On September 1, 2023, the Financial Conduct Authority (“FCA”) set out its expectations for cryptoasset businesses in the UK’s compliance with the “Travel Rule”, introduced by The Money Laundering and Terrorist Financing (Amendment) (No. 2) Regulations 2022 (the “Amended MLRs”).  The Travel Rule requires cryptoasset businesses to gather, authenticate, and share information concerning cryptoasset transfers.  Ultimately, the Travel Rule seeks to raise the level of transparency associated with cryptoasset transfers, bringing them into line with practices common in other areas of financial services, a feature that will have broader relevance to the future of the UK crypto industry.

The detailed guidance from the UK may also serve as an example for other jurisdictions that continue to struggle with implementation of the Travel Rule for cryptoassets.  For example, although US regulators have long asserted the Travel Rule applies to cryptoassets, there has been no specific guidance on how to apply the rule in that context.  A proposed rule from the US Department of the Treasury was published in October 2020 and would have provided some clarity on the topic, but was never finalized.

The Travel Rule Explained

The goal of the Travel Rule is to enhance transparency in cryptoasset transfers, thereby curbing the potential misuse of cryptoassets for illicit activities.  In particular, the Travel Rule is designed to advance anti-money laundering (“AML”) and counter-terrorist financing (“CTF”) efforts by equipping cryptoasset businesses to detect suspicious transactions and conduct effective sanctions screening.

The Travel Rule was introduced by the Amended MLRs as a new Part 7A of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (“MLRs”) and, according to Regulation 1(3) of the Amended MLRs, comes into effect on September 1, 2023.

The FCA has stated that the introduction of the Travel Rule aligns with its dedication to consumer protection and market integrity, and epitomises its commitment to elevating standards within the cryptoasset sector.  Together with the FCA’s impending financial promotions regime for cryptoassets in October 2023, the Travel Rule is intended to contribute to safeguarding individuals, preserving market integrity, and nurturing the sustained competitiveness of the UK’s cryptoasset sector.

The impetus behind this regulatory shift stems from the Financial Action Task Force (“FATF”), an international body focussed on AML and CTF.  The FATF has not only urged the UK to embrace the Travel Rule, but also has called upon other countries to promptly adopt this standard, with the aim of standardizing the procedures for cryptoasset businesses across jurisdictions and ensuring uniformity in sending and receiving transactions – a move particularly pertinent due to the interconnected nature of the financial industry.

FCA Expectations for Implementation of the Travel Rule

Recognizing the potential roadblocks posed by varying adoption timelines and enforcement delays across different jurisdictions, the FATF has emphasized the need for a unified approach.  Consequently, in collaboration with industry players, the FCA has laid out guidelines for compliance with the Travel Rule.  These guidelines detail the expectations the FCA has for cryptoasset firms moving forward, including:

  1. Exercising Due Diligence: Cryptoasset firms are expected to diligently adhere to the Travel Rule by taking all reasonable steps, including conducting due diligence to ensure compliance.
  2. Third-party Responsibility: Even when collaborating with third-party suppliers, cryptoasset firms remain accountable for achieving Travel Rule compliance.
  3. Comprehensive Compliance: Cryptoasset firms must fully comply with the Travel Rule when sending or receiving cryptoasset transfers from entities located within the UK or other jurisdictions that have implemented the Travel Rule.
  4. Adapting to International Changes: Cryptoasset firms must regularly assess the implementation status of the Travel Rule in other jurisdictions and adapt their business processes accordingly to ensure ongoing compliance.

When a cryptoasset transfer is destined for a jurisdiction without the Travel Rule, the FCA expects cryptoasset firms to adhere to the following protocols:

  1. Verification Efforts: A cryptoasset firm must take all reasonable steps to determine whether the receiving entity can obtain the requisite information.
  2. Absence of Information: In cases where the necessary information cannot be obtained, UK cryptoasset businesses are still obligated to collect and validate the data as mandated by the MLRs.  This information should be stored prior to executing the cryptoasset transfer.

Conversely, when a cryptoasset transfer is received from a jurisdiction without the Travel Rule, the FCA expects cryptoasset firms to consider the following:

  1. Incomplete Data Considerations: In instances where the received cryptoasset transfer lacks complete or accurate information, UK cryptoasset businesses should evaluate the countries in which it operates and the status of the Travel Rule in those countries.
  2. Risk-based Assessment: The factors in 1. above should be taken into account as part of a risk-based assessment of whether the cryptoassets should be made available to the beneficiary.

The FCA have stated that this framework will remain dynamic as global adoption of the Travel Rule progresses, with any alterations to its expectations being communicated to the industry. To support cryptoasset businesses in complying with the Travel Rule, the FCA has collaborated closely with industry stakeholders, the Joint Money Laundering Steering Group, and HM Treasury to develop guidance, on which cryptoasset businesses have had an opportunity to provide feedback.  For more information on these developments, contact the authors of this post, Alexandra Melia or Elliot Letts in London.