SelfKey Compliance Hub Solution

Under the FATF Travel Rule, Virtual Asset Service Providers (VASPs) are required to share the identities of users involved with any virtual asset transfers valuing $1000 USD or more. VASPs will now need to obtain and verify customer identification with one another.

SelfKey created a technical and legal solution to help your business comply with the Travel Rule. 

Validate any transaction request to determine if Travel Rule compliance is required. This is a check to prove if a withdrawal request is to a personal or a custodial wallet.

Built on SelfKey architecture, user identity data is assigned a decentralised identity key (DID) and stored in Claims documents. The SelfKey registers contain both the DIDs and a hash to these Claims documents.

By using DIDs, user data that is sent can be signed so the beneficiary VASP can validate the source is secure and legit.

A secure messaging system transmits the necessary information to comply with the Travel Rule.

Support for multiple protocols and standards are available, inter-operability provides future-proofing and peace of mind.

A complete end to end solution, providing a frontend for users to make transaction requests and a backend dashboard for VASPs to automatically manage approvals.

Our solution determines if compliance is required for each transaction and collects the necessary personable identity data, packages and transmits it securely.

Does the Travel Rule apply to you?




Aside from sharing customer data with other VASPs or the authorities, VASPs also have a number of other duties they must fulfil in order to be compliant. The first is that ongoing transaction monitoring needs to take place. This means that VASPs will need to determine what typical transactions look like for each user so that they are able to spot any changes to the established pattern which could signify criminal activity. Financial institutions already do this in most countries and it is part of a risk-based approach to AML and CTF.

VASPs should also screen customer wallets and potentially share any blacklists with other VASPs and relevant parties. Additionally, VASPs should be licensed and/or registered in their jurisdiction. As you can see, it’s a big ask for an industry that is largely anonymous and decentralized.

While the Travel Rule sounds similar to Know Your Customer (KYC), it does have a couple of key differences:

  1. During KYC, the data collected is only used by the organization that collects it. With the Travel Rule, KYC information needs to be shared between VASPs and/or the relevant authorities. 
  2. KYC is an internal process while the Travel Rule is an external one.