The rise of the global economy has given rise to financial crimes such as money laundering. The Financial Action Task Force (FATF) is useful for making recommendations for fighting these crimes and increasing the anti-money laundering (AML) regulations over the world. The FATF Travel Rule updates the existing FATF recommendation 16 for cross-border and domestic bank transfers, which will be the highlight of this article.
It is important for the virtual asset service providers (IDPs) and other regulated entities to understand the Travel Rule and its AML compliance obligations. Keep reading to learn more about what is FATF and how businesses can adhere to AML compliance with modern technology solutions.
What is FATF Travel Rule?
The Financial Action Task Force (FATF) has modified Recommendation 16, the Travel Rule guideline, that guards an individual against money laundering. This Rule recommends Virtual Asset Service Providers (IDPs), which includes banks, exchanges, wallets and other financial institutions, to share the recipient and receiver’s identifying information for cryptocurrency transactions over USD/EUR 1000.
The data gathered in the Travel rule are physical address, unique ID number, customer identification number, or date and place of birth. Initially, the Travel Rule applied to banks only. However, the FATF amended the recommendation in 2019 and involved the crypto companies. For now, few countries have incorporated the Travel Rule in their local AML laws, and many FATF member countries are on the verge of adopting the recommendation.
Who is Affected by the FATF Travel Rule?
The two business categories, i.e., financial institutions (banks, credit firms, etc.) and crypto companies, known as Virtual Asset Service Providers (VASP), are what FATF affects the most. The companies conducting transfers between the users fall under the Travel Rule.
Obstacles to FATF Travel Rule Compatibility
The FATF Travel Rule enhances the audit trail in the crypto industry transfers and reduces anonymity. There are some legal and technological obstacles faced while implementing it, including:
- Lack of regulation in the Travel Rule and information sharing in several countries
- Higher costs and efforts in building compliance programmes
- Lesser global consensus on the crypto transactions
- Lacking clear processes for verifying, securing and safeguarding information between specific parties
- Counterparty VASPs Identification and registration
- Difficulties in interrelating technologies and channels for crypto transactions such as cryptocurrency kiosks, decentralised applications, ICOs, virtual wallets and P2P exchanges.
Customer verification during onboarding and filing SARs.
Why must VASPs Comply with the FATF Travel Rule?
VASPs must comply with the FATF Travel Rule to avoid varying penalties and getting listed among high-risk watchlists such as the ‘grey list.’
To avoid the penalties involved, it is necessary to make it compulsory for VASP providers to prioritise the FATF Travel Rule.
How to Comply with the FATF Travel Rule?
There are several approaches for implementing the FATF Travel Rule by leveraging the existing technology and infrastructure, including:
- Getting Sender and Recipient Information
The companies use the KYC processes to collect the client’s personal data during a transaction. The company should request the client to submit their name, account number, address, ID number, customer identification number, or date and place of birth of the one they wish to send the money to.
- Sharing Data
The financial businesses must share the sender’s and recipient’s personal information in transactions with their competitive financial companies. Encrypted data transfers are practised by many networks, including OpenVASP, Trisa and Shyft. Such networks offer software that businesses can integrate into their systems to transfer customer data to another platform. A company must submit an application to join a data transfer network.
- Using Public and Private Keys
Private and public keys are created in pairs for each entity in a digital transmission to encrypt and decrypt information for beneficiaries and originators.
- Using API Technology
The FATF rule can be compiled by providing protocols for software applications and determining how they should interact with each other. FATF organisations and authorities are implementing Recommendation 16 approaches by establishing a centralised and global database that collects information on every VASP and their customers worldwide.
- Transport Layer Security/Secure Sockets Layers
TLS and SSL connections use private and public keys to secure the digital transmissions made over the internet.
- X.509 certification
The FATF Travel Rule can also be compiled using the digital certificates that the authorities administer using the X.509 PKI standard. It reinforces the authenticity of public keys and is used worldwide in the private and public sectors.
Some Findings on the FATF Travel Rule
Several countries have implemented the FATF Travel Rule, which is an update to currently what is FATF recommendation 16. Here are some findings related to it:
- The private sector has developed technological solutions to implement the ‘travel rule’.
- 58 out of 128 jurisdictions have implemented the revised FATF Standards. Among these 58, 52 are regulating, and six have been restraining the VASPs operation.
- The gaps in the implementation of the Travel Rule indicate fewer global safeguards to prevent the VASPs misuse for money laundering, terrorist financing, and virtual assets.
The use of cryptocurrencies may lead to money laundering and other financial crimes. The FATF Travel Rule reduces financial crimes by removing anonymity in crypto transactions. The existing crypto firms not meeting the Travel Rule requirements will need to do it in the future and change how VASPs work. Following the travel rule can detect suspicious users, and frauds are avoided by collecting and sharing sender and recipient data.
For more interesting and informative articles, visit our website and read more on our blog.