Print Article

What is the FATF Travel Rule?


The Travel Rule, also known as FATF Recommendation 16, is a set of guidelines to prevent money laundering and terrorist financing.

  1. It applies to financial institutions engaged in virtual asset transfers and crypto companies, collectively known as VASPs.
  2. The Travel Rule mandates that VASPs obtain and disclose precise details about the sender and recipient of a virtual asset transfer to counterpart VASPs or financial institutions during or before the transaction.
  3. The FATF suggests that nations implement a de minimis limit of 1,000 USD/EUR for virtual asset transfers.
    • For transfers under this threshold, VASPs must collect the names of the originator and beneficiary, as well as their virtual asset wallet addresses or unique transaction reference numbers.
    • For transfers exceeding the threshold, VASPs must also collect additional information, such as the originator's account number, physical address, national identity number, customer identification number, date and place of birth, and the beneficiary's account number.
  4. The Travel Rule applies to VASPs when their transactions involve traditional wire transfers, virtual asset transfers between VASPs, or between a VASP and another obligated entity, including banks and financial institutions. In some instances,
    • VASPs may conduct virtual asset transfers with non-obligated entities.
    • Still, the FATF does not require VASPs to disclose transaction information to individuals who are not obligated entities, such as those associated with unhosted wallets.
  5. Although transferring personal data between financial institutions has been long-established, the Travel Rule is a relatively new requirement for the crypto industry.
    • It requires building an unprecedented communication network between crypto platforms to ensure compliance and prevent money laundering and terrorist financing.

What is the Purpose of the Travel Rule?

  1. The main objective of the Travel Rule is to address the issues of money laundering and terrorism financing (ML/TF) by mandating financial institutions and crypto firms involved in virtual asset transfers to acquire and exchange precise and reliable details of the originator and beneficiary of the transaction with their counterparties before or during the transfer.
  2. By collecting this information, the authorities can identify suspicious activity, such as transferring funds by individuals or entities associated with criminal activities, and take appropriate actions to prevent or prosecute illegal activities. The Travel Rule is intended to bring the crypto industry in line with the traditional financial industry's anti-money laundering (AML) and counter-terrorism financing (CTF) regulations.

Who is Covered by the Travel Rule?

  1. The Travel Rule applies to financial institutions engaged in virtual asset transfers and crypto companies, collectively called VASPs. This includes entities that provide exchange services between virtual assets and fiat currencies, custodian wallet providers, and providers of financial services for Initial Coin Offerings (ICOs) and other token offerings.
  2. It is important to note that the Travel Rule is applicable to VASPs whenever their transactions, involving either fiat currency or virtual assets (VA), include a conventional wire transfer, a VA transfer between two VASPs, or a transfer between a VASP and any other obligated entity such as a bank or financial institution. Moreover, the Travel Rule covers a VA transfer between a VASP and an unhosted wallet as well, but the FATF doesn't require VASPs to provide the mandatory information to non-obligated individuals (e.g., to an unhosted wallet owner).

FATF specifies that a business entity falls under the VASP category if it offers any of the following services:

  1. Facilitating the exchange of virtual assets with fiat currencies
  2. Facilitating the exchange of one or more forms of virtual assets
  3. Transferring virtual assets
  4. Providing safekeeping or administrative services for virtual assets or instruments that allow control over virtual assets
  5. Participating in or providing financial services related to the issuance or sale of virtual assets by an issuer.

How is the Travel Rule Implemented?

  1. Implementing the Travel Rule depends on the regulatory framework of the country in question. Generally, financial institutions and VASPs are required to comply with the regulations set by their respective government agencies.
  2. To comply with the Travel Rule, VASPs must establish an appropriate system for collecting and sharing customer information. This includes gathering and verifying customer information for VA transactions, maintaining accurate and up-to-date records, and sharing this information with counterparties or financial institutions involved in the transaction.
  3. To enable information sharing, VASPs must implement secure data transmission protocols, such as encryption and decryption methods, to ensure that sensitive information is protected during transmission. Additionally, VASPs must have proper risk management and compliance procedures to detect and report suspicious transactions that may indicate money laundering or terrorist financing.
  4. Implementing the Travel Rule has posed a significant challenge for the crypto industry, which was initially designed to allow for anonymous transactions. VASPs must now balance the need for privacy with the need for regulatory compliance, which has required significant investment in technology and compliance infrastructure.

Who is Covered by the Travel Rule?

The main requirements of the Travel Rule are:

  1. Conducting due diligence of the counterparty before sharing data
  2. For originating VASPs:
    • Identifying their client (originator)
    • Obtaining the necessary information from the originator, retaining a record, and sharing the information with the beneficiary VASP after all checks
    • Screening to confirm that the beneficiary is not a sanctioned name
    • Monitoring transactions and reporting when they raise suspicion
  3. For beneficiary VASPs:
    • Obtaining the necessary information from the originator's VASP, verifying the accuracy and consistency of the required information, and retaining a record
    • Screening to confirm that the originator is not a sanctioned name
    • Monitoring transactions and reporting when they raise suspicion

To ensure compliance, a firm must implement two solutions:

  • One for gathering data and
  • Another for sharing it.

Fortunately, the FATF doesn't prescribe a specific method or technology for sharing data, and companies are free to use their discretion to select an appropriate solution.



The Team

Meet the team of industry experts behind Comsure

Find out more

Latest News

Keep up to date with the very latest news from Comsure

Find out more


View our latest imagery from our news and work

Find out more


Think we can help you and your business? Chat to us today

Get In Touch

News Disclaimer

As well as owning and publishing Comsure's copyrighted works, Comsure wishes to use the copyright-protected works of others. To do so, Comsure is applying for exemptions in the UK copyright law. There are certain very specific situations where Comsure is permitted to do so without seeking permission from the owner. These exemptions are in the copyright sections of the Copyright, Designs and Patents Act 1988 (as amended)[]. Many situations allow for Comsure to apply for exemptions. These include 1] Non-commercial research and private study, 2] Criticism, review and reporting of current events, 3] the copying of works in any medium as long as the use is to illustrate a point. 4] no posting is for commercial purposes [payment]. (for a full list of exemptions, please read here]. Concerning the exceptions, Comsure will acknowledge the work of the source author by providing a link to the source material. Comsure claims no ownership of non-Comsure content. The non-Comsure articles posted on the Comsure website are deemed important, relevant, and newsworthy to a Comsure audience (e.g. regulated financial services and professional firms [DNFSBs]). Comsure does not wish to take any credit for the publication, and the publication can be read in full in its original form if you click the articles link that always accompanies the news item. Also, Comsure does not seek any payment for highlighting these important articles. If you want any article removed, Comsure will automatically do so on a reasonable request if you email