31 Mar 2021

First Look: Updated FATF guidance proposals for VASPs

The FATF’s release of draft updated VASP guidance for public consultation provides some detailed insights into how the global regulator will be approaching the industry in the near future. 

Here’s our quick monthly industry update on what we learned from the proposed guidance: 

In March, the FATF released an updated draft guidance for Virtual Assets (VAs) and Virtual Asset Service Providers (VASPs). These key changes propose a number of new updates that we will be exploring in more detail over the next few months, including: 

  • New clarifications and guidance on the Travel Rule
  • Stablecoins are VAs and FATF Standards apply to them
  • DEXs and crypto escrow services should be considered VASPs.
  • NFTs that can be used for money laundering (ML) and terrorism financing (TF) are VAs
  • VASPs should be responsible  for assessing and mitigating proliferation financing (PF) risks
  • Best practices VASPs conducting counterparty due diligence
  • Options for mitigating peer-to-peer transaction risks

The updated guidance makes some detailed clarifications on how the FATF’s Recommendation 16 - the so-called Travel Rule - should be applied with regards to VASPs. These include:

  • Originator VASPs must require Travel Rule compliance from beneficiaries through their contractual agreements or individual business protocols.
  • Any VASP that has not implemented Travel Rule guidelines should be considered high risk by its regulating authorities.
  • Originator and beneficiary identifying information can be submitted in batches, as long as it happens immediately and securely. Transmitting Travel Rule information should not be permitted after a transaction has occurred. 
  • VASPs that accept transactions with private or unhosted wallets still need to collect Travel Rule information from the owner of the wallet. As mentioned above, these types of transactions can be considered high risk by individual jurisdictions. 
  • VASPs are responsible for carrying out counterparty due diligence before facilitating a transaction and transmitting the required transactional information. The FATF recommends VASPs employ a three-phase approach: 
  1. Determining whether the transfer will be made to a counterparty such as another VASP, or if it will be to a private wallet or other entity.
  2. Identify the counterparty
  3. Assess whether the counterparty is eligible to receive transactional data and whether it is possible to enter a business relationship and with it. 

The key takeaway from this particular update is the requirement for an originator VASP to conduct KYC to know who the beneficiary VASP is before they transmit the relevant user information. This is not an easy task as:

(a) wallet addresses do not fundamentally contain the owner details, unlike SWIFT codes which do contain this information, and 

(b) it may require building a library of approved VASP wallet addresses in order to quickly and effectively comply.

It would be prudent for VASPs to start looking into solutions now rather than later as the FATF seems to be ramping up its language for stricter enforcement of Travel Rule compliance.

Any Questions?

Our team is always ready to help you and your business.
Get in touch

Latest Articles

We should have some subheading here, it’s good for SEO as well
Streamline Identity Verification Processes for Fintech Companies Using KYC-Chain
Efficient and reliable identity verification is essential for fintech companies to comply with regulations and build trust with their customers.…
21 Jun 2023
Demystifying CDD and EDD: When and Why Are They Essential?
Understanding the significance of Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) is crucial for businesses and organizations that…
16 Jun 2023
Safeguarding Against Crypto Identity Fraud: Exploring Risks and Effective Solutions
Introduction In today's digital landscape, the rise of cryptocurrency has revolutionized financial transactions. However, with this increased adoption comes the…
15 Jun 2023