The European Banking Authority (EBA) has issued new Travel Rule Guidelines to enhance the traceability of fund and crypto asset transfers, aiming to combat money laundering and terrorist financing. Stemming from Regulation (EU) 2023/1113, which aligns EU regulations with FATF standards, the Guidelines aim for consistent implementation across the EU, taking effect on December 30, 2024. After releasing a consultation paper in November 2023, to which Notabene responded, the EBA released the final Travel Rule Guidelines on July 4, 2024.

Relevance of the Travel Rule Guidelines: Aligning Travel Rule Supervisory Practices across the EU

The Guidelines reflect the EBA’s view on appropriate supervisory practices within the European System of Financial Supervision or how EU law should be applied in this area. Authorities should integrate these Guidelines into their practices, including adjusting their legal frameworks or supervisory processes as needed.

‍

Key Takeaways from the EBA’s Final Travel Rule Guidelines - July 2024

Key Takeaways from the EBA’s Final Travel Rule Guidelines - July 2024

‍

1. Flexibility in Originator Information

The final version of the Travel Rule guidelines clarifies that CASPs have the discretion to determine which “alternative information items” about the originator customer to transmit and demand receiving, as long as they achieve unambiguous identification and support sanction screening. This approach is intended to be better suited for cross-border transfers. ^[1]

‍

2. Eased Requirements for Self-Hosted Wallet Transfers Below €1,000

• ‍Consultation Paper: The EBA’s consultation paper required that CASPs “use suitable technical means to cross-match data, including blockchain analytics and third-party data providers, for the purpose of identifying or verifying the identity of the originator or the beneficiary.” ^[2]‍
• Final Guidelines: Now, only information collection obligations apply for self-hosted wallet transfers below 1,000, eliminating the need for technical means like blockchain analytics to cross-match collected data to identify and verify the originator or beneficiary. ^[3]

In response to the public consultation, Notabene argued that this requirement was disproportionate and technically unfeasible to implement. The framework initially proposed was stricter than the one set out in the Transfer of Funds Regulation (TFR), creating disproportionate obligations on small transactions. Additionally, Notabene argued that verifying identities through blockchain analytics is impractical, as these providers lack the capability to link personal identities with wallet addresses. We are pleased that the EBA adopted our suggestion, and this adjustment will make compliance more feasible for smaller transactions.

3. Simplified Verification for 1st-Party Self-Hosted Wallet Transfers ≥ €1,000

• ‍Consultation Paper: The draft guidelines initially required CASPs to use two methods for wallet ownership verification. ^[4] 
• ‍Final Guidelines: The requirement to use two methods for wallet ownership verification has been removed. CASPs are now required to use only one method by default for verifying wallet ownership/control. ^[5]

In our consultation response, we successfully argued that requiring two methods for verifying wallet ownership/control may not enhance the verification process and could force the adoption of potentially inefficient practices. In the final version of the guidelines, CASPs are required to use only one method by default.

Notabene’s product suite includes a pop-up user interface designed to identify and verify Travel Rule counterparties at the point of transaction without impeding the transaction flow. SafeConnect obtains proof of self-hosted wallet (SHW) ownership through cryptographic signatures, one of the methods explicitly permitted in the guidelines. 

‍

{{european1="/cta-components"}}

‍

4. Clarification for 3rd-Party Self-Hosted Wallet Transfers Above €1,000

While the TFR does not specify the requirements for third-party self-hosted wallet transfers above €1,000, the Travel Rule Guidelines clarify that if the SHW is owned or controlled by a third party who is not a customer of the CASP, the requirements outlined in Article 19a(1)/(a) of Directive (EU) 2015/849 (AMLD) apply. [6] 

According to this provision, CASPs must evaluate the risks associated with transfers to or from self-hosted wallets. Additionally, CASPs are required to implement risk mitigation measures commensurate with the identified risks. These measures may include:

1. Verifying the identity of the transfer's originator or beneficiary;
2. Requesting additional information regarding the origin and destination of the transfer;
3. Implementing enhanced ongoing monitoring of the transactions.

Therefore, CASPs should adopt a risk-based approach to transactions involving self-hosted wallets and implement any necessary risk mitigation measures proportional to the identified risks.

‍

5. Full Compliance from December 30, 2024, is Mandatory

Travel Rule obligations apply to crypto asset service providers (CASPs) starting December 30, 2024. The EBA states: “From December 30 2024, CASPs as defined in MiCAR will be subject to the EU’s AML/CFT regime and, therefore, these Guidelines,” emphasizing that “non-compliance with Regulation (EU) 2023/1113 is not accepted.” ^[7]

CASPs may use infrastructures or services with technical limitations until July 31, 2025, provided they fully compensate with additional technical steps to comply with these Guidelines. Full compliance is still mandatory. ^[8]

6. The EBA Provides Criteria to Evaluate Travel Rule Solutions

‍

When choosing the messaging or payment and settlement system(s), CASPs and ICASPs should

take proportionate, risk-sensitive measures to assess: [9]

• Seamless Integration: The system’s ability to communicate with other internal core systems and with the messaging or payment and settlement systems of the counterparty of a transfer and its compatibility with other blockchain networks

‍Notabene’s open network approach and integrations with top blockchain analytics, custodians, and sanction screening providers guarantee this connectivity. Additionally, Notabene’s SafeGateway builds secure clients for each Travel Rule messaging protocol, significantly expanding our users' connectivity and enabling them to engage with VASPs on previously inaccessible protocols. 

• The reachability of the protocol (i.e., the diversity and accuracy of counterparties that can be reached using the protocol – subject to the CASP's own due diligence assessment – and the rate of transfers that would successfully be sent to the intended beneficiary or received from the originator);

Notabene’s robust network ensures high transaction success rates.

• How the system enable the CASP or ICASP to detect a transfer with missing or incomplete information;

Notabene’s SafeTransact excels here, automatically identifying deposits lacking Travel Rule information and promptly requesting the necessary details from the originator VASP. 

The EBA’s final Travel Rule Guidelines mark a significant step in enhancing the traceability of fund and crypto asset transfers across the EU. With full compliance required by December 30, 2024, CASPs must prepare to meet these new requirements. Notabene’s solutions are designed to help CASPs navigate these changes efficiently, ensuring compliance while maintaining smooth transaction flows.

{{european2="/cta-components"}}

The sixth and final Plenary of the Financial Action Task Force (FATF) under the Presidency of T. Raja Kumar of Singapore marked significant progress and established future priorities. Here are the main takeaways from the plenary.

‍

Virtual Assets: Implementation Update

The FATF will release its fifth annual update on the implementation of FATF Standards for virtual assets (VA) and virtual asset service providers (VASPs) in July 2024. Since June 2023, the number of compliant jurisdictions has risen from 25 to 33. Despite this progress, 75% of jurisdictions (97 out of 130) remain only partially or non-compliant, indicating that VASP implementation still lags behind other financial sectors. The FATF urges jurisdictions to achieve rapid, full compliance and will continue providing support to this end.

Payment Transparency

Following a public consultation that ended in May 2024, to which Notabene publicly responded to here, the FATF is revising its standards to align with evolving cross-border payment systems and industry standards like ISO20022. These revisions aim to enhance the speed, cost-effectiveness, transparency, and inclusivity of cross-border payments while maintaining AML/CFT compliance. Further dialogue with experts is needed before finalizing these amendments.

