Crypto is Growing Up: Conference on Compliance with Travel Rules for Cryptocurrencies and Hackathon Summary
Some in the A cryptocurrency (or cryptocurrency) is a digital asset that … more The community was surprised when the global financial regulator, the Financial Action Task Force (FATF), recently adopted much stricter guidelines for the supervision and transfer of virtual assets. His “Guide to a Risk-Based Approach for Virtual Assets and Virtual Asset Service Providers (VASPs)” recommends a new set of rules according to which VASPs must transmit sender and recipient information when transferring crypto assets, similar to how banks transfer information under the BSA. With a compliance deadline of June 2020, this information sharing requirement presents a tremendous technical and business challenge for exchanges and others What is a Virtual Asset Service Provider (VASP)? A virtual A … more as well as banks that knowingly or unknowingly enable cryptocurrencies.
In response, CipherTrace hosted the first-ever Cryptocurrency Travel Rule Compliance Conference and Hackathon on November 5-6, 2019 in San Francisco. The event focused on working with industry to develop open solutions that cryptocurrency exchanges, hedge funds, blockchains and banks must adhere to with FATF and BSA travel rules. For those who couldn’t attend, here are the key takeaways from the conference.
FinCEN takes enforcement seriously
While the FATF’s new regulation and upcoming compliance deadline has dominated the news, many cryptocurrency exchanges, banks, and other financial institutions failed to understand that FinCEN had already stated that the Bank Secrecy Act (BSA) also applies the Travel Rule to virtual assets and already in force. In a keynote address at the conference, FinCEN Cyber and Emerging Tech Policy Specialist, Carol House, reminded cryptocurrency MSBs that the BSA travel rule has been in place for crypto assets since 2011 and that FinCEN is serious about enforcement. “Up front, let’s clarify an issue that I think there has been some confusion about how this affects a compliance culture. The so-called FATF travel rule, which is discussed here and elsewhere – many call it the FATF travel rule –has been a regulatory requirement for companies in the United States that trade virtual currency since 2011. Our delegated auditors at the IRS have been checking and issuing quotes for non-compliance with these requirements since they started carrying out audits on transactions in virtual currencies from 2014, ”emphasized House. She also cited Ripple and BTC-e as several examples of enforcement actions.
House also reminded the crowd that crypto exchanges are actually financial institutions. That means whether you are a virtual currency exchanger or a bank, both companies are bound by BSA obligations like the Funds Travel Policy, which, in addition to the requirement to exchange information, requires the party initiating a transfer of fiat or CVCs to do so knows the entity on the other side of the transaction. This applies to VASP-to-VASP or Bank-to-VASP transactions and vice versa.
House clarified that compliance with both FinCEN and FATF travel rules requires a financial institution to know when its counterparty is a financial institution. However, she questioned whether financial institutions fully understood these obligations: “It would be interesting to know how many financial institutions operating in this area can identify a recipient as a financial institution by their wallet reference number or the others.” that are currently available to her. “
To highlight the global impact of regulations like the FATF’s Travel Rule, Lee Brown, Special Agent for the Homeland Security Investigations Supervisory Board, briefed attendees on the rise of professional money launderers and their abuse of jurisdictions with little to no crypto AML regulations. Global standards for cryptocurrency transactions like the Travel Rule could help diminish the success of criminal groups like this one around the world. According to Supervisory Special Agent Brown, money laundering naturally migrates to countries with weak AML systems. This underscores the importance of the FATF’s new regulations, which create a consistent international framework around crypto and help curb the criminal use of jurisdiction arbitrage to find the path of least resistance to money laundering.
In his keynote address, Supervisory Special Agent Brown stated that the root of all his investigations – be it terrorism, human trafficking, drug trafficking or any other national security risk – is always money laundering. He says, “HSI investigates everything from narcotics, anti-proliferation investigations, human trafficking, etc. But the root of it is always money laundering. The reason for this is that all these illegal actors want to make a certain profit and in order to be able to spend that profit they have to make sure that the law enforcement authorities do not get wind of it … “Sophisticated criminal organizations, be it cartels or terrorist organizations or the like, will become themselves turn to professional money laundering networks whose main aim is to disguise information about beneficial owners. Regulations such as the Travel Rule are intended to prevent this obfuscation.
