On May 9, 2019, the Financial Crimes Enforcement Network (FinCEN) issued guidance, the Application of FinCEN’s Regulations to Certain Business Models Involving Convertible Virtual Currencies (CVC), to provide certainty concerning the regulatory treatment of virtual assets. The guidance did not establish any new regulatory expectations. Yet, it consolidated FinCEN guidance, regulations, and administrative rulings related to virtual currency transmission and applied the same interpretive criteria to other standard business models involving virtual assets.
Please note that where FATF uses ‘virtual assets’ and ‘VASPs,’ FinCEN’s guidance uses money services businesses (MSBs) and convertible virtual currencies (CVCs).
1. Is cryptocurrency legal in the United States?
Cryptocurrencies are legal to use in the United States. They are not considered legal tender by the Financial Crimes Enforcement Network (FinCEN) and the Internal Revenue Service (IRS.)
2. Are there any AML crypto regulations in the United States?
Yes. FinCEN’s 2019 guidance defined certain businesses or individuals involved with virtual currencies as money services businesses (MSBs), similar to FATF’s VASPs. MSBs are subject to the exact registration requirements and anti-money laundering, recordkeeping, and reporting responsibilities as other financial services businesses. There is a proposal to lower to $250 waiting to come into effect, and the NPRM for non-custodial wallets
2019: Application of FinCEN’s Regulations to Certain Business Models Involving Convertible Virtual Currencies (CVC) page 9:
“The BSA and its implementing regulations require MSBs to develop, implement, and maintain an effective written anti-money laundering program (“AML Program”) that is reasonably designed to prevent the MSB from being used to facilitate money laundering and the financing of terrorist activities. The AML program must, at a minimum: (a) incorporate policies, procedures, and internal controls reasonably designed to assure ongoing compliance (including verifying customer identification, filing reports, creating and retaining records, and responding to law enforcement requests); (b) designate an individual responsible to assure day-to-day compliance with the program and BSA requirements; (c) provide training for appropriate personnel, including training in the detection of suspicious transactions; and, (d) provide for independent review to monitor and maintain an adequate program.25 25. 31 USC § 5318(g)(1); 31 CFR. § 1022.320(a)(2).”
3. Is the Crypto Travel Rule mandated in the United States?
Yes. In 1995, the US Treasury and FinCEN issued the initial Travel Rule and Recordkeeping Rule which required financial institutions to collect and retain information on fiat fund transfers that begin or end outside the US and transmit that information to other financial institutions in the payment chain. On May 9, 2019, the FinCEN issued guidance by which both of these rules apply to convertible virtual currency (“CVC”) while reiterating that the Travel Rule has been in effect for VASPs since 2013.
4. Who regulates cryptocurrency in the United States?
Various regulatory bodies regulate cryptocurrency in the United States. The entities that regulate crypto business are:
- Financial Crimes Enforcement Network (FinCEN): Regulates all crypto assets for AML/CFT purposes
- US Securities and Exchange Commission (SEC): Regulates crypto assets considered securities by applying the Howey test.
- Commodity Futures Trading Commission (CFTC): Regulates virtual currencies which are considered commodities (Bitcoin and Ethereum)
- Officer of the Comptroller of Currency (OCC): For banks participating in the crypto ecosystem
FATF Travel Rule requirements in the United States
1. Are there licensing or registration requirements for VASPs in the United States?
Yes. Virtual asset service providers or MSBs must obtain a Money Service Business (MSB) license to operate in the United States market. Given that the United States considers some cryptocurrencies a commodity, the MSB requirement applies to all types of VASPs (Fiat to crypto exchange, Offering/sale of virtual assets, Transfer of virtual assets, and Safekeeping). All US licensed MSBs are recorded in a public registry.
In addition, VASPs should obtain a Money Transmitter License (MTL) license in each state the company intends to do business in, except Montana. Specific states, including New York and Wyoming, require further operational licenses for VASPs to operate.
2. When does the Crypto Travel Rule go into effect in the United States?
On May 9, 2019, the FinCEN issued guidance which reiterated that the Travel Rule has been in effect for VASPs since 2013. A new proposal that lowers the current thresholds is under revision. Industry stakeholders were requested to submit comments by November 27, 2020.
3. Does the United States permit a grace period to comply with the Crypto Travel Rule?
No. There is no grace period to comply with the Travel Rule in the United States. Although it has been mandated since 2013, as of yet, the OCC issued at least one consent order for a crypto bank’s failure to create and implement a BSA/AML compliance program that specifically states the crypto bank must ensure “compliance with recordkeeping and reporting requirements of the BSA, including the Travel Rule”.
Complying with the FATF Crypto Travel Rule in the United States
1. What is the minimum threshold for the Crypto Travel Rule in the United States?
FinCEN suggests a threshold limit of $3,000, yet there is a proposal to lower it to $250 submitted last October. According to FinCEN's schedule, it is slated to come into effect September 2021.
2. What personally identifiable information is required to be shared for the Crypto Travel Rule in the United States?
To comply with the Record-keeping and Travel Rule regulations, MSBs have the following requirements:
Originator Institution must retain the following information:
- Name and address of the originator and transmitter
- The amount of the payment or transmittal order
- The execution date of the payment or transmittal order
- Any payment instructions received from the originator or transmitter with the payment or transmittal order
- The identity of the beneficiary’s bank or recipient’s bank financial institution
The Beneficiary Institution must also retain the following information if it receives that information from the originator institution:
- Name and address of the beneficiary or recipient
- Account number of the beneficiary or recipient
- Any other specific identifier of the beneficiary or recipient
Responsibility of the Intermediary Institution
- Retain originals or copies of payment or transmittal orders
- Transmit the required information by the Travel Rule to the other banks in the payment chain
3. Are there differences in requirements for customer PII for cross-border transfers vs. within the United States?
Yes, FINCEN and the Board of Governors of the Federal Reserve System recently proposed rules to modify the BSA to reduce the general Travel Rule threshold from $3,000 to $250 for international transfers.
4. What are the non-custodial or self-hosted wallet requirements in the United States?
On December 23, 2020, FinCEN published a notice of proposed rulemaking suggesting requirements for banks and MSBs for transactions that involve self-hosted wallets or covered wallets. If this proposal is approved, it will bring an additional requirement to non-custodial wallets: identifying the counterparty of the wallet and their address.
Why choose Notabene for Crypto Travel Rule Compliance in the United States?
Notabene helps US VASPs and MSBs roll out a risk-based AML framework to comply with FATF’s Recommendation 16 “Crypto Travel Rule” as required by the Financial Crimes Enforcement Network (FinCEN.) With Notabene’s software, tools, and comprehensive data, MSBs can manage their business’s incoming and outgoing transactions, identify counterparty wallets, produce reports, and establish robust risk and regulatory rules to ‘safe’ flows to regulated MSBs and VASPs around the world.
JD Supra | Pumping the Brakes: FinCEN Reopens Comment Period for Controversial Crypto Reporting & Recordkeeping Rules