Jurisdictions Under Increased Monitoring

Monaco and Venezuela have been added to the list of jurisdictions subject to increased monitoring. Congratulations to Jamaica and Türkiye which have been removed from this list, reflecting their improved compliance.

High Risk Jurisdictions - Call for Action

The FATF reiterated its concerns over certain high risk jurisdictions in its Call for Action.  Specifically for Democratic People’s Republic of Korea (DPRK), Iran, and Myanmar. 

‍

‍Democratic People's Republic of Korea (DPRK) 🇰🇵‍

FATF remains deeply concerned about the DPRK's failure to address significant AML/CFT deficiencies and the proliferation financing risks posed by its illicit activities related to WMDs. The FATF urges all jurisdictions to:

• Terminate correspondent relationships with DPRK banks.
• Close any DPRK bank branches or subsidiaries.
• Limit financial transactions with DPRK persons.

Greater vigilance and enforcement are required, especially given DPRK's increased financial connectivity and use of front companies to evade sanctions.

‍

Iran 🇮🇷

Since Iran has not completed its action plan, including enacting key conventions, the FATF calls for:

• Enhanced supervisory examination for Iranian financial institutions.
• Systematic reporting of financial transactions.
• Increased external audit requirements.

Until Iran fully implements the required measures, the FATF maintains concerns over terrorism financing risks from Iran.

‍

Myanmar 🇲🇲

Due to slow progress in addressing AML/CFT deficiencies, the FATF calls for enhanced due diligence measures. Financial institutions should:

• Increase monitoring of business relationships.
• Ensure legitimate financial flows, such as humanitarian aid and remittances, are not disrupted.

If no further progress is made by October 2024, the FATF will consider applying countermeasures.

Mutual Evaluation Reports: India and Kuwait

India has achieved a high level of technical compliance with FATF requirements, particularly in understanding ML and TF risks, international cooperation, and access to beneficial ownership information. However, improvements are needed in supervising non-financial sectors. Kuwait is also nearing compliance but requires further progress.

Review of Gatekeepers

FATF will publish its findings on the regulation of gatekeepers in July 2024. These entities, if unregulated, remain exposed to significant criminal risks and may fail to detect money laundering red flags.

Women in FATF and the Global Network (WFGN) Initiative

Notabene commends Minister Indranee Rajah who launched the e-book “Breaking Barriers: Inspiring the Next Generation of Women Leaders,” showcasing the resilience and expertise of women in combating financial crime. This initiative, part of the Women in FATF and the Global Network (WFGN), aims to inspire and support aspiring women leaders and complements the multicultural mentoring program.

Compliance with FATF Standards

The Plenary approved revised criteria for prioritizing countries for the International Cooperation Review Group (ICRG) review process. This will ensure that the listing process remains risk-based, fair, and transparent. Members also agreed on assessment methods for compliance with the revised FATF Standards on asset recovery and related international cooperation, adopted in October 2023.

Incoming Mexican Presidency’s Priorities (2024-2026)

As many know, Elisa de Anda Madrazo, is the incoming President.  She outlined the Mexican Presidency’s priorities, which include:

• Advancing financial inclusion through risk-based implementation of the Standards.
• Ensuring a successful start to the new round of assessments.
• Strengthening the cohesion of the Global Network by fostering transparency and unity.
• Supporting effective implementation of revised FATF Standards, focusing on asset recovery, beneficial ownership, and virtual assets.‍
• Continuing efforts to combat terrorist and proliferation financing.

The outcomes of this Plenary set a robust agenda for the FATF, emphasizing the need for rapid compliance, enhanced transparency, and international cooperation to combat financial crime effectively.  We at Notabene are excited to support this and eager to see how this will unfold in the coming year.

📥 Interested in more content like this? Sign up to receive regular updates via LinkedIn.

Authored by CryptoUK’s Travel Rule Working Group, the Travel Rule Good Practices Guide is a cornerstone document for virtual asset service providers (VASPs), cryptoasset businesses, and digital asset industry participants navigating the regulatory landscape in the UK.

This comprehensive guide is a culmination of the industry’s collective effort. It provides an in-depth overview of compliance strategies and valuable guidance on addressing associated challenges.

The UK’s Pivotal Role in the Travel Rule Compliance Landscape

According to Chainalysis (2023), the UK ranks third globally in transaction volume, with an estimated $252.1 billion received last year. The 44 VASPs currently registered with the FCA must comply with the Travel Rule, which came into force on September 1, 2023. This situation underscores the UK’s significant role in promoting Travel Rule compliance worldwide.

Insights from the 2024 State of Crypto Travel Rule Compliance Report

The UK, with its robust regulatory framework, leads in compliance rates. Our comprehensive State of Crypto Travel Rule Compliance Report 2024 revealed that the UK boasts a 100% compliance rate among surveyed respondents in the EMEA region, reflecting the country’s stringent standards since the rule’s enforcement.

Notabene’s Proactive Role in UK Travel Rule Compliance

Our team at Notabene is dedicated to assisting UK VASPs in understanding and complying with their Travel Rule obligations. In 2023, we spearheaded several initiatives:

• Regulatory Sandbox Testnets: As part of the Financial Conduct Authority's (FCA) regulatory sandbox, we conducted two testnets with firms such as Ramp, Bitstamp, Wirex, CoinPass, Altalix, Hidden Road, Bitpanda, Custody, Uphold, and Zodia Markets.
• Guidance Publication: We published a concise guide summarizing the Travel Rule obligations outlined in the Money Laundering and Terrorist Financing (Amendment) (No. 2) Regulations 2022 (MLTFR 2022.)

Additionally, Notabene has actively engaged in the JMLSG consultation process, submitting a response to contribute to the development of practical and effective compliance strategies for the industry. Our efforts ensure the guidance remains relevant and supports VASPs’ compliance journey.

Key Insights from the Travel Rule Good Practices Guide

The CryptoUK Travel Rule Good Practices Guide is an invaluable resource for navigating the complexities of regulatory compliance in the crypto industry. With contributions from industry experts, this guide provides a clear path for VASPs to achieve and maintain compliance.

Key areas covered include:

• Counterparty VASP Due Diligence: In the absence of regulatory guidelines in this respect, this chapter outlines key considerations and best practices, featuring key insights shared by Notabene’s Head of Regulatory and Compliance Team, Lana Schwartzman.
• Withdrawal and Deposit Flows: Provides an overview of applicable obligations and approaches for operationalizing Travel Rule compliance within withdrawal and deposit flows.
• Unhosted Wallets: Discusses the regulatory framework, associated risks, and potential mitigations.

About the Working Group

The CryptoUK Travel Rule Working Group was established in 2023 to foster knowledge sharing and best practices. 

The group collaborates with policymakers, regulators, and key stakeholders, including HM Treasury, the FCA, the Electronic Money Association, and the JMLSG. The Working Group significantly contributed to the development of the JMLSG’s Guidance on Cryptoasset Transfers, published in August 2023.

For more insights and to stay informed about regulatory developments, download the guide and join the CryptoUK Travel Rule Working Group today.

This article provides an in-depth look at virtual asset service providers' (VASPs) current transaction restrictions and compliance measures as they navigate Travel Rule compliance.

Based on the results from Notabene's 2024 State of Crypto Travel Rule Compliance survey, we explore how crypto businesses and financial institutions are preparing to meet these regulatory requirements. Download the report here to gain deeper insights.

