FATF Travel Rule Singapore Webinar: CoolBitX & Elliptic Advise On What To Do Now

Joint CoolBitX – Elliptic Travel Rule webinar gives Singapore crypto exchanges the toolkit on “what to do now”, while industry body ACCESS explains why MAS requires compliance in order to receive DPT licensing.


On 1 September 2020, Elliptic and CoolBitX kicked off the first of a series of joint FATF Travel Rule webinars to help virtual asset service providers (VASPs) in different jurisdictions comply with the data-sharing requirements of the Financial Action Task Force‘s amended Recommendation 16.
First on the list: Singapore.

Singapore boasts both a sophisticated financial system and new regulatory framework for digital assets, making it a perfect first stop.

The webinar “FATF Travel Rule: What you Need to Do Now? (Singapore Session)” (watch here), brought together 4 expert blockchain speakers for an insightful panel discussion:

  • Michael Ou, CEO of CoolBitX and Sygna (first live Travel Rule solution)
  • Anson Zeall, Chair of IDAXA and ACCESS
  • Ken Yagami, APAC Regional Head, Elliptic
  • Daniel Yeo, CEO of Pionex, a Singapore-based crypto exchange

The webinar was moderated by Elliptic’s Ms. Journey Li (APAC Marketing Manager) and Mr. Yagami.

DOWNLOAD FATF TRAVEL TOOLKIT HERE

Background on Singapore crypto regulations

In January 2020 the Monetary Authority of Singapore (MAS) began the official enforcement of its Payment Services Act of 2019 (PSA), which obligates crypto-related companies, called digital payment token (DPT) service providers, to register with authorities and create a strong anti-money laundering (AML) regime to be considered for a DPT license.

Singapore's history of crypto regulations

As part of this greater compliance, VASPs will also have to ensure they adhere to the data-sharing requirements of the Travel Rule. Yet, there is great uncertainty about how to achieve this: While many crypto businesses are now exploring Travel Rule solutions, most are at a loss of how to actually select and practically implement the right one.

In order to help, the influential Singaporean self-regulatory organization ACCESS has mediated between Singapore’s regulators and industry leaders, creating a Code of Practice to help the crypto industry meet high AML/CFT compliance standards.

Webinar Agenda and Questions

Agenda

  • Overview of the FATF Travel Rule
  • Panel: How can VASPs tackle the regulatory challenges and stay ahead of the game?
  • Q&A session

The joint webinar aimed to answer the following regulatory questions:

  • what the Travel Rule is really about
  • why crypto businesses need to adopt a Travel Rule solution now
  • how to choose the most efficient solution that will help you scale your business while staying compliant. 

Webinar survey results

1. What’s your understanding of the Travel Rule?

  • 12% – Unfamiliar.
  • 62% – Basic understanding.
  • 26% – Quite familiar.

2.  Has your company implemented a Travel Rule solution?

  • 4% – Yes, we have.
  • 52% – We are exploring various options.
  • 44% – Not yet, we will wait and see.

3. What is the biggest challenge for your company to comply with the Travel Rule?

  • 16% – Lack of motivation to adopt now.
  • 62% – Lack of understanding of the solutions.
  • 22% – Lack of understanding of the regulations. 

An evolving regulatory environment

CoolBitX CEO Michael Ou kicked off the webinar with an overview of the FATF’s crypto regulations, emphasising that the FATF’s new June 2021 Travel Rule review is not an extension for VASPs to drag their feet to implement a solution, but more a courtesy to the private sector and technical solution providers (TSPs) to refine current solutions and messaging standards and establish interoperability between them.

Michael broke down emerging challenges faced by VASPs globally, including these key strategic and operational risks:

  • High overhead costs: How can VASPs absorb additional overheads and comply with regulations cost-effectively before June 2021?
  • Constraints of legacy systems: How to create, build and maintain a secure solution for a VASP network instead of of requiring bilateral integration between individual VASPs?
  • Inadequate data privacy: How to share sensitive user data with competitors and still ensure compliance with data privacy laws such as the EU’s GDPR
  • Inconsistent standards: How can end-to-end compliance programs be built in the absence of clear data standards and national regulations?

