The FATF’s ‘Travel Rule’ and Implications for UK Virtual Asset Service Providers

The Extension of FATF’s ‘Travel Rule’ and Implications for Virtual Asset Service Providers in the UK


The extension of the Financial Action Task Force (FATF) ‘Travel Rule’ to ‘Virtual Asset Service Providers’ (VAPSs) is emblematic of the continued and growing push to bring crypto businesses into the mainstream of financial services regulation. It is also a way to address the perceived (and real) risk of using virtual assets to facilitate money laundering and terrorist financing and to sidestep the safeguards that have long been in place for traditional financial services.

The Travel Rule has been the source of considerable attention for the crypto industry as FATF member states are accelerating their plans to implement it. However, despite the high-level attention, the Travel Rule is not well understood. In this article, we aim to bring clarity to the Travel Rule’s purpose and requirements, explain how it is proposed to be addressed in the UK and contrast that with the adoption approaches in the EU and US. [1]

In Depth

Some Key Terms

FATF is an independent inter-governmental body that develops and promotes policies to protect the global financial system against money laundering, terrorist financing and financing of the proliferation of weapons of mass destruction. Its recommendations are recognized as the global standard for anti-money laundering and counter-terrorist financing.

VASPs broadly constitute crypto-exchanges, digital wallet providers and those who participate in the provision of financial services relating to an issuer’s offer or sale of virtual assets. This includes both natural and legal persons and would capture many of the most critical actors in the crypto ecosystem.

Virtual Assets are defined by FATF to mean digital representations of value that can be digitally traded, or transferred, and can be used for payment or investment purposes. They would not include Central Bank Digital Currencies or Security Tokens (which are covered by other aspects of FATF Guidelines), but would cover most Exchange Tokens (e.g., Bitcoin or Ethereum).

The Travel Rule is the common name for FATF recommendation No. 16, which initially applied to cross-border and domestic wire transfers and required financial institutions facilitating such transfers (mainly banks, but also other wire transmitters) to exchange information on the originator and beneficiary of a transfer. In guidance published in July 2019, FATF clarified that the Travel Rule also applies to Virtual Assets and in October 2021 published updated guidance further clarifying the approach. [2]

Approach to Adoption

FATF’s guidelines, while setting global standards, are not enforceable until adopted into domestic legislation, and ultimate adoption and standards are left to the participating member states. With regard to the extension of the Travel Rule, global adoption has been critiqued for being too slow, with most member states having failed heretofore to enact the Travel Rule into domestic legislation. This has become a particularly pronounced issue with the vastly increased use of Virtual Assets in the global financial system over the past several years and the greater associated risks; member states are now accelerating their implementation efforts.

The Travel Rule in the UK

In July 2021, HM Treasury published its consultation paper on implementation of the Travel Rule into UK law. [3] The approach to adoption has been complicated by Brexit as the aspects of the Travel Rule that apply to wire transfers are enshrined in the Funds Transfer Regulation which is part of retained EU law and not easily amendable. HM Treasury has instead proposed to implement the Travel Rule by amending the Money Laundering Regulations.

The Travel Rule recommends a de minimis threshold of USD 1000 below which the rule need not apply or less stringent requirements can be met (this is subject to member state implementation). HM Treasury has proposed a GBP 1000 threshold for its domestic implementation. To avoid use of multiple sub-threshold transfers to evade the requirements, multiple linked transfers (i.e., from the same originator to the same beneficiary) will be aggregated for purposes of determining whether the de minimis threshold is met.

For Virtual Asset transfers, HM Treasury has proposed the following minimum information be exchanged between originators and beneficiaries:

Information on Originator Information on Beneficiary
Transfers above de minimis threshold
  • Name
  • Address
  • Account number or unique transaction identifier
  • Personal document number[4]
  • Customer identification number or date and place of birth
  • Name
  • Account number or unique transaction identifier
Transfers below de minimis threshold
  • Name
  • Account number or unique transaction identifier
  • Name
  • Account number or unique transaction identifier
Purely UK domestic transfers[5]
  • Name
  • Name

VASPs are required to implement effective compliance procedures to detect whether any required information is missing from an inbound transfer, and transfers exceeding the de minimis threshold must verify the accuracy of the beneficiary information (e.g., via a check against their KYC data). Where required information is not available, it is proposed that the VASP receiving the transfer (the “Receiving VASP”) take steps to prevent the Virtual Assets from made being available to the beneficiary [6].

If the VASP originating the transfer (the “Originating VASP”) repeatedly fails to provide required information to a beneficiary, the Receiving VASP must also take appropriate steps to ensure compliance and may be required to reject future Virtual Asset transfers from such Originating VASP or to terminate the relationship. The Receiving VASP is also required to retain the beneficiary and originator information for five years from the date the transaction is complete and to make such information available upon request from relevant regulators.

Time Frame for Adoption in the UK

HM Treasury’s consultation process on the proposed Travel Rule adoption closed on 14 October 2021 and the UK government is now analysing feedback with a view to adopting final amendments to the Money Laundering Regulations. Late 2022 is the earliest projected timeframe for implementation of these requirements in the UK.

Comparing Global Implementation 

In the US, the extension of the Travel Rule to VASPs has been enshrined in guidance promulgated by the Financial Crimes Enforcement Network (FinCen) in May 2019, which clarified that the existing Travel Rule also applied to VASPs and Virtual Assets [7].  Despite the existence of this guidance, enforcement of the Travel Rule to VASPs operating in the US has been limited to date, although this is expected to change.

The EU published its new proposed regulation to implement the extended Travel Rule in July 2021 [8].  The proposed regulation would amend the Funds Transfer Regulation to extend the existing rules applicable to wire transfers to Virtual Assets and VASPs. As the proposed draft regulation has already been published, it is expected that the EU will implement the revised Travel Rule more quickly than the UK.

Implications for VASPs and the Crypto Industry

The adoption of the extended Travel Rule will clearly create new compliance obligations and costs for VASPs and require them to enhance their compliance processes to accommodate the collection, transfer and verification of required originator and beneficiary information. Although the proposed adoption of the Travel Rule in the UK explicitly mentions a grace period for implementation, given the varying approaches to the Travel Rule taken by global regulators and the current existence of these requirements in jurisdictions such as the US (albeit with lax enforcement), VASPs would be well advised to start considering implementation of appropriate compliance processes.


[1]  A note on terminology – Countries differ in their classification of virtual assets and use varying terminology to describe the same concepts. This paper uses the FATF terminology for most purposes. UK regulation refers to cryptoassets rather than virtual assets and to cryptoasset service providers rather than VASPs.

[2] Financial Action Task Force – ‘Updated Guidance for a Risk-Based Approach – Virtual Assets and Virtual Asset Service Providers’.

[3] Amendments to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 Statutory Instrument 2022.

[4] I.e., a UK National Identification Number.

[5] The lower requirements for purely domestic transfers reflect the guidance in the Travel Rule.

[6] It is not possible to reject the transfer of Virtual Assets, so presumably the transferred assets would sit in a holding account with the Receiving VASP.

[7] FinCen Guidance of 9 May 2019 – ‘Application of FinCEN’s Regulations to Certain Business Models Involving Convertible Virtual Currencies’

[8] ‘Regulation of the European Parliament and of the Council on Information Accompanying Transfers of Funds and Certain Crypto-Assets’