Key Findings

Global Survey Overview
The survey, conducted between October 2023 and January 2024, included 70 companies from Europe, the Middle East, Africa (45.7%), Asia-Pacific (30%), and the Americas (21.4%).

66% of VASPs Enforce Restrictions on Withdrawals That Do Not Comply With Travel Rule Requirements

66% of VASPs enforce restrictions on withdrawals that do not comply with Travel Rule requirements. Notably, 23% do not allow withdrawals unless a Travel Rule message can be sent to the beneficiary VASP, up from 8% last year. This shift reflects a growing trend towards stricter compliance measures within the industry. The percentage of respondents permitting customers to withdraw funds without being able to send Travel Rule messages to the beneficiary VASP has dropped significantly from 37% in 2023 to 19% in 2024. This decrease of 49% underscores a heightened focus on ensuring compliance with regulatory requirements.

Moreover, 40% of respondents adopt a risk-based approach when determining whether to allow a withdrawal. This method reflects an industry-wide effort to balance business considerations with regulatory compliance. Given the persistent limitations that hinder full compliance, such as the Sunrise Issue, this approach is particularly significant. The increasing adoption of stringent compliance measures marks a notable shift in the industry’s approach to risk management, demonstrating a mature, proactive, and compliant stance in navigating the evolving landscape of crypto regulations.

66% of Companies Impose Restrictions on Transactions With Self-Hosted Wallets

66% of companies impose restrictions on transactions with self-hosted wallets. Approximately one-third of companies (33%) exclusively allow first-party transactions with self-hosted wallets and require customers to demonstrate control over the wallet address before authorizing the transaction. Additionally, 27% of companies allow third-party transactions with self-hosted wallets but collect beneficiary information from their customers, showcasing a commitment to due diligence. A minority of 6% of companies outright prohibit transactions with self-hosted wallets. 

There is still a substantial portion of respondents (29%) that do not impose any restrictions on transactions with self-hosted wallets. The “Other” category, comprising 6% of responses, suggests a unique range of approaches that some companies have adopted to handle transactions with self-hosted wallets. The distribution of survey responses illustrates the diversity of approaches that regulators worldwide take when defining rules for transactions involving VASPs and self-hosted wallets.

Over 20% of VASPs Return Deposits Missing Required Travel Rule Information

Handling Deposits

Over 20% of VASPs return deposits missing required Travel Rule information. Specifically, 21% of companies, upon identifying the originator VASP, promptly send requests for missing Travel Rule information. If the information is not received, companies take the decisive step of returning the funds. This approach often creates additional operational challenges for VASPs, which is further discussed in Chapter 5, Section 7 of the report. Another 10% follow a similar protocol but opt to collect the required information directly from their end-customers in the absence of the necessary data, using this as an alternative means to assess transaction risk when counterparty collaboration is lacking.

Nearly half (49%) of the respondents take more lenient approaches. Notably, 30% adopt a risk-based approach, evaluating the associated risks before deciding whether to make the deposit available to end-customers. Meanwhile, 19% of respondents permit their customers to receive deposits without the mandated Travel Rule information. This variation in approach may stem from the need to balance compliance with business needs. A significant portion of deposits from VASPs still lack Travel Rule information due to hindrances like the Sunrise Issue and interoperability issues. For these firms, strict compliance would entail refusing all deposits except from self-hosted wallets, which would have a significant and potentially disproportionate impact on business.

Diverse Compliance Strategies

VASPs employ a range of strategies to manage non-compliant deposits, from providing grace periods to negotiating compliance practices with counterparties. Some respondents revealed ongoing efforts toward implementation, development, or the intention to implement in the future. Strategies included providing grace periods for clients, negotiating compliance practices with counterparties, and adopting selective compliance measures based on specific circumstances. These diverse responses underscore the complex and evolving nature of the regulatory landscape and the varied approaches taken by entities within the crypto ecosystem. This emphasizes the need for continued collaboration and standardization for comprehensive and effective risk mitigation practices.

As the regulatory landscape continues to evolve, VASPs must stay abreast of changes and adopt robust compliance strategies. The increasing adoption of stringent compliance measures marks a significant shift in the industry's approach to risk management, demonstrating a mature, proactive, and compliant stance in navigating the evolving landscape of crypto regulations. For VASPs, staying ahead of these changes will be crucial in maintaining competitive advantage and fostering trust in the digital asset space.

{{report1="/cta-components"}}

This article provides an in-depth look at virtual asset service providers' (VASPs) current implementation challenges as they navigate the Travel Rule.

Based on the results from Notabene's 2024 State of Crypto Travel Rule Compliance survey, we explore how crypto businesses and financial institutions are preparing to meet these regulatory requirements. Download the report here to gain deeper insights.

Protocol Interoperability Emerges as the Top Hurdle to Travel Rule Adoption

Each year, we explore the evolving challenges of implementing the Travel Rule. This year, the lack of interoperability between different protocols has become the foremost challenge, as 34% of respondents highlighted. This underscores the growing necessity for standardized communication to ensure effective compliance with the Travel Rule across various platforms. 

Interestingly, despite identifying interoperability as a major hurdle, 67% of respondents reported not using more than one Travel Rule protocol. This suggests that the impracticality of integrating multiple protocols outweighs the compliance limitations that arise from the lack of protocol interoperability.

Additionally, respondents were asked about their companies’ responses to Travel Rule transfers from other VASPs. Notably, 37% of respondents indicated that they had not received such requests. The lack of incoming Travel Rule transfers points to a fragmented approach to compliance, where many VASPs continue to operate in isolation due to the lack of interoperability.

The survey results highlight a crucial industry dilemma: counterparties may not be using the same Travel Rule protocol and thus may be unaware of Travel Rule requests from others, contributing to significant compliance challenges in deposit flows. This is why it is imperative to address interoperability—to improve compliance and unlock the full transaction potential by ensuring seamless industry-wide communication. This topic is further explored in Chapter 5, Section 5 of the Report.

The Sunrise Issue’s Negative Impact Jumps 74%

The prominence of the Sunrise Issue as a barrier to adopting the Travel Rule has escalated, moving from the third to the second most significant challenge. This marks a 74% increase from the previous year’s findings. Despite expectations that last year’s surge in Travel Rule adoption would mitigate the Sunrise Issue, the opposite has occurred. The rise in adoption has been offset by increasing regulatory demands, leading to more stringent compliance measures.

Even though more VASPs are adhering to the Travel Rule, theoretically easing the Sunrise Issue, regulatory standards have tightened. Previously, VASPs had more leeway in handling non-compliant counterparties, with only 8% opting not to execute transactions when unable to transmit Travel Rule information. Currently, although more VASPs are compliant and able to exchange information, the flexibility in dealing with non-compliant counterparts has diminished. The number of VASPs halting transactions when unable to send a Travel Rule data transfer has nearly tripled this year.

Overcoming the Sunrise Issue requires a universal agreement on implementing the Travel Rule. Without swift and broad enforcement, the negative impacts of the Sunrise Issue are likely to grow due to increased regulatory scrutiny and enforcement in compliant regions. This issue is further examined in Chapter 5, Section 1. The “Regulatory/legal uncertainty” hurdle has shifted to the third position at 16%, marking a measurable decline from its second-place standing of 22% in 2023.