Data protection coins and compliance
Both the FATF and BSA requirements for virtual assets and virtual asset providers go beyond simply sharing PII to include a risk-based approach, and exchanges were quick to respond as multiple exchanges put the coins in well before the conference started Expectation of attention. This resulted in privacy token developers having to fully understand their true obligations under the new regulations and be committed to sharing their path to compliance.
Ryan Taylor, CEO of DASH Core Group Inc. stated, “We tend to treat cryptocurrencies in a very binary way – they are either privacy coins or they are not. What does that actually mean? In the case of Dash, we were the first to implement a feature supported by. was suggested Bitcoin is a digital currency (also called cryptocurrency) … more then called CoinJoin. It’s a wallet-level technique that is each transparent A blockchain – the technology that underlies Bitcoin and other technologies. More to improve the user’s privacy. Since Dash did it in 2014, Bitcoin did it in 2015. Then they added off-chain transactions with Lightning. Is Bitcoin now making it a data protection coin? It should, if Dash is one. I think we have to go beyond this binary treatment, look at the actual technology, how we can adapt to it, how we can deal with it. “
The panel reiterated that FATF and FinCEN are not advocating a total ban on privacy coins as long as controls are in place to mitigate the risks associated with their enhanced anonymity features, similar to how many exchanges already have procedures in place to mitigate the risks inherent in Bitcoin result in anonymization services like Mixer.
The growing trend towards hidden crypto in banks
As more mainstream consumers and institutional investors adopt cryptocurrencies, it is becoming increasingly difficult for traditional financial institutions to avoid interactions with the crypto economy. The Banker’s perspective Panel underscored this inevitable path by highlighting the growing trend towards hidden crypto businesses operating in banks.
Talking about her time as a Senior AML Investigator at a bank, Erin O’Laughlin explained the covert crypto payment trend that she and her colleagues were seeing and the importance of training to properly identify these crypto transactions outgoing ACH transactions. When you see an ACH transaction running out, you know that this is a virtual currency exchanger if you do your homework. And that’s the problem because training [on cryptocurrency] is not on the list of priority skills for an AML investigator in a bank. “
What does compliance with travel rules look like?
With the industry pending compliance like a freight train and many of the key players in the room it influenced, the conference ended with an overview of what compliance with the Travel Rule should look like for it to be accepted by the crypto community. The adoption of a solution would depend heavily on the technology and governance model on which it is based, and any solution must solve the obvious puzzle – how to pass personally identifiable information, technically known as PII, without the expectations of cryptocurrency users to violate data protection. The issues raised were scalability, interoperability within different legal systems and the urgency created by the upcoming FATF deadline.
Dave Jevans, CEO of CipherTrace, closed the conference by explaining various proposed solutions and the problems associated with them, as well as his thoughts on TRISA – the architecture for the exchange of information according to travel rules.
According to Jevans, it would not work to modify all blockchains in accordance with the travel rules compared to hard forks, since at the time of the conference there are already over 1600 currencies and each one would have to be changed in order to be compliant. A separate system that could overlay and work with each blockchain would be the more practical choice. In addition, a centralized service, similar to banks and the SWIFT system, would be more prone to hacks, power outages and DDoS, according to Jevans. The dismantling of a SWIFT system with cryptocurrency has the potential to stop all crypto trading via exchanges for the time of the attack. Ultimately, every solution controlled by private institutions led to interoperability problems, data protection bottlenecks, jurisdiction problems and payment blocks.
Instead, Jevans proposed the Travel Rule Information Sharing Architecture (TRISA), which CipherTrace developed and made available to the community as open source and which builds on security and cryptographic technologies that have been used for years in securing e-commerce, banking and sensitive authorities have proven communications. TRISA is made available free of charge as an open source architecture and software. The solution has the following property that the VASP community needs. It is open source, decentralized, scalable and confidential.
Crypto is growing up
For better or worse, the enormous challenges that arise from complying with Travel Rules can only be the catalyst that brings the cryptocurrency into the state of “respectability” that is necessary for widespread acceptance. It will force VASPs to find a workable solution that will deter bad actors from crypto asset platforms while maintaining the confidentiality of user data. This next generation crypto compliance regime could create fungible and trustworthy virtual assets that are supported by regulators. This more mature approach to the confidential, trusted, and decentralized exchange of virtual assets has the potential to create a multi-trillion dollar crypto economy.