How is Singapore interpreting the FATF Travel Rule?

Next, the CoolBitX CEO covered the differences between the FATF Travel Rule and Singapore’s PSN02 Paragraph 13 of December 2019.

Why should VASPs adopt a Travel Rule solution early?

The benefits of proactively implementing a Travel Rule solution can be divided into strategic and operational benefits.

Strategic benefits

  • Low integration and maintenance costs
  • Simple, flexible architecture helps demonstrate compliance ahead of competitors
  • Minimal disruption to VASP business models
  • Solves VASP cooperation challenge via secure 3rd party

Operational benefits

  • Maintain institutional-grade data privacy measures
  • High compatability with existing compliance systems for end-to-end compliance strategy
  • Less resources on compliance workflow tasks
  • More focus on customer value creation in regulated space

What is Sygna Bridge and how does it work?

CoolBitX began development on Sygna Bridge, the first live Travel Rule solution, in mid-2020, after consulting with FATF regulators at the April 2019 PSCF in Vienna and identifying the future industry need for compliance with Recommendation 16.

Michael explained Sygna Bridge’s history and its benefits to VASPs, which includes:

  • simple and flexible API architecture
  • interoperable data standards (IVMS101),
  • privacy-secure encryption design
  • coverage of all assets excluding privacy coins
  • quick integration

What is ACCESS and its Code of Practice?

The Association of Cryptocurrency Enterprises and Startups Singapore, known as ACCESS, is the leading Singaporean blockchain industry organization and has been consulting with MAS since 2014 on cryptocurrency regulation. Current ACCESS members include Coinbase, Gemini, Binance, OKEx and other major exchanges.

As more and more crypto exchanges in Singapore lost access to traditional banking services before and after the 2019 release of the Payment Services Act, MAS initiated a “casual” roundtable chat with banks and exchanges that resulted in progressive discourse.

According to Mr. Zeall, both ACCESS and MAS finally came into agreement that if Singapore VASPS want to be considered for DPT licensing, they would need to comply with the Travel Rule or be disqualified.

Since the official enforcement of the PSA started on 28 January, MAS now wants to know exactly how DPT service providers will implement the Travel Rule without an over-reliance reliance on third parties. This posed a problem as there was still widespread industry ignorance and apathy, as well as no live Travel Rule enterprise solution in 2019.

ACCESS has therefore been developing a comprehensive Code of Practice for Singaporean crypto exchanges ($200 to members, $5000 to non-members due to legal costs, with the proceeds going to future developments) .

One big change that Zeall highlighted is VASPs’ risk assessment.

Previously, crypto companies could determine their own risk level based on how they evaluate their AML systems. Now however, MAS views blockchain companies as high-risk. With this decision now final, any VASPs in Singapore that are involved in the transfer of digital assets are defaulted as high-risk entitities.

Panel Discussion Q&As

Q1: What are the main challenges and considerations to comply with the Travel Rule?

Pionex CEO Daniel YEO explained that his company’s biggest headache has revolved around conformance with getting a proper DPT license and finding an entity that could satisfy the KYC and licensing requirements such as the Travel Rule.

In order to pick a solution, VASPs must make 3 important considerations:

  • The TSP should be a professional outfit with the technical capability to carry out the required KYC
  • The TSP should be available to communicate in emergency situations
  • It is preferable (but not mandatory) that your regtech partner is in the same time zone and shares a similar culture or language

Anson Zeall said if you work as a global firm, you need to be up to date with global regulations or work with a regtech firm who does.

According to Zeall, if you deal with other VASPs, you should find a way to distinguish between a private wallet and VASP address. If you can’t fulfill MAS expectations from the outset, then rather start with limited activities that comply with the PSA.

It all depends on a VASP’s business activities: if it is global must make sure it meets domestic regulations and deals with compliant firms, however for VASPS who only operate locally with Singaporean businesses and individuals, simple paper or email records could be sufficient.

