to these developments. Stay informed and engaged with the most relevant regulatory developments concerning Travel Rule compliance in the UK with Notabene.

‍

Relevant Travel Rule regulatory milestones in the UK 

The timeline below gives a brief overview of the most relevant milestones for Travel Rule compliance in the UK:

Key Travel Rule Takeaways from the JMLSG Guidance

On July 28, 2023, the Joint Money Laundering Steering Group (JMLSG) published a draft Travel Rule guidance that is now up for public consultation. CryptoUK’s Travel Rule Working Group, co-chaired by Notabene’s Senior Regulatory and Compliance Associate Catarina Veloso, shared insights and feedback with regulators and the JMLSG ahead of the publication of this draft. Both Notabene and CryptoUK will submit a response to the public consultation, by August 25, 2023. 

Find the key takeaways below: 

1. ‍Sunrise Issue: The current draft of the JMLSG Guidance acknowledges the Sunrise period as presenting “challenges for CBs dealing with counterparties in jurisdictions where the travel rule has not yet been implemented”. The current draft guidance advises Crypto Businesses (CBs) to take account of any FCA communications on this matter. Learn the FCA’s specific expectations for UK VASPs transacting during the sunrise period below. 
2. Cross-border Transactions: The Guidance clarifies that UK VASPs must follow UK Travel Rule requirements, regardless of whether their counterparty is subject to a different scope of requirements.‍
3. Self-hosted Wallet Transactions: The guidance offers VASPs detailed advice on risk assessment and appropriate actions for self-hosted wallet transactions.‍
4. Counterparty Discoverability: With no global VASP identifiers, the guidance suggests steps VASPs can take to identify counterparties and ascertain wallet hosting status.‍
5. Lightning Network: The draft discusses Travel Rule application within the Lightning Network, stating intermediate parts of a transfer are not subject to the rule, even if nodes are CBs.

Dive deeper into the takeaways on our recent blog post.

‍

FCA Statement: How UK VASPs should proceed with transactions during the sunrise period

On August 17, 2023, the FCA published its expectations for UK cryptoasset businesses complying with the Travel rule. The publication outlined how UK VASPs are required to comply with the Travel Rule when sending or receiving a transaction from a counterparty based in a jurisdiction where Travel Rule does not yet apply.

• ‍When sending a transaction to a jurisdiction without the Travel Rule, if the counterparty VASP cannot receive the necessary information, the Originator UK VASP must still collect and verify the information as required by the Money Laundering Regulations (MLRs) and should store that information before making the cryptoasset transfer.

📌 Notabene clients can monitor the transfers sent to VASPs that are not able to receive Travel Rule information within their compliance dashboard.

• ‍When receiving a transaction without the required Travel Rule information, UK Beneficiary VASPs must make a risk-based assessment of whether to make the cryptoassets available to the beneficiary customer taking into account the status of Travel Rule regulations in the jurisdiction where the counterparty operates.

📌 Notabene clients are able to detect and monitor incoming transactions with missing Travel Rule information via API. These transactions will appear in their compliance dashboard.

‍

{{cta-bookademo="/cta-components"}}

SAFE Implementation: The Importance of a Phased Implementation when Rolling out a Travel Rule Program

‍

As the Global Head of Customer Success at Notabene, I regularly consult with Compliance leaders at the start of their Travel Rule implementation journey. 

While many understand the importance of complying with the Travel Rule, they often feel overwhelmed regarding how to get started, especially during the sunrise period and when dealing with multiple jurisdictions or areas needing more regulatory clarity. The technical work for a successful integration only compounds these concerns.

In this article, I'll explore the top Travel Rule compliance challenges experienced by the Compliance Officers I have worked with, explain why Notabene devised the SAFE Implementation phases, and present the advantages of the adoption program based on commentary directly from VASPs. 

‍

Understanding the Technical Challenges of Travel Rule Implementation

Many VASPs find it challenging to comprehend the extent of technical work required for integration. They also struggle to figure out how they can effectively collaborate with stakeholders from various departments in their business to ensure that the Travel Rule solution is implemented successfully.

As VASPs progress through the implementation, they often find it beneficial to opt for API integration to automate their Travel Rule processes instead of hiring additional teammates to manually carry out Travel Rule compliance checks. However, Without having insight into the specific actions the technical team needs to complete or alignment between how the implementation might look based on a VASPs risk appetite,  Compliance leaders are often at a loss for where to begin to ensure they are meeting regulatory deadlines. 

‍

Notabene's 2023 State of Crypto Travel Rule Compliance Report affirms this, with 27% of VASPs and 45% of Financial institutions citing 'a lack of technical resources’ as their main obstacle to adoption.

SAFE Implementation: A Guided Approach to Travel Rule Compliance

‍

"The secret of getting ahead is getting started. The secret of getting started is breaking your complex overwhelming tasks into small manageable tasks and then starting on the first one." - Mark Twain

‍

With these challenges in mind, we recently launched the SAFE Implementation phases. This step-by-step onboarding program is designed to help our clients navigate the intricacies of Travel Rule compliance efficiently while ensuring seamless collaboration between compliance and technical teams.

SAFE Implementation delivers a well-structured, step-by-step approach to achieving compliance, streamlining operational risk management, and providing valuable analytics to steer our customers through their Travel Rule implementation. By making subtle technical modifications, VASPs can effortlessly link their internal systems to Notabene, enabling the generation of proprietary data.

This rich data resource furnishes invaluable insights into the potential impact of compliance on existing transaction flows, equipping VASPs with the foresight to plan the initiation and response to transactions strategically. Additionally, this information empowers them with a clear roadmap for their journey toward achieving full compliance.

‍

How does SAFE Implementation support VASPs?

1. Step-by-Step Implementation and Testing: SAFE Implementation enables customers to gradually integrate the necessary technical infrastructure, validate data accuracy, and test functionality, all before they impact their end users. By breaking down the implementation process into manageable stages, customers can identify and address issues early, ensuring a smoother transition and reducing non-compliance risk.

2. Navigate Complex Regulatory Requirements: Compliance with the Travel Rule requires significant technical, operational, and procedural adjustments. By adopting a phased implementation approach, we ensure that our customers have adequate time and support to comprehend the requirements and implications of the Travel Rule fully. Notabene’s SafeTransact product manages each Jurisdictional data requirement, supporting VASPs in understanding what data they must provide to comply in their region. It also ensures that VASPs can handle the requirements of their counterparty's jurisdictions. 

