Let me introduce a few topics before we dive deep into the problem.
About hosted crypto wallets
A hosted wallet, also known as a custodial wallet, is a type of cryptocurrency wallet where the private keys are managed by a third-party service provider rather than being controlled directly by the wallet owner. When performing transactions on a blockchain, a hosted wallet works by allowing the wallet owner to initiate a trade through the wallet's interface.
Once the transaction is initiated, the wallet service provider takes care of the rest of the process, including broadcasting the transaction to the network, verifying its authenticity, and ensuring that the appropriate amount of cryptocurrency is transferred from the wallet owner's address to the recipient's address. This is done using the service provider's nodes on the blockchain network to handle the transaction processing.
Hosted wallets are generally user-friendly and easy to use, making them popular for beginners and those who prefer a more straightforward interface. However, it's important to note that because the service provider controls the private keys, there is a degree of trust required in the provider to ensure the security of the funds held in the wallet. Additionally, users may not have complete control over their funds, and the service provider may have certain restrictions or fees associated with using their wallet service.
About unhosted crypto wallet
An unhosted crypto wallet, also known as a non-custodial wallet or a self-custody wallet, is a type of cryptocurrency wallet where the private keys are fully controlled by the wallet owner rather than managed by a third-party service provider. In other words, an unhosted wallet gives the user complete control over their cryptocurrency holdings, as they are the only ones with access to their private keys. Unhosted wallets can come in different forms, such as software or hardware. Software wallets can be downloaded and installed on a desktop or mobile device, while hardware wallets are physical devices designed to store private keys offline securely. Since unhosted wallets do not rely on a third-party service provider, they are generally considered more secure than hosted wallets. However, they may be more complex to use, and users must take responsibility for securing their private keys, as losing access to them can result in losing their cryptocurrency holdings. Unhosted wallets have become increasingly popular among cryptocurrency enthusiasts who prioritize security and control over their funds. However, they may not be the best option for beginners or those uncomfortable managing their private keys.
VASPs or CASPs – service providers.
The FATF’s terms virtual asset service provider or VASP are used more commonly outside the European Union (EU). In contrast, crypto asset service providers or CASPs have been adopted within the EU region.
Transfer of Funds Regulation (TFR) and Travel Rule
The European Commission made a significant move to combat money laundering and terrorism financing with an ambitious package of legislative proposals presented on July 20, 2021. The package aims to strengthen the EU's anti-money laundering and countering terrorism financing (AML/CFT) rules.
The package includes various measures to improve the EU's AML/CTF framework, including the revision of the Transfer of Funds Regulation to make it possible to trace transfers of crypto-assets by imposing Travel Rule requirements on CASPs.
The European Parliament plenary finally approved the Transfer of Funds Regulation revision on April 20, 2023.
Five critical TFR takeaways
#1 Travel Rule comes into effect for all EU VASPs in January 2025
What are VASPs expected to do when transacting with non-obligated entities (such as unhosted wallets)?
Obtain the originator and beneficiary information from the VASP's customer when sending or receiving a virtual asset transfer to an unhosted wallet because there is no other VASP from which to obtain the information. Since there is no other VASP from which to get the information when transacting with unhosted wallets, VASPs will need to collect the data from both sides of the transaction. It is essential to mention that this recommendation may only apply to transactions above $1,000/EUR, but this might vary depending on how different jurisdictions implement it.
To comply, VASPs must collect all the necessary Travel Rule information (names, account numbers or wallet addresses, addresses or IDs, DOBs, POBs, etc.) without compromising user experience.
#2 Zero Exceptions: Travel Rule obligations apply to all transactions, regardless of amount or location - inside or outside the Union.
EU CASPs must comply with Travel Rule obligations in every transaction, regardless of the amount.
It required originator and beneficiary customer information in the European Union.
#3 First-party transactions with self-hosted wallets over 1,000 euros require wallet ownership verification.
In line with FATF recommendations, transactions with self-hosted wallers fall within the scope of the revised Transfer of Funds Regulation.
