The features and benefits that make cryptocurrency so appealing to users – decentralization, relative anonymity – are the same ones that make it appealing to bad actors. Given these risks, the Financial Action Task Force (FATF), an intergovernmental body that sets global best practices related to anti-money laundering and combating the financing of terrorism (collectively, “AML/CFT”), has announced guidance designed to increase transparency and enable its member states to take action against illicit activities with respect to virtual assets and virtual asset service providers.
Get started on your Homeland Security degree at American Military University.
On Friday, June 21st, the FATF issued guidance that, if adopted by member states, would compel firms that work with tokens, (such as exchanges and custodians) to follow Know Your Customer (“KYC”) and AML/CFT protocols currently required of traditional financial institutions. Among these requirements is the “travel rule” that applies to wire transfers. The application of the travel rule to exchanges means that exchanges must transmit sensitive customer information between one another and with financial institutions (where relevant) when customers initiate transactions of more than $1,000 or €1,000.
While the guidance will be formally interpreted and then likely passed into legislation by individual member countries (of which the United States is a member), most jurisdictions will comply with the FATF actions.
So, what are the effects of the new guidance?
Because cryptocurrency wallet addresses are largely anonymous, compliance with the guidelines will be difficult and costly for some exchanges. While many U.S.-based exchanges already collect the required information about their own customers because they are regulated as Money Service Businesses with the U.S. Department of the Treasury Financial Crimes Enforcement Network (“FinCEN”), have obtained Money Transmitter Licenses in certain states, or are registered trust companies in certain states, there is concern that implementation of the new guidance will drive customers toward less transparent direct, person-to-person transfers because of the new requirements around transfer recipients.
Worldwide adoption of the standards may not even be possible under the current blockchain infrastructure and will require either widespread collaboration between exchanges or a reworking of the underlying blockchain technology.
The timeline for implementation is yet to be determined, though it’s likely that U.S. regulators will look to enforce the guidelines quickly. As the guidelines are broadly similar to the guidance issued by FinCEN, the requirements may not be unduly burdensome on U.S. regulated exchanges. However, countries with less developed regulatory systems will have a greater challenge. Pressure from this FATF guidance will create a global standard and those nations who do not adhere to the recommendations could face greater scrutiny from businesses in strongly regulated nations and from the FATF itself.
But what about the companies who could be affected by the implementation of the guidance? For exchanges and other virtual currency companies that have not yet established AML policies and procedures, or built robust compliance programs, it is essential to take steps to do so now. These steps include designating a compliance officer who is well-versed in financial crimes laws and regulations, developing internal controls, policies and procedures and training employees accordingly.
For new businesses – of which many exchanges still are – it is crucial to have an experienced and nimble compliance officer. A compliance officer with no experience in virtual assets or understanding of the unique red flags that a business like an exchange may face is a recipe for disaster. This person should also be well-equipped to lead technological innovations, as new guidance like that of the FATF’s will also generate innovation in the regulatory technology vendor space. Most importantly, this person should be able to manage risk assessments designed to identify and test against precisely the kinds of changes proposed by the new FATF guidance and interpretive note. Whether you pay for additional training for your compliance officer, or you engage with an outside firm to assist in the design or revamp of your compliance program to adhere to the new guidance, it is worth the investment.
In short, for exchanges to continue to thrive, they must create compliance programs that can quickly adapt to new regulations or other global standards and will protect them from financial crimes. Pairing a financial crime risk assessment with a comprehensive compliance program is the key to avoiding undue scrutiny from regulators or even enforcement actions. The FATF has made clear that virtual assets providers and virtual assets should be viewed through the same compliance lens as other, more traditional, financial products and institutions.