Global Travel Rule Regulations:
What Are the Requirements?
What Is a Virtual Asset (VA)?
The FATF defines a virtual asset as a “digital representation of value that can be digitally traded or transferred and can be used for payment or investment purposes”.
The FATF generally does not consider Non-Fungible Tokens (NFT) as virtual assets, but this depends on their characteristics. They may fall under the definition if they are used for “payment or investment purposes”.
It does not matter what an asset is called. What matters are the characteristics of the asset and how it functions. This is called a “functional approach”.
In practice: any cryptocurrency (like bitcoin and ether)
What Is a Virtual Asset Service Provider (VASP)?
The FATF defines a VASP as: “any natural or legal person who (…) as a business conducts one or more of the following activities or operations for or on behalf of another natural or legal person:
- Exchange between virtual assets (VA) and fiat currencies;
- Exchange between one or more forms of VA;
- Transfer of VAs (eg moving “a virtual asset from one virtual asset address or account to another”); and
- Safekeeping and/or administration of VAs or instruments enabling control over VAs;
- Participation in and provision of financial services related to an issuer’s offer and/or sale of a VA“.
The definition of VASPs is very broad and covers CeFi and most of DeFi services. Self-hosted wallets are still out of scope, depending on their settings.
Self-hosted wallets (also known as unhosted or private wallets) can be defined as a software or hardware that allows to hold, store and transfer virtual assets which are not under custody with a VASP. The owner of the virtual asset is the only one with full-control. No third-party can access them. With self-hosted wallets, the owner is responsible for providing wallet security and protecting the private keys that he/she fully controls.
In practice : currencies exchanges, trading platforms, crypto funds, brokers, custodial wallet providers, issuer of payment and hybrid tokens, financial institutions dealing in virtual assets, etc...
When Should You Get Ready?
FATF recommendations are not binding and need to be implemented by each country to become legally binding. Even if it is not yet binding in your country of operations, your customers may interact with customers located in jurisdictions where this is already a requirement, so you will have a touch point with it. It is better to always be prepared and have a plan in place for when it is enforced in your jurisdiction. It will enable an easy transition and will deeply lower the impact on your customer journey.
So when should you start getting ready? the short answer is NOW. Have a plan in place and start interacting with the right providers that can help you comply with the Travel Rule without impairing your customer relationship.
How to Comply?
Choose the right partner for implementation or implement it yourself by using open, permissionless protocols such as TRP from the OpenVASP Association.