3. Tailored Solutions for Diverse Customer Needs: Every business has unique operational models, technical capabilities, and customer bases. By utilizing our SAFE Implementation process, VASPs can design and implement tailored solutions based on their specific requirements. This ensures a more seamless integration of Travel Rule compliance processes into VASPs' existing systems, minimizing disruptions to their day-to-day operations.
   
   
4. Guidance and Training from the Customer Success team:  Successfully implementing the Travel Rule requires technical integration, adequate coaching, and ongoing support. VASPs can also choose to add a Customer Success Package, ensuring that they get custom training and white glove support from our team of subject matter experts. The Notabene Customer Success team is on hand through each milestone to provide comprehensive training sessions, resources, and dedicated customer support throughout the implementation journey. This empowers our customers to develop an in-depth understanding of the Travel Rule requirements and equips them with the necessary knowledge and skills to maintain compliance in the long term.
   
   
5. Compliance Readiness and Regulatory Confidence: By adopting a phased onboarding approach, our customers can demonstrate their commitment to regulatory compliance with relevant authorities. This proactive approach ensures adherence to the Travel Rule, helps build trust with regulators, and enhances the reputation of the crypto business. Furthermore, early compliance readiness positions our customers favorably in the rapidly evolving regulatory landscape, reducing the risk of potential penalties or disruptions to their operations.

‍

Far from being a mere regulatory checklist, achieving Travel Rule compliance involves understanding the regulatory landscape, strategic planning, and data-informed pre-transaction decision-making, all facilitated through our SAFE Implementation approach.

Notabene's SAFE Implementation program is not just a tool—it's a strategic ally that guides VASPs through the intricate terrain of crypto regulation. With the aid of crucial data and a tailored approach, VASPs can execute their compliance plans with heightened precision and assurance. This seamless and effective integration results in regulatory adherence and fosters trust with regulators, strengthening the business's reputation. 

The rest of Notabene’s Customer Success team and I are dedicated to helping our customers turn regulatory compliance from a daunting challenge into a competitive advantage, effectively driving the future of the crypto industry.

This setup provides a systematic, step-by-step roadmap to ensure synchrony between technical and compliance teams, transforming an overwhelming task into achievable milestones. 

‍

{{cta-bookademo="/cta-components"}}

The Rising Trend of a Phased Approach to Crypto Travel Rule Compliance: Insights from Notabene's 2023 Report

Notabene's 2023 State of Crypto Travel Rule Compliance Report revealed a trend: Virtual Asset Service Providers (VASPs) are adopting a phased approach to fulfilling Travel Rule compliance obligations. This means they are gradually transitioning from non-compliance to compliance, taking measured steps toward ‘full compliance.’ [1] This nuanced insight is often missed in industry surveys, yet deserves attention as it reflects VASPs' practical and mindful strategy to adhere to the Travel Rule.

What is a Phased Approach to Travel Rule Compliance?  

A “phased approach” is a strategy that VASPs used to progressively meet their full compliance obligations, taking into account the impact on their users and business. To become regulatory compliant, VASPs must carry out several processes simultaneously. These range from modifying product offerings, implementing new compliance frameworks, updating the user interfaces and APIs their customers interact with, and much more. The situation gets even more complex if the VASP operates in multiple jurisdictions. 

Results from our compliance survey showed that rather than making a sudden leap from non-compliance to full compliance, VASPs are progressively rolling out their compliance initiatives in phases. This year, the adoption of a phased compliance strategy has risen to 31%, up from 18% in 2022 (Figure 2). This indicates an increasing acceptance of the phased compliance methodology among VASPs. Further details can be found in the sections below.

‍

Why are VASPs Embracing a Phased Approach to Travel Rule Compliance?  

Reported reasons VASPs opt for a phased approach to Travel Rule compliance include: 

• The Sunrise period: Fully complying with the Travel Rule during sunrise is particularly difficult for VASPs, as crypto is inherently borderless and international. VASPs based in countries where the Travel Rule is already being enforced will have a hard time being fully compliant; in some instances, they may not be able to send or get a response to a Travel Rule transfer from their counterparty VASP because this counterparty may be based in a jurisdiction where the Travel Rule is not yet enforced.
• Signaling compliance to regulators: Having a clear and well-structured Travel Rule implementation program is appreciated by financial regulators. This approach allows VASPs to refine their processes on their path to full compliance. 
• Meeting local Travel Rule enforcement dates: If a VASP is registered in a jurisdiction with upcoming deadlines, they have to prove compliance whether or not their counterparties are compliant. 

Diving into the staged approach to Travel Rule compliance 

Notabene's yearly State of Crypto Travel Rule report shows a growing intent to adopt the Travel Rule in the cryptocurrency industry, with most VASPs targeting complete compliance by 2023, as evidenced by the data in Figure 1. 

‍

‍

Understanding the meaning of ‘Full Compliance’

The industry's ambition to comply by the end of 2023 underscores its commitment to regulatory alignment and sets 2023 to become the year of Travel Rule adoption. Interestingly, the survey exposes a stark 109% rise in compliance claims, with 20% of respondents now identifying as 'fully compliant,' a significant increase from 13% in 2022. (Figure 1) However, pre-transaction fulfillment has only seen a 50% increase, suggesting some confusion around the interpretation of 'full compliance.' (Figure 1)

‍

The Phased Approach to Compliance Gains Traction

The survey highlights that 19% of VASPs are responding to inbound Travel Rule transfers, even if they aren't initiating their own, and 12% are fulfilling Travel Rule obligations post-settlement. (Figure 2) These actions are viewed as early compliance stages. Moreover, when asked to describe their company's current stance on Travel Rule requirements, only 3% selected "Idle" as their response. This response signifies a substantial 75% decrease from the 2022 survey, pointing to a progressive demystification of Travel Rule compliance within the industry.

‍

‍

Financial Institutions vs. Crypto Businesses Staged Compliance Approach

Survey data reveals a significant contrast between financial institutions (FIs) and crypto businesses in their compliance strategies for the Travel Rule. The approach taken by FIs appears more binary: they are predominantly either fully compliant (36%) or not complying at all (36%). A noteworthy 27% of FIs are at an intermediate stage, only responding to inbound Travel Rule transfers. (Figure 3) This may be attributed to their support for crypto deposits without accommodating crypto withdrawals. 

‍

Crypto businesses, on the other hand, present a more diverse spectrum of compliance stages, with 48% opting for a phased approach. (Figure 3) This could stem from many of these businesses being operational before FATF’s Recommendation 16 extended its reach to their sector.

