The Travel Rule Is Stuck in Transit — Here’s How to Get It Moving

The FATF Travel Rule was meant to be a global standard. Instead, it’s become a global puzzle: one with too many pieces missing and no clear picture in sight. The question that remains is whether the Travel Rule has delivered the transparency it promised to crypto payment providers and VASPs.

Crypto promised freedom and anonymity. The Travel Rule, by design, curbs anonymity in exchange for greater safety. The Travel Rule was meant to create clear and unified legal frameworks—but six years later, we’re still waiting at the intersection. More countries are adopting the Travel Rule, but transparency in crypto still feels out of reach. What went wrong, and how do we fix it?

The promise of transparency meets the reality of fragmentation

As of July 2025, 73% of FATF member countries have introduced the Travel Rule into law. That’s some more nations joining the list just this year—such as South Africa— advancing its own implementation style.

In its 6th Targeted Update on Implementation of the FATF Standards on Virtual Assets and Virtual Asset Service Providers, FATF confirms that over 85 jurisdictions have implemented the Travel Rule, with 100+ expected to follow soon—warning that delays in compliance can lead to rushed integrations, blocked transfers, and increased regulatory risk, and urging countries to accelerate full and effective implementation. But despite this growing legislative footprint, one question looms large: has the Travel Rule actually delivered the transparency it promised?

Rewind to 2019: A high-stakes shift

When the Financial Action Task Force (FATF) rolled out the Travel Rule for virtual assets in 2019, people saw it as a big step forward. Originally meant for traditional finance, the rule requires virtual asset service providers to gather and share personal information about both senders and recipients in crypto transactions, all in a bid to combat money laundering and terrorist financing.

Fast forward six years, and the situation is a lot more complicated than expected. Instead of creating a unified compliance framework for crypto, the Travel Rule has seen significant divides in how different jurisdictions deal with its implementation and enforcement. Compliance is inconsistent, technology systems are often disconnected, and there’s still some uncertainty about which specific benefits this rule brings to the table.

For instance, in Turkey, regulators have recently tightened their grip on the crypto scene by introducing new rules for exchanges and custodians, such as licensing requirements, minimum capital thresholds, and monthly customer reporting. The more countries go their own regulatory way, the harder it becomes to maintain a shared standard.

A global rule without global coordination

FATF’s guidance has led to some real changes in legislation, like the EU’s Transfer of Funds Regulation (TFR), Singapore’s MAS’ Notice PSN02, and FinCEN’s Guidance in the US. But the issue is that the global landscape is far from uniform. Different jurisdictions have their own rules regarding how to implement these recommendations, their enforcement timelines, and even their interpretations within the national regulations.

This lack of consistency creates major headaches for businesses that operate across borders. Some countries require data sharing for transactions over $1,000, while others have higher thresholds or no minimum threshold. Without a more harmonized approach, VASPs find themselves tangled in a web of overlapping and sometimes contradictory obligations, which only adds to the costs, delays, and uncertainty in compliance.

Suggested read: Explore Travel Rule Implementation

Too many protocols, not enough signal

One of the major challenges with the Travel Rule is the lack of technical interoperability. VASPs depend on various providers and protocols like TRISA, OpenVASP, and others to securely share customer data. However, instead of coming together around a single system, the industry is facing interoperability issues. Competing protocols don’t work too well with one another, making cross-platform transactions clunky.

Some providers won’t accept data from competing protocols, which disrupts what was meant to be a streamlined global compliance framework. Essentially, it’s like asking companies to play a game where the rules, refs, and even the field change depending on where they are.

Suggested read: Protocols in the Travel Rule Solution Explained (2025)

Enter third parties: solving one problem, creating another?

This gap has been filled by third-party compliance platforms, including providers like Sumsub. These players provide essential services like secure messaging infrastructure and identity verification tools, which help VASPs comply with the Travel Rule requirements.

They’re not just side players; these companies have become key components in the landscape of crypto compliance. By facilitating better interoperability, they help smaller firms compete and boost adoption in emerging crypto markets.

Transparency, or the illusion of it?

Even in places where the Travel Rule is fully operational, its impact on illicit activity is murky. Law enforcement agencies already use blockchain analytics tools like Chainalysis and Elliptic to trace funds, often without needing to directly involve VASPs for identity information.

At the same time, huge portions of the crypto ecosystem remain out of scope. Peer-to-peer transfers, non-custodial wallets, and DeFi protocols all fall outside the rule’s jurisdiction because they don’t involve a VASP. As a result, bad actors still have workarounds, while good actors bear the regulatory burden.

A telling example: following the rule’s rollout in South Africa, Binance faced new compliance hurdles impacting local users and cross-border transactions—even as illicit activity continues to migrate to harder-to-regulate spaces.

The road ahead: What needs to change

The Travel Rule isn’t a failure; it just hasn’t been fully realized yet. For it to work as intended, we need everyone—governments, regulators, and industry players—to come together and make some key changes:

• Harmonized regulation: Right now, we have a mishmash of local rules that create gaps and invite regulatory arbitrage, which weakens enforcement. The FATF should push for a consistent global standard implementation to close these loopholes. 
• Interoperable technology: Currently, the presence of different messaging protocols creates unnecessary complications. What we really need are universal technical standards or solutions that allow for seamless data sharing across these protocols.
• Scope expansion: Areas like decentralized finance and peer-to-peer services are currently overlooked when it comes to the Travel Rule. Policymakers need to clarify how disintermediated platforms fit into the picture and whether they should be subject to the same requirements.
• Privacy and data security: As VASPs and other vendors deal with increasing amounts of sensitive personal data, it’s crucial to have strong data protection measures in place at every level of compliance.

A rule still in transit

The FATF introduced the Travel Rule to bring some clarity from traditional finance into the crypto space. However, after six years, we still have a long way to go. Without better regulatory alignment, solid tech solutions, and a wider scope, the rule risks becoming just a symbolic measure—nice in theory, but not really working in practice.

The future of the Travel Rule isn’t just about new laws; it really depends on how well VASPs, regulators, and third-party providers can work together.

The good news? The building blocks are already here. What’s needed now is alignment, urgency, and collective action.