This shift suggests that increased regulatory clarity has eased some hindrances, as evidenced by developments like the U.K. Travel Rule implementation and the definition of the EU Travel Rule framework with the publication of the TFR. However, though this stride forward signals progress, this hurdle still places in the top three, underscoring the need for continued efforts to comprehensively address the clarity of the regulatory guidelines, with the goal of moving it out of the top three.

In the 2023 survey, VASPs highlighted "Lack of technical resources" as the primary hurdle to Travel Rule adoption (at 27%). However, in 2024, the percentage of those citing it as their top concern decreased dramatically to 3%, a staggering 89% decrease. Such a change in position indicates that the challenges relating to this obstacle have been alleviated, possibly due to the increased business commitment to Travel Rule implementation. It could be argued that the rising regulatory urgency fostered an alignment between compliance needs and business objectives. As reported by nearly half of the respondents (47%), Travel Rule adherence has evolved into a prerequisite for obtaining a license to operate in new markets. This is true in pivotal crypto hubs like Hong Kong and the United Arab Emirates, as explored in Chapter 2, Section 1 of the 2024 State of Crypto Travel Rule Compliance Report.

Moreover, Travel Rule adherence plays an increasingly vital role in the due diligence processes of banks and financial institutions—when assessing VASPs for core financial services, such as bank accounts—and regulators and auditors, as further explored on page 56 of the report.

Nearly Half of All Respondents Face Travel Rule Obligations in Multiple Jurisdictions

Last year’s survey results uncovered the global nature of Travel Rule compliance; this year’s findings further support this. A notable finding is that 47% of respondents are now subject to the Travel Rule in multiple jurisdictions, which represents a substantial increase of approximately 104% compared with last year’s 23%. This surge underscores the growing complexity of complying with the Travel Rule on a global scale, as it requires adherence to different regulatory standards across jurisdictions.

A closer examination of the respondents required to comply across multiple jurisdictions reveals a substantial concentration within specific jurisdictions:

• 33% have a presence in the United Kingdom,
• 27% in the United States, and
• 21% in Singapore.This emphasizes the global significance of these key jurisdictions and underscores the urgency of adopting sensible regulatory policies that facilitate seamless cross-border transactions.

Cross-Border Compliance Emerges As a Key Concern

Additionally, as part of the survey, participants were given the option to rank the importance of factors contributing to the success of their Travel Rule solution. The findings indicate that 65% identified “multi-jurisdictional roll-out” among their top two priorities, with 23% ranking it as their primary concern. This trend underscores the significance of cross-border compliance with the Travel Rule.

{{report1="/cta-components"}}

This data highlights the industry’s potential for improved efficiency through a unified and cohesive strategy to navigate diverse regulatory requirements across regions.

Understanding who controls the recipient wallet is crucial for Virtual Asset Service Providers (VASPs) to comply with the Travel Rule. The first phase of the mandated pre-transaction due diligence process, as set forth by the Financial Action Task Force (FATF) ^[1], involves identifying the counterparty VASP. A comprehensive due diligence process is initiated once another VASP is identified as the counterparty.

Correctly carrying out this procedure enables VASPs to sidestep transactions with suspicious or sanctioned entities. Moreover, it safeguards sensitive customer data by ensuring it only goes to a verified or intended counterparty. ^[2]

‍

‍

{{cta-learnmore10="/cta-components"}}

Counterparty VASP Identification Challenges

Crypto transfers are recorded on public ledgers, leading VASPs to treat their wallet address books as confidential, which complicates identification efforts during Travel Rule-compliant transfers. VASPs face a wide range of counterparties, from other VASPs and financial institutions to self-hosted wallets and entities like e-commerce platforms, gaming sites, and mining pools. This diversity adds another layer of complexity to the already challenging counterparty identification process.

Currently, VASPs rely on (1) blockchain analytics, (2) input from their end customer, and (3) other specific discoverability methods available in their Travel Rule network to identify the counterparty to the transaction. These solutions have limitations: blockchain analytics can cluster wallet addresses with VASP groups but cannot reconcile them with specific legal entities; end customers may know the VASP brand but often do not know the specific legal entity with which they or their transaction counterparty is contracted; Travel Rule networks are limited to the information made available by the network members.

This issue remains critical, as compliance with the Travel Rule hinges on the accurate identification of the counterparty.

Learn more about this topic in Chapter 1, Section 2.2.1 of the 2024 State of Crypto Travel Rule Compliance Report.

FATF's Stance on VASP Identification

In its 2021 update, FATF highlighted the lack of "technically proven means" for accurately identifying the VASP overseeing the beneficiary wallet based solely on the Virtual Asset (VA) address:

To date, the FATF is not aware of any technically proven means of identifying the VASP that manages the beneficiary wallet exhaustively, precisely, and accurately in all circumstances and from the VA address alone. - FATF ^[3]

In the same report, the FATF explicitly urged the industry to accelerate efforts to strengthen global solutions that can accommodate nuances in requirements across jurisdictions in accordance with FATF Standards. ^[4]

‍

{{report2="/cta-components"}}

‍

Approaches to theSunrise Issue Challenges

Below, we discuss what can be done about the VASP identification issue and initiatives that are already in place at the various stakeholder levels, and which stakeholders are best positioned to drive solutions to this issue:

Joint Industry Initiatives

Notabene had the honor of attending the V20 Summit in October 2022. Held alongside the G20, 20 VASPs convened to discuss global financial policies and industry proposals in the wake of the FTX collapse, TerraUSD crash, and other industry events. At the V20 Summit, the stakeholders present set a goal to develop and agree on a common approach to public infrastructure for VASP discovery and the general principles that should be observed, namely:

• The infrastructure should be common, global, decentralized, and open (available to all VASPs and Travel Rule protocols).
• The infrastructure should provide base layers of information (entity name, jurisdiction, regulatory status, contact info, and supported Travel Rule protocols). 

The Joint Working Group under IVMS, in which Notabene is an active participant, is leading the initiative to create this infrastructure.

Travel Rule Solutions

Many Travel Rule solutions are already participating in the Joint Working Group under IVMS mentioned above. Others are encouraged to join to ensure that the chosen industry approach has stakeholders' buy-in at all levels. 

Notabene enables VASPs to autonomously identify the counterparty to transactions through the following discoverability methods: 

1. Integration with blockchain analytics: SafeTransact features integrations with several blockchain analytics service providers that allow VASPs to plug in their blockchain analytics accounts to the Travel Rule flow. The counterparty wallet address is queried against the information available to the blockchain analytics service to determine whether or not that wallet is associated with a known VASP.
   ‍
2. Network Discoverability: In response to these identified challenges, Notabene has rolled out Network Discoverability. This feature offers scalable, secure, and reusable techniques for counterparty VASP identification within open networks. The Notabene Network features an internal, self-managed address book. Participating VASPs can upload their blockchain addresses in hashed format to Notabene and permit them to be safely leveraged across the network to streamline the discoverability process. When other VASPs in the network engage in transactions involving any of the uploaded hashed addresses, the VASP that controls the respective address will be automatically identified.
   
   

{{cta-learnmore7="/cta-components"}}

VASPs

VASPs ultimately own the information that allows the accurate association between their wallet addresses and the legal entities that operate them. The adoption of any standard for VASP discovery necessarily hinges on VASPs’ collaboration. 

2024 Status Check

‍

‍

Partial solutions for VASP identification are available, but their limitations continue to negatively impact Travel Rule compliance. Recognizing how important a common industry approach will be in solving this, the Joint Working Group under IVMS is working toward a standard that it hopes the industry will adopt.

