FATF Travel Rule and Know Your Corresponding VASPs: Key Compliance Requirements for VASP in UAE

FATF Travel Rule and Know Your Corresponding VASPs: Key Compliance Requirements for VASP in UAE

The acceptance of virtual assets is rapidly increasing worldwide, including in the UAE. This has resulted in the establishment of a number of businesses – Virtual Asset Service Providers (VASPs), to facilitate virtual asset transactions from one person or wallet to another.

The pace at which the virtual asset transactions are executed and the degree of anonymity involved pose significant financial crime risks for the VASPs. To combat this risk, the UAE AML regulations mandate the VASPs to develop AML programs following the local regulations and FATF Recommendations.

Accordingly, as one of the anti-financial crime measures, the VASPs in UAE must comply with the FATF (Financial Action Task Force) Travel Rule, setting up a mechanism for the smooth exchange of information about the originator and beneficiary amongst the VASPs. The FATF Travel Rule compliance is incomplete without the Know Your Corresponding VASP (KYV) process.

In this article, we shall discuss what the FATF Travel Rule and “Know Your Corresponding VASP” are and how to go about complying with them same.

Understanding FATF Travel Rule

As one of the Recommendations to combat money laundering and terrorism financing risk, the FATF issued international guidelines for VASPs to obtain information about the parties (originator and the beneficiary) involved in the virtual asset (VA) transaction and exchange the same with the counterparty at the receiving end.

FATF Travel Rule aims to create transparency around the customers involved in VA transactions to detect and prevent the exploitation of the virtual asset ecosystem for money laundering and terrorism financing.

What is the FATF Travel Rule?

As one of the Recommendations to combat money laundering and terrorism financing risk, the FATF issued international guidelines for VASPs to obtain information about the parties (originator and the beneficiary) involved in the virtual asset (VA) transaction and exchange the same with the counterparty at the receiving end.

FATF Travel Rule aims to create transparency around the customers involved in VA transactions to detect and prevent the exploitation of the virtual asset ecosystem for money laundering and terrorism financing

What are the core components of FATF Travel Rule compliance?

The VASP must adhere to the following fundamental elements of the FATF Travel Rule:

Collecting the information:

The ordering or the originating VASP (from whom the originator initiates the virtual asset transaction) is required to collect the necessary information about the parties to the transactions.

In addition to the information collected as part of the Know Your Customer process, the VASP must obtain the name and address of the originator and beneficiary of the virtual asset transaction and the identification number of the VA wallets used in the transaction.

In cases where the VASP cannot identify or verify the information about the originator or beneficiary, the transaction must not be executed, and the necessity for reporting the proposed transfer as a suspicious activity must be deliberated.

Sharing the information:

The originating VASP must share the collected information with the receiving or beneficiary VASP when the VA transfer is initiated. Thus, every virtual asset transfer must be accompanied by the originator and beneficiary’s information.

Verifying the customer’s information:

Verifying the collected information is critical. The ordering or originating VASP must use reliable sources to verify the originator’s information. The responsibility of verifying the beneficiary details lies with the beneficiary or receiving VASP before concluding the VA transfer. In the course of verification, the VASPs must check the parties and wallets for association with the sanctions lists or any blacklist or for involvement with any financial crime.

Maintaining adequate records:

The VASPs – sender and recipient – must maintain adequate records of the information collected and exchanged between them. The same must be made available to the authorities upon request.

As part of implementing the FATF Travel Rule, before exchanging information about the customers – originator and beneficiary- the VASPs must first identify the counterparty VASP.

AML Record Keeping

Understanding Know Your Corresponding VASP (KYV)

When the transactions involving virtual assets (digital tokens, cryptocurrencies, Non-Fungible Tokens, etc.) are executed, there could be the involvement of more than one VASP facilitating the transaction (such as virtual asset exchange, wallet provider, VA administrator or custodian service provider, etc.). In such cases, for one VASP, conducting KYV is equally important as the performance of the Know Your Customer (KYC) process.

KYV is also known as Counterparty VASP Due Diligence, focusing on identifying the counterparty VASP and evaluating the potential risk of being exploited in the particular VA transaction involving a given counterparty.

KYV is similar to KYC, with the difference in the party being identified – customer in the case of KYC, while it is corresponding VASP in the case of KYV.

Know Your Customer - KYC Requirements under AML regulations in UAE

How to implement the KYV process?

As part of KYV, the VASP must identify the counterparty VASP involved in the transactions, including its legal status and ownership and control structure. It is crucial to ensure that the transaction involves an adequately licensed counterparty. To verify the same, necessary documents such as business licenses and corporate documents must be sought.

Further, assessing the level of regulatory supervision, the degree of applicability and compliance with AML regulations by the counterparty VASP is essential. For this, the VASP may request the counterparty’s AML/CFT policies and procedures.

Details about the VASP’s place of operations and the domains managed must be obtained, including information on the volume of high-risk transactions handled by the VASP. Further, wherever possible, the name must be verified with the jurisdictional list of regulated VASPs.

The counterparty VASP and the Ultimate Beneficial Owners (UBOs) must also be screened against the sanctions list and identify any adverse media associated with financial crime.

With the counterparty’s information, a risk assessment must be conducted to identify and evaluate the risk it poses to the business.

The KYV process must be completed before initiating the first VA transfer or sharing customer information.

Best practices to effectively ensure compliance with FATF Travel Rule

The VASP in UAE must consider the following aspects to ensure no originator or beneficiary of the virtual asset transfer is unidentified and collected information is exchanged smoothly, complying with FATF Travel Rule requirements.

Technological support

The VASPs must deploy advanced tools and solutions that enable compliance with Travel Rule requirements. Such technology must be based on some common universal language, which also empowers the smooth exchange of information between foreign counterparties.

Further, the software that supports real-time identification and verification of the customer, originator and beneficiary details must be deployed to overcome the vulnerabilities posed by the speed of VA transfer.

FATF Travel Rule and Know Your Corresponding VASPs

Mandating originator and beneficiary details:

As part of the Customer Due Diligence process, the collection of information about the originator and beneficiary must be mandated. The system must be configured to restrict the VA transfer processing must the originator and beneficiary be identified and reasonably verified.

No VA transfer with the required information:

The VASP must configure necessary rules and logic in the systems itself, ensuring that no virtual asset transfer is initiated without attaching the originator and beneficiary identification details.

Making KYV part of the AML Program:

To ensure adequate compliance with the FATF Travel Rule and identify the counterparty, a robust KYV Program must be designed and part of the AML compliance framework – policies, procedures and controls. This includes defining a comprehensive “Know Your VASP” Form, capturing the relevant fields and completing the same before the information is exchanged with the counterparty for the first time.

Checklist for implementing an effective AML Program

AML UAE - Your professional aid to comply with FATF Travel Rule and KYV requirements!

With years of experience, knowledge of AML regulations and an understanding of the virtual asset segment, AML UAE is your go-to-partner for your AML/CFT compliance needs. We can assist you in assessing the risk and personalising the AML program, covering policies and procedures around the FATF Travel Rule and Know Your Corresponding VASP compliance.

Together, let’s strengthen the virtual asset network to avoid its exploitation by financial criminals.

Make significant progress in your fight against financial crimes,

With the best consulting support from AML UAE.

Share via :

Share on facebook
Share on twitter
Share on linkedin

About the Author

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 8 years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.