Travel Rule Requirements Need Not Block Unhosted Bitcoin Wallets – Forbes


It has been clear for a while now that commercial participants in the global blockchain and cryptocurrency economy are going to have to address Anti-Money Laundering (AML) compliance and risk management requirements to function. If such transactions are to become an integrated element within the global financial system, originators, beneficiaries, and the service providers who link them must take these aspects seriously.

A significant topic creating buzz in this area has been the Financial Action Task Force (FATF)’s wide-ranging set of 40 recommendations to ensure alignment between the regulations of its member states and the compliance requirements imposed on financial institutions within them. Here, we focus on one such recommendation that is receiving the highest degree of attention around the globe — Recommendation 16, known as the Travel Rule.

The Travel Rule requires the collection, disclosure, and transfer of information such as names, addresses, and account numbers to establish the identities of the originators and beneficiaries of financial transactions and to enable an audit trail. Many argue that it goes against the principia of crypto which is also about privacy if not anonymity. However compliance with travel rule and AML can be the last obstacle for bitcoin, ether, XRP and other cryptocurrencies to go completely mainstream.  

In 2019, the FATF updated the Travel Rule to go beyond banks and traditional financial infrastructure service providers. It now applies to cryptocurrency exchanges and wallet providers, along with other Virtual Asset Service Providers (VASPs), including conventional institutions or non-bank entities experimenting with virtual assets. VASPs must meet the same information exchange requirements as conventional institutions when transferring virtual assets between parties to a transaction.

June 2020 marks a significant threshold for the Travel Rule since FATF member jurisdictions must demonstrate progress on implementing Travel Rule solutions by June 2020, when their efforts will be reviewed at FATF’s plenary meeting, to be conducted virtually on 24 June.

In principle, there are benefits to common national and international requirements alongside shared technology standards for counterparty data (regardless of whether it is also written to the blockchain or exists in a separate layer).

As obliged entities, VASPs typically do not want to bear the burden of defining their own proprietary compliance approaches in the face of ambiguous or unstated norms or defending them against unclear compliance enforcement practices. They also may well be willing to accept Travel Rule requirements as the price of doing business and of lowering the barriers between virtual and fiat assets.

In practice, there are still many issues to be discussed and agreed among FATF participants. In certain edge cases, it can be unclear whether or not a specific entity would be considered a VASP. Questions also remain about how to reconcile FATF recommendations with data privacy regulations such as Europe’s GDPR, and how to determine the appropriate ways to implement FATF’s technology-neutral principles for data.

Moreover, Travel Rule requirements have raised concerns within the crypto ecosystem because they go against the grain on near-anonymity, permitted pseudo-anonymity, and the fundamental ethos of cash-like privacy in the transfer of virtual assets such as cryptocurrencies.

Finally, there are not yet adequate provisions for capturing transactions involving VASPs outside of countries that have developed regulatory frameworks that address the FATF principles, or transactions that pass through unhosted wallets. The risk is that VASPs will simply block such transactions, either by regulation or as a means to manage risk.

As a result, when counterparties fall into either or both of these Travel Rule blind spots, they may move their activities to unregulated or underregulated markets, where riskier virtual asset exchange could thrive. Peer-to-peer activity constitutes about 40% of Bitcoin activity, for example. Nearly 90% of non-VASP activity passes through a VASP at some point or is required to pass through a VASP to make contact with the wider fiat payments system (e.g., ACH or credit card networks). Nonetheless, the Travel Rule may cause unregulated or P2P activity to increase, even though most of these transactions have no element of money laundering, terrorist financing, or financing of other illicit activity. In other words, as a result, the Travel Rule could end up strengthening unregulated digital asset transaction activity, creating a place for illicit activities to thrive.

We can, however, still avoid this undesirable outcome. Here are three core principles to keep in mind alongside the implementation of Travel Rule approaches and regulatory frameworks. The goal is to create realistic and practical approaches that do not inadvertently lower transparency:

First, VASPs should be permitted to transact with unhosted wallets, and such transactions should be outside of the scope of the Travel Rule. Over time, regulators could consider adopting a de minimis threshold related to the value of the transfer, just as in traditional financial sector transactions under USD3,00 or EUR 1,000, in line with any digital threshold standards that emerge on an international basis.

Second, it is important to note that cryptocurrencies and blockchain assets differ from traditional financial sector assets because of the data that are available for analysis. Unlike the private transaction data of conventional financial institutions, blockchain is a public ledger of transactions (at least for the majority of cryptocurrencies); all transactions are visible and can be analysed by any company.

Blockchain ledger data shows the complete history of transactions related to cryptocurrency wallet addresses, and therefore allows sophisticated risk analysis and management. As a result, the suspicious activity that the Travel Rule intends to prevent can be monitored and flagged at scale, rather than by making blanket decisions about blocking P2P activity, virtual asset transactions from markets outside of FATF’s purview, or transactions from unbanked or underbanked individuals in emerging economies.

The potential for data analysis means that VASP-Unhosted Wallet transactions could be and should be subject to various assessments, checks, and balances from an analytics and risk management perspective. In other words, this arguably keeps such transactions in a safer framework than the bank transactions that exist today.

Coinfirm has built such solutions into its AML Platform. This technology can identify and analyse high-risk transactions or counterparty addresses in real-time with surgical precision rather than the blunt force laying of a high risk blanket over all P2P transactions. It can help pre-verify addresses, flag and further analyse suspicious transactions, propagate transaction data, transfer requisite Travel Rule data about the originator to the beneficiary, and enable end-to-end audit of the path taken by the virtual asset to meet the needs and concerns of regulators.

Third, solutions that work for both VASP and non-VASP, non-custodial wallets are needed. Technology should be available to all the market participants, including non-custodial wallets and their users; in fact, some jurisdictions may go beyond the FATF Recommendations and require capture of VASP-Unhosted Wallet transactions. Technical implementations would be well-advised not to preclude this or force VASPs to play catch-up in different jurisdictions if such standards emerge.

Finally, evolution should be designed into the adoption of the Travel Rule’s underlying principles. Limiting any solution or regulatory consideration only to VASP-to-VASP transactions is an appropriate starting point. It follows the FATF recommendations and is in line with broader expectations of market participants and governments. Over time, these standards should adapt based on transaction size and volume, account size, and other risk profiling tests that could trigger requirements for Travel Rule compliance — with intelligence derived from data about actual activity rather than arbitrary, blanket rules.

The aims of such standards would ultimately be three-fold: 1) preventing illicit activity, crime, money laundering, and terrorist financing, while 2) increasing the reach of virtual assets in the wider world, therefore 3) fostering broader financial inclusion and driving world payments evolution to streamline the exchange of value.



READ SOURCE

READ  Grayscale Wins First US Approval For Cryptocurrency-Based Security - Bitcoinist

LEAVE A REPLY

Please enter your comment!
Please enter your name here