Learn more about Network Discoverability

Learn more about our VASP identification feature, which offers scalable, secure, and reusable techniques for counterparty VASP identification within open networks.

‍

{{cta-learnmore7="/cta-components"}}
‍‍

This article provides an in-depth look at virtual asset service providers' (VASPs) current compliance status and future planning as they navigate the Travel Rule. Based on the results from Notabene's 2024 State of Crypto Travel Rule Compliance survey, we explore how crypto businesses and financial institutions are preparing to meet these regulatory requirements. 

96% of VASPs Are Travel Rule Compliant or Plan To Be in 2024

The Travel Rule has become a fundamental aspect of the crypto compliance landscape. According to the survey, 96% of respondents are either already compliant or plan to be by Q4 2024. This marks a significant milestone, with over half (52%) of respondents already adhering to the Travel Rule in 2023—a substantial increase from 23% the previous year, indicating a 123% growth in compliance.

A mere 4% of respondents indicated a stance of non-compliance until 2025. This highlights that compliance with the Travel Rule is not only an immediate necessity due to increased regulatory urgency but also a strategic imperative for entities aiming to operate and transact globally in a compliant manner. For a comprehensive analysis and detailed statistics, download the full report.

Team Sizes and Automation

A notable 80% of firms have dedicated Travel Rule compliance teams, reflecting the industry's commitment to meeting these stringent requirements and recognizing the importance of working with specialized personnel to successfully navigate the intricacies of Travel Rule compliance and stay abreast of increased scrutiny and regulatory demands.

The survey also investigated team sizes and the automation of pre-transaction checks, which revealed respondents’ efforts to ensure the efficient operation of their compliance teams.

A large portion of respondents (46%) have significantly automated their systems, with less than 25% of transactions flagged for manual review. Another 24% partially automate, flagging over 25% for manual review. However, 17% manually approve every transaction, and 13% automate without pre-transaction checks.

Nearly half of respondents (47%) had to demonstrate Travel Rule compliance during license applications, indicating its importance in gaining market access.

Additionally, more than half of the respondents (53%) have had their AML and sanctions programs evaluated by local regulators, examiners, or independent reviewers, explicitly focusing on Travel Rule compliance. This standardized assessment process highlights Travel Rule adherence's integral role in the AML framework and its strategic importance within the overarching compliance framework.

The industry's commitment to Travel Rule compliance is evident through dedicated teams, integration into licensing processes, and comprehensive AML assessments, making it a strategic imperative for operational excellence and market credibility.

VASPs Ensure Compliance Where the Travel Rule Is a Licensing Deal-Breaker

A commendable 52% of companies, spanning diverse primary jurisdictions are already complying with Travel Rule requirements. However, a closer examination of survey responses on primary jurisdiction and implementation timelines reveals a clear pattern: VASPs prioritize compliance where Travel Rule compliance is a license “deal breaker.”

EMEA

The EMEA region as a whole, in particular, demonstrates a high compliance rate, with 59% of respondents claiming to be already complying in this region.

In the EMEA region, the U.K. stood out as the primary jurisdiction with the highest percentage of compliant respondents, boasting an exceptional 100% compliance rate among those surveyed. Of these, 89% were already compliant, and the remaining 11% planned to be by the end of 2023 when the survey was issued. This remarkable compliance rate can be attributed to the U.K.’s robust standards since the country began enforcing the Travel Rule on September 1, 2023.

UAE

When looking deeper into the UAE respondents, where Travel Rule compliance is a licensing prerequisite, 60% of companies have already achieved compliance, and an additional 20% anticipate reaching compliance by the second quarter of 2024. These statistics demonstrate that having Travel Rule compliance as a license deal-breaker fosters a proactive commitment to adoption from the industry.

The trend of enforcing strict licensing regimes is positive. An analysis conducted by TRM Labs (2024) found that VASPs in countries with full licensing and supervision regimes have lower rates of illicit activity than those in less regulated jurisdictions.

‍

APAC

It’s crucial to highlight that the rest of the world is keeping pace. Among respondents with primary jurisdictions in APAC, an impressive 86% are already in compliance with the Travel Rule. This includes vital APAC jurisdictions such as Singapore, Hong Kong, India, Japan, and Malaysia.

Of the 39% of APAC respondents that listed Singapore as their primary jurisdiction, 63% are already compliant, while an additional 25% aim for compliance by Q1 of 2024.

U.S.

The U.S. is trailing behind compared to other key jurisdictions. Despite the Travel Rule requirements in the U.S. since 2013, only 50% of companies claim compliance, with an additional 30% expecting compliance by Q1 of 2024. These numbers are particularly striking compared to the 100% compliance rate observed in the U.K., where the measures were implemented only recently, just four months before the survey was issued. This trend may be attributed to regulatory ambiguity and limited enforcement action in the U.S., contrasting with the proactive commitment to adoption seen in other jurisdictions.

However, the increasing counterparty urgency is expected to drive global adoption, particularly in the United States. Our survey data indicated that fewer VASPs are willing to send withdrawals or receive deposits without the ability to transmit or receive relevant Travel Rule information, which means a potential increase in business loss. Such pressure to adapt will hopefully drive industry stakeholders and regulators to take action, especially those in the U.S.

The Number of VASPs Not Implementing Counterparty Due Diligence Processes Has Nearly Halved

Trend Shift

The survey indicates a significant decrease in the proportion of companies willing to send Travel Rule transfers to counterparties without specific criteria, dropping from 52% in 2023 to 29% in 2024. This reflects a growing emphasis on rigorous counterparty due diligence. Another notable trend is the growing emphasis on assessing the regulatory status of counterparties, a number that has seen doubled growth, from 4% to 9%.

Due Diligence Practices

Sixty-four percent of companies perform due diligence pre-transaction. The survey question, “What checks do you perform, if any, on your counterparties prior to initiating Travel Rule transactions?” highlights the industry's maturing commitment to Travel Rule compliance. The majority of respondents conduct:

• Wallet sanction screening (87%)
• Counterparty name sanction screening (77%)
• Evaluation of wallet risk scores (74%)
• VASP due diligence (64%)

Only a minority (6%) reported conducting no checks, underscoring a holistic approach to risk management. However, despite the positive trend, VASP due diligence is still the least adopted measure.

The trends indicate a clear shift toward more rigorous counterparty due diligence, a preference for regulated counterparties, and a strategic move away from indiscriminate transfers to all VASPs. Despite this progress, challenges remain. As outlined in Chapter 5, Section 3, issues such as the least performed measure of VASP due diligence continue to hinder the counterparty due diligence process.

‍

The industry’s growing commitment to Travel Rule compliance is evident with the existence of dedicated teams, integration into regulatory licensing processes, and the core fabric of AML compliance assessments. This trend positions Travel Rule compliance not merely as a regulatory necessity but as a strategic imperative that drives operational excellence and market credibility.

‍

{{report1="/cta-components"}}

‍

The Crypto Travel Rule, as mandated by the Financial Action Task Force (FATF), requires Virtual Asset Service Providers (VASPs) to share specific information for transactions over a certain threshold. 

However, the staggered implementation timelines, known as the "Sunrise Period," pose significant compliance challenges across the globe. This blog dives into these challenges and offers strategies for VASPs navigating this difficult time.

