What Is the Travel Rule?
The Travel Rule is a financial compliance requirement that mandates the transfer of customer identifying information alongside wire transfers. Originally applied to traditional banks under the Bank Secrecy Act (US) and FATF Recommendation 16, it was extended to Virtual Asset Service Providers through FATF's updated guidance on virtual assets in 2019.
In plain terms: when a VASP sends a virtual asset transfer on behalf of a customer, it must transmit specific information about the sender (originator) to the receiving VASP — and that receiving VASP must be able to receive, hold, and act on that information.
What Information Must Travel?
FATF sets out the minimum data fields that must accompany a virtual asset transfer. These typically include:
Originator Information (Sending VASP must provide)
- Full legal name of the originating customer
- Account number or wallet address used for the transaction
- Physical address, or national identity number, or date and place of birth
Beneficiary Information (Receiving VASP must collect)
- Full legal name of the beneficiary customer
- Account number or wallet address
The threshold for when the Travel Rule applies varies by jurisdiction. FATF recommends applying it to transfers at or above USD/EUR 1,000, though some countries apply it to all transfers regardless of amount.
Why Is the Travel Rule Challenging for Crypto?
The Travel Rule is straightforward in traditional banking — SWIFT messages carry sender/receiver data automatically. In the virtual asset world, the challenge is more complex:
- No universal messaging protocol: Unlike SWIFT, there is no single blockchain-native standard for transmitting Travel Rule data between VASPs.
- Counterparty identification: When you receive a transfer, you may not know which VASP (if any) sits on the other end.
- Unhosted wallets: Transfers to or from self-custodied (unhosted) wallets present a distinct challenge — there is no beneficiary VASP to receive the data.
- Interoperability: Multiple competing Travel Rule solutions exist (TRISA, TRP, OpenVASP, Sygna Bridge, Notabene) and they don't all speak the same language yet.
The Sunrise Problem
The "sunrise problem" refers to the uneven implementation of the Travel Rule across jurisdictions. A VASP in a country that has implemented the rule must comply when sending to a counterpart in a country that has not yet implemented it — but the receiving VASP may have no technical or legal framework to receive Travel Rule data. This creates a compliance gap that is difficult to resolve through technology alone.
How VASPs Are Implementing the Travel Rule
The industry has developed several interoperability protocols and solutions:
| Solution | Approach | Key Backers |
|---|---|---|
| TRISA | Open-source peer-to-peer protocol | CipherTrace, community-driven |
| TRP (Travel Rule Protocol) | API-based, lightweight | Large exchanges |
| Sygna Bridge | Hub-and-spoke centralised network | CoolBitX |
| Notabene | SaaS platform with multi-protocol support | Notabene Inc. |
| Shyft Network | Blockchain-based identity layer | Shyft Foundation |
Most compliance teams recommend adopting a solution that supports multiple protocols, since your counterparties may use different systems.
Unhosted Wallet Transfers
Regulators in the EU (via MiCA and the Transfer of Funds Regulation) and other jurisdictions are increasingly requiring VASPs to collect and verify information about unhosted wallets involved in transfers above certain thresholds. VASPs should implement:
- Self-declaration by the customer that they control the unhosted wallet
- Cryptographic proof of ownership (e.g., signing a message with the wallet's private key)
- Risk-based enhanced due diligence for high-value transfers to unhosted wallets
Steps to Travel Rule Readiness
- Assess which jurisdictions you operate in and what thresholds apply
- Select a Travel Rule solution compatible with your major counterparties
- Update your transaction processing workflow to capture and transmit required data
- Establish policies for handling unhosted wallet transfers
- Train operations and compliance staff on the new requirements
- Conduct regular testing and audits of your Travel Rule data flows