When transacting with self-hosted wallets, European CASPs must collect the required originator and beneficiary information and comply with the following additional wallet verification obligations for transactions exceeding 1,000 Euros:
When sending a transfer exceeding EUR 1,000 to a self-hosted wallet, the originator VASP is required to verify if that wallet is owned or controlled by the originator customer;
When receiving a transfer exceeding EUR 1,000 from a self-hosted wallet, the beneficiary VASP must verify that the beneficiary customer owns or controls the originating wallet.
This means wallet ownership verification requirements apply to first-party transactions to/from self-hosted wallets exceeding EUR 1,000.
.
#4 Due diligence measures for non-EU entities must adhere to correspondent banking standards.
In its Updated Guidance for VAs and VASPs (October 2021), FATF makes it clear that counterparty due diligence to engage in Travel Rule flows is distinct from the due diligence required to establish correspondent banking relationships :
The nature of CASPs' relationships for transacting and sharing Travel Rule information is distinct from correspondent banking relationships and, hence, could justify a different - and more limited - scope of counterparty due diligence obligations to apply.
However, the revised Transfer of Funds Regulation goes in a different direction: citing the “ongoing and repetitive" nature of the relationships between domestic CASPs and foreign VASPs to transact, the TFR deems these relationships as a type of correspondent relationship subject to enhanced due diligence measures.
#5 CASPs are required to fulfill Travel Rule obligations before transacting
Travel Rule compliance needs to be performed pre-transaction. This is particularly important given the specific characteristics of virtual asset transactions: settlement is immediate and irreversible; hence, only pre-transaction actions can effectively mitigate risk.
According to the revised TFR, originator CASPs must transmit information to the beneficiary CASP before sending the corresponding crypto transaction. In turn, Beneficiary CASPs must ensure the required data is received before making funds available to the end customer.
How can unhosted wallets be brought into compliance with the FATF travel rule?
The Financial Action Task Force (FATF) Travel Rule requires virtual asset service providers (VASPs) to collect and transmit certain information about their customers and the transactions they process. This information includes the name and address of the sender and receiver of the transaction, as well as the originator's account number and the beneficiary's account number. This rule applies to all VASPs, including those that operate unhosted wallets.
One approach to bring unhosted wallets into compliance with the FATF Travel Rule is to use a third-party service provider specializing in compliance with the rule. These providers can act as intermediaries between unhosted wallet users and VASPs, collecting and transmitting the required information on behalf of the wallet users. This allows unhosted wallet users to continue using their wallets while complying with the rule.
Another approach is for unhosted wallet users to collect and transmit the required information themselves manually. This could involve using a standardized format for the information and ensuring the data is transmitted securely to the VASP involved in the transaction. This approach may be more complex and time-consuming, but it allows unhosted wallet users to maintain complete control over their wallet and their transactions.
It's worth noting that compliance with the FATF Travel Rule is an ongoing process, and VASPs and unhosted wallet users must remain vigilant to ensure that they meet the rules' requirements as they evolve.
How TRIO will bring your unhosted wallet into compliance.
The number of unhosted wallet users in 2022 was 84 million. Now, if you are the proud owner of an unhosted wallet, you got a big problem! To continue using your wallet with Crypto-Asset Service Providers, you must get out of your anonymity and provide CASPs with Identity info each time you interact with them (sending or receiving cryptocurrency). The following procedure will allow you to convert your useless anonymous account into an adequately named account.
Export your private key from the existing (zero balance) wallet address.
Import this private key into the named TRIO wallet. An imported address will be created.
TRIO system will automatically pair your Identity with this imported address.
You may delete the imported address now (you will not use it here).
You may return to your unhosted wallet, and now your identity is paired. From now on, each time your VASP wants to know your Identity – he will prompt you. You will follow this privacy-preserving procedure, where you provide consent for sharing your PII.
You can continue using your existing unhosted wallet with all the different options you are used to! For example, you may buy or sell ETH to a Crypto exchange using your unhosted wallet.
But since you are also a TRIO user – you may transfer ETH to or from your TRIO account and enjoy all the benefits of alternative payments using Pay with TRIO.
Comments