Commonly Used Terms and Definitions

Anti-money laundering/counter-terrorism financing. Sometimes written as AML/CFT.

Anti-money laundering (AML) for cryptocurrencies refers to the laws, rules, and policies to prevent criminals from turning unlawfully-obtained cryptocurrency into fiat.

Beneficial owner refers to the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement. Reference to “ultimately owns or controls” and “ultimate effective control” refer to situations in which ownership/control is exercised through a chain of ownership or by means of control other than direct.

A customer that receives a virtual asset transfer from the Originator VASP.

A virtual asset service provider (VASP) that receives the transfer of a virtual asset (VA) from the Originator VASP directly or through an intermediary VASP, and makes the funds available to the Beneficiary.

Counter-Terrorism Financing (CFT) is a combination of government legislation, regulations, and other measures designed to disrupt the flow of funds and other resources to terrorist organisations.

A VASP on the opposite side of a Travel Rule data transfer when a transaction is initiated from one VASP to another.

A wallet in which the private keys are held by a third party. Meaning, the third party has full control over your funds while you only have to give permission to send or receive payments.

Decentralized identifiers (DIDs) are decentralized entity-controlled identifiers that are designed to enable individuals and organizations to generate their own trusted identifiers. Individuals or institutions can prove control over them by authenticating using cryptographic proofs such as digital signatures. In the context of the Travel Rule, VASPs can use DIDs to build cryptographically verifiable presentations that collate essential transaction information, including: - VASP entities - Encryption public keys - Supported Travel Rule messaging protocols, etc.- Encryption Public keys - Supported Travel Rule messaging protocols, etc.

A "decision" is binding on those to whom it is addressed (e.g., an EU country or an individual company) and is directly applicable.

A "directive" is a legislative act that sets out a goal that all EU countries must achieve. However, it is up to the individual countries to devise their own laws on how to reach these goals.

Enhanced due diligence (EDD) is the advanced know-your-customer (KYC) process of gathering data and information to verify the identity of clients with additional information required to mitigate the risk associated with the client.

The Financial Action Task Force (FATF) Recommendations set out a comprehensive and consistent framework of measures that countries should implement to combat money laundering, terrorist financing, and the financing of weapons of mass destruction.

Notabene's shorthand version for FATF's Public Consultation: Draft Updated Guidance for a Risk-Based Approach to Virtual Assets (VAs) and VASPs Original document: https://www.fatf-gafi.org/media/fatf/documents/recommendations/March%202021%20-%20VA%20Guidance%20update%20-%20Sixth%20draft%20-%20Public%20consultation.pdf

Notabene's shorthand version for FATF's 12-Month Review: Revised FATF Standards on VAs and VASPs Published June 2020 Original document - https://www.fatf-gafi.org/media/fatf/documents/recommendations/12-Month-Review-Revised-FATF-Standards-Virtual-Assets-VASPS.pdf

Notabene's shorthand version of FATF's Guidance for a Risk-Based Approach to Virtual Assets (VAs) and Virtual Asset Service Providers (VASPs) Released June 2019 Original document: https://www.fatf-gafi.org/media/fatf/documents/recommendations/RBA-VA-VASPs.pdf

An additional note relating to or providing an interpretation of a FATF Recommendation

Notabene's shorthand version of FATF's Second 12-Month Review: Revised FATF Standards on VAs and VASPs. Released June 2021 Original document: https://www.fatf-gafi.org/media/fatf/documents/recommendations/Second-12-Month-Review-Revised-FATF-Standards-Virtual-Assets-VASPS.pdf

Notabene's shorthand version for FATF's Updated Guidance for a Risk-Based Approach to VAs and VASPs, released in October 2021. Original document - https://www.fatf-gafi.org/media/fatf/documents/recommendations/Updated-Guidance-VA-VASP.pdf

