Why the Current Crypto Travel Rule Falls Short

Jorge Santos
Why the Current Crypto Travel Rule Falls Short

The Financial Action Task Force (FATF) Travel Rule, proposed in 2019, aimed to harmonise cryptocurrency transactions with traditional financial anti-money laundering (AML) requirements.

The purpose was to prevent money laundering, terrorist financing, and other illegal actions in the fast-expanding digital asset market. However, despite laudable intentions, the current implementation of the Travel Rule has numerous flaws that limit its effectiveness in meeting its stated goals.

Understanding the Travel Rule

The Travel Rule mandates Virtual Asset Service Providers (VASPs), such as cryptocurrency exchanges and custodial wallet providers, to gather and share information on the originators and recipients of transactions over a specific threshold, typically $1,000 or €1,000.

Shared data includes:

  • Originator’s name, address, and account number or unique identifier.
  • Beneficiary’s name and account number or unique identifier.

The regulation was intended to add transparency to the otherwise anonymous nature of blockchain transactions. However, its execution is not the magic bullet that authorities hoped for.

Issue 1  Lack of Global Standardisation and Fragmented Implementation

One of the most difficult aspects of implementing the Travel Rule is the lack of a global standard. Different jurisdictions have different interpretations and enforcement procedures, resulting in a disparate approach. As a result, VASPs operating in different countries confront confusion and compliance challenges, particularly when conducting cross-border transactions.

For example, some countries have fully adopted the Travel Rule, while others are falling behind. This lack of consistency causes gaps in compliance, allowing bad actors to exploit areas with weak enforcement. Without a consistent worldwide standard, the Travel Rule cannot effectively combat money laundering in a transnational digital ecosystem.

Issue 2  Inaccurate and Incomplete Data Sharing

The success of the Travel Rule is primarily dependent on VASP’s ability to reliably identify and verify the receiver of a transaction. However, this is frequently not possible. VASPs commonly face challenges determining whether a wallet belongs to another licensed VASP or an unregulated company.

Currently, there is no certified way for VASPs to check the identity of the receiving service, hence the information sent is frequently partial or incorrect. At best, this causes inefficiencies and higher compliance costs for legal enterprises. At worst, it creates a false sense of security since regulators believe the Travel Rule is being observed when, in fact, the data may not be relevant.

Issue 3  Overreliance on Third-Party Providers

To comply, VASPs use third-party suppliers to manage data collection and transmission. However, this adds another degree of complexity and risk. The quality of compliance is heavily dependent on these third parties, and any flaws in their systems can jeopardise the data’s integrity.

This over-reliance also increases the odds of data breaches. Third-party vendors who do not employ sufficient security procedures risk exposing sensitive customer information. Instead of increasing transparency, the Travel Rule may accidentally introduce new vulnerabilities.

Issue 4  The Lack of a Public Database

Currently, the Travel Rule lacks a centralised public database where VASPs can verify one another’s compliance status and/or third-party providers to obtain entity identification.

This lack of transparency makes it impossible for VASPs to certify that they are moving funds to a compliant service, particularly if they are sharing sensitive customer data with unverified companies, defeating the purpose of the Travel Rule.

Conclusion

In this format, the Travel Rule is more of a regulatory burden than a viable system to prevent financial crime. It depends on fragmented implementation, vague data sharing, and unverified third-party solutions.

Without major changes, the Travel Rule will continue to fall short of its potential, exposing regulators, VASPs, and end-users to unnecessary risk.

With proper effort and planning, a functional Travel rule would provide a layer of security and prevent crypto scams, making it harder for criminals to send funds to unregulated entities and withdraw funds.

At VALEGA Chain Analytics, we are naturally looking forward to this system because it will be a great tool for identifying criminals and giving victims a better chance to fight back.

In the next article, let us explore solutions to mitigate the current travel rule problems.

If you want to know a possible fix for the travel rule, please read the article How to Solve the Travel Rule Shortcomings.