The Travel Rule in the UK: Explained 

In 2019, the Financial Action Task Force (FATF) published a series of recommendations to help combat money laundering and terrorist financing in response to a changing technological landscape, including the increasing use of cryptoassets in crime. 

An update to one of these recommendations, Recommendation 16, relates to a requirement for virtual asset service providers (VASPs) to collect and share personal information regarding the senders and recipients of virtual assets (VAs) like cryptocurrencies. This is known as the Travel Rule due to the manner in which information “travels” with the VA. 

The way the Travel Rule is implemented around the world varies from jurisdiction to jurisdiction, which opens the potential for inadvertent non-compliance and harmful outcomes for businesses and individuals alike. 

This guide has been written to help readers understand the particularities of the UK’s hardline interpretation of the Travel Rule and how Sumsub can help with compliance.

What exactly is the Travel Rule?

Before reviewing how the Travel Rule affects crypto businesses in the UK, it’s first important to understand the Travel Rule in general.

In essence, the Travel Rule is designed to make it harder for criminals to use cryptoassets for illicit activity. 

In a VA context, the so-called Travel Rule (or FATF Recommendation 16) requires countries to make sure that VASPs sending or receiving VAs such as cryptoassets maintain accurate originator and beneficiary information on VA transfers. The originator VASP is obliged to collect this information and immediately and securely submit it to the beneficiary VASP or financial institution, if relevant. 

Both originator and beneficiary VASPs also need to make this information available on request to the appropriate authorities. The same obligations likewise apply to financial institutions when sending or receiving VA transfers on behalf of a customer.

In summary, the Travel Rule simply requires the personal information of the originator and beneficiary of a VA transfer to “travel” with the VA.

Suggested read: What is the FATF Travel Rule? The Ultimate Guide to Compliance

Why is the Travel Rule needed?

With 60% of illegal crypto activity tied to sanctioned or terrorist groups and sanctions screening often performed poorly or not performed at all, there is significant pressure from law enforcement agencies around the world to tackle the secretive nature of crypto transfers. 

As such, the FATF recommends the Travel Rule as a key anti-money laundering (AML) and counter financing terrorism (CFT) measure designed to help VASPs and financial institutions prevent terrorists, money launderers, and other criminals from moving funds via wire transfers (including VAs) and to detect any incidents of misuse. 

According to the FATF’s Interpretative Note to Recommendation 16, the basic information collected on VA originators and beneficiaries should be made available to law enforcement authorities for use in detecting, investigating, and prosecuting terrorists or other criminals while helping to trace their assets. 

This information is also of use for financial intelligence units in analyzing suspicious or unusual activity. VASPs and financial institutions are recommended to identify and report any suspicious transactions as well as freeze funds and prevent transactions linked with sanctioned persons or entities.

While the necessity of the Travel Rule is understandable, it is not without controversy or challenges. There is an argument that the Travel Rule goes against the very point of cryptocurrencies themselves, with their anonymous nature being part of the reason for their initial popularity. 

As this is a relatively recent development and each country’s legal interpretation of the Travel Rule differs, it is important for VASPs and other relevant parties to stay informed of updates to avoid any potential breaches and ensure compliance with AML and CTF to keep people safe.

What are the UK’s Travel Rule requirements?

Quite simply, the UK’s Travel Rule requirements are broadly similar to those of other jurisdictions that have acted on the Travel Rule’s recommendations. For example, the UK fully complies with the FATF’s Travel Rule and has clarified the UK’s position through the FCA, with a legal requirement for all VASPs to comply.

As a result, the FCA now requires compliance for those sending and receiving cryptoassets in the UK as set out by MLRs. Like most other jurisdictions following the Travel Rule, the UK’s Travel Rule requirements focus on collecting information on who is sending and receiving VA transfers. 

Unlike other jurisdictions, however, it is worth noting that while the FATF recommends a threshold of $1,000 (£770) for the Travel Rule to take effect, there is no minimum threshold for compliance in the UK. 

Suggested read: All you need to know about UK crypto regulations

How to comply with the Travel Rule in the UK

Compliance is much the same as in other countries that have acted on the Travel Rule’s recommendations. Essentially, this means that information regarding originators and beneficiaries must be shared to ensure information “travels” with VA transfers and that requests from law enforcement for information must be acted upon.