FI’s, having likely operated under FinCEN’s original Travel Rule, mandated in 1996, may only need to implement the technology to support Travel Rule compliance for their crypto transactions. This stark difference in approach underscores the unique challenges VASPs and FIs face in their compliance journey. Consider reading about the top Travel Rule compliance hindrances in 2023 for more on these challenges.

‍

Notabene's Phased Approach to Travel Rule Compliance: The SAFE Implementation Phases 

To aid VASPs and FIs in their compliance journey, Notabene recently introduced the SAFE Implementation phases. This tiered, customizable approach simplifies compliance, equips customers with valuable analytics, and creates a tailored path based on specific business needs.

The SAFE phases offer the following benefits:

• Minimized Disruption: This phased integration of technical infrastructure mitigates risks and reduces disruption
• Regulatory Navigation: It allows sufficient time to understand the technical, operational, and procedural aspects of the Travel Rule.
• Continuous Improvement: The iterative nature of our method encourages constant learning and adaptation.
• Comprehensive Support: Notabene's Customer Success team provides extensive training and dedicated support.
• Regulatory Confidence: This gradual strategy demonstrates a commitment to regulatory compliance, cultivating trust with regulators.

The SAFE Implementation paves a reliable route toward Travel Rule compliance by emphasizing regulatory deadlines and leveraging data for informed decisions, risk mitigation, and user experience enhancement.

A Breakdown of the SAFE Implementation Phases

Notabene's phased approach for VASPs' Travel Rule compliance comprises four distinct stages, each addressing specific aspects of the adoption process. The phases are:

• Spark: VASPs prepare to send transactions by collecting counterparty VASP data through due diligence, assessing the degree of customer input required for a comprehensive Travel Rule message.
• Amplify: VASPs commence compliance to the greatest extent possible without customer collaboration, sharing originator information with counterparts, and responding to incoming Travel Rule transfers.
• Foundation: VASPs expand compliance by acquiring beneficiary information, conducting sanctions screening, and applying proper AML/CTF controls before transmission to the beneficiary VASP. This stage is standard during the sunrise period.
• Elevate: VASPs utilize verified originator and beneficiary data for informed pre-transaction decisions on both withdrawals and deposits. This phase is fully achievable in a post-sunrise period.

Mapping the 2023 State of Crypto Travel Rule Compliance Survey Data to the Safe Implementation Phases

Data from figure 2 suggests that most VASPs are still in the early stages of compliance, like the Spark and Amplify phases. A considerable number are complying to the best of their ability within the constraints of the sunrise period, aligning with the Foundation stage. Only a minority have achieved full Travel Rule compliance (Elevate.) 

Here's a more detailed breakdown:  

1. VASPs that reported non-compliance with travel rule obligations (34.8%) or post-settlement compliance (11.6%) and those allowing transactions without a Travel Rule message sent to the beneficiary VASP (37.3%) are in compliance stages akin to the Spark or Amplify phases.
2. VASPs fulfilling Travel Rule obligations before blockchain transaction settlement (20.3%) but not awaiting a beneficiary VASP response to process the transaction (22%) or proceeding if no response is received within a specific timeframe (14%) are likely in a compliance stage similar to the Foundation phase.
3. A small portion of VASPs (12% that reported disallowing a transaction unless a beneficiary VASP response is received) would qualify as being in the Elevate stage.
   
   

For a unique look into the Travel Rule compliance journey from the perspective of Notabene’s Customer Success team, head over to our next blog post. In "Overcoming Crypto Compliance Challenges: Notabene's SAFE Implementation Phases in Action," Notabene’s Global Head of Customer Success, Abigail Bryant Spolar, offers valuable insights drawn from her extensive experience guiding VASPs 

{{cta-learnmore2="/cta-components"}}

A Closer Look at CryptoUK’s Travel Rule Working Group and the Upcoming JMLSG Guidance: Insights from the Co-Chair

We are thrilled to announce that Catarina Veloso, Notabene's Senior Associate of Regulatory Affairs, has been appointed as the co-chair of CryptoUK’s Travel Rule Working Group. Catarina shares this esteemed position with Mark Aruliah, Senior Policy Advisor at Elliptic. 

Notabene's Regulatory and Compliance team is taking a proactive role in helping members of the group CryptoUK understand the requirements of the Financial Action Task Force's (FATF) Travel Rule. The Travel Rule has been implemented in the UK through the Money Laundering and Terrorist Financing (Amendment) (No. 2) Regulations 2022 (MLTFR 2022) on July 21st, 2022.

Navigating the FATF's Travel Rule: CryptoUK’s Working Group's Efforts to Educate UK VASPs

The Notabene Regulatory and Compliance team is dedicated to not only educating CryptoUK members about the requirements of this rule but also to engaging with policymakers and regulators to share their insights and perspectives on the topic.

The FATF's Crypto Travel Rule is a regulation that requires certain information to be included with transactions between virtual asset service providers (VASPs). In the case of the UK, the MLTFR 2022 would be the specific set of rules that VASPs, like cryptocurrency exchanges, have to comply with.

Following a 12-month grace period, the Travel Rule will be enforced in the UK from September 1st, 2023. On July 28, 2023, the Joint Money Laundering Steering Group (JMLSG) published a draft Travel Rule guidance that is now up for public consultation. CryptoUK’s Travel Rule Working Group shared insights and feedback with regulators and the JMLSG before publishing this draft. The next order of business for the working group is submitting a response to the public consultation, due on August 25, 2023. 

“Travel Rule compliance entails several new operational challenges for VASPs. And UK VASPs are in a really privileged position to overcome them - the fact that you are able to produce industry-led guidance through the JMLSG is a unique opportunity to have a say on how these challenges should be addressed and to define industry-wide compliance standards” - Catarina Veloso, Senior Associate of Regulatory Affairs - Notabene. 

The JMLSG is a private sector body comprising the leading UK Trade Associations in the financial services industry. They produce Guidance that sets out what is expected of firms and their staff concerning the prevention of money laundering and terrorist financing, which is now being extended to cover the crypto Travel Rule. 

Although the JMLSG Guidance is not legally binding, it is subject to approval by the HM Treasury and is taken into consideration by the FCA when supervising and by courts. Therefore, the JMLSG Guidance will provide a base from which UK VASPs can develop tailored policies and procedures for compliance with the Travel Rule. 

‍

JMLSG’s Draft Guidance on the Travel Rule: What It Means for UK Cryptoasset Businesses

The current draft of the JMLSG Guidance covers essential topics such as: 

📌 Sunrise issue: The Sunrise period is acknowledged as presenting “challenges for CBs dealing with counterparties in jurisdictions where the travel rule has not yet been implemented.” The current draft guidance advises VASPs to take account of any FCA communications on this matter. Just yesterday, the FCA published a statement on precisely this topic. This statement sets expectations for how VASPs in the UK are required to comply with the Travel Rule when sending or receiving a transaction from a counterparty based in a jurisdiction where Travel Rule does not yet apply, as follows:

When sending a cryptoasset transfer to a jurisdiction without the Travel Rule:

• Take all reasonable steps to establish whether the firm can receive the required information. 
• If the firm cannot receive the necessary information, the UK cryptoasset business must still collect and verify the information as required by the Money Laundering Regulations (MLRs) and should store that information before making the cryptoasset transfer.

When receiving a cryptoasset transfer from a jurisdiction without the Travel Rule:

• If the cryptoasset transfer has missing or incomplete information, UK cryptoasset businesses must consider the countries in which the firm operates and the status of the Travel Rule in those countries.
• The UK cryptoasset business should take these factors into account when making a risk-based assessment of whether to make the cryptoassets available to the beneficiary.

 📌 Cross-border transactions: The Guidance clarifies that UK VASPs must follow UK Travel Rule requirements, regardless of whether their counterparty is subject to a different scope of requirements. For withdrawals, the Guidance clarifies that “[w]here the transfer is to a jurisdiction with higher requirements than those required in terms of the travel rule, a CB complies with its travel rule obligations by providing the information as required.”. Similarly, in deposits, “[w]hen there is missing or inaccurate information, the CB of the beneficiary must, when appropriate, request the missing information (regardless of whether the CB of the originator is subject to higher value thresholds in its jurisdiction), and consider making enquiries as to any discrepancies.”. 

 📌 Self-hosted wallet transactions: The Guidance provides more granularity into how VASPs can assess the risk associated with transactions with self-hosted wallets and determine the appropriate follow-up actions.

📌Counterparty discoverability: Acknowledging that it is challenging to discover the counterparty to a crypto transaction (in the absence of global VASP identifiers, equivalent to SWIFT codes in wire transfers), the Guidance suggests reasonable steps that VASPs can take to identify the counterparty and whether a wallet is hosted or unhosted. 

📌Lightning network: JMLSG also covered the specificities of how Travel Rule applies in the context of the Lightning Network, acknowledging that “[t]hose parts of a LN transfer that are intermediate to originator and beneficiary are not in scope of the travel rule even where one or both nodes in the channel are CBs.”

‍

Notabene's Proactive Role in UK Travel Rule Compliance: Regulatory Sandbox Testnets and Guidance for VASPs

Notabene's Regulatory and Compliance team is dedicated to assisting UK VASPs in understanding and complying with their upcoming Travel Rule obligations. 

As part of that effort: 

• We have conducted two testnets as part of the Financial Conduct Authority’s (FCA’s) Regulatory Sandbox with firms such as Ramp, Bitstamp, Wirex, CoinPass, Altalix, Hidden Road, Bitpanda, Custody, Uphold, and Zodia Markets. 
• We published a brief guide that summarizes the Travel Rule obligations set forth in the MLTFR 2022. 

We invite you to join the CryptoUK’s Travel Rule Working Group to be part of the conversation, contribute to the public consultation response, and continue engaging with policymakers and regulators on this topic. 

London, UK - August 17 2023

Over the course of four months, Notabene conducted two tests as part of the Financial Conduct Authority’s (FCA’s) Regulatory Sandbox. Firms that participated in these tests included Compliance Officers from Ramp Network, Bitstamp, Wirex, CoinPass, Altalix, Hidden Road, Bitpanda Custody, Uphold and Zodia Markets in a live testing environment of Notabene’s innovative Travel Rule compliance offering.

As part of the testing sessions, a variety of real-life scenarios were tested on Notabene’s platform. This exercise aimed to allow firms to assess how Notabene’s solution can improve participants’ readiness to comply with Travel Rule requirements, which enter into force on September 1, 2023. Developer teams executed the testnet script via the terminal, enabling virtual asset service providers (VASPs) to test different Travel Rule scenarios on Notabene’s platform against the unique requirements of the UK jurisdiction.

"The opportunity to directly interact with these real-world scenarios is crucial for compliance teams in understanding and responding to the challenges posed by the Travel Rule." - Lana Schwartzman, Head of Regulatory Compliance at Notabene

Through this interactive testing, compliance teams learned how Notabene’s solution helps firms to identify potential workflows, shared testnet learnings, and brainstormed solutions for compliance challenges. Importantly, participants gained first-hand experience with how Notabene’s tool tackles the impact Travel Rule flows will have on blockchain transactions, including how to integrate counterparty sanction screening into Notabene’s platform.

“Participating in Notabene's testing cohort within the FCA's Regulatory Sandbox has been an invaluable experience. The hands-on experience provided us with indispensable insights, allowing our compliance teams to grasp the intricacies of how Notabene will support us in implementing our travel rule obligations and effectively address our compliance needs in advance of the UK's September 1st regulatory deadline.” - Oliver Morgans, Head of Compliance and MLRO at Uphold Europe Uphold Europe Ltd

The testing phase concluded with an in-person roundtable discussion, where VASPs had the opportunity to reflect on Notabene’s test, share their main compliance challenges, network with industry peers, and engage in a dialogue about the cryptocurrency sector.

"We are thrilled to have participated in Notabene's testing cohort as part of the FCA's Regulatory Sandbox. The opportunity to engage with real-world scenarios has been invaluable in helping our compliance team understand and address the challenges posed by the Travel Rule.” - James Dalton, Deputy MLRO, Ramp Network

__

About the FCA’s Regulatory Sandbox

The FCA ’s Regulatory Sandbox allows firms to test innovative offerings in a live and controlled environment. More information on the FCA’s regulatory sandbox can be found here.

The FCA's Regulatory Sandbox helps innovative firms, both incumbents and new players, navigate the regulatory landscape by providing them access to regulatory expertise, enabling product testing, accelerating market entry, and providing guidance, and was established to support the FCA’s objective of promoting effective competition in the interests of consumers. 

For more information about the FCA’s Regulatory Sandbox or other FCA Innovation services, please contact/visit:

[email protected]

fca.org.uk/firms/innovation 

‍

For more information about Notabene, please contact:

[email protected]

‍

About Notabene

Notabene is crypto’s only pre-transaction decision-making platform. Enabling customers to identify and stop high-risk activity before it occurs.

