Further to the FATF Plenary Session on 24 June, FATF published the full 12-month review of the implementation of its revised Standards of AML/CFT requirements on virtual assets and virtual asset service providers (VASPs).
This article gives an overview of the report with some important points highlighted.
- Overall, both the public and private sectors have made progress in implementing the revised FATF Standards. 35 out of 54 reporting jurisdictions have implemented the Standards (32 regulating VASPs and 3 forbidding the operation of VASPs). The progress is evident even though the supervision of VASPs and implementation of AML/CFT obligations is still at an early stage. Particularly, the development of technological solutions for implementation of the ‘travel rule’ has progressed despite some issues.
- No clear need to amend the revised Standards at the moment, but still a lot of work to do; besides, it shows a need for greater FATF Guidance on how to implement the revised FATF Standards, including tailored guidance for low-capacity jurisdictions.
- As the next steps, FATF will continue its enhanced monitoring and conduct a second 12-month review by June 2021, release updated Guidance including issues of stablecoins, anonymous peer-to-peer transactions and travel rule implementation, publish red flag indicators and relevant case studies by October 2020, enhance engagement with the private sector (VASPs, technology providers, technical experts and academics) through its Virtual Assets Contact Group, and enhance international cooperation among VASP supervisors.
The full report is presented with 5 sections.
In Section 1, the review sets out how money laundering and terrorism financing (ML/TF) risks and the virtual asset market have changed since June 2019.
Some trends in use of virtual assets for ML/TF purposes:
- The value of virtual assets involved in ML/TF cases has been relatively small so far compared to those using more traditional financial services and products. The use of virtual assets as a way of layering is the most noticeable typology possibly due to the rapid transfer;
- Among different types of offences involving virtual assets, narcotics-related and fraud offences (e.g. investment scams and swindling, blackmail, and extortion) are the most widespread;
- The use of VASPs registered/operating in jurisdictions that lack effective regulation, as well as the use of multiple VASPs;
- The continuing use of tools and methods to increase the anonymity of transactions (e.g. registering Internet domain names through proxies, using tumblers/mixers /anonymity-enhanced cryptocurrencies or privacy coins, using decentralised exchanges and app, chain-hopping, atomic swapping exchanges and dusting).
Some trends in virtual assets market structure:
- Focus on “stablecoins” with potential for mass-adoption, which would probably lead to a substantial increase in the number of anonymous peer-to-peer virtual asset transactions occurring via unhosted wallets (Peer-to-peer transactions are not explicitly covered by the revised FATF Standards);
- Expansion in the number & value of transactions not subject to AML/CFT controls under the revised FATF Standards would present a material ML/TF vulnerability. Jurisdictions must be forward-looking on this point.
In Section 2, the review points out the jurisdictions’ progress in implementing the revised Standards. Overall, the progress is evident as shown in the table below:
Among those 32 jurisdictions which advised that they have established regimes permitting VASPs, 30 have introduced either registration (18 jurisdictions) or licencing regimes (14 jurisdictions). 23 of them have begun licencing / registering VASPs.
Different organisations have been designated as VASP supervisors, e.g. financial services supervisors, central banks, securities regulators, tax authority and specialist VASP supervisors, and some jurisdictions have multiple supervisors. Supervisors are using a wide range of information to inform their risk-based approach, such as information collected through the registration/licencing process. Several noted that they were using, or planning to use, ‘SupTech’ tools, such as blockchain analysis software.
Section 3 of the report addresses the private sector’s progress in implementing the revised Standards, including the development of technical solutions for the implementation of the ‘travel rule’.
‘Travel rule’ is a key AML/CFT measure to ensure that originators and beneficiaries of transactions are identifiable and not anonymous. it is the issue of most focus.
Implementation of the travel rule:
- An international industry-wide initiative that has been established to set global technical standards for travel rule solutions to use. Several different travel rule technology solutions are being developed, with some being launched or being tested. However, the FATF is not aware yet that there are sufficient holistic technological solutions for global travel rule implementation that have been established and widely adopted.
- In terms of jurisdiction implementation, implementation of travel rule requirements for VASPs are less than other AML/CFT requirements due to the lack of adequate holistic technology solutions.
Implementation of other AML/CFT obligations
Globally, implementation of other AML/CFT obligations seems to be at early stages. However, some jurisdictions have more developed regimes for VASPs and reported the improvements among larger, established VASPs. The most common issues included deficiencies related to internal control, independent testing, and record-keeping.
In Section 4, the review describes the issues identified with the revised FATF Standards and Guidance, including the definition, peer-to-peer transactions and private / non-custodial wallets, stablecoins, identifying VASPs for registration / licencing, and finally travel rule implementation.
Peer-to-peer transactions and private / non-custodial wallets
- Peer-to-peer transfers of virtual assets are not explicitly subject to AML/CFT obligations under the revised FATF Standards. Transfers to the unregulated peer-to-peer sector could present a leak in tracing illicit flows. At the moment, no sufficient evidence to show the needs of changing Standards. However, further work should be undertaken to better understand the scope of the unregulated peer-to-peer sector.
- The revised FATF Standards apply to stablecoins and their providers either as financial institutions or VASPs and are sufficient at this point. Nonetheless, this area must be closely monitored because of residual risks and a range of practical challenges for jurisdictions that stablecoins raise.
Identifying VASPs for registration / licencing
- Challenges are noted in identifying the VASPs to cover under their AML/CFT regimes. In particular what approach jurisdiction should take regarding VASPs offering products and/or services to customers in their jurisdiction, but are domiciled elsewhere or have no physical presence in their jurisdiction.
Travel rule implementation
- Identifying counterparty VASPs in a timely and secure manner is a challenge. One way is the creation of a ‘global list of VASPs’, which, however, raises a range of issues such as accuracy and security of the information.
- What approach should be taken to VASPs’ transacting with private or unhosted wallets is also an issue.
- Batch and post facto submission and past transfers
- Inter-operability of systems
- Sunrise issue: there is not yet a global framework for travel rule compliance. It is unclear what approach VASPs should take in dealing with VASPs located in jurisdictions without the travel rule.
In the last Section, the report states FATF’s next steps regarding virtual assets due to the fast evolution of the industry:
- continue its enhanced monitoring, a second 12-month review by June 2021. By this time, jurisdictions will have had two years to transpose the revised FATF Standards on VASPs into law and the VASP sector will have had time to implement travel rule solutions globally.
- update Guidance, addressing issues including so-called stablecoins, anonymous peer-to-peer transactions and travel rule implementation
- publish red flag indicators and relevant case studies by October 2020
- through its Virtual Assets Contact Group, enhance engagement with the private sector (VASPs, technology providers, technical experts and academics)
- enhance international cooperation amongst VASP supervisors
As the European leader in crypto AML/CTF solution, Scorechain serves worldwide customers to help them implement the risk-based approach and comply with the regulatory requirements. At Scorechain, we keep in close communication with regulators and continuously improve our products to adapt to the evolving regulations with the aim to facilitate companies’ compliance work. Implementing Scorechain is a good way to follow FATF recommendations.
For further guidance, please keep following us!
To know more about our products, welcome to contact us: email@example.com