No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

Compliance Challenges: Crypto and the Travel Rule

What a Proposed Change May Mean for the Cryptocurrency Industry

by Brandi Reynolds
November 16, 2020
in Featured, Financial Services
Compliance Challenges: Crypto and the Travel Rule

A modification has been proposed by FinCEN and the Federal Reserve board to lower the threshold for the requirement to collect, retain and transmit information on funds and transfers. As Brandi Reynolds explains, this could have major implications for the crypto sector.

The “Travel Rule,” otherwise known as the funds transfer recordkeeping regulation, requires financial institutions, including non-bank financial institutions, to transmit transactions and customer details to the next institution for certain transmittals of funds. Federal regulators designed the rule to aid law enforcement agencies, both domestic and international, to detect, investigate and prosecute financial crimes such as money laundering by maintaining an information trail of transaction originators and beneficiaries.

The travel rule came into effect around 1996 following issuance by the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) under the Bank Secrecy Act (BSA). In March 2013, FinCEN issued guidance for people administering, exchanging or using virtual currencies. This interpretive guidance clarified the applicability of the BSA to virtual currency business models. In this guidance, FinCEN stated two rules affecting administrators and or exchangers of virtual currency.

These rules state that administrators and or exchangers of virtual currency will be considered as money transmitters and are therefore subject to the BSA if they admit to two acts:

  • If they accept and transmit a convertible virtual currency (CVC).
  • If they buy or sell convertible virtual currency.

FinCEN issued additional guidance six years later in May 2019; this guidance applies to certain business models involving convertible virtual currencies. It reaffirms that the Travel Rule, along with the BSA, applies to administrators and exchangers of convertible virtual currency because transactions involving CVC qualify as transmittals of funds. It also notes that the transmission of value and Travel Rule data are not required to use the same protocol or system.  According to the Travel Rule, any transfer that is equal to or exceeding $3,000 requires the originator to send the receiving financial institution a series of transmittals containing detailed information before or at the time of transaction.

Most recently, the Board of Governors of the Federal Reserve System and FinCEN issued a joint notice of proposed rulemaking on October 27, 2020.  In short, the proposed modification would reduce the threshold from $3,000 to $250 for funds transfers and transmittals of funds that begin or end outside the United States. FinCEN is likewise proposing to reduce from $3,000 to $250 the threshold in the rule requiring financial institutions to transmit to other financial institutions in the payment chain information on funds transfers and transmittals of funds that begin or end outside the United States.[1] Another important development is the official proposed change to the meaning of “money” to include “convertible virtual currency.”

Compliance with the Travel Rule has been shown to be difficult, if not currently impossible, for some. Some of the challenges have been addressed by the United States Travel Rule Working Group (USTRWG)[2], among others. The USTRWG is a group composed of U.S. Virtual Assets Service Providers (VASPs) that are collaborating to develop and maintain an industry-led solution to comply with the Travel Rule.

The goal of compliance with the Travel Rule is to create a solution to allow compliance with regulatory requirements, promote transparency and support law enforcement without compromising security and privacy.

Challenges and Potential Solutions

In an effort to achieve compliance, excessive fragmentation or division could occur, which would lead to a significant increase in the cost and complexity of the Travel Rule. In order to prevent that, VASPs must be willing to integrate with various solutions in order to achieve the full coverage of possible counterparty VASPs. It will also be extremely necessary for solutions that gain critical mass to be interoperable with one another.

Data security is another issue that arises because of the sensitive nature of data and information being transmitted to and from various institutions. A high risk of malicious attacks in the non-face-to-face domain is highly possible and, as a result, the parties must place a high priority on securing the transmitted data. Due to the need to protect the security of sensitive data, customer personally identifiable information (PII) and transaction data should never be shared or stored in a centralized setting. For the purpose of achieving a standardized security, strong encryption standards and data transfer protocols are required to ensure customer data is not compromised or leaked when it is transmitted or collected.

Amongst all mentioned challenges, the most complex challenge is the issue of counterparty identification. It arises from a compliance requirement of the Travel Rule to determine the identity of a counterparty that observes and controls the receiving address in a transaction made in the virtual currency industry.

The mode of transfer of value in the traditional banking industry occurs between individuals or entities. The funds are sent from financial institution “A” and are received at financial institution “B.” There is a straightforward method for “A” to identify “B” using a routing code or SWIFT code, which is provided when a transfer is requested. This method allows for the transmission of appropriate Travel Rule data to the correct counterparty.

However, with the decentralized nature of most crypto and virtual currencies, a participant is able to create an address as a destination for receiving value (typically a virtual currency “address”) without a corresponding registration of ownership in a centralized repository. When a customer of a VASP requests a withdrawal of funds to an external virtual currency address, there is no inherent mechanism or communication layer in the underlying virtual currency networks to identify the controlling entity of the receiving address. A customer of a VASP cannot determine whether the address is controlled by a VASP or by an individual, or perhaps even mutually controlled by a VASP and an individual (i.e., multi-signature addresses). Further, these networks do not allow VASPs to identify whether the entity that owns the underlying virtual currency is the same VASP that custodies the asset or controls the address.