Notabene's SafeTransact platform helps financial institutions and crypto businesses unlock their full potential in the digital economy. With a focus on security, privacy, and end-user experience, Notabene customers can use our multi-source data and software to automate real-time decision-making, perform counterparty sanctions screening, identify self-hosted wallets, and complete the smooth rollout of Travel Rule compliance, all in consideration of global and local regulations.

Notabene is SOC-2 security certified since 2021. Over 90 companies leverage our software to manage real-time regulatory and counterparty risk in virtual asset transactions, including Copper, Luno, Crypto.com, and Bitstamp. Headquartered in New York, Notabene is a global company with presence in Switzerland, Singapore, and the United Kingdom.

Notebene is not regulated or registered with the FCA.

LinkedIn | Twitter

As the decentralized finance (DeFi) sector continues to gain momentum, global regulatory authorities are grappling with effectively overseeing this new frontier in financial services. The Financial Action Task Force (FATF) and the European Union (EU) are formulating their respective approaches to DeFi regulation, focusing on a broad interpretation of the definitions provided in the FATF’s standards and shifting towards an activity-based regulatory approach. The challenge lies in determining which entities within the DeFi ecosystem qualify as Virtual Asset Service Providers (VASPs) and how to apply Anti-Money Laundering (AML) and Counter Financing of Terrorism (CFT) obligations to them.

In a previous post, we covered the FATF’s and the EU’s regulatory stances on NFTs. This article, taken from our 2023 State of Crypto Travel Rule Compliance Report, compares their regulatory stances on DeFi.

What is DeFi

DeFi eliminates intermediaries in financial services by executing transactions via code on blockchains. In 2022, DeFi protocols and applications continued their unprecedented growth, with major asset managers offering DeFi exposure to institutional investors. Retail users continued to flock to DeFi, although there were risks along the way- liquidations surpassed $8.7 million on February 23, and DeFi exploits across blockchains worldwide totaled $3.64 billion in 2022, a rise of 47.4% compared to 2021.

‍

‍

DeFi Legal & Regulatory Spotlight in 2022

Protocol-level sanction action reared its head in 2022. In August 2022, Tornado Cash, an Ethereum-based mixer, was blacklisted by the Office of Foreign Assets Control (OFAC) for its alleged links to the Lazarus hacker group from North Korea. This incident indicates that DeFi protocols will have to comply with sanctions in the future. Additionally, financial regulators released papers highlighting the challenges surrounding DeFi regulation. Below we highlight relevant DeFi events in 2022. N.B. Dates accompanied by a clipboard icon indicate a document that a regulator produced.

• ‍June 8, 2021 📋 - DeFi Policy Maker Toolkit | The World Economic Forum takes the stance that “an effective regulatory response to DeFi is likely to involve a combination of existing regulation, retrofitted regulation, and new, bespoke regulation.” (p.21)‍
• January 5, 2022, Aave Arc, designed to help institutions develop new products and services utilizing digital assets, attracted 30 financial institutions to its whitelist.‍
• April 2, 2022 📋 - European Financial Stability and Integration Review 2022 | The European Commission acknowledged that copying traditional regulatory approaches in a decentralized environment may not be an option. It notes, "Possibly, even more emphasis would need to be put on activity-based regulation as opposed to entity-based one.” 
• ‍April 4, 2022 - Uniswap user forms a class action lawsuit alleging that Uniswap Labs and its investors are culpable for her losses due to a failure to comply with securities laws.‍
• April 13, 2022 📋 - Policy Considerations for Decentralized Finance | Abu Dhabi Global Market expresses the view that “Given that DeFi does not change the underlying nature of financial services, we believe that similar requirements should be placed on DeFi participants as on TradFi participants. (...) However, we recognise that since DeFi changes how financial services are delivered, we may need to impose different obligations on a DeFi activity to achieve the same outcomes as those obligations placed on a TradFi operator.” (p.16-17)
• August 8, 2022 - U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash‍
• August 10, 2022 - MakerDAO makes contingency plans to execute an emergency shutdown should core contracts underpinning DAI, its stablecoin, be sanctioned.

‍

Crypto Travel Rule and DeFi

In this section, we will delve into the general stance of the FATF and the EU towards DeFi, examining whether DeFi is currently regulated and the measures being taken to continuously monitor and assess developments in the sector. 

FATF vs. EU: General Stance on DeFi

FATF: The FATF expects countries to determine whether an identifiable person is a VASP within the DeFi arrangement on a case-by-case basis, according to a broad interpretation of the definitions provided in the FATF’s standards.

EU: The European Commission has expressed its view that traditional regulatory approaches may not be a suitable fit for the decentralized environment of DeFi platforms. Instead of relying on entity-based regulation, the Commission is considering a shift toward an activity-based regulatory approach, which may better align with the dynamic and decentralized nature of DeFi.

To implement this approach, the Commission proposes a few access points for DeFi regulation:

• regulating the connections between regulated entities and DeFi platforms
• regulating the features of smart contracts targeting the project team behind the specific DeFi application, and
• utilizing embedded supervision to capitalize on the inherent data transparency offered by public blockchains, making it easier to monitor and oversee DeFi activities.

‍

FATF vs. EU: Is DeFi Regulated?

FATF: According to the FATF, a DeFi software application could not inherently qualify as a VASP. Instead, entities that maintain "control or sufficient influence" over a DeFi protocol should be subject to AML and CFT obligations if they provide or facilitate VASP services. This would apply to entities with an ongoing business relationship with DeFi protocol users, those profiting from the DeFi service, or those with the ability to set or change the parameters of the DeFi protocol.

However, the FATF recognizes that identifying entities with control or substantial influence over a DeFi arrangement can be challenging, and in some cases, a VASP might not even exist. They recommend that countries assess the risks posed by these activities and adopt appropriate risk mitigation measures. ^[1] This could include requiring regulated VASPs to be involved in the activities of the DeFi arrangement if deemed necessary. The FATF also clarifies that holding governance tokens of a DeFi protocol does not automatically qualify someone as a VASP, unless they can control or substantially influence the protocol’s governance. ^[2]

EU: Under MiCA, crypto-asset services that are fully decentralized without any intermediary do not fall within the regulation’s scope. However, if there are natural, legal persons or other undertakings that provide or control, directly or indirectly, a regulated activity or service (i.e., service of exchange of crypto-assets for other crypto-assets or the operation of a trading platform for crypto-assets), even if the service or activity is performed in a decentralized way, it would be subject to the MiCA’s scope. ^[3]

‍

Comparison of FATF and EU Guidelines on When DeFI is Regulated

‍

FATF vs. EU: Continuous DeFi Monitoring and Assessment

FATF: In its Targeted Update, the FATF acknowledges that DeFi markets have grown significantly from 2021 to 2022 and promises to “continue to monitor developments in DeFi, particularly the emergence of truly decentralized DeFi entities, and to facilitate dialogue on common AML/CFT implementation challenges, risk assessment, and good practices.” ^[4]

EU: After consulting with the European Banking Authority (EBA) and the European Securities and Markets Authority (ESMA), the European Commission plans to deliver a series of reports to the European Parliament and Council on the latest crypto-asset developments. These reports, particularly concerning areas not yet covered by existing regulations, may inform potential new legislation.

