Crypto travel rule 101

What is the Crypto Travel Rule?

The Financial Crimes Enforcement Network (FinCEN) created the 1996 Bank Secrecy Act (BSA) rule: [31 CFR 103.33(g)], which required all financial institutions to pass on certain information to the next financial institution in certain funds transmittals involving more than one financial institution. 

In June 2019, global money laundering and terrorist financing watchdog the Financial Action Task Force (FATF) clarified that the Travel Rule applied to virtual assets (VAs) and virtual asset service providers (VASPs)

From then, institutions that work in Crypto and DeFi needed to understand and abide by these regulatory regimes, which are not meant to burden businesses but prevent transactions with profound national security consequences such as terrorist attacks and human and narcotics trafficking.

Since the second half of 2019, several countries such as Germany, Singapore, Switzerland, Canada, the USA, South Africa, the Netherlands, Bermuda, and others have adopted or introduced legislation that mirrors these FATF-driven AML compliance obligations in almost every aspect. 

What is the Travel Rule for Crypto Assets?

In October 2018, the Financial Action Task Force (FATF) adopted changes to its recommendations to explicitly clarify that they apply to financial activities involving virtual assets.

(Source: Notabene)

The Travel Rule for Crypto Assets mandates crypto companies to send, receive, and sanction screen customer personal information alongside a crypto transaction over a particular threshold. Crypto and DeFi businesses should comprehend and prepare to abide by these regulations or risk losing their operational licenses.  

If you would like to know more about travel rule implementation worldwide, check out our Travel Rule Requirements by jurisdiction page.

What is a Travel Rule data transfer? 

At Notabene, we call the Customer + Beneficiary’s personally identifiable information that must be sent along with Travel Rule regulated transactions: Travel Rule data transfers. 

Learn how to send your first Travel Rule data transfer here.

How to exchange Travel Rule customer information?

Knowing which information you must exchange with a counterparty VASP is step one while knowing what format is a close second. How to format an address? What about receiving customer names with different character sets than your systems are used to?

Data standardization is not necessarily a complicated problem; it just has to be done. InterVASP’s IVMS-101 messaging protocol defines a standardized customer record data model for exchanging data between exchanges. It was just ratified and is on its way to becoming the standard industry Travel Rule data messaging format. 

How to request workflow using IVMS-101?

There must be a correct workflow to handle requesting a transfer, exchanging information, and ultimately authorizing a transfer.

How to exchange required customer PII using IVMS-101?

To exchange customer information through the industry-standard Travel Rule data messaging protocol, it is essential to:

Trust framework for VASPs and other Financial Institutions

Knowing who your counterparty VASP is, is ultimately one of the most significant problems of the space.

A risk-based approach to trusting correspondent VASPs

When interacting with another VASP as part of implementing the Travel Rule, trust is imperative. You are sending them your customers’ data and relying on them to do an excellent job KYC-ing their customers. While it is your counterparty VASPs’ responsibility to perform KYC on their customer, it is your responsibility to determine if their KYC processes are robust.

The FATF recommends performing due diligence on them like a bank would do while creating a correspondent banking relationship. Paragraph 105 of FATF’s Initial Guidance [JUN 2019] states:

“Recommendation 13 stipulates that countries should require FIs to apply certain other obligations in addition to performing typical CDD measures when they engage in cross-border correspondent relationships. Separate and apart from traditional FIs that may engage in covered VA activities and for which all of the measures of Recommendation 13 already apply, some other business relationships or covered VA activities in the VASP sector may have characteristics similar to cross-border correspondent banking relationships. INR. 13 stipulates that for correspondent banking and other similar cross-border relationships, FIs should apply criteria (a) to (e) of Recommendation 13, in addition to performing standard CDD measures. “Other similar relationships” include money or value transfer services (MVTS) when MVTS providers act as intermediaries for other MVTS providers or where an MVTS provider accesses banking or similar services through the account of another MVTS customer of the bank (see 2016 FATF Guidance on Correspondent Banking Relationships).”

The FATF is saying here that VASPs should implement a new due diligence process to analyze which VASP you wish to interact with. Even after performing successful due diligence on a VASP, include this information in your ongoing AML process approving and denying transactions.

FATF’s Counterparty Due Diligence recommendations are as follows: 

How do I send Travel Rule data transfers with Notabene?

By signing up to Notabene’s VASP Directory, clients are enrolled into Notabene’s free Sunrise Plan. Sunrise users can receive and respond to unlimited Travel Rule data transfers, and send transfers up to US $10,000.00 volume per month to any of their counterparties–regardless of which Travel Rule solution they use.

How does Notabene support VASP due diligence?

The Global Digital Finance (GDF) has adapted the Wolfsberg Correspondent Banking Due Diligence Questionnaire (CBDDQ) to the VASP due diligence process, resulting in an industry-specific VASP-to-VASP due diligence questionnaire.

Notabene's VASP Directory features this questionnaire. If adopted by the industry as a standard, this questionnaire could facilitate this component of Travel Rule compliance. Additionally, Notabene’s VASP Directory includes the licensing and registration information for 500+ VASPs.

Click here to access the VASP Directory.

Sunrise plan


Start with the basics. Ease into Travel Rule compliance with our code-free, low-effort Sunrise plan. Ramp up the full implementation when you're ready.

Learn more
Incoming TX
up to US$10k
full access
VASP Directory
full access

By clicking “Get started” you’re agreeing to sign up to Notabene’s Sunrise plan