When the Travel Rule Meets Stablecoins
What Compliance Really Looks Like in a Tokenized World
If you work with cross-border payments, you need to be acquainted with the Travel Rule and prepare for stablecoin compliance.
Any company that has started issuing or transmitting digital assets is probably aware of the complicated and constantly-evolving regulation around stablecoin (as well as compliance for other digital assets). And while regulatory frameworks like MiCA and the GENIUS Act have broad requirements in place for adhering to the travel rule, the details are not always laid out clearly.
To further complicate matters, the travel rule was originally established in the US in 1996 to implement anti-money laundering (AML) and counter-terrorist financing (CTF) rules for wire transfers—long before the use of digital assets became commonplace. Yet, the digital asset version of the travel rule is a crucial part of Virtual Asset Service Provider (VASP) regulation, and understanding how it works and what stablecoin compliance looks like under the travel rule has major implications for NBFIs.
So, what’s the difference between fiat and digital travel rules? And what does it mean for companies that are issuing or transmitting digital assets?
What is the Travel Rule in Traditional Finance?
As mentioned in our first piece on this subject, the travel rule is triggered when companies begin sending payments out to other accounts, instead of just collecting payments for goods or services. When this happens, the company has new obligations for transparency and traceability.
The travel rule was implemented by the Financial Action Task Force (FATF) as a global standard requiring financial institutions to share customer information for wire transfers, like names and account numbers for both the originator and beneficiary. In addition, the address, national identification number, customer identification number, or date and place of birth are collected from the originator.
The identifying information must be sent along with the funds to the receiving financial institution, who are then required to keep those records for a minimum period (typically five years). These rules are meant to combat money laundering and terrorist financing by increasing transparency and traceability for these transactions, ensuring that information about the sender and receiver “travels” with the funds. Institutions then have a responsibility to report any suspicious activity to authorities.
How is the Travel Rule Different for Digital Assets?
In 2019, the travel rule was extended by the FATF to include digital assets. Since then, several countries have adopted or introduced legislation similar to the FATF rules for VASP regulation and compliance.
Technically, there is not a separate travel rule for digital assets, but since moving digital assets around on a blockchain differs greatly from wire transfers, there are differences in how the rules are implemented…and there is some additional complexity, due to the nature of on-chain activity.
As with the traditional travel rule, payment providers, fintechs, and platforms using stablecoins must include identity metadata and transaction amount details along with payments over a certain threshold amount (which varies depending on jurisdiction). These details must be sent with the payment, records must be kept, and compliance programs must be implemented to adhere with travel rule requirements, including measures to identify, mitigate, and report risks.
Why is VASP Regulation More Challenging Than Sending a Wire Transfer?
- While traditional banks have an established infrastructure, VASPs must set up data-sharing protocols to collect, store, and securely transmit customer data between different stablecoin services, which is often complicated and cost-intensive.
- Because the use of digital assets is still new, many countries or jurisdictions are still developing their regulations. Many have different definitions of digital assets and varying regulatory requirements, creating a complex and inconsistent regulatory landscape.
- The travel rule requires ‘due diligence’ on the counterparty VASP—meaning the originator needs to collect information about the receiver’s registration, licenses, and their KYC/AML processes and ensure they are travel rule compliant. However, unlike banking institutions, VASPs are not always easily identifiable, and sometimes, transactions involve “unhosted” wallets controlled by private individuals.
When Do Stablecoin Issuers Need to Think About Digital Asset Travel Rule Compliance?
When the travel rule applies will depend on the jurisdictions involved and the amount of the transaction. When the amount crosses the jurisdiction’s threshold amount, the travel rule applies. Thresholds can vary greatly in different jurisdictions and some have requirements on all transactions. For example:
United States: 3,000 USD
EU: 0 EUR (all transactions are subject to travel rule obligations)
UK: All transactions require basic information to be included, and those above 1,000 GBP require additional information.
Canada: 1,000 CAD
Switzerland: 1,000 CHF
Several similar, consecutive transactions that exceed the threshold amount can also trigger the application of the travel rule. For example, three 1,000 USD transactions within a certain timeframe to and from the same entities will result in the requirement for travel rule compliance in the United States.
Building a Stablecoin Compliant Infrastructure with the Travel Rule in Mind
Clearly, it’s easy to get lost in the maze of differing requirements and changing landscapes. However, the ramifications of non-compliance are pretty hefty—significant fines, sanctions, damaged reputation and heightened scrutiny, and even jail time in some cases.
It’s easy to feel a little concerned about getting compliance right with these complex rules, but it won’t always be this way. In fact, the industry even has a name for the staggered, uneven implementation of the travel rule across different jurisdictions: the “sunrise problem.” Still, there are ways to make stablecoin compliance easier while we wait for the days of clearer VASP regulation. And building a compliant infrastructure with an appropriate value-flow ledger now can help to avoid re-engineering later.
Compliant infrastructure includes operational standards surrounding:
- KYC and KYB verification for both originators and beneficiaries with reliable, up-to-date customer data
- Clear, accurate, immutable, and complete transactional information
- Sanctions and watchlist screening
- Risk scoring and monitoring
- The ability to escalate suspicious transactions
- VASP due diligence
- Secure data transfer between VASPs
- Keeping records of all shared data
- Data security and privacy
Making sure to capture all necessary transaction data, doing so in the correct format, and keeping that data in secure logs is a crucial part of compliance. Formance Ledger seamlessly tracks and logs every transaction in real-time, with the ability to attach travel rule metadata to each transaction, so the necessary data moves through your ledger along with the funds it attaches to.
Learn How Formance Can Help With Travel Rule Compliance
Formance Ledger tracks every transaction in real-time and attaches travel rule metadata directly to each payment, so the required identity and transaction data moves through your system along with the funds. If you're building with stablecoins or other digital assets and need infrastructure that supports travel rule compliance, request a demo to see how our ledger handles metadata capture, secure data transfer, and audit trails.