The Financial Crimes Enforcement Network (FinCEN) is a bureau of the United States Department of the Treasury created in 1970 to combat money laundering and terrorist financing. It is responsible for the collection and dissemination of financial data to law enforcement and other organizations to help identify and prosecute criminals. FinCEN’s mission is to detect, deter, and investigate money laundering, terrorist financing, and other financial crimes. It enforces compliance with its regulations and works with other financial intelligence units around the world to build cooperation and combat criminal activities. The organization also works with law enforcement to investigate financial crimes, providing support for criminal investigations and prosecutions. FinCEN is responsible for issuing advisories, guidance, and regulations to the financial sector to help them stay compliant with their obligations. The effectiveness of FinCEN in curbing financial crime has been debated, but many experts agree that its impact on the financial sector has been significant. It has helped to improve financial transparency and increase the ability of authorities to detect and investigate illegal activities.

FATF is an intergovernmental global money laundering and terrorist financing watchdog that sets international standards aiming to prevent illegal activities.

A financial institution (FI) is a company engaged in dealing with financial and monetary transactions such as deposits, loans, investments, and currency exchange.

Refers to a VASP in a serial chain that receives and retransmits a VA transfer on behalf of the Originator VASP and the Beneficiary VASP or another intermediary VASP.

An "opinion" is an instrument that allows the institutions to make a statement in a nonbinding fashion, in other words without imposing any legal obligation on those to whom it is addressed. An opinion is not binding. While laws are being made, the committees give opinions from their specific regional or economic and social viewpoint.

A customer that sends a virtual asset transfer from the Originator VASP.

A VASP which initiates the transfer of a virtual asset on behalf of an Originator Customer.

Personally identifiable information (PII) is information related to confirming an individual's identity. Sensitive PII can include full name, Social Security number, driver's license, financial information, and medical records.

A protocol is a set of rules governing computer communications on a network. These rules include guidelines that regulate the following characteristics of a network: access method, allowed physical topologies, types of cabling, and speed of data transfer.

A protocol switch enables interaction and communication to other protocols. With regards to the Travel Rule, Notabene defines a Travel Rule messaging protocol switch as a mechanism that examines incoming Travel Rule messages to see which protocol is the intended recipient, and then directly (and only) passes the messages to that protocol.

A FATF "recommendation" is not binding. FATF recommendations allow the institution to make their views known and to suggest a line of action without imposing any legal obligation on those to whom it is addressed.

A "regulation" is a binding legislative act. It must be applied in its entirety across the EU.

An approach where a financial institution or crypto company identifies the highest compliance risks to their organization. Then the company comes up with a process to assess, monitor, manage, and mitigate money laundering and terrorist financing risks and prioritize controls, policies, and procedures going forward.

Users have full control over their funds and on the associated private key. FATF often used “unhosted wallet” to refer to noncustodial wallets in its text.

The Travel Rule is the application of the FATF's Recommendation 16 to VASPs and consists of the obligation to obtain, hold, and transmit required originator and beneficiary information, immediately and securely, when conducting VA transfers.

Personally identifiable data (name, account number, etc) which must be sent from the Originating VASP to the Beneficiary VASP alongside or before a funds transfer over a specific threshold.

An Ultimate Beneficial Owner (UBO) is the person who is the ultimate beneficiary when an institution initiates a transaction.

A verifiable credential (VC) is an open standard for tamper-evident digital credentials that can be cryptographically verified. VCs can be used to show information from physical credentials, like a driver’s license or passport.

According to FATF, a VA is a digital representation of value that can be digitally traded, or transferred, and can be used for payment or investment purposes.

VASP is a term introduced by the FATF referring to any natural or legal person who is not covered elsewhere under the FATF Recommendations and as a business conducts one or more of the following activities or operations for or on behalf of another natural or legal person: i. exchange between VAs and fiat currencies; ii. exchange between one or more forms of VAs; iii. transfer of VAs; iv. safekeeping and/or administration of VAs or instruments enabling control over VAs; and v. participation in and provision of financial services related to an issuer's offer and/or sale of a VA.

In the context of VAs, FATF defines a transfer as a means to conduct a transaction on behalf of another natural or legal person that moves a virtual asset from one virtual asset address or account to another. Throughout this document, we also refer to virtual asset transfers as "blockchain transactions."