Has the Travel Rule Delivered on Its Promise of Transparency?

Introduced by the Financial Action Task Force (FATF) in 2019, the Travel Rule requires Virtual Asset Service Providers (VASPs) and financial institutions that handle virtual asset (VA) transfers to collect and share sender and recipient information before or during a transaction. It aimed to increase virtual asset transparency and has fundamentally altered the landscape in the following way:

• Moved compliance on-chain (and off-chain) from optional to expected. After FATF’s 2019 clarification, VASPs were explicitly brought within Recommendations 10–21 and Recommendation 16 (the “Travel Rule”), making originator/beneficiary data collection and sharing a core obligation for regulated VASPs.
• Rapid—but uneven—adoption. The paper reports ~ that 76% of FATF members enacted Travel Rule regulations (mid-2025), and “more than 85 jurisdictions” have implemented them. That has expanded the set of firms that must build KYC/AML and secure data-exchange capabilities.
• Created a new compliance ecosystem. Technical vendors and third-party providers (identity platforms, Travel Rule messaging networks, middleware) have sprung up as essential partners for VASPs—especially smaller firms that cannot build everything in-house. These platforms help orchestrate AML/ KYC and Travel Rule compliance, as well as strengthen fraud-prevention efforts.
• Fragmented technical landscape. Many competing protocols emerged (roughly 10 named), but only a subset are truly interoperable (the paper cites Code, GTR, VerifyVASP*, and Sumsub). This fragmentation, combined with the sunrise issue between jurisdictions that have and haven’t implemented the Travel Rule, increases costs, friction, and failure points for cross-border transfers.

Six years on from its introduction, has the Travel Rule delivered on its goal of transparency?

Today, we’re sitting down with Kat Cloud, Head of Government Relations at Sumsub, who recently released the whitepaper Travel Rule: Has It Delivered on Its Promise of Transparency?, to discuss the most pressing questions about Travel Rule implementation.

Translucency rather than transparency?

While the Travel Rule has indeed brought more visibility into crypto transactions, the level of transparency achieved is still closer to translucency than true clarity.

The Travel Rule has forced regulated VASPs to collect and exchange originator/beneficiary information, institutionalized KYC/KYB practices, and created incentives for shared tooling and audits—advancing transparency among regulated participants. Overall, the Travel Rule has delivered on its promises, but partially.

There are still places for improvement:

• Technical fragmentation (many protocols; limited interoperability), which causes failed or incomplete data exchange.
• Weak supervisory enforcement in many jurisdictions, so compliance can be superficial or paper-based.
• Activity outside the scope (DEXs, DeFi, non-custodial wallets) that remain hard to surveil and where the Travel Rule often doesn’t reach.

Suggested read: Explore Travel Rule Implementation

Why have some jurisdictions been slower to embrace the Travel Rule?

Jurisdictions with more mature financial regulations, like the US and EU member states, as well as Singapore, have been quick to integrate the Travel Rule. We’re also seeing Hong Kong, South Korea, and the UAE catching up. Large crypto markets moved faster, incentivized to implement compliance standards to protect investors and financial integrity. 

At the same time, many jurisdictions struggle with technical and interoperability challenges, limited data and expertise for enforcement, and a patchwork of contradictory regulations—all of which slow down Travel Rule adoption.

And, of course, some governments prioritize innovation and market growth over strict oversight, which hinders Travel Rule adoption. But this delay exposes them to higher money-laundering risks, reputational damage, and potential exclusion from major financial networks.

Even in jurisdictions where the Travel Rule has not yet been formally adopted, VASPs are increasingly expected to implement compliant solutions to maintain access to global markets and transact with trusted counterparties.

The consequences of non-compliance can be severe for VASPs operating in these environments. Beyond formal penalties, reputational damage, the loss of counterparties, and erosion of trust can be just as harmful.

Suggested read: The Top 10 Crypto-Friendly Countries (2025)

The role of third-party service providers

Third-party service providers can help bring more clarity and consistency to Travel Rule compliance and are positioned as key enablers, focusing on four complementary roles:

1. Infrastructure & interoperability provider
   • Offer multi-protocol support and bridges so VASPs don’t need bespoke integrations for each protocol (Sumsub’s multi-protocol + fallback approach is an example).
     
2. Compliance abstraction layer
   • Provide jurisdictional rule bundles, prebuilt checks (KYC/KYB, AML screening), and message-format validation so firms can “deploy once” and comply in many markets.
     
3. Trust anchor and counterparty intelligence
   • Maintain and surface licensing, supervisory status, and compliance posture (ideally validating against a registry) to accelerate counterparty due diligence.
     
4. Advisor to regulators and standard-setters
   • Share operational insights, best practices, and anonymized metrics with regulators to inform harmonized guidance and realistic enforcement expectations.

It’s worth noticing here that vendors should promote interoperability, not lock customers into proprietary, closed networks that fragment the ecosystem further.

Next steps for the Travel Rule

For the Travel Rule to reach its full potential in protecting the financial system, the following policy recommendations are critical:

First, a globally harmonized framework for data sharing and verification would reduce international transaction friction. Balancing privacy with transparency is key, using cryptography or privacy-enhancing technologies to protect data while enabling oversight.

Second, technology solutions must evolve through the broader adoption of interoperable, secure, and privacy-preserving compliance tools. Effective solutions must be capable of adopting or integrating with as many protocols as possible to enable seamless communication across networks and jurisdictions. This interoperability is essential to ensure compliance, reduce friction, and maintain trust in the virtual asset ecosystem. Jurisdictions and VASPs that have lagged behind should be incentivized—or, where necessary, required—to implement Travel Rule–compliant systems that meet these standards.

Third, education and collaboration are also key. Stakeholders, including smaller VASPs and emerging markets, need to be informed about the Travel Rule’s benefits and requirements.

A global VASP registry and harmonized regulations would also be essential and logical steps for the Travel Rule to reach its full potential.

The Travel Rule has laid the foundation for greater transparency, but there’s still work to do. In my whitepaper, Travel Rule: Has It Delivered on Its Promise of Transparency?, I take a more in-depth look at the challenges facing Travel Rule implementation and the opportunities ahead.