REGULATIONS

Crypto Travel Rule Regulations in

Japan

by

Financial Services Agency (FSA)

🇯🇵
Travel Rule required from
Travel Rule regulation still pending
June 1, 2023
Content last updated
February 6, 2023

The Financial Services Agency (FSA) is currently creating guidelines for the Act on Prevention of Transfer of Criminal Proceeds (APTCP) to specify how requirements of the "crypto Travel Rule" apply to Japanese VASPs. The FSA has recently launched a consultation on these guidelines and will formally announce when the APTCP will officially take effect.

‍

Timeline of regulatory action:

  • March 2021: The Japan Virtual Currency Exchange Association (JVCEA) received a Request for Notification of Originator and Beneficiary Information upon Crypto Assets Transfer (“Request”) from the Financial Services Agency (FSA). The Request mentioned that JVCEA should introduce self-regulatory rules regarding the crypto Travel Rule by April 2022. 
  • April 2022: JVCEA introduced the Travel Rule in the Self-Regulatory Rules of the Association for VASPs.
  • December 2022: The Cabinet Secretariat promulgated an amendment to the APTCP to enforce the crypto Travel Rule.
  • February 2023: The FSA launched a public consultation on APTCP guidelines. Interested parties have until March 3, 2023, to respond.
  • June 1, 2023: The Travel Rule will enter into force in Japan.

‍

Download the Japan Cryptocurrency Regulation Guide

Get the PDF

‍

1. Is cryptocurrency legal in Japan?

Yes, cryptocurrencies are legal in Japan. The Payment Services Act defines “crypto-assets” as payment methods that are not denominated in fiat currency and can be used to pay unspecified persons. There are no restrictions on owning and investing in cryptocurrencies.

‍

2. Are there any AML crypto regulations in Japan?

Yes. Japanese VASPs are subject to the anti-money laundering regime outlined in the Act on the Prevention of Transfer of Criminal Proceeds. This framework is further specified by the Guidelines for Anti-Money Laundering and Combating the Financing of Terrorism, which have been in force since February 19, 2021.


The Payment Services Act defines Exchange Providers as entities that carry out any of the following crypto-asset exchange services as a business:

  1. Sale, purchase, and exchange of crypto assets;
  2. Intermediating, brokering, or acting as an agent in activities mentioned in 1;
  3. Management of customer’s money in connection with activities mentioned in 1 or 2;
  4. Management of crypto assets for the benefit of another person.

‍

3. Is the Crypto Travel Rule mandated in Japan?

Yes. In April 2022, the JVCEA introduced the Travel Rule in the self-regulatory rules of the Association for crypto asset transfer transactions conducted by its members at the request of end customers. The final scope of Crypto Travel Rule requirements in Japan will be defined by the APTCP and respective Guidelines once the APTCP enters into force.

‍

4. Who regulates cryptocurrency in Japan?

The Financial Services Agency (FSA) regulates VASPs in Japan. However, the FSA collaborates with two self-regulation entities for the cryptocurrency industry:

View Japanese VASPs on the Notabene Network

Explore the Network

‍

FATF Travel Rule requirements in Japan

‍

1. Are there licensing or registration requirements for VASPs in Japan?

Japan’s Payment Services Act requires providers of crypto asset exchange services to register with the Financial Services Agency. The following acts qualify as crypto asset exchange services:

  1. Sale, purchase, and exchange of crypto assets;
  2. Intermediating, brokering, or acting as an agent in activities mentioned in 1;
  3. Management of customer’s money in connection with activities mentioned in 1 or 2;
  4. Management of crypto assets for the benefit of another person.

‍

2. When does the Crypto Travel Rule go into effect in Japan?

In April 2022, the JVCEA introduced the Travel Rule in the self-regulatory rules of the Association for crypto asset transfer transactions. However, these rules foresee a transitionall period (between April 1 and October 1, 2022) during which Travel Rule obligations apply to a narrower scope of transactions. Additionally, the scope of Travel Rule requirements will be finally determined by the APTCP and the corresponding Guidelines. These Guidelines are currently open for public consultation until March 5th, 2023.

‍

{{training2="/cta-components"}}

‍

3. Does Japan permit a grace period to comply with the Crypto Travel Rule?

Under the rules introduced by the JVCEA, during a transitional period (between April 1 and the date the APTCP comes into force), Travel Rule obligations only apply if: 

  • The Originator Customer is also the Beneficiary of the transaction;
  • The Beneficiary VASP is Japanese;
  • The asset being transferred is ETH or BTC;
  • The transaction amount is above ÂĄ 100,000.


The obligation to collect the Beneficiary’s physical address and the purpose of the transaction applied from October 1, 2022.


Finally, under the rules introduced by the JVCEA, during the transitional period, VASPs are allowed to take a “best-efforts approach” to certain obligations:

  • The obligation to collect information about the sender that is reasonably available and necessary to assess the risk of the transaction when a deposit is received without the required Travel Rule information;
  • The obligation to apply alternative risk mitigation measures when facilitating withdrawals to private wallets or to VASPs based in jurisdictions where the Travel Rule is not yet in force.