Understanding the Sunrise Issue

The Sunrise Period refers to the timeframe during which the Travel Rule is not uniformly implemented across jurisdictions. This period is fraught with challenges as VASPs in different regions are subject to varying compliance timelines. As of the latest FATF updates in June 2023, many jurisdictions have yet to fully implement the Travel Rule, leading to a patchwork of compliance standards worldwide.

Challenges Faced by VASPs During the Sunrise Period

VASPs face significant hurdles during the Sunrise Period due to the practical difficulties encountered in the data transfer process required by the Travel Rule. 

Let's break down these challenges into three main areas:

1. Difficulty Sending a Travel Rule Data Transfer
   Compliance with the Travel Rule necessitates that the originator VASP collects and transmits information about both the originator and the beneficiary to the beneficiary VASP. However, uneven implementation across jurisdictions means that many beneficiary VASPs are not yet equipped to receive and protect this information adequately. 
   
   This gap in compliance capabilities can leave the originating VASP unable to fulfill its core obligations, significantly impacting transaction flows. Recent survey results highlight a shift towards stricter compliance enforcement, with the percentage of VASPs that do not allow withdrawals unless a Travel Rule message can be transmitted to the beneficiary VASP nearly tripling from 8% last year to 23% this year.
   
   
2. Difficulty Receiving a Travel Rule Data Transfer
   The challenges are not only limited to sending information. If the originator VASP has not started transmitting Travel Rule data, the beneficiary VASP faces significant barriers in assessing the information about the originator, which is crucial for completing the transaction in a compliant manner. Depending on the regulatory approach of the country in question, the beneficiary VASP might need to restrict access to these transactions. Such restrictions can have a substantial operational impact on business. 
   
   Furthermore, it's noteworthy that a significant 37% of survey respondents reported that they did not receive any Travel Rule information for a substantial number of transactions, illustrating the scale of this issue.
   
   
3. Difficulty Screening the Transaction’s Counterparty
   The Sunrise Issue also complicates the screening process of the transaction’s counterparty. Typically, an originator VASP would verify the beneficiary's information provided by their customer before attempting to transmit this data. However, without confirmation from the beneficiary VASP that the information is accurate, the originator cannot be sure of its validity. This uncertainty makes the screening results unreliable and the transactions risky. 
   
   Likewise, beneficiary VASPs face challenges when they receive deposits without the required originator information. This scenario makes it easier for illicit actors to exploit the system by using inaccurate counterparty information to bypass VASP screening processes.
   

These challenges underline the intricate difficulties that arise from the staggered implementation of the Travel Rule across different jurisdictions. They not only affect the efficiency of transaction processes but also raise significant compliance and operational risks for VASPs operating internationally.

Regulatory Landscape and Progress

Although the FATF sets the global standards, it does not enforce them directly. Instead, it relies on member countries to implement these standards within their jurisdictions. The FATF continues to issue guidance and monitor progress, but many countries lag behind in their implementation efforts. Specific examples from countries like South Korea, Japan, and the UK illustrate the diverse approaches to implementing the Travel Rule, each with its own set of challenges and solutions.

{{report2="/cta-components"}}

Approaches to Sunrise Issue Challenges 

In this section, we discuss what can be done about the challenges arising from the Sunrise Issue, initiatives that are already in place at various stakeholder levels, and which stakeholders are best positioned to drive solutions to this issue.

The FATF

The FATF’s mandate is to set recommendations that are, themselves, not legally binding. The FATF relies on member jurisdictions to incorporate these recommendations and enforce the Travel Rule for VASPs within the jurisdiction’s regulatory ambit. Thus, the FATF is not in a position to resolve the Sunrise Issue challenges. 

Nonetheless, the FATF uses a number of methods to encourage national regulators and the private sector to action:

1. The FATF has issued a number of guidance documents aimed at helping regulators and VASPs navigate a path toward Travel Rule adoption and tackle some of the more challenging aspects thereof. We’ve highlighted some of these guidance instruments in Chapter 1, which can serve as a very useful tool for stakeholders at all levels. The FATF has also formed the Virtual Assets Contact Group (VACG), which will continue to conduct outreach and provide assistance to low-capacity jurisdictions to encourage their compliance with the Travel Rule.
   
   
2. The FATF has continued to monitor and report progress of Travel Rule adoption. In the FATF’s June 2023 Targeted Update, the FATF reiterated that jurisdictions have made insufficient progress and thus calls on regulators to urgently implement the Travel Rule. [1]
   
   
3. Perhaps the most effective method is the FATF-maintained call-to-action and increased monitoring lists, where it identifies jurisdictions with weak measures to combat AML/CTF. These lists are publicly available and are updated three times a year following the FATF’s review and mutual assessments of jurisdictions. 

   
   For counties on the call-to-action list, the FATF calls on jurisdictions to apply enhanced due diligence (EDD), and in the most serious cases, to apply countermeasures to protect the international financial system from the ongoing money laundering, terrorist financing, and proliferation of financing risks that emanate from the flagged countries. 
   
   The increased monitoring list includes countries that are actively working with the FATF to address money laundering/ terrorist financing deficiencies. Alignment with the FATF’s guidelines on VAs and VASPs, including enforcement of the Travel Rule, is expected to become increasingly relevant for the assessment of a country’s regimes to counter money laundering, terrorist financing, and proliferation of financing risks.

Regulators

The most effective way to resolve the Sunrise Issue challenges is with a swift implementation of the FATF’s requirements.

When implementing the Travel Rule, national regulators are the ones to determine how their Travel Rule framework will address the Sunrise Issue. According to data that the FATF shared in its June 2023 Targeted Update, 11 of 62 jurisdictions that have implemented the Travel Rule or are in the process of doing so have allowed a grace period for Travel Rule compliance, during which there are exemptions or flexibility in how VASPs are expected to comply in order to mitigate the effects of the Sunrise Issue [2]. 

Additionally, some jurisdictions expressly qualify how domestic VASPs can interact with foreign counterparts. 

For example:

• Regulators in South Korea acknowledge that overseas VASPs may not yet be required or prepared to comply with the Travel Rule. To deal with this, the South Korean framework allows Korean VASPs to facilitate transactions with overseas VASPs only when the Korean VASP is able to confirm that the customer is sending funds to an account held in their own name and that the money laundering/terrorism financing risks are low. (Financial Services Commission, 2022).
• In Japan, if the transaction counterparty is located in a region without Travel Rule enforcement, Japanese VASPs have no obligation to share PII. In these cases, Japanese VASPs are still required to collect and retain information about the counterparty and assess money laundering/terrorist financing risks. 
• In the U.K., an FCA statement establishes that when a beneficiary VASP is located in a jurisdiction non-compliant with the Travel Rule, the originator U.K. VASP is still required to collect and retain information about the counterparty and assess money laundering/
  terrorist financing risks but may proceed with the transaction without transmitting the information. Additionally, when a U.K. VASP receives a transaction without the required Travel Rule information, the U.K. framework allows the VASP to make a risk-based determination on whether to make the VA available to the beneficiary, taking into account the status of Travel Rule regulations in the jurisdiction where the originator VASP operates. 
  
  Learn more about the Japanese and British regulatory frameworks in Chapter 2 of the 2024 State of Crypto Travel Rule Compliance Report.

