In June, the FATF, the global money laundering regulator, published its guidelines for dealing with virtual currencies. These include amongst others the “Travel Rule”. Introduced in 2012, this recommendation requires the exchange of client data between financial intermediaries.
“Travel Rule” Facts
The Financial Action Task Force (FATF), an intergovernmental organization based in Paris, issued its recommendations on June 21 on the fight against money laundering and terrorist financing in dealing with virtual currencies. In future, so-called “virtual asset service providers (VASPs)” are to operate in accordance with the issued guidelines. The recommendations are largely based on the regulation of traditional banking business. Under the so-called “Travel Rule”, transfers of more than USD 1,000 must contain information from both, the sender and the recipient and be passed on to the receiving institution.
In Switzerland, the Travel Rule is regulated by FINMA in Article 10 of the Money Laundering Ordinance. Many Swiss VASPs have joined forces in the OpenVASP Association to implement it. The first automated, Travel Rule-compliant Bitcoin transaction between Swiss financial intermediaries took place in August 2020 using the software solution from 21 Analytics.
Event in Zurich held on the subject
An informative event on the subject of the recent FATF Recommendations including the “Travel Rule” was recently held in Zurich. GWP, a law firm specialising in regulatory issues in the financial industry was hosting this event. We asked the speaker Pawel Aleksander, CIO of Coinfirm, Michael Schneebeli, Partner at GWP and Ekaterina Anthony, DLT team leader at GWP, some questions on this topic.
CVJ.CH: The FATF Recommendation recently included guidance for Virtual Assets and Virtual Asset Service Providers (VASP’s). Can you briefly explain what the latest FATF recommendations are about and what the VASP definition covers?
Ekaterina: in June FATF has published an updated guidance, but the term Virtual Assets (VA) and Virtual Assets Service Providers (VASP) had been introduced earlier in 2018. The definition VASP’s cover a wide spectrum of individuals (Natural Persons) and legal entities, where VASP provides financial intermediary activity. These may be exchanges, wallet providers, financial services providers related to issuance/offer/sale of Virtual Assets and any other possible business models in that area. It is also important to know, that not only transaction with fiat or digital currencies are considered as VASP operations, but safekeeping of the digital private keys is also considered as VASP activity.
The main recommendations of the most recent FATF Guidelines are Recommendations 15 and 16, in which the FATF requires all country members to develop and apply the same requirements as for bank transfers, the so-called “Travel Rules”.
CVJ.CH: What is the so called “Travel Rule”?
Pawel: The “Travel Rule” means that Virtual Asset Service Providers (VASPs), including crypto exchanges, should exchange information about their customers when transferring cryptos. The recommendations for an established industry standard for crypto, similar to the traditional bank transfer (via Swift), are due to the anonymous nature of the transaction on the blockchain and the need to prevent money laundering and other uncontrolled activities.
CVJ.CH: The required additional information can technically not be transmitted via the blockchain where the value transfer happens. What does this actually imply for a VASP’s to meet the FATF criteria?
Pawel: Transferring the information about originator and beneficiary of transaction between VASPs may be done by using different messaging channels. Use of blockchain as durable storage of information is beneficial. However, using other messaging layers, where data is not persistent, may be more practical especially where “the right to forget” and personal data issues need to be considered.
CVJ.CH: In addition to exchanging the data of the payment participants involved, further clarifications on the origin of the funds are also required. To what extent do the procedures for blockchain-based crypto currencies and the process differ from traditional financial intermediaries?
Pawel: Each blockchain wallet should be checked against a complete set of AML risk assessment scenarios and their potential association with illegal activities. The effective solution should be block-chain independent and cover all block-chain assets managed by VASPs. It should enable real-time monitoring and alerting of hundreds of thousands of blockchain addresses and evaluate all transactions on the wallets for their relationship to illegal activities. An effective solution should also detect ongoing illegal activity, even through a chain of hundreds of laundering transactions and enable a full audit trial. The Coinfirm AML platform offers these features.
CVJ.CH: the Swiss FINMA has already dealt with the latest FATF recommendations and has included the Travel Rule in Art. 10 GwV-FINMA. Legal expert Jeremy Bacharach from the university of geneva believes, that VASP’s are at a disadvantage compared to traditional financial intermediaries, because every transaction in crypto currencies is classified as a transaction with increased clarification requirements. What is your opinion on this topic?
Ekaterina: Yes, FINMA has published its recommendations and in fact the position of FINMA is much stronger than the FATF recommendations. For example, FINMA do not allow VASP transaction to unregulated wallets and requires any transaction party to be verified. This is done to prevent illegal activities. I don’t think that digital assets are in disadvantage in a long run. By using blockchain based digital services, institutions need more transparency. At the moment, by definition any transaction with crypto is considered as high risk. This is also due to a lack of expertise and an established technological process. A mass adaptation is currently taking place and the industry is shaping the approach and technology to risk management related to digital assets. The use of technical compliance tools and professional compliance know-how, will increase the attractiveness of digital assets in terms of process efficiency, costs and risk management.
CVJ.CH: with the Travel Rule, VASPS and crypto exchanges must therefore exchange data between payment senders and recipients. In your opinion, is the market getting ready for this requirement?
Michael: In the current legal environment and recent FATF recommendations we see the need for setting industry standards implementing the right balance between anonymity, privacy and regulatory transparency. Such standards should be auditable and developed based on an open, blockchain-based infrastructure. Although new tax rules, like the automated exchange of information and social media applications, may force clients to share their personal data, the client’s reasonable expectation of privacy must be respected. The new standards should thus reflect that sharing of personal data remains strictly limited to sharing the data necessary for FATF compliance purposes (i.e. investigations in case of compliance hits, verification of information related to virtual asset transactions etc.) and respect fundamental privacy rights such as «the right to forget». Ultimately, there is an eminent need for such standard setting, since the application is expected to start mid 2020 already and will need to comply with AML, KYC, GDPR and PSD2 regulations. In fact, a blockchain-based infrastructure facilitates PSD2 application.