• Report on the latest developments in crypto-assets, expected by December 30, 2024, is due to include “an assessment of the development of decentralised-finance in markets in crypto-assets and of the appropriate regulatory treatment of decentralised crypto-asset systems without an issuer or crypto-asset service provider, including an assessment of the necessity and feasibility of regulating decentralised finance.” ^[5] 
• Reports on the application of this Regulation, expected by June 30, 2027, shall include “an assessment of the development of decentralised finance in markets in crypto-assets and of the appropriate regulatory treatment of decentralised crypto-asset systems.” ^[6]

As the DeFi sector continues to grow and evolve, regulatory authorities around the world are working to develop effective regulatory frameworks that can address the unique challenges posed by decentralized financial systems. The FATF and EU have proposed different approaches to regulating DeFi, with the FATF focusing on identifying VASPs within the DeFi ecosystem and the EU considering an activity-based regulatory approach. Both organizations will continue to monitor the DeFi sector and assess the risks associated with these activities. The rapid growth of the DeFi sector and the increasing interest from institutional and retail investors make it crucial for regulatory authorities to establish clear and effective regulatory frameworks to ensure the sector's continued growth and stability.

In previous articles in this series, we covered the FATF’s stance on the timing of Travel Rule compliance and shared the critical decision-making points for regulated transactions. We also discussed how the crypto industry struggles with carrying out these steps before the blockchain transaction occurs. SafeTransact, Notabene’s pre-transaction decision-making platform, simplifies this process.

Applying FATF's rules can affect a whole business, as setting up a Travel Rule compliance program will affect many departments and stakeholders. Notabene’s long-standing goal has been to simplify this process, providing a way for VASPs to get started on their Travel Rule compliance journey with minimal effort from their teams. First, let’s revisit the steps that Travel Rule-compliant companies must follow before authorizing compliant crypto transactions on the blockchain:

These pre-transaction steps include:

1. Identifying and sanction screening the transaction counterparty
2. Performing due diligence and assessing risk on the counterparty VASP
3. Exchanging Travel Rule information according to FATF's rules

Despite FATF's recent clarification that these steps must be followed before the transaction, results from our 2023 State of Crypto Travel Rule Compliance revealed that nearly 40% of compliant VASPs do not fulfill their Travel Rule data transmission transmission obligations before the blockchain transaction occurs. With SafeTransact, Notabene is committed to improving this statistic while helping all companies identify illicit transactions before they occur.

‍

SafeTransact: A Suite of Tools for Crypto Pre-Transaction Decision-Making

Notabene’s SafeTransact is the first platform that enables Compliance Officers to identify and stop high-risk activity before it occurs. The Notabene platform offers a secure, holistic view of crypto transactions, enabling our subscribers to:

• automate real-time decision-making
• perform counterparty sanctions screening
• identify self-hosted wallets, and 
• complete the smooth rollout of global Travel Rule compliance in line with international regulations.

‍
Below, we break down SafeTransact's four major components that help VASPs implement pre-transaction decision-making.

‍

1. SafeConnect: Effortlessly Identify, and Screen Counterparties

SafeConnect assists in identifying and screening counterparties in the pre-transaction process, an essential step to safeguard businesses from any potential legal repercussions resulting from transactions with sanctioned entities. Counterparty identification is notoriously challenging, as crypto transactions are usually linked only to a blockchain address.

By incorporating SafeConnect into your system, you can automatically and dynamically gather counterparty identification information from multiple sources; we use a combination of blockchain analytics data, data generated from client activity, and direct inquiries from your customer. This ensures accurate identification and consideration of jurisdictional requirements like thresholds and PII specifications, which can affect compliance workflows.

‍

The Travel Rule compliance solution employs a multi-jurisdictional approach, automatically detecting specific requirements in our client’s jurisdiction, as well as their transaction counterparty’s jurisdiction. The plug-and-play functionality automatically applies relevant regulatory requirements to all transactions. Our product team constantly monitors and updates the criteria in case of any changes so Compliance Officers don't have to.

Further, Notabene aids in counterparty VASP discovery through blockchain analytics and several other methods. VASPs in the Notabene Network can upload their hashed blockchain addresses to expedite mutual discoverability. This allows automatic identification when those addresses are involved in transactions. Additionally, the Notabene Network Discovery features enable VASPs to manage their internal address book.

Lastly, once the transaction counterparty and institution are identified, VASPs can perform risk assessments at the transaction level, which involves sanction screening the beneficiary and originator name, and assessing the blockchain address risk score, by connecting to analytics and screening providers in Notabene's marketplace.

‍

2. Notabene Network: Enhanced VASP Due Diligence and Risk Assessment

Once the transaction counterparty has been checked against sanctions, the due diligence focus turns to the counterparty VASP to assess risk to ensure that the counterparty VASP is a trusted exchange with adequate security standards. In its "Targeted Update on Implementation of the FATF Standards," released in June 2023, the FATF clarified the due diligence responsibilities of VASPs; VASPs must perform due diligence on their counterparties, regardless of their compliance status or the regulatory environment in their jurisdiction.

The Notabene Network hosts the largest selection of VASP profiles equipped with real-time, third-party-verified data. As an added layer of compliance, companies can exchange industry-standard due diligence questionnaires for a more scalable approach to counterparty verification.

‍

3. Notabene Dashboard: Streamlining Travel Rule Information Exchange

Based on the outcome of due diligence checks on transaction counterparty and institution, a Compliance Officer can decide whether to exchange Travel Rule information or block the transaction. The Notabene dashboard, a holistic transaction hub, compiles critical Travel Rule data, enabling easy access and review of all such transactions. Our one-stop-shop dashboard simplifies compliance management by making information more organized and manageable. 

