On 28 March 2024, the Financial Action Task Force (FATF) (an intergovernmental organisation that develops policies to combat money laundering (ML) and terrorist financing (TF)) published a report on the status of implementation of Recommendation 15 (the regulation of virtual asset service providers) of the FATF Recommendations by FATF members and jurisdictions with important virtual asset service provider (VASP) activity.
What information is captured in the report?
The report collects information on whether FATF members and jurisdictions have:
- conducted an AML/CFT risk assessment covering virtual assets and VASPs (most, if not all, have)
- explicitly prohibited the use of virtual assets and VASPs (most have not)
- enacted legislation/regulation requiring VASPs to be registered or licensed and apply anti ML and counter TF measures (most have or are in the process of doing so)
- registered or licensed VASPs in practice (most have, although there are some that do not)
- conducted a supervisory inspection or included VASPs in its current inspection plan (most have)
- taken enforcement action or other supervisory action against VASP (most have but some either are in the process of it or have not)
- passed on enacted the travel rule for VASPs (most are largely compliant with others being partially compliant).
See the table of results at the end of this article.
Calls for action
The report encourages jurisdictions to:
- consider the risks of virtual asset transfers, particularly those that have not taken steps to regulate or ban VASPs
- (subject to the jurisdiction's ML/TF risk assessment) consider designating VASPs as higher risk if coming from jurisdictions that do not effectively licence or have registration requirements
- use the report to boost their supervisory and regulatory frameworks, noting that full compliance with recommendation globally is required to safeguard and maintain the integrity of the global financial system.
Travel rule compliance
This report is also an important resource for VASPs to operationally comply with the travel rule.
The travel rule requires VASPs to collect, verify and share certain information about cryptoasset transfers. One of its purposes is to make it harder for criminals to use cryptoassets for illicit activity.
The United Kingdom imposes its version of the FATF's travel rule requirements on UK "cryptoasset businesses" (essentially a VASP), specifically cryptoasset exchange providers or custodian wallet providers.
Sunrise - sunset?
The sunrise issue is where one VASP complies with the travel rule but its counterpart in a cryptoassets transfer is in a jurisdiction that does not enforce the travel rule.
In this situation, the Financial Conduct Authority (United Kingdom's financial services regulator) requires the cryptoasset business to take a risk-based approach on whether to make cryptoassets available to the respective beneficiary.
Until now, there has not been a single source to assist with this assessment. The report's findings (particularly columns 8 and 9 of the table below) will help cryptoasset businesses make risk-based assessments regarding cryptoasset transfers involving FATF members and jurisdictions with materially important VASP activity.
Help is at hand
Our team has significant experience in advising cryptoasset businesses on their obligations under UK and EU law and can help you understand and navigate the impacts of this report on your business.
Table of results from the report
/Passle/MediaLibrary/Images/2024-04-03-09-18-45-006-660d1ef544129106e76a330d.jpg)
/Passle/64d261f22b45ae818267685b/SearchServiceImages/2024-05-01-13-27-34-086-6632434603765d17a4ef38f8.jpg)
/Passle/64d261f22b45ae818267685b/SearchServiceImages/2024-05-01-10-00-44-440-663212cca63747976b0ed333.jpg)