Slow But Steady: FATF Review Highlights Crypto Exchanges’ Struggle to Meet AML Standards

In June 2019, the intergovernmental Financial Action Task Force (FATF) introduced its revised set of standards for virtual asset service providers. The document establishes the anti-money laundering and counter-terrorism (AML/CFT) requirements that regulated VASPs —  the term mainly referring to cryptocurrency trading platforms — must eventually implement in their day-to-day operations. The guidelines are framed as recommendations, and the FATF leaves it to the participating nations’ governments to develop their own regulations in accordance with suggested principles.

The watchdog has also set a 12-month review timeframe to monitor the public and private sectors’ progress in putting the revised standards into effect. Following the review period’s expiration in June 2020, the FATF put together a report summarizing a year’s worth of legislative and compliance work. Here is how both the FATF and industry participants evaluate today’s state of international anti-money laundering standardization as it relates to digital assets.

The watchdog’s perspective

The report states that 35 out of 54 surveyed nations have implemented the revised standards on virtual assets in their domestic legislation, while another 19 have yet to do so. The FATF admits that implementation was not always smooth for both the public and private sectors. However, the group maintains that it hasn’t detected any major issues that could warrant amending the requirements.

The organization said it would keep a close eye on digital assets and announced another 12-month review of the revised standards’ implementation.

A particularly enlightening discussion of the FATF decision making happened last week on the Dedicated Online Financial Integrity Network’s (DOLFIN) platform. The webinar featured four former heads of the United States delegation to the FATF, whose accounts offered an informed perspective on how the organization approaches risk management for virtual assets and stablecoins.

Jennifer Fowler, currently a director in Brunswick Group’s Washington, D.C. office who served as the Vice President of the FATF in 2017-2018, said that continuous risk assessment is at the heart of the watchdog group’s approach to digital assets.

One concerning trend that Fowler mentioned is that lately the organization has noticed an uptick in the number of professional money launderers turning to crypto, especially against the backdrop of the coronavirus pandemic. Fowler mentioned that another potential threat that the FATF is closely watching is peer-to-peer transactions, whose growth can render the group’s traditional focus on regulating intermediaries (such as VASPs) obsolete.

Chip Poncy, currently an executive on K2 Fin’s compliance team who led the U.S. delegation to the Financial Action Task Force from 2010 to 2013, talked about the paradigm of open versus closed loops in assessing the risks posed by new financial instruments. An open-loop system is the one that is connected to the traditional finance system, while a closed-loop system is self-sufficient.

New financial instruments that create open-loop systems can be regulated at the points bridging them with the fiat realm (e. g. VASPs), while closed-loop arrangements are of limited interest to the policy community. However, when a closed-loop system expands to reach a substantial size, it can create risks of its own. This is why, Poncy observed, the FATF is keeping a watchful eye on the scale of digital assets’ adoption.

No taking foot off the gas

To VASP representatives and industry insiders, the FATF report held few surprises. Elsa Madrolle, international general manager at the crypto wallet and security startup CoolBitX, told Cointelegraph that the continuation of the 12-month review process until June 2021 has been widely expected, as the FATF generally stayed in close contact with the industry throughout the year, hosting regular Contact Group updates.

Naturally, service providers welcomed the one-year review extension. Under the initial deadline, it has been virtually impossible for market participants to ensure compliance with one of the central components of the revised standards package, known as the travel rule. It holds that for transactions exceeding $1000, exchanges should transmit the details on the identity of both originator and beneficiary of the funds.

Sumit Gupta, CEO of Indian crypto exchange CoinDCX, observed to Cointelegraph:

“The FATF has committed to conducting a second review in June 2021, signaling that it is reaffirming its stance towards the sustainable regulation of the crypto industry at a pace that is appropriate for the development of the global crypto market. We do not see this as an extension of its deadline so that VASPs can take their foot off the gas, but rather as a buffer period for the industry to move towards full implementation of the Travel Rule come next year.”

