FATF Travel Rule Compliance Gets Easier With New CipherTrace Tools
TRISA enables VASPs to comply with the Travel Rule without sharing confidential information.
A new framework from blockchain security firm CipherTrace will enable cryptocurrency wallets, exchanges and other projects to comply with the Travel Rule from FATF – the Financial Action Task Force – without having to share private or personal information with one another.
CipherTrace successfully launched the Travel Rule Information Sharing Architecture (TRISA) this morning. The new framework can reliably authenticate and transmit transaction data with “zero data leakage,” according to a company spokesperson.
“The FATF rule can be implemented by any VASP that chooses to participate in the TRISA solution, and its PKI infrastructure is widely understood and embraced by the majority of websites,” the spokesperson added.
The FATF Travel Rule requires banks to share customer information in order to prevent money laundering. Earlier this year the organization recommended that member states extend this rule to include virtual asset service providers (VASPs).
Exchanges and wallet providers are now required to share personal information on their users with one another, sometimes by embedding it into their transactions. In addition to concerns surrounding user privacy, CipherTrace CEO David Jevans warns it could create new security risks for VASPs, which will have to store much-enlarged data sets online.
“Since the transaction identity sending and receiving services must be online and highly available (7×24), these services are particularly vulnerable to security breaches and attack,” Jevans wrote in the TRISA whitepaper. “A [DDoS] attack could take a VASP’s entire transaction capability offline, and a large-scale attack on the transaction identity services of major exchanges could take the entire industry offline.”
Finalized at the end of June, the G20 countries have already begun introducing the Travel Rule into their national laws, giving VASPs twelve months to comply. Netki, a KYC/AML provider for crypto companies, announced yesterday that it had retooled its digital identity service to comply with the travel rule.
Binance is reported to be seriously considering the new TRISA framework, which is provided free of charge and can scale to sufficiently high volumes for crypto transactions. It also uses Public Key Infrastructure (PKI), a common encryption method already used by most websites.
Confidential information can remain private using an integration with the Shyft Network, a blockchain bridging protocol. Co-founder Joseph Weinberg has been one of the most vocal critics of the Travel Rule, and even traveled to Vienna to try and persuade the financial body to amend its recommendation.
TRISA is an ideal tool for any VASP dealing with large cryptocurrency holders or ‘whales’, according to CipherTrace, allowing these users to transact without compromising their privacy.
CipherTrace and Shyft announced their collaboration on TRISA in July. However, CipherTrace had actually started work on a new compliance mechanism back in January, soon after FATF originally proposed extending the Travel Rule.
“[W]e have been designing the solution much longer because we expected the BSA Travel Rule to have the force of law in the U.S. and apply to cryptocurrency,” explained the CipherTrace spokesperson, “which became the case in April 2019.”