Joint Industry Initiatives

Joint industry initiates also play a role in resolving the Sunrise Issue.
Many industry working groups that operate on a national level, like the CryptoUK Travel Rule Working Group, have successfully engaged with national regulators to encourage the implementation of proportionate measures to mitigate the negative effects of the Sunrise Issue.
Groups like these should continue engaging with VASPs and regulators to encourage rapid implementation. 

Travel Rule Solutions

Similar to joint industry initiatives, Travel Rule solutions like Notabene’s SafeTransact can play a role in resolving the Sunrise Issue by increasing policymakers’ awareness of the problems and proposing creative solutions that facilitate VASPs’ operations during this period.

With these challenges in mind, Notabene launched the SAFE Implementation phases. This step-by-step onboarding program is designed to help our clients navigate the intricacies of Travel Rule compliance efficiently, particularly throughout the Sunrise Period. Throughout their journey using the SAFE Implementation phases, VASPs can gather valuable analytics that they can use to create a clear roadmap toward achieving full compliance. 

Additionally, Notabene offers a free SafeTransact-Rise plan tailored for VASPs that are not yet required to comply with the Travel Rule but wish to avoid being cut off from compliant transaction flows. The SafeTransact-Rise plan allows VASPs to receive and respond to Travel Rule
transfers, with no technical integration effort required.

VASPs

When trying to mitigate the challenges identified above, VASPs tend to take a variety of approaches. These approaches depend largely on what national mandates require or, when these frameworks are silent, what risk-based practices begin to emerge to compensate. 

We uncovered some of these practices in this year’s survey, which are listed below by order of popularity:

In withdrawals:

• 40% of the VASPs surveyed report taking a risk-based approach to determine whether or not to allow a transaction when they are unable to send Travel Rule information to the beneficiary VASP.
• 23% percent of the VASPs surveyed currently do not permit transactions unless they are able to send Travel Rule information.
• 19% of the VASPs surveyed allow their customers to transact, irrespective of whether they are able to send Travel Rule information.
• Only 3% of the surveyed VASPs only proceed with the withdrawal provided that the information can be sent to the beneficiary VASP and a response is received.

In deposits:

• 30% take a risk-based approach to determine whether or not to make a deposit available to the end customer in cases when the required Travel Rule message is not received from the originator VASP.
• Upon detecting a deposit without information/with missing information, some respondents send a request to provide missing information to the originator VASP. In the case the information is not provided, 21% return the funds and 10% opt to collect the information from their end customer.
• Of respondents, 19% allow customers to receive deposits regardless of whether the required Travel Rule information was received.
• 20% of respondents report taking other approaches. By way of example, one respondent reported allowing their customers a grace period before enforcing blockers. Others report only allowing first-party deposits and requiring their customer to demonstrate they control the source wallet.
  

These results indicate that a majority of VASPs currently adopt a risk-based approach to compliance limitations. However, stricter approaches are gaining popularity, possibly because of growing regulatory pressure. Notably, 23% of the surveyed VASPs currently prohibit transactions unless they can send Travel Rule information, and a similar percentage (21%) returns funds unless the required Travel Rule information is received.

2024 Status Check 

At present, some solutions are available to mitigate some of the friction caused by the Sunrise Issue, but its negative impact continues to severely affect VASPs in jurisdictions with Travel Rule obligations. While there is work that can be done by stakeholders at all levels, the power to solve
the Sunrise Issue ultimately lies with national regulators and policymakers in jurisdictions that have not yet introduced Travel Rule legislation/regulation. These regulators need to urgently implement
and operationalize the Travel Rule through effective supervision and enforcement action, using the available FATF resources and in consultation with the industry.

Conclusion

The Sunrise Issue remains a formidable challenge in the path to global Travel Rule compliance. By understanding the complexities involved, staying engaged with regulatory developments, and employing flexible technological solutions, VASPs can navigate this evolving landscape more effectively. As the industry continues to mature, collaborative efforts and adaptive strategies will be key to overcoming these hurdles.

This article explores the intricacies of the crypto Travel Rule, which is not merely an information exchange mechanism but also a powerful tool that companies can use to mitigate pre-transaction risks (including sanctions risks) and unlock new opportunities. We explore the rule’s purpose, objectives, and core components: VASP identification, due diligence, transaction qualification, information collection, and pre-transaction counterparty risk assessment.

‍

‍

The Crypto Travel Rule: A Shield Against Illicit Activities

The Travel Rule presents a robust safeguard against money laundering, fraud, and other illicit activities within the cryptocurrency landscape. Introducing stringent information exchange requirements creates a powerful barrier against criminals seeking to obscure the origin of their funds. However, it is essential to understand that the Travel Rule transcends mere data transmission. When executed effectively, the Travel Rule enables virtual asset service providers (VASPs) to stop potentially illicit transactions before they are created on the blockchain, significantly reducing VASP’s overall risk and exposure to sanctions — a pivotal development for the crypto industry.

‍

Pre-Transaction Travel Rule Implementation: A Defensive Tactic

Crypto transactions are immediate and irrevocable, a sharp contrast to traditional SWIFT payments, where settlements occur at scheduled intervals during the day, allowing beneficiaries time to request fund withholdings in the case of discrepancies, such as a mismatched beneficiary name. In crypto transactions, it’s essential that VASPs exchange information before settling the underlying transaction. Once funds are transferred, remediation becomes operationally burdensome — and in some cases, the risk may already have entered the VASPs’ spheres. 

‍

A pre-transaction implementation of the Travel Rule ensures that VASPs can perform critical risk assessments like beneficiary name matching and sanctions screening before receiving funds and, depending on their systems, before releasing funds to the end customer.

‍

The Travel Rule: Bridging the Gap Between Crypto Transactions and Real-World Entities

In addition to being a powerful counterparty risk mitigation tool, the Travel Rule is an indispensable infrastructure layer for crypto transactions because it establishes a connection between crypto activities and real-life individuals and entities.

Bridging this gap is essential for three reasons:

• Enhancing sanction controls: Before implementing the Travel Rule, VASPs conducted transactions with minimal information about their counterparties, leaving them vulnerable to potential risks. Now, the Travel Rule is a catalyst for reconstructing trust within the crypto space by enhancing sanction controls and counterparty risk management.
  
  
• Enabling new use cases: The Travel Rule opens the door to novel crypto transaction applications previously hindered by the lack of traceability. Traceability is crucial for several use cases (e.g., for accounting purposes) and paves the way for broader adoption of crypto payments and transactions.
  
  
• Preventing fraud: Fraud is a pervasive issue in crypto, and the Travel Rule addresses this problem by fostering collaboration among VASPs. This collaborative effort allows VASPs to verify the parties involved in a transaction collectively. For instance, if Alice initiates a transaction and informs her VASP that the funds are destined for her friend Bob’s account with another VASP, the beneficiary VASP can raise a red flag if the funds are actually being received by Daniel, a fraudster who has deceived Alice. 

‍Ultimately, when strategically implemented as a pre-transaction risk mitigation tool, the Travel Rule boosts the security of crypto transactions and opens up new horizons for the industry that could redefine how we interact with digital assets. 

‍

The Travel Rule is a robust safeguard against money laundering, fraud, and other illicit activities within the cryptocurrency landscape. By fostering a culture of proactive compliance and collaborative risk management, VASPs can unlock new dimensions of trust and operational excellence.

In February 2023, the Financial Action Task Force (FATF) Plenary observed a significant gap in the implementation of its revised Recommendation 15 in what concerns virtual assets (VAs) and virtual asset service providers (VASPs). Despite the October 2018 revision aimed at integrating and extending measures such as the Travel Rule to VAs and VASPs, numerous countries had not yet implemented these updated requirements.

