By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

How Notabene Solves Counterparty VASP Identification and Due Diligence

Catarina Veloso
Catarina Veloso
March 2, 2022
Catarina, Regulatory & Compliance Senior Associate at Notabene, specializes in global crypto regulations. With roles including co-chair of the CryptoUK Travel Rule group and part of the EBA Expert Group, she shapes Travel Rule compliance. Holds Masters in Energy Law and BA in Law.

Determining whether a transaction is with another Virtual Asset Service Provider (VASP) is the first crucial step in a comprehensive due diligence process. This assessment is pivotal in understanding whether the counterparty VASP is eligible to establish a business relationship [1]. Additionally, this evaluation process helps VASPs avoid transacting with illegitimate and sanctioned actors and ensures that their counterparties can protect the confidentiality of shared Travel Rule information [2].

The Counterparty VASP’s due diligence process must consider several factors, such as:

  • The robustness of the counterparty's data storage and security framework
  • The licensing and registration mandates in the jurisdiction where the VASP operates
  • Compliance with the Travel Rule [3]

Additionally, this evaluation must occur before any Travel Rule data is transferred [1].

The Operational Importance of VASP Due Diligence 

Accurate identification of the counterparty is not just a procedural formality but a necessity for Travel Rule compliance, as the entire anti-money laundering (AML) process hinges upon accurate counterparty identification. The counterparty type unveils the applicable Travel Rule requirements for each transaction.

Travel Rule requirements differ depending on whether the transaction is with an unhosted wallet or another VASP and whether the counterparty VASP operates in the same jurisdiction or a different country. This makes due diligence an even more critical aspect. Although the Financial Action Task Force (FATF) requires VASPs to perform due diligence on their counterparties, it has been noted that pinpointing the beneficiary wallet manager is a technically challenging endeavor [4].

Current VASP-to-VASP Due Diligence Process

As crypto transfers are recorded in public ledgers, VASPs treat their wallet address books as confidential information. Revealing wallet addresses would grant competitors and other third parties access to information about the VASP’s business and transactions that would be treated as strictly confidential in the traditional finance world. Because of this, VASPs currently rely on customer input or blockchain analytics providers like Chainalysis, Elliptic, and TRM to determine whether a transaction is with another VASP and to pinpoint which VASP it is. Yet, even with these mechanisms in place, VASPs routinely name counterparty identification as a hinderance to Travel Rule compliance.

Travel Rule messaging protocols due diligence limitations

Travel Rule messaging protocols only address sending and receiving customer data, so they do not provide solutions for conducting due diligence on counterparties. Instead, they rely on third-party services to perform due diligence on their network VASPs. It is improbable that a third party would have information on smaller exchanges, leading VASPs to painstakingly carry out due diligence on each of their counterparties themselves.

How Notabene Streamlines the Counterparty VASP Due Diligence Process

We've incorporated the Global Digital Finance (GDF) VASP Due Diligence Questionnaire (DDQ) into our platform to streamline this process. The GDF's AML Working Group developed this standardized questionnaire for VASP-to-VASP interactions and modeled it after the Wolfsberg DDQ—commonly used for traditional finance participants to perform due diligence on each other.

Integrating the DDQ into our Travel Rule Compliance dashboard enables straightforward sharing of critical information between parties, simplifying an otherwise complex process. When widely adopted, this questionnaire has the potential to not only streamline compliance but also mitigate the drawbacks of slowed transaction speeds and volumes caused by due diligence requirements.

Unlocking Key Benefits: Enhanced VASP Collaboration with Notabene

  • Seamless VASP Communication: Within the Notabene network, VASPs can quickly request access to another VASP's due diligence questionnaire. If the DDQ is incomplete, we proactively invite the counterparty VASP to finish it, encouraging better cooperation between parties.
  • Complete Data Control: The platform allows you to effortlessly share, decline, or revoke access to the questionnaire, giving you full control over who can see your data.
  • Transparent Activity Monitoring: Notabene provides transparency through a feature that lets you view the shared history of your documents. This keeps you well-informed about who has accessed your data.

Comprehensive Dashboard: SafeTransact's snapshot view of the questionnaire share history offers valuable insights, aiding you in effectively managing and monitoring interactions.

SafeTransact: Elevating VASP Identification and Due Diligence

Notabene offers a comprehensive Travel Rule compliance solution, making it easier for VASPs to perform due diligence on their counterparts. By embedding the VASP DDQ, we incorporate the industry standard for scalable and reusable due diligence. Additionally, the Network Discoverability feature further simplifies the verification process by offering a privacy-preserving mechanism for identifying VASPs through blockchain addresses.



[1] FATF (2021), Updated Guidance for a Risk-based Approach to Virtual Assets and Virtual Asset Service Providers, page 62, para. 197(c).

[2] FATF (2021), Updated Guidance for a Risk-based Approach to Virtual Assets and Virtual Asset Service Providers, page 62, para. 196.

[3] FATF (2021), Updated Guidance for a Risk-based Approach to Virtual Assets and Virtual Asset Service Providers, page 64, paragraph 199. 

[4] FATF (2021), Updated Guidance for a Risk-based Approach to Virtual Assets and Virtual Asset Service Providers, page 62, para. 197(a).