How to Be Travel Rule Compliant When Your Counterparties Are Not
It is common: You contact your peers at the financial institutions your company transacts with, but none of them have anything in place to deal with the Travel Rule. “We will wait and see what the market will look like”, and “The regulation is not live here yet, so we are not doing it for now”, they say.
However, it is coming. You know it is. You are already regulated. Apparently, they don’t even seem to have a plan to deal with it.
You have a challenge on your hands. Your main goal is to keep transacting with those entities, but while they are not obliged, you will find difficulties complying: the Travel Rule is, inherently, a two-VASPs-game. Without your counterparty’s help, you can’t be compliant for all your transactions.
If either the legislation is live in your jurisdiction or it is in the making, you know you need to have a plan in place to prevent suspending transactions.
So, Where to Start with the FATF Travel Rule?
First, if the Travel Rule is already live in your country, you have to understand the risks and if you are even allowed to keep transacting with companies that are still not following its requirements. Legislators can be understanding for a period, and that is what the grace period is for. But if you want to avoid being caught for not doing your part for a better, safer financial world, there are ways for you to start.
The Travel Rule consists of performing 2 actions alongside a virtual asset transfer:
Collecting personal information about the persons involved, and
Exchanging the information between the companies involved.
Depending on your company’s role in a transfer - if you are sending or receiving the funds - there are different requirements from you for those steps. Hence, there are distinct approaches you can use to guarantee that you are compliant.
When on the sending side, you will need to ensure you have collected and sent the persons’ details to the recipient VASP - which is not always easy to do if it does not have a dedicated channel. While, if you are working in compliance on the beneficiary’s side of a transaction, you will need to receive and store some data on the persons involved - which is clearly challenging since, if the sender firm is not collecting the information, it will not be able to share it.
As an Originating VASP, How Can You Solve the Sunrise Issue with 21 Travel Rule?
Since the originating VASP should initially gather all communicated data, when sitting on the sending side, collecting information should not be the main problem. To do that, the VASP only depends on itself and will rely on communicating with their customer to discover the required details. In this scenario, the biggest challenge is clear:
How to Send the Data to a Counterparty That Still Is Not Prepared for the Travel Rule
However, there are other issues you should be aware of: How to request the information from my customer in a frictionless, timely way? How to store that data securely? 21 Travel Rule allows you to do all of it and more.
First, You Need to Collect Travel Rule Data from Your Customer
Since the Travel Rule requires you to request more information than your customer is used to, it is very important that the additions keep their experience smooth and do not add friction to your service. As an originating VASP, the information you need to have is:
The originator’s full name,
The originator’s wallet address,
The originator’s geographical address, or date of birth, or internal customer ID,
The beneficiary’s full name,
The beneficiary’s wallet address.
The first three items are, most likely, already part of your onboarded customer’s profile. So, for each transfer, the last two points will need to be requested from your customer. 21 Travel Rule enables you to do it in several ways that fit your compliance demands. Read more.
Secondly, You Need to Communicate It to Your Counterparty, the Beneficiary VASP
Travel Rule protocols, blockchain analytics, or asking your user can help you identify which VASP an address belongs to - if any. Once the counterparty is identified, an email can be associated with it, enabling your communication through 21 Travel Rule.
Now it is possible to create a transfer notification to your counterparty with all required details on both persons.
When you click Register, they will receive a transaction notification via their email.
As a Beneficiary VASP, How Can You Solve the Sunrise Issue with 21 Travel Rule?
This is the trickier challenge to solve. You are required to store the information you do not collect. Which means your compliance efforts heavily rely on the originating VASP’s inclination to comply and send you the data.
To achieve this, you can request it to be shared. There are VASPs even holding onto funds, not making them immediately available to the beneficiary, to guarantee that their counterparty will transmit the necessary information in a timely manner. Since your counterparty is not actively compliant with the Travel Rule yet, you need to make sure:
They send you complete information,
You receive it in a timely manner,
You store it in a safe, structured way.
You might do that through various channels that fit your company’s and your counterparty’s operations, like email, for instance. There are quite a few issues here:
Back and forth emails asking for the correct information,
Not so secure gateways shouldn’t be exchanging very sensitive personal data,
Clumsy files and folders moved around to register,
Manual work for your team.
Since these are costly and hurt productivity, we can help you keep your processes effective and secure. It is easy with our sunrise solution.
What Is the Sunrise Solution in 21 Travel Rule?
21 Sunrise solves your pain of transacting with companies that still do not have a Travel Rule solution in place. To keep transacting with the majority of VASPs, it is imperative that you provide your counterparties with an easy, quick way to inform you.
With 21 Sunrise, you can offer a platform where they can fill in transaction data required by the Travel Rule. You can share a custom link with the originating VASP once and not have to deal with clumsy data in emails, files, or formats anymore.
All information your counterparty fills in will automatically be stored in your archive and, if you want, go through an automated workflow as part of your compliance processes. In the example below, Alice is a customer of your VASP who is receiving Ethereum from Bob.
A compliance officer at Bob’s VASP will be the one navigating 21 Sunrise and filling in the information. When they click register, it will be stored in your archive and accessible through your 21 Travel Rule dashboard or API.
Fill in Beneficiary information
2. Add details of the virtual asset transaction
3. Fill out Originator data
The 21 Sunrise platform was designed to be easy and secure, giving your team the option to continue working with VASPs that are not compliant with the Travel Rule yet.
However, if your counterparty refuses to use your 21 Sunrise platform and keeps communicating transaction data with you via other channels, you can still store it safely. With Manual Archiving, you save all Travel Rule information in one place - regardless of your counterparty VASP.
What is Manual Archiving of Travel Rule Information?
Apart from the benefits of automation, 21 Travel Rule also gives you flexibility. This is why we offer Manual Archiving.
You may receive Travel Rule information via different routes. You can add it manually to your archive. This helps you keep all records in one place while safely storing that sensitive data.
Manual archiving was designed to support whatever special workflows you may need to adapt to when your counterparty does not have a Travel Rule solution in place yet. Being flexible during this transition period is a must for any VASP: either you offer ways to receive the information regardless of Travel Rule protocols, or you stop transacting with those that still haven’t deployed a Travel Rule solution yet. The latter can be very damaging to businesses, and that is why we enable you to keep transacting by leveraging 21 Travel Rule.
After you receive the data, make sure it is added to your dashboard:
Fill in beneficiary information
2. Add virtual asset transaction details
3. Complete with originator information
With these 3 simple steps, you will have the executed transaction registered. It is now part of your secure database, with no need for supporting files or extra folders. You can review the transfer’s details or download reports from it instantaneously.
And there you have it.
Not only are you compliant with the Travel Rule, but with 21 Travel Rule, you can be prepared to face all possible scenarios your counterparty may impose. Regardless of their jurisdiction or Travel Rule development.
When you have 21 Travel Rule, you are safe (and your data, too).