To address this, the Plenary outlined a roadmap aimed at fortifying the implementation of FATF Standards concerning VAs and VASPs. This roadmap included conducting a comprehensive assessment of implementation levels across the global network. Today, the fruition of this commitment comes to light. 

After a 12-month process of collecting and evaluating relevant information, the FATF published a report on the Status of implementation of Recommendation 15 by FATF Members and Jurisdictions with Materially Important VASP Activity. 

This report features a detailed table evaluating various jurisdictions on key components such as:

• Risk assessment pertaining to VAs and VASPs
• Prohibition of VAs and VASPs
• Enacted legislation mandating VASP registration/licensing and application of AML/CTF controls
• Operational registration/licensing of VASPs
• Supervisory inspections on VASPs
• Enforcement/supervisory actions against VASPs
• Implementation of Travel Rule legislation

The jurisdictions under scrutiny include all FATF members and 20 non-FATF member jurisdictions deemed as hosting materially important VASP activities due to meeting the following criteria:

• Trading volume exceeding 0.25% of global trading and/or
• Having over 1 million users of virtual assets.

The evaluation published today is based on the responses provided by jurisdictions to the FATF's 2023 self-reported survey, which have been updated between January and March 2024. The FATF emphasizes that while informative, this data does not substitute a mutual evaluation or follow-up assessment of countries' compliance with Recommendation 15 as it has not been subject to a detailed analysis as per the FATF methodology. 

Three Key Insights from FATF’s Global Evaluation of Virtual Asset Regulation 

The data shared by the FATF provides three significant insights into how jurisdictions with materially important VASP activity are managing the sector:

‍

1. There has been an impressive progress on Travel Rule legislation
‍

Nearly 89% of jurisdictions with materially important VASP activity have either enacted or are in the process of enacting Travel Rule legislation. Only Australia, Iceland, Russia, South Africa, Ukraine, and Vietnam have yet to initiate this process.

‍

2. More than 90% of jurisdiction implement regulatory measures

Over 90% of jurisdictions with materially important VASP activity have implemented crucial measures to regulate and supervise VAs and VASPs. 91.2% conducted a risk assessment covering VAs and VASPs, while 90.7% enacted legislation mandating VASPs' registration or licensing and compliance with AML/CTF requirements. Similarly, 90.7% conducted supervisory inspections on VASPs.

‍

3. Only three jurisdictions prohibit virtual assets

‍
Only three jurisdictions with materially important VASP activity have explicitly prohibited VAs and VASPs: China, Egypt, and Saudi Arabia. 

‍

Goals of FATF’s Global Evaluation

The publication of this report serves three primary objectives:

• Enable the FATF network to assist jurisdictions with materially important VASP activity in regulating and supervising VASP activity;
• Encourage jurisdictions with materially important VASP activity to promptly implement Recommendation 15;
• Aid regulators and the private sector in discerning the status of Recommendation 15 implementation by jurisdictions with materially important VASP activity.

This last objective is particularly pertinent to Travel Rule compliance, especially in cross-border transactions involving VASPs based in jurisdictions not yet enforcing Travel Rule requirements (the Sunrise Issue).

For instance, in the United Kingdom, the Financial Conduct Authority (FCA) issued a communication on August 17, 2023, outlining more flexible obligations for UK VASPs when transacting with counterparts from jurisdictions without enforced Travel Rule requirements. The operationalization of this FCA guidance hinges on understanding the status of Travel Rule implementation in the counterparty's jurisdiction—a task now greatly facilitated by this new resource published by the FATF.

A Roadmap to Move Forward With

In conclusion, the release of FATF's report on the Status of implementation of Recommendation 15 by FATF Members and Jurisdictions with Materially Important VASP Activity marks a significant milestone: insights into the global landscape of crypto regulations shed light on the progress made and areas requiring further attention.

The findings underscore a collective commitment among jurisdictions with materially important VASP activity to enhance regulatory frameworks and compliance measures. Notably, the majority have taken decisive steps towards implementing Travel Rule requirements and strengthening supervision over VAs and VASPs. 

Moving forward, the objectives outlined in the report serve as a roadmap for continued collaboration and improvement towards a more robust and secure ecosystem for virtual assets.

Throughout 2023, the landscape of Travel Rule compliance was marked by a series of developments, from regulatory updates to strategic shifts in countries’ crypto stances. This article provides a comprehensive view of key milestones and strategic changes in various countries, underlining the year's pivotal role in shaping global Travel Rule compliance standards.

‍
An Overview of Key Crypto Travel Rule Milestones and Developments in 2023

NEW YORK, SINGAPORE, LONDON - March 12, 2024

‍‍

- Notabene, the leader in pre-transaction decision-making and Travel Rule compliance solutions, today released its third annual State of Crypto Travel Rule Compliance Report 2024. This year's findings highlight a remarkable compliance milestone: 96% of surveyed financial and crypto institutions are now compliant or on the path to compliance this year, showcasing significant industry-wide progress.

Based on a survey of 70 leading institutions worldwide, the report reveals a substantial increase in regulatory diligence and a commitment to the Travel Rule—an anti-money laundering framework introduced by the Financial Action Task Force (FATF) to virtual asset service providers (VASPs) in 2019. This framework aims to bolster transparency and security in crypto transactions. Notable findings from the report include a 187.5% surge in firms restricting non-compliant transactions and a significant leap in due diligence practices, with 64% of entities now verifying counterparties before transacting.

Pelle Braendgaard, CEO of Notabene, reflects on the progress, stating, "The industry is making great strides towards enhanced security and regulatory compliance. Embracing the insights from the latest State of Crypto Travel Rule Compliance Report will further drive our collective progress towards a unified financial ecosystem."

The report also uncovered that significant challenges, such as protocol interoperability, remain despite these advancements. A significant portion of respondents identified the lack of protocol interoperability as their primary hurdle to full compliance. Additionally, 37% reported never having received a Travel Rule message,  further highlighting interoperability issues. Full compliance for the 37% of VASPs that have not received any Travel Rule messages could bring a significant and potentially disproportionate impact on business, as it would require them not to accept any deposits.

The report offers actionable insights for navigating the complexities of global compliance, advocating for flexible regulatory frameworks and improved technology solution interoperability.

For an in-depth analysis and recommendations, access the complete report on notabene.id.

-ENDS-

For media inquiries or further information about Notabene and Shift Markets, please contact: [email protected]

About Notabene:

Notabene developed the crypto industry's only pre-transaction decision-making platform, enabling customers to identify and stop high-risk activity before it occurs. With a focus on security, privacy, and user experience, Notabene's multi-source data and software enables real-time decision-making, counterparty sanctions screening, self-hosted wallet identification, and more. SOC-2 security certified and trusted by over 100 companies, Notabene operates globally with headquarters in New York, and presence in Switzerland, Singapore, Germany, and the United Kingdom.

Companies like Copper, Luno, Crypto.com and Bitstamp leverage our  SafeTransact platform for Travel Rule compliance, tailored to their needs and aligned with global and local regulations. Our platform builds trust in virtual asset transactions to foster financial growth with minimized risk.

Get started today; sign up for our free SafeTransact Rise plan to respond to regulated transactions for free using the world's largest VASP Network. 

LinkedIn | Twitter