Notabene subscribers can manage incoming and outgoing data transfers, securely store their customer's data for record-keeping, and generate comprehensive reports from the same dashboard. Due to our multi-protocol approach, our clients can send encrypted Travel Rule data transfers to various VASPs, regardless of their compliance status or network protocol. 

Further enhancing the service, the dashboard offers a comprehensive view of all transactions beyond the scope of Travel Rule requirements, providing Compliance Officers with a singular platform to demonstrate pre-transaction decision-making approaches to regulators. It functions as a comprehensive compliance center, allowing approval or rejection of both hosted and self-hosted wallet transfers and connecting those decisions to the blockchain authorization flow.

‍

4. Rules Engine: Automating the entire process

Finally, automating these checks is vital to implementing a complete Travel Rule compliance workflow with minimal impact on transaction latency. Compliance Officers can use our Rules Engine to program and apply compliance controls with various criteria across all transactions.

Thanks to in-app automation, compliance checks, and Travel Rule decisions can be tied with transaction outcomes, allowing Notabene subscribers to control compliance roll-out and workflows from the UI. Our dashboard lets you connect your AML providers, manage your rules quickly, and prevent illicit transactions in real-time.

Conclusion

Notabene's SafeTransact platform is a clear-cut answer to the challenges of meeting the FATF's Travel Rule regulations. SafeTransact tackles the problem of companies not complying with their obligations pre-transaction—an issue for 40% of Travel Rule-compliant businesses. SafeTransact equips VASPs with the tools to assess risk quickly, share information, and perform critical checks, such as identifying and confirming transaction partners while keeping the fast pace of crypto transactions. 

Beyond streamlining crypto regulatory compliances, SafeTransact supports the growth and health of the worldwide digital asset industry by allowing businesses to spot and stop high-risk activities quickly.

Get started today!

‍

‍

{{cta-bookademo="/cta-components"}}

‍

As Travel Rule enforcement deadlines appear left and right, VASPs proactively embed compliance workflows in their day-to-day operations. A wave of Travel Rule compliance consciousness is rippling across the market and within companies, resulting in businesses expanding their operations into multiple jurisdictions. Not only is pre-transaction decision-making now seen as part of the larger compliance and business ecosystem, but the holistic view of the Travel Rule is also gaining ground. To further enable these developments, our product suite and updates focus on enabling much-needed standardization and scalability to the VASP due diligence process and empowering Compliance Officers (COs) with robust data and insights that drive informed decision-making. 

In this post, we share our product roadmap for 2023, highlighting our key achievements thus far and our future plans to further support your compliance efforts. 

Let's dive in!

Product Vision and Strategy

Our mission has always been to enable safe and trusted crypto transactions. To operationalize this, we’ve created the most comprehensive and user-friendly platform for Compliance Officers to gain a holistic view to make the appropriate pre-transaction decisions in regulated crypto transactions. Every feature we designed is grounded in this mission, aiming to simplify the daily tasks related to compliant crypto transactions. 

‍

Let’s take a look back at what we’ve shipped in the first six months of 2023:

‍

- Added five jurisdictions to our platform

Regulatory enforcement is speeding up, and so is our platform. A key trend highlighted in our 2023 State of Travel Rule Compliance Report was that 2023 would be the Year of Travel Rule compliance, an insight proving true.  Regulatory enforcement is accelerating, inspiring proactive compliance efforts among VASPs across multiple jurisdictions such as the United Kingdom, Dubai, Japan, Indonesia, and Hong Kong.

‍

‍

We've added these new jurisdictions to our platform, empowering businesses to adhere to local regulations seamlessly. The plug-and-play functionality automatically applies relevant regulatory requirements to all transactions. Our product team constantly monitors and updates the requirements in case of any changes so Compliance Officers don't have to.

Additionally, we've noticed an uptick in existing customers expanding their Travel Rule capabilities to additional jurisdictions, reflecting their solid commitment to compliance. With multi-entity support, our SafeTransact dashboard facilitates the management of multiple jurisdictions.‍

- Integrated on Fireblocks platform

Travel Rule compliance and pre-transaction decision-making have been recognized as integral parts of a comprehensive crypto compliance stack. Notabene plays a vital role here, providing trust, standardization, and scalability in the VASP due diligence process. Our Fireblocks partnership exemplifies this, as we recently joined forces to offer the industry’s first fully-integrated solution for processing Travel Rule-compliant transactions for institutional customers. Mutual customers can now seamlessly and automatically perform compliance checks on their transactions through their custody providers, with no additional integration needed.

- 117 companies began their Travel Rule compliance journey using SafeTransact

Navigating the global crypto landscape's complexity requires a deep understanding of the ever-evolving regulations in multiple jurisdictions, strategic planning, and meticulous execution.  Each company complies at its own pace—largely dependent upon local regulations or internal risk appetite. Further, implementing a Travel Rule compliance program in a company often involves multiple stakeholders from different departments. Knowing this, we put our heads down to devise a plan to improve our customers' experience along their compliance journey and launched the following features:

• SAFE Implementation phases: This feature provides a guided, phased approach to Travel Rule compliance. Customers securely link their internal systems and practice Travel Rule scenarios before initiating real transactions.

• RoboVASPs: This feature acts as a series of VASPs, automatically responding to send transactions. RoboVASPs provide an automated testing environment for diverse transaction scenarios.
• Enhanced compliance controls: Compliance officers have more control over compliance decisions without tapping into their in-house tech resources. For example, Notabene users can now record reasons for declining crypto transactions based on a comprehensive list of logic defined by compliance experts.

‍

- Added a ‘top 20 counterparties’ view to the dashboard

Notabene customers now have a view of their top 20 counterparties on their dashboard, a feature designed to streamline our customers’ initial due diligence process. After completing the initial integration phase, VASPs can automatically link their blockchain analytics providers to identify and rank top counterparties based on transaction history. 

‍

‍

The feature displays a curated list of these counterparties, complete with essential details like jurisdiction, Travel Rule activity, and reachability. This immediate value-add simplifies the due diligence process, helping customers quickly assess counterparty compliance.

‍

- Enhanced real-time counterparty identification

Network Discoverability is a feature designed to enhance the real-time identification of counterparties for in-network VASPs. By utilizing this tool, VASPs can boost their reachability and reduce end-user friction. 

‍

The system is set up to auto-identify blockchain addresses for both sides of a transaction, ensuring both speed and accuracy. Importantly, all blockchain addresses are securely hashed. Each address is queried individually, ensuring the confidentiality of the entire list. Furthermore, address sharing is reciprocal; they are only exchanged with counterparties who also share theirs. This streamlined approach empowers Compliance Officers to share swiftly, and access VASP blockchain addresses within the Notabene network, significantly optimizing Travel Rule transactions.

