The clock is ticking on cryptocurrency exchanges, as authorities around the world attempt to regulate the rapidly growing ecosystem to prevent terrorists and criminals from getting unfettered access. In this blog, we explore how the Travel Rule is reshaping crypto.
The introduction of the Travel Rule to the crypto space
The EU’s 5th Anti-Money Laundering Directive (5AMLD) came into force in January 2020, requiring European crypto-to-fiat exchanges to conduct stringent Know Your Customer (KYC) checks, and keep a full paper trail recording transactions.
This was reinforced by sterner guidance from the Financial Action Task Force (FATF), which introduced the 'Travel Rule' in June 2019, meaning all virtual asset service providers (VASPS)—including exchanges, custodians, and wallet providers—must share data on recipients and senders.
Since then, jurisdictions around the world have been signalling their compliance. FinCEN ruled that the requirements apply to US cryptocurrency exchanges, and smaller nations from Switzerland to Singapore and South Korea have started Travel Rule enforcement action.
But making cryptocurrency compliant with the same rules that govern international banking is not an easy task. Complying with the Travel Rule means bolting a separate system of real-world identities onto a system that was built to be pseudonymous, and fostering collaboration between crypto exchanges that are more accustomed to competing with each other.
Hurdles to Travel Rule compliance
The cryptocurrency ecosystem is a set of walled gardens. There are hundreds of independent blockchain networks and exchanges, each with their own technical standards and operating procedures.
To be able to share sender and recipient information effectively between these platforms means creating a common messaging system—akin to the SWIFT system of traditional banking—that links each platform and distinguishes between VASPs and personal wallets in different locations around the world.
On the Unchained Podcast, CipherTrace CEO Dave Jevans said that requiring exchanges to store the personal information of all users that interact with a platform could be problematic—exacerbating the existing vulnerabilities created by KYC systems on individual exchanges, and creating a global treasure trove of personal information for hackers to target.
"A centralised data exchange model we believe is very dangerous. It’s counter to crypto. If somebody were able to get into it and if the information were not end-to-end encrypted and the middleman could look at it, it could absolutely be a privacy disaster." - Dave Jevans.
Such a system must also be able to accommodate the gradual rollout of regulation, with 200 different jurisdictions each applying their own deadline. This leads to a high possibility of regulatory arbitrage, as trading platforms flee to jurisdictions that have a more favourable interpretation of the regulations.
When the Travel Rule was first introduced to the banking sector, some countries lagged significantly with enforcement, and several offshore havens never fell into compliance. Decentralisation and privacy technologies could now make it even easier for financial companies to evade regulation. While most platforms are likely to fall in line, we could see the growth of a shadow network of exchanges where assets are traded beyond the reach of regulators. This is especially likely if the infrastructure needed to maintain compliance increases operational costs or reduces trading efficiency.
TRISA (Travel Rule Information Sharing Architecture)
Since the introduction of the regulations, industry associations have been racing to form a universal messaging format for effectively sharing information between exchanges. The open standard interVASP is being developed by a collection of trade bodies, and Bitcoin Suisse is leading the creation of an alternative known as OpenVASP.
Along with messaging standards, companies are vying to create an efficient network architecture for sharing the data. Popular custodian BitGo has extended its APIs to enable ID information to be swapped, and startups like Notabene and CoolBitX are offering software toolkits to aid compliance. Among these projects, an open initiative has emerged as the frontrunner.
The Travel Rule Information Sharing Alliance (TRISA) is led by industry veterans, in collaboration with the FATF Virtual Asset Contact Group, and more than forty cryptocurrency exchanges, companies, and payment networks. Together, these organisations have developed a decentralised messaging infrastructure that uses the same scalable cryptographic protocols that secure the internet to send the required customer and beneficiary information, without reproducing the inefficiencies of the banking system on the blockchain.
According to this TRISA whitepaper, the unique network architecture facilitates "the secure electronic transfer of information for a range of network activities, such as ecommerce, internet banking and government communications" by relying on "proven and well-established trust models, audit procedures, issuance and revocation mechanisms."
With an efficient method of sharing data between themselves, exchanges and trading platforms will be able to avoid passing higher operational costs on to customers, and can quickly fall in line with the new regulations.
Fully-compliant exchanges will then have a competitive advantage for attracting institutional funds to cryptocurrency, and could help usher in the deeper levels of liquidity needed for the market to mature.
Inbound FinTech is an award-winning digital growth agency and Diamond HubSpot Partner Agency. We develop effective FinTech lead generation strategies for businesses and drive high-quality leads through proven inbound marketing methods and a growth-driven approach. If you're a FinTech brand looking to transform your lead pipeline, to combat the impact of the coronavirus, get in touch with our experts today.