VASPs and financial institutions are thus obliged to follow complex steps to ensure compliance with the UK’s interpretation of the Travel Rule, which highlights the importance of Sumsub in helping to make sure VASPs and financial institutions do not inadvertently fall foul of regulations. 

The following is a brief summary of steps that need to be taken for Travel Rule compliance:

1. The originating VASP must ensure the cryptoasset transfer is accompanied by the name of the originator and beneficiary (using the registered name if it is a firm) and the account number of the originator and beneficiary.
2. If the beneficiary VASP asks for further information, the originating VASP must: i). If it is a firm, provide the customer identification number and the address of the originator’s registered office; ii). If it is an individual, any one of the following can be provided: 

• The customer identification number 
• The individual’s address 
• Date and place of birth 
• Birth certificate number 
• Passport number 
• ID card number.

3. The VASPs must check if there is any missing or contradictory information. 
4. The VASPs must use the information to conduct a risk assessment as to whether the transfer should be accepted or details should be passed on to law enforcement.

Essentially, the UK’s interpretation of the Travel Rule comes down to collecting information and performing relevant due diligence regardless of whether the value of the VAs sent is over $1,000 or not and whether the party sending or receiving the funds is in a jurisdiction that follows the Travel Rule or not.

Of course, there is considerably more complexity and nuance than this, which is exactly why Sumsub has designed its Travel Rule product to make sure our clients abide by all relevant regulations, whatever the jurisdiction.

For more on crypto regulations in the UK read: UK crypto regulation doc

Failure to comply with the Travel Rule in the UK

As the UK’s alignment with the Travel Rule is relatively recent (2023), there is an understandable lack of clarity on what exactly happens to VASPs or financial institutions that fall foul of new Travel Rule regulations. 

In terms of potential negative criminal outcomes, UK statutory instruments state that a breach of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 may lead to a prison sentence of up to two years. 

Non-compliance with the Travel Rule also runs the risk of civil penalties. By the end of 2022, the cumulative total of AML fines imposed on financial institutions was nearly $5 billion (around £3.8 billion). While this figure is global and precedes the implementation of the Travel Rule in the UK, this is an indication that failure to comply may result in significant negative outcomes, potentially exacerbated now that investors and customers are under more regulation and protection due to the Travel Rule in all its complexity.

While it is likely too early to say what failure to comply with the Travel Rule in the UK means, Sumsub is here to help stop customers from finding out first-hand. We do so by providing expertise to make sure customers don’t inadvertently break rules and face potential consequences such as fines, civil suits, or criminal charges.

What does the Travel Rule mean for the future of crypto businesses in the UK?

The UK’s implementation of the Travel Rule is an indication that the UK government, like many other governments around the world, is taking an increasingly harder line on tackling the anonymity of VAs.

As such, the UK looks set to see more alignment with global AML and CTF standards to help combat criminal activity. 

This movement towards increased regulation also means that crypto businesses operating in the UK or with UK customers face more obligations to comply with these regulations. Failure to comply may inadvertently put VASPs and financial institutions at risk of harmful outcomes like fines or civil suits.  

The Travel Rule naturally has a significant impact on the privacy and anonymity of crypto users, whether for criminal purposes or not, and looks likely to bring cryptoassets out of the shadows and further into the mainstream. 

Nevertheless, the future is uncertain and, as VAs are becoming harder for governments to ignore, the UK is showing an increased interest in regulation, having even issued an outline for future cryptoasset regulation.

FAQs

• What is the Travel Rule?

  The Travel Rule is another name for FATF Recommendation 16, which recommends that countries ensure that financial institutions monitor wire transfers to detect instances of missing originator or beneficiary information.

• Why is the Travel Rule needed?

  Governments around the world feel the Travel Rule is necessary to fight clandestine wire transfers that could be used for money laundering or terrorist financing. 

• What does the Travel Rule mean for crypto businesses in the UK?

  Crypto businesses now face more regulation and are obliged to collect and exchange information about who is sending and receiving VAs, making sure crypto businesses are not involved in money laundering or terrorist financing.

• Why is FATF Recommendation 16 called the Travel Rule?

  FATF Recommendation 16 is known as the Travel Rule as the financial institution sending or receiving the VA transfer needs to collect information about who is sending and receiving the transfer. This information thus “travels” with the transfer.

• Why is the Travel Rule controversial?

  The Travel Rule is controversial due to it effectively setting out to remove the anonymity associated with crypto assets, which is a significant reason for their initial popularity.