‍

- Compliance officers can now set Travel Rule timings without developers

Compliance officers now have the capability to set specific Travel Rule transaction states, such as 'Sent,' 'Confirmed,' or 'Accepted.' When set, a new event is triggered to their webhook, signaling the appropriate time to initiate the actual blockchain transaction. This enhancement addresses feedback from customers who sought guidance on the optimal timing for the corresponding blockchain transactions during the Travel Rule exchange. 

Previously, any change in transaction timing required the involvement of development teams. Now, this feature empowers compliance officers to determine the execution timing of these transactions independently, eliminating the need for developer intervention.

- Self-service API: customers can auto generate their API credentials

Aimed at developers, this tool gives customers the autonomy to auto-generate their API credentials without needing to liaise with Notabene's support team. This accelerates integration processes and facilitates the addition of new jurisdictions. 
‍

‍

Once generated, customers can seamlessly integrate these credentials with our Auth0 endpoint to retrieve tokens for API use. The system provides both the client ID and secret, eliminating any preparatory steps. While the responsibility of managing tokens rests with the users, this feature exclusively pertains to the Notabene API. It empowers users to create transactions from the backend, bypassing our UI directly. API credentials are the gateway to obtaining a token, which authenticates users to access our API.

‍

A look ahead to the updates and features coming in the second half of the year:

‍

{{cta-bookademo1="/cta-components"}}

Each year, as part of our comprehensive State of Crypto Travel Rule Compliance survey, Financial Institutions (FIs) and Virtual Asset Service Providers (VASPs) share their main hurdles in adopting the Travel Rule. This article presents notable shifts in the top challenges, providing valuable insights into the evolving landscape of Travel Rule compliance.

Our 2023 report findings underscore the complexities of Travel Rule compliance; these insights amplify the necessity for a harmonized, global approach to compliance, primarily to address interoperability issues and the identification of counterparty VASPs. Learn more below.

Lack of technical resources becomes the main barrier to compliance

‘Lack of technical resources has emerged as the top hindrance to Travel Rule adoption, overtaking 'legal uncertainty' and 'sunrise period effects', which rank second and third, respectively.

‍

The percentage of VASPs that chose this response as their top roadblock has risen from 23% in 2022 to 27% in 2023. This increase may be due to VASPs having difficulty managing multiple data flows and integrating with various protocols, highlighting the challenge of protocol interoperability for widespread adoption of the Travel Rule. 

Additionally, 72.46% of respondents who identified a lack of technical resources as their primary obstacle to Travel Rule compliance had a personnel headcount below 100, which could also indicate resource allocation challenges. ^[1]

2. Financial Institutions face more technical hurdles in comparison to crypto businesses

When looking deeper into the data, ‘lack of technical resources’ is the top obstacle for Financial Institutions (FIs), with 45% of respondents citing this issue compared to 27% for crypto businesses. ^[2]

‍

The results showcase that FIs tend to take a stricter approach to compliance, with fewer variations in compliance stages. The shortage of resources may not be limited to compliance but may reflect a broader shortage and allocation of resources for launching digital asset products.

3. Legal uncertainty and sunrise period effects remain in the top three hindrances to compliance

'Legal uncertainty,' which the survey defined as ‘being unclear on what is required to comply fully with the Travel Rule,’ was the reported top hindrance to Travel Rule adoption in 2022, but it has fallen to second place in 2023. While it suggests a positive trend, regulators still need to set clear expectations for Travel Rule compliance and make more progress in reducing this hindrance further. ‘Sunrise period effects’ was cited by 19% of respondents as their greatest compliance challenge, highlighting the need for more information and guidance on this issue. [1] You can learn more about the sunrise period and its impact on VASPs and FIs in Chapter 5 of Notabene's 2023 State of Crypto Travel Rule Compliance Report.

4. Rising concern: data privacy

Data privacy has witnessed a noteworthy rise in concern, moving from last place in 2022 to becoming the fourth largest obstacle to Travel Rule adoption (from 4% to 12%) in 2023. (Figure 1) Survey results also revealed that more than half of the respondents do not enforce a counterparty due diligence process before sending a Travel Rule transfer. This is a concerning trend, as a key part of the due diligence process is to assess the data protection capabilities of counterparty VASPs, a process that is critical to mitigating these risks.

The FATF outlines alternative procedures—including the possibility of not sending user information—when there are reasonable doubts about counterparty VASPs' data protection practices. ^[4] Yet, more recent regulatory guidelines, like Hong Kong’s SFC, specifically recommend that Travel Rule solutions “protect the submitted information from unauthorized access using a strong encryption algorithm to encrypt the information during the data submission.” ^[3] 

Notabene uses decentralized identifiers for a privacy-conscious implementation of the Travel Rule. To learn more, dive into our SAFE PII technology that uses encryption, secure escrow methods, and self-managed encryption keys for robust personal data protection. 

5. VASPs call for a global unified approach in Travel Rule communication and reachability

We asked respondents to anonymously share their opinions on the existing Travel Rule protocols in the market and the most relevant criteria for assessing their suitability. We share the common feedback divided by themes below.

6. Lack of Interoperability

One of the most common themes from the responses was the need for a unified global approach to reachability and transmitting Travel Rule messages. Nearly a quarter of the survey respondents (24%) cited interoperability as a current blocker for compliance. In comparison, 20% expressed concern that the availability of “too many” protocols on the market was causing fragmentation and confusion over their needs.*

VASPs and the FATF emphasize how crucial it is for protocols to communicate with one another. The FATF calls on the

‍“...industry to accelerate efforts to strengthen solutions that are global, and can accommodate nuances in requirements across jurisdictions, in line with the expectations of the FATF Standards.” ^[5]

7. Lack of Counterparty VASP Identification

Another common theme was the lack of a universal method for identifying counterparties. Unlike wire transfers, there is no standard method for tying a blockchain address to a specific counterparty. This creates a challenge in assessing transaction obligations and identifying the counterparty that needs to receive the required Travel Rule information. Chapter 5 of our report expands upon this topic.

8. Non-compliance with FATF Standards

Finally, nearly 10% of the respondents expressed concern that protocols are not compliant with the original FATF Travel Rule proposal. This key finding underscores the need for the industry to continue collaborating on common issues and for the private sector to develop global technological tools that can accommodate nuances across jurisdictions.