Blog

Explaining the Crypto Travel Rule - the Cornerstone of Global Crypto AML

April 07, 2025

The Crypto Travel Rule, a cornerstone of global anti-money laundering (AML) efforts, demands that Virtual Asset Service Providers (VASPs) meticulously track and share the origins and destinations of cryptocurrency transactions exceeding specific thresholds. This mandate, stemming from the Financial Action Task Force (FATF), aims to thwart money laundering and other illicit activities within the burgeoning digital asset space.

The FATF's Mandate and the Evolution of the Travel Rule

The FATF, the global standard-setter for AML and counter-terrorist financing (CTF), extended its purview to virtual assets and VASPs in 2019. This expansion necessitated stricter regulations, codified as Recommendation 16, or the "Travel Rule," within the FATF's 40 Recommendations.

Originally conceived by the Financial Crimes Enforcement Network (FinCEN) in 1996, the traditional Travel Rule required financial institutions to transmit sender and receiver information during fund transfers. The FATF's 2019 update, further refined in 2021, adapted this principle to the crypto realm, compelling VASPs, including exchanges, custodial services, and other financial service providers, to share transaction details for transfers above a designated threshold.

Understanding the Scope and Applicability

The Crypto Travel Rule's reach extends to various entities, albeit under different nomenclatures. While the FATF employs the term VASP, the European Union refers to Crypto Asset Service Providers (CASPs), and other jurisdictions use Money Services Businesses (MSBs). Regardless of the terminology, the underlying principle remains consistent: transparency and traceability in crypto transactions.

The standard reporting threshold is generally $1,000, although variations exist, such as the $3,000 threshold in the United States. Compliance is paramount for VASPs, as non-adherence can result in heightened scrutiny, penalties, and even license revocation. Similarly, individual crypto users are increasingly required to verify their identities with exchanges and service providers.

The Original FinCEN Travel Rule: A Foundation for Crypto Regulation

FinCEN's 1996 publication laid the groundwork for the Travel Rule, obligating financial institutions to relay specific information during interbank fund transfers. The FATF's 2019 adaptation extended this principle to the digital asset landscape, recognizing the potential for illicit activities within the rapidly evolving crypto ecosystem.

The adoption of FATF-driven AML compliance obligations has been widespread, with countries like Germany, Singapore, Switzerland, Canada, the United States, South Africa, the Netherlands, and Estonia implementing mirroring legislation.

FATF Travel Rule Requirements: A Breakdown

The FATF's Travel Rule mandates the sharing of specific information about the originator and beneficiary of financial transactions.

Traditional Financial Institutions:

Information Collection: Name, account number, physical address, national identity number, and date of birth for both the originator and beneficiary.
Information Transmission: The collected information must accompany the funds transfer.
Record Keeping: Maintaining records for a minimum period (typically five years).
Compliance and Reporting: Implementing compliance policies and reporting suspicious transactions.

Virtual Asset Service Providers (VASPs):

Information Collection and Transmission: Similar requirements to traditional institutions, tailored to virtual asset transfers.
Record Keeping: Maintaining records for a specified duration.
Compliance Programs: Implementing risk-based compliance measures.

Application to Crypto Assets and VASPs

The Travel Rule for crypto assets necessitates that transactions exceeding the threshold be accompanied by customer personal information. VASPs must also conduct sanction screening of counterparties and perform due diligence on counterparty VASPs.

Thresholds and Information Requirements

The FATF recommends a $1,000 threshold for virtual asset transactions, aligning with the traditional financial institution threshold. When this threshold is met, detailed originator and beneficiary information, including names, account numbers, and addresses, must be collected and transmitted.

Key Considerations:

Due diligence is essential, even for below-threshold transactions, when suspicions arise.
Jurisdictional variations necessitate awareness of local regulations.

Travel Rule Data Transfers and IVMS101

Travel Rule-regulated transactions require the transmission of Personally Identifiable Information (PII). The IVMS101 messaging standard, developed by the Joint Working Group on interVASP Messaging Standards, provides a standardized data model for this purpose.

IVMS101's Role:

Defines a standardized customer record data model.
Facilitates interoperability among VASPs.
Has garnered widespread adoption.

Trust Framework and Due Diligence

Establishing trust among VASPs is crucial for Travel Rule compliance. This involves rigorous due diligence on counterparties, including assessing their regulatory status, KYC/AML processes, and data privacy practices.

FATF's Recommendations:

Performing due diligence akin to correspondent banking relationships.
Verifying counterparty registration, licensing, and beneficial ownership.
Evaluating KYC/AML processes.
Ensuring mutual understanding of Travel Rule responsibilities.

The FATF acknowledges the challenges of counterparty due diligence and provides guidance on conducting it effectively. This includes verifying registration, licensing, beneficial ownership, and KYC/AML procedures.

Blockpass' Role in Facilitating Compliance

Platforms like Notabene streamline Travel Rule compliance by providing tools for data transfer, counterparty due diligence, and network connectivity.

Blockpass’ Features: