Expert Advice: How VASPs Can Comply with the Travel Rule

In the 5th episode of Blockchain Unpacked, our CPO Harm Aarts joined RegTech Associates’ Jason Boud and Crytal Blockchain Analytics’ Marina Khaustova to delve into the Travel Rule's implications and what Virtual Asset Service Providers (VASPs) should keep in mind when tackling the Travel Rule. The content proves exceptionally helpful with the recent UK Travel Rule implementation. 

Below, we provide a condensed overview of the key points discussed in this episode.

What Is the Travel Rule? 

Jason Boud shed light on the Travel Rule for listeners by explaining that it was first introduced by FinCEN in 1996 as part of the US Bank Secrecy Act. The Travel Rule mandates that financial institutions transmit specific customer information to its counterparty involved in transactions exceeding certain thresholds, aiding in detecting and prosecuting financial crimes, including money laundering.  The Financial Action Task Force (FATF) expanded the Travel Rule to include VASPs in 2019.

The FATF's Travel Rule requires VASPs to: “obtain, hold, and transmit required originator and beneficiary information, immediately and securely, when conducting VA transfers.”

Challenges in Implementing the Travel Rule

Marina highlighted that despite the Rule's existence for years, VASPs have been slow to implement it. Harm explained that compliance with the Travel Rule is intricate and underestimated by many VASPs, involving various aspects like user interfaces, compliance departments, counterparties, and technology. 

The lack of clear regulatory guidance hinders progress, and additional challenges include bridging the gap between fiat and crypto transfers, varying approaches across jurisdictions, and handling numerous digital assets.

The Need for Education within the Ecosystem

Harm stressed the importance of FATF's clear guidelines on the required information exchange and timing. However, different jurisdictions have adopted varying requirements, posing significant challenges for providers attempting to streamline their technological solutions.

Additionally, there's a critical need to educate product and compliance teams within VASPs. It is essential that both teams grasp how to achieve their goals while adhering to the Travel Rule's framework.

Marina also touched upon the changing role of compliance officers and emphasised the necessity for educational initiatives to help them understand and integrate the multitude of compliance solutions available to VASPs. She highlighted the importance of combining technical expertise and industry knowledge.

Furthermore, a shift in mindset is imperative. VASPs must accelerate their efforts to reconcile their ideals about DeFi with compliance demands. As Harm emphasised, there's no escaping the reality: The Travel Rule is here to stay, and VASPs must comply to operate effectively.

Technology as the Travel Rule Solution

Harm noted that VASPs have two options: hiring large compliance teams or investing in technology to meet Travel Rule requirements. Hiring big teams poses its own challenges; while technology can aid compliance, it requires careful consideration when choosing the correct solution.  Harm suggested TRP as a fitting option because it has been developed in line with Travel Rule requirements.

Read Why the Travel Rule Protocol (TRP) Trumps Other Protocols 

Trends Towards Travel Rule Consolidation

The discussion shifted to the evolution of Travel Rule protocols from fragmented to consolidated, particularly in Southeast Asia, America, and Europe. These regions are emphasising privacy and compliance, signifying market maturity and specialisation.

Advantages of Travel Rule Compliance

Harm pointed out three long-term benefits for VASPs that successfully implement the Travel Rule 

• Building a competitive advantage 

By adhering to the Travel Rule and complying with regulations, a VASP can preserve its competitive edge, safeguard its market share, and secure sustainable profits over the long term.

• Closing the user experience gap

By requesting beneficiary names, the procedure becomes remarkably akin to traditional banking payments, bridging the divide between conventional financial experiences and digital assets for users.

• Fostering good relations with regulators

Nurturing positive relationships with regulatory bodies and demonstrating a dedication to compliance is essential for fostering the widespread adoption of cryptocurrencies.

Navigating Regulatory Inconsistencies

From Harm's perspective, it is likely that VASPs will opt for a minimal approach, such as a basic requirement of requesting the beneficiary's name. The long-term success of implementing the Travel Rule heavily relies on regulatory cooperation with VASPs during this transitional period to achieve this minimal level of compliance. Focusing on the collection of beneficiary names as an initial step would also facilitate smoother transactions on a global scale across various jurisdictions.

Harm also emphasised the need for global alignment in the terminology used. As an example, he pointed out the disparity between the UK's Financial Conduct Authority's use of "Crypto Business" (CB), FATF's "virtual asset service provider" (VASP), and the recent MiCA regulations referring to "crypto asset service provider" (CASP), which creates confusion on a global scale.

Read The UK’s Implementation of the Travel Rule 

The Contagious Nature of the Travel Rule

The Travel Rule is contagious, and VASPs must comply when interacting with European exchanges. There is no way to operate from a jurisdiction where this rule has not yet been adopted.

Harm summarised: If you intend to transfer digital assets to a European exchange, you cannot position yourself in a jurisdiction that does not enforce it. Compliance with the Travel Rule remains a necessity.

While there are numerous jurisdictions that have yet to achieve compliance, this fact holds little relevance for VASPs. Instead, their focus should be on scrutinising the destinations of their coin transfers, aligning with the regulator's ultimate objective. VASPs must have a clear understanding of their customers and the destinations of their funds.

Future Predictions for the Travel Rule, VASPs and DeFi

Harm underlined the industry's pivotal decision-making process, wherein it must opt for either decentralisation or centralisation of the solution, potentially akin to SWIFT. An illustrative instance of centralisation is TRUST, while TRP represents a fully decentralised approach.  Harm surmised that the direction chosen would be heavily influenced by privacy regulations and how specific jurisdictions enforce them.

Regarding DeFi, Harm proposed that regulators and VASPs possess additional tools beyond the Travel Rule's scope to combat financial crimes despite challenges in incorporating Travel Rules.

Read 5 Ways To Tell if a Protocol Is Decentralised

Two Practical Tips for VASPs

Harm concluded by offering 2 practical tips for VASPs to begin Travel Rule compliance: 

1. Use tools like Crystal Blockchain Analytics to understand counterparties better and

2. To ensure compliance, set up a dedicated email address for incoming Travel Rule data.

Click here for the full podcast. 

Contact us for further guidance on how to comply with the Travel Rule. 

Curious to find out more about the UK’s implementation of the Travel Rule?