Compatibility issues

Others, however, noted the downsides to the FATF’s approach. A major bone of contention has been that the watchdog group’s recommendations are not particularly conducive for creating a coherent cross-border regulatory environment. On top of that, revised standards can prove incompatible with some existing regulatory frameworks.

 Terry Culver, CEO at Digital Finance Group, commented to Cointelegraph:

“One challenge is that implementation will face significant challenges from other contradictory regulations for AML and data protection. For example, the FinCen Travel Rule sets US regulation apart from other jurisdictions. Another example is that the EU just determined that the bulk transfer of personal data to the US is not allowed under GDPR.”

Nathan Catania, a partner at global digital asset policy and regulatory adviser XReg Consulting, further opined:

“It is clear that there is no unified approach to the AML/CFT regulation of VAs and VASPs, the approaches taken from jurisdiction to jurisdiction can vary drastically. This makes it very difficult for crypto businesses to navigate what I have been calling a global regulatory minefield. VASPs will need to be very careful with the customers that they target, as they may fall in scope of regulatory regimes in other places.”

Illustrating his point, Catania came up with an example of a hypothetical VASP registered in Gibraltar and targeting Australian clients, which would have to comply with AML regulations in both jurisdictions.

Too wide a scope or too narrow?

Dr. Omri Ross, chief blockchain scientist at the digital asset trading platform eToro, took issue with one of the tenets of the FATF’s guidance, which states that virtual assets should be held to the same level of scrutiny as any other asset class. He commented:

“While I sympathize with the reasoning behind these recommendations, my concern is that the application of general standards for supervision and monitoring may quell technological innovation. However, if these technologies were to be nurtured, they could in fact introduce far greater transparency in international monetary flows”

In contrast, Manuel Rensink, Strategy Director at the fintech firm Securrency, highlighted the narrow scope of the FATF’s travel rule. Rensink told Cointelegraph:

“A widening of the Travel Rule should also be extended to: Transactions in asset-backed virtual assets, including digital securities and all stablecoins; P2P transactions as well as automated smart contract transactions depending on attributes such as transaction size and volume; DEXs, smart contract operators, (DeFi) protocol operators should also be considered VASPs.”

The race for travel rule compliance

One thing that all crypto industry insiders seem to agree on is that currently crypto exchanges are largely technically unprepared to comply with the travel rule. Digital Finance Group’s Culver remarked on this matter: “The regulator is ahead of the crypto sector in this area — a nice change of pace.”

At the same time, blockchain technology clearly holds immense promise as a foundation for innovative compliance tools, and groundbreaking work in that department is already underway. Cointelegraph already reported on efforts such as BitGo’s crypto wallet API and the CoolBitX – Elliptic partnership specifically addressing the travel rule challenge.

Omri Ross of eToro commented:

“Early findings in academic studies, law enforcement and commercial research indicate that the level of complexity and sophistication that can be achieved, using blockchain technologies for KYT, is far superior to existing solutions currently used in the financial sector.”

Securrency’s Manuel Rensink spoke to the same effect, adding that artificial intelligence and machine learning reporting tools can be layered on top of blockchain transactions to allow regulators to effectively monitor all transactions within their jurisdictions.

The formidable potential will likely translate to a diverse set of solutions at the end of the day. As CoolBitX’s Elsa Madrolle noted, “it does appear that the market believes there will not be a global ‘one size fits all’ solution that can cater to every jurisdiction’s regulations all at once that work for all VASPs.” In this situation, the question of interoperability comes front and center.

A huge breakthrough on this front came earlier in May, when an industry-wide working group on interVASP Messaging Standards (JWG) unveiled a solution designed to enable diverse service providers’ systems to talk to one another. As more digital asset service providers hop on board of this initiative, seeing the major crypto exchanges comply with the travel rule by June 2021 appears perfectly attainable.