Although blockchain analytics solutions are valuable tools that may suggest the controlling entity behind a virtual currency address, without validation from the entity itself, these tools are not 100 percent accurate and only offer a limited view of address ownership. These tools also have limited coverage, as many addresses are not clustered and identified or tagged.

For example, newly generated addresses by a VASP are typically not associated with the VASP by blockchain analytics software until one or more transactions have occurred with that address. While blockchain analytics tools offer some insight into potential ownership, they do not completely solve the “lookup” challenge of accurately identifying all transaction counterparties for Travel Rule compliance purposes. A necessary solution is to create an address-VASP lookup mechanism, which can enable VASPs to determine if an address they are transmitting to is controlled by a VASP and, if so, which VASP. However, this solution will require the participation of both the sending and receiving VASPs in order to accurately identify address owners to comply with the Travel Rule.

Implications of these Challenges on Crypto Users and Investors

When observed and analyzed from different angles, the Travel Rule is guaranteed to have major implications on the crypto sector. From an authority viewpoint, the rule presents a factual crisis that will tear apart cryptocurrency’s core material of anonymity (or pseudo-anonymity) and confidentiality. The Travel Rule looks like a forward try by international and domestic regulators to exert regulatory control over this industry. This extension of the Travel Rule could be a deterrent for some users of cryptocurrency.

On the flip side, could the Travel Rule be a blessing in disguise for cryptocurrency industry? This particular rule has been wrestling with gaining mass adoption since its origination. As cryptocurrencies have been associated with illicit transactions, regulators have repeatedly warned the general public against the mistreatment of cryptocurrencies, and banks have actively refused to trade with VASPs.

The introduction of crypto regulation announces a brand-new era that bears immense promise for virtual assets. First, it provides the much-coveted “official recognition” that has eluded the arena for years. Secondly, the recent change provides a bridge between VASPs, and therefore, the alleged financial sector. As such, it may become easier for users and VASPs to open bank accounts to facilitate crypto transactions. Third and most significant, the change provides the much-needed legitimacy for virtual assets that successively will increase their potential for mass adoption.

The Travel Rule brings a further layer of transparency for virtual assets and payments. It also helps to eliminate risky actors’ concealment behind the veil of anonymity afforded by some cryptocurrencies. Therefore, this extension of the Travel Rule may boost the usage and acceptance of cryptocurrencies as a medium of exchange.

Conclusion

Even though the new Travel Rule was brought forward to maintain the stability of the cryptocurrency industry, the shortage of technical resolution is proving to be a great challenge on various levels.

Virtual asset businesses and other crypto currency exchanges are struggling with the impact and meaning of this regulatory requirement. There is a concern that increased regulation could drive the industry into the “black market,” drive businesses from the U.S. or discourage them from entering the U.S. market. This result would decrease the amount of regulated options available for U.S. consumers.

What’s certain: The industry should continue working closely with regulators to develop compliant solutions that will not hinder the future of the cryptocurrency industry from thriving in the U.S.


[1] https://public-inspection.federalregister.gov/2020-23756.pdf

[2] https://www.gdf.io/wp-content/uploads/2020/10/USTRWG-Travel-Rule-Solution-V1.pdf


Tags: CryptocurrencyFinancial Crimes Enforcement Network (FinCEN)
Previous Post

Control Assurance During the Pandemic Era

Next Post

The Best Questions to Ask During a Fraud Interview

Brandi Reynolds

Brandi Reynolds

Brandi Reynolds has over 16 years of experience in the financial services industry that includes more than 12 years at Advance America, Cash Advance Centers, Inc., serving as the Deputy Compliance Officer. Brandi has received both the Certified Anti-Money Laundering Specialist (CAMS) and Certified Anti-Money Laundering Specialist-Audit (CAMS-Audit) certifications. She has delivered efficient and effective solutions in areas of compliance program development, compliance monitoring and testing and training in relation to federal consumer protection laws and regulations and anti-money laundering laws.

Related Posts

ftx arena miami

2023: The Year of Crypto Compliance

by Ben Richmond
January 11, 2023

The November collapses of FTX and BlockFi, two of the world’s biggest cryptocurrency exchanges, were shocking — and devastating for...

kleptocracy

Using FinCEN Alerts as a Roadmap to Comply With New Anti-Kleptocracy Regulations

by Jason Ross
January 11, 2023

FinCEN’s mandate to create a beneficial ownership database will continue creating ripple effects for businesses and individuals across all sectors....

beneficial owners

A (Beneficial) Owners Manual: Staying Compliant in Light of New FinCEN Rule

by Ian Herbert
December 7, 2022

New regulations will require companies to report accurate and up-to-date beneficial ownership information to the U.S. government. Keeping track of...

cta stack of paper

Corporate Transparency Act: What Is It, and How Will It Affect Small Companies?

by Gabor Szecsi
December 7, 2022

The 2021 Corporate Transparency Act included new reporting requirements that represent the most significant change in the formation of corporations...

Next Post
The Best Questions to Ask During a Fraud Interview

The Best Questions to Ask During a Fraud Interview

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT