What is the FATF Travel Rule?

The Travel Rule, also known as FATF Recommendation 16, is a set of guidelines to prevent money laundering and terrorist financing.

1. It applies to financial institutions engaged in virtual asset transfers and crypto companies, collectively known as VASPs.
2. The Travel Rule mandates that VASPs obtain and disclose precise details about the sender and recipient of a virtual asset transfer to counterpart VASPs or financial institutions during or before the transaction.
3. The FATF suggests that nations implement a de minimis limit of 1,000 USD/EUR for virtual asset transfers.
   • For transfers under this threshold, VASPs must collect the names of the originator and beneficiary, as well as their virtual asset wallet addresses or unique transaction reference numbers.
   • For transfers exceeding the threshold, VASPs must also collect additional information, such as the originator's account number, physical address, national identity number, customer identification number, date and place of birth, and the beneficiary's account number.
4. The Travel Rule applies to VASPs when their transactions involve traditional wire transfers, virtual asset transfers between VASPs, or between a VASP and another obligated entity, including banks and financial institutions. In some instances,
   • VASPs may conduct virtual asset transfers with non-obligated entities.
   • Still, the FATF does not require VASPs to disclose transaction information to individuals who are not obligated entities, such as those associated with unhosted wallets.
5. Although transferring personal data between financial institutions has been long-established, the Travel Rule is a relatively new requirement for the crypto industry.
   • It requires building an unprecedented communication network between crypto platforms to ensure compliance and prevent money laundering and terrorist financing.

What is the Purpose of the Travel Rule?

6. The main objective of the Travel Rule is to address the issues of money laundering and terrorism financing (ML/TF) by mandating financial institutions and crypto firms involved in virtual asset transfers to acquire and exchange precise and reliable details of the originator and beneficiary of the transaction with their counterparties before or during the transfer.
7. By collecting this information, the authorities can identify suspicious activity, such as transferring funds by individuals or entities associated with criminal activities, and take appropriate actions to prevent or prosecute illegal activities. The Travel Rule is intended to bring the crypto industry in line with the traditional financial industry's anti-money laundering (AML) and counter-terrorism financing (CTF) regulations.

Who is Covered by the Travel Rule?

8. The Travel Rule applies to financial institutions engaged in virtual asset transfers and crypto companies, collectively called VASPs. This includes entities that provide exchange services between virtual assets and fiat currencies, custodian wallet providers, and providers of financial services for Initial Coin Offerings (ICOs) and other token offerings.
9. It is important to note that the Travel Rule is applicable to VASPs whenever their transactions, involving either fiat currency or virtual assets (VA), include a conventional wire transfer, a VA transfer between two VASPs, or a transfer between a VASP and any other obligated entity such as a bank or financial institution. Moreover, the Travel Rule covers a VA transfer between a VASP and an unhosted wallet as well, but the FATF doesn't require VASPs to provide the mandatory information to non-obligated individuals (e.g., to an unhosted wallet owner).

FATF specifies that a business entity falls under the VASP category if it offers any of the following services:

10. Facilitating the exchange of virtual assets with fiat currencies
11. Facilitating the exchange of one or more forms of virtual assets
12. Transferring virtual assets
13. Providing safekeeping or administrative services for virtual assets or instruments that allow control over virtual assets
14. Participating in or providing financial services related to the issuance or sale of virtual assets by an issuer.

How is the Travel Rule Implemented?

15. Implementing the Travel Rule depends on the regulatory framework of the country in question. Generally, financial institutions and VASPs are required to comply with the regulations set by their respective government agencies.
16. To comply with the Travel Rule, VASPs must establish an appropriate system for collecting and sharing customer information. This includes gathering and verifying customer information for VA transactions, maintaining accurate and up-to-date records, and sharing this information with counterparties or financial institutions involved in the transaction.
17. To enable information sharing, VASPs must implement secure data transmission protocols, such as encryption and decryption methods, to ensure that sensitive information is protected during transmission. Additionally, VASPs must have proper risk management and compliance procedures to detect and report suspicious transactions that may indicate money laundering or terrorist financing.
18. Implementing the Travel Rule has posed a significant challenge for the crypto industry, which was initially designed to allow for anonymous transactions. VASPs must now balance the need for privacy with the need for regulatory compliance, which has required significant investment in technology and compliance infrastructure.

Who is Covered by the Travel Rule?

The main requirements of the Travel Rule are:

19. Conducting due diligence of the counterparty before sharing data
20. For originating VASPs:
    • Identifying their client (originator)
    • Obtaining the necessary information from the originator, retaining a record, and sharing the information with the beneficiary VASP after all checks
    • Screening to confirm that the beneficiary is not a sanctioned name
    • Monitoring transactions and reporting when they raise suspicion
21. For beneficiary VASPs:
    • Obtaining the necessary information from the originator's VASP, verifying the accuracy and consistency of the required information, and retaining a record
    • Screening to confirm that the originator is not a sanctioned name
    • Monitoring transactions and reporting when they raise suspicion

To ensure compliance, a firm must implement two solutions:

• One for gathering data and
• Another for sharing it.

Fortunately, the FATF doesn't prescribe a specific method or technology for sharing data, and companies are free to use their discretion to select an appropriate solution.

SOURCE

https://sanctionscanner.com/blog/financial-action-task-force-fatf-travel-rule-140#:~:text=What%20is%20the%20Travel%20Rule,companies%2C%20collectively%20known%20as%20VASPs