(This section will be updated to reflect the final rules under the APTCP once it enters into force)

‍

4. What is the minimum threshold for the Crypto Travel Rule in Japan?

During a transitional period (between April 1 and the date the APTCP comes into force), Travel Rule requirements only applied to transactions above YEN 100,000. However, under the APTCP, no de minimum threshold applies - i.e., the transmission of Travel Rule information will be required regardless of the transaction amount.

‍

5. What personally identifiable information is required to be shared for the Crypto Travel Rule in Japan?

Japanese VASPs are required to transmit Travel Rule information if their counterparty VASP operates in a jurisdiction where crypto Travel Rule requirements are already in force. According to the draft Cabinet Orders to partially revise the Order for Enforcement of the APTCP, Japanese VASPs must share the following customer identifying information:

‍

The FSA’s Draft Cabinet Orders to partially revise the Order for Enforcement of the APTCP

‍

6. What are the non-custodial or self-hosted wallet requirements in Japan?

The draft Cabinet Orders for revising the APTCP require Japanese VASPs to collect and retain Originator/Beneficiary information when transacting with self-hosted wallets or in other cases where information transmission obligations do not apply (e.g., when transacting with unregistered VASPs or VASPs based in jurisdictions where the Travel Rule is not yet in force). VASPs must also assess ML/FT risks for self-hosted wallets by investigating their attributes.

‍

7. How does Japan Address crypto transactions with counterparties in jurisdictions lacking Travel Rule requirements?

Japan excludes transactions with counterparties in jurisdictions that do not have Travel Rule requirements in force from the scope of information transmission obligations. In these cases, VASPs must still collect and retain information and assess money laundering/terrorist financing risks. The operationalization of this exemption is facilitated by the list of jurisdictions enforcing the Travel Rule maintained by the Japan Financial Services Agency and updated periodically.

‍

Why choose Notabene for Crypto Travel Rule Compliance in Japan?

Notabene’s solution is live and can be used by VASPs to comply with local Travel Rule requirements today. Most relevantly, through Notabene, VASPs are able to identify whether the counterparty wallet is custodial or self-hosted and take the measures appropriate to each scenario. Complying with the Travel Rule requires significant changes to VASPs’ existing UX and data flows. In light of this, we allow for a staggered implementation of our solution and promote testnets for VASPs to take their first steps towards compliance in a simulated environment.

References

References:
[1] - Originator Customer PII:
Name;
Wallet address used for sending the funds;
Geographical Address or Customer identification number.
Beneficiary Customer PII:
Name; 
Wallet address.
§C of Notabene’s Translated version:

*The following information (required information) must be notified to the receiving cryptographic asset exchange and stored by the recipient:
1. Name, address, or customer identification number, and the address of the cryptographic asset used for sending of the Originator;
      2. Name, address of cryptographic asset of the Beneficiary.


📌  According to §D of Notabene’s Translated version: From October 1, 2022, the Originator VASP is also required to collect the Beneficiary Customer’s physical address and the purpose of the transaction. The current understanding is that the obligation is to collect, but not transmit, these data points. (This section will be updated to reflect the final rules under the APTCP once it enters into force.)

Relevant Links:
Global Legal Insights | Blockchain & Cryptocurrency Laws and Regulations 2021 - Japan
The Japanese National Police Agency | Act on Prevention of Transfer of Criminal Proceeds
ComplyAdvantage | Cryptocurrency Regulations in Japan
Japan STO Association | Publication of Articles of Incorporation
JVCEA - Japan Virtual and Crypto Assets Exchange Association | Home
Japan Financial Services Agency | Home
JVCEA | Travel Rule in the self-regulatory rules of the Association (Japanese)
JVCEA | Travel Rule in the self-regulatory rules of the Association (English)

Notabene's commitment to privacy + security:

‍Bank-grade security for an insecure world‍
  • Passed rigorous security reviews by more than 150 institutions, including global banks and top 20 crypto exchanges
  • Annual SOC 2 Type II Audit for Security and Data Privacy Categories
  • Regular penetration testing by security audit leader Cobalt
‍Industry’s strongest protection for your customer data‍
  • Industry’s only escrowed exchange of encrypted PII
  • Compliant with EU GDPR, Singapore PDA
  • Plug-and-play Travel Rule end-user data consent component
‍Enterprise White Glove features‍
  • 24h/7 days a week uptime
  • Configurable enterprise SLA
  • SOC2 compliant disaster recovery and business continuity plans
Learn more about our commitment to security
This content is provided for general informational purposes only. By using the content, you agree that the information on this content does not constitute legal, financial or any other form of professional advice. No relationship is created with you, nor any duty of care assumed to you, when you use this content. The content is not a substitute for obtaining any legal, financial or any other form of professional advice from a suitably qualified and licensed advisor. The information on this content may be changed without notice and is not guaranteed to be complete, accurate, correct or up-to-date.

Help us keep this page up to date! Any comments, corrections or suggestions on this page can be sent to
catarina@notabene.id.