Ou emphasized Zeall and Yeo’s remarks and said that VASPS should seek TSPs that offer local support, operate in the same time zone and can therefore give immediate assistance. Also, a VASP must evaluate whether a service provider is experienced enough in dealing with the demands of exchanges, and non only offers largely theoretical, untested solutions.

Q2: How does Elliptic and CoolBitX work together?

Michael Ou: The FATF Travel Rule requires only that VASPs monitor transactions with other VASPs, not private wallets. However, to fulfill their due diligence obligations, VASPS must still monitor whether incoming and outgoing private wallet addresses are legitimate and not a ML/TF threat. This is how Elliptic fits inside the compliance puzzle.

Once a VASP ascertains that certain transactions are not from a fellow VASP but rather a private wallet, Elliptic Navigator helps to check and risk score private wallet addresses.

This AML service helps VASPs to identify the perscentage of transactions that are high risk, and help exchanges to do a better job at compliance checks.

Q3: What positive feedback has Sygna Bridge received from the FATF?

Michael: Since Sygna’s inception last year, CoolBitX has been in communication with both FATF and country regulators. After each milestone, CoolBitX shares a summarized report with theFATF Contact Group that details new challenges, achievements and scalability.

The FATF is happy to see industry feedback and progress and expects these developments to continue.

Q4: Dealing with withdrawals to a VASP address in a non-FATF regulated jurisdiction

Anson: FATF doesn’t regulate companies and only issues non-binding guidances for countries. However if countries don’t comply to it, they can be added to the FATF black or gray list, for example Pakistan, which is subjected to sancitons.

Countries adapt their regulations according to the Standards but every coutnry is different. eg. Switzerland only allows transactions with VASPs from FATF member countries. Your juridiction matters.

For Singapore, there’s no such rule. Once you’re working with an outside VASP, you need to know who they are. you may work with non-regulated countries, your due diligence must be higher though.

Q5: Do you anticipate that VASPs will use different TSP solutions?

Michael: From the start, CoolBitX has designed its architecture to consider interoperability and that’s why it started implementing and Sygna Bridge now officially supports IVMS101.

CoolBitX is now working with other TSPs to develop protocol to share data privately and compliantly across customers’ different solutions providers.

Daniel Yeo added that Pionex is only focused on implementing Sygna Bridge now and will review results, but that the exchange is very happy with proceedings so far.

About ACCESS

“We are pleased that ACCESS has successfully launched the Code of Practice following close industry collaboration and public consultation. This ground-up Code of Practice will be a useful guide for cryptocurrency industry players and the broader industry to better address key risks such as money laundering and terrorism financing, and to strengthen regulatory compliance.” Learn more at https://www.access.org.sg/

— Mr. Sopnendu Mohanty, Chief FinTech Officer of MAS

About CoolBitX Sygna Bridge

“Sygna Bridge is another major step in our compliance efforts, whereby members of the Sygna Alliance may seamlessly and efficiently share KYC information without being constricted to a closed loop.”

— Mr. Yoshitaka Kitao, President & CEO of SBI Holdings

About Elliptic

Elliptic is the oldest blockchain analytics firm, established in 2013 in London. Elliptic empowers financial institutions and crypto businesses to confidently manage risk and meet AML regulatory compliance worldwide. With multi-currency coverage including Bitcoin, Ethereum, Bitcoin Cash, LiteCoin and more, they are the global standard for delivering safe and trusted services in cryptocurrency. To learn more, visit www.elliptic.co.

About Pionex

Pionex is a Singapore-based crypto exchange designed for the trading bot. Invested and Incubated by BitUniverse.

* Deep Liquidity – Liquidity aggregated from Binance and Huobi

* Abundant Trading Tools – Pionex provides 5 trading tools for their users

OCC Approves U.S. Banks' Crypto Custody Services and Clarifies Regulatory Policy

CoolBitX and CipherTrace Announce Interoperability POC Between Sygna Bridge and TRISA Travel Rule Solutions