The Financial Action Task Force (FATF) needs an entirely new approach when it comes to policing crypto, according to Sian Jones, the driving force behind much of the sector’s anti-money laundering (AML) standards work to date.
Speaking at the close of the second annual V20 Virtual Asset Service Providers Summit, Jones said FATF only needs to look at the fast-evolving world of decentralized finance (DeFi) to see how incongruous the traditional system of checking transactions created half a century ago by SWIFT is becoming.
Global AML watchdog FATF has recommended local regulators of the G-20 countries and beyond try to graft the so-called “Travel Rule” requirements onto digital assets, where intermediaries (virtual asset service providers, or VASPs, in this case) must share personally identifiable information (PII) about crypto transactions.
The core of crypto is about removing intermediaries, however – something DeFi clearly demonstrates, said Jones.
“FATF must consider developing entirely new approaches to manage money laundering and terrorist financing risks in crypto,” Jones told the V20 delegates Wednesday. “The tried and tested methods work, after a fashion, in the traditional world of money. Arguably, they can be made to sort of fit the intermediated crypto world. They do not necessarily fit a DeFi world where they are not fit for purpose.”
Jones added that FATF seems to have only partially grasped the fact that “crypto was born out of a desire by some, not to circumvent authority, break the law or facilitate money laundering, but rather to remove intermediaries, to disintermediate traditional finance.”
Day two of the V20 summit, which was open to members only, heard from several representatives from prominent DeFi platforms who told delegates they had either been refused access to FATF’s private-sector consultative forum meetings or haven’t heard at all from FATF, Jones said.
The FATF did not return requests for comment by publication time.
“FATF needs to double down on its engagement with all actors, including DeFi software developers and users who are not part of the industrialized crypto world,” Jones said. “Equally, the industry needs to work more closely together to present a unified voice and its engagement with the FATF and regulators.”
Going forward, Jones recommended creating a single unit to speak to FATF representing all the industry and its associations, rather than 20 or so different voices each speaking for a few minutes. She also suggested meetings to talk to FATF occur more frequently – monthly instead of quarterly.
With many crypto Travel Rule solutions now live, including a widely adopted messaging standard, industry players dived into the nuts and bolts of getting those solutions to seamlessly interoperate.
The plethora of Travel Rule solutions has created an interoperability problem of its own, especially given the variety of proprietary proposals and non-profit protocols; some solutions prefer centralized anchor points like certificate authorities, while others want a more decentralized approach using blockchains and smart contracts.
Thus far, the biggest step in terms of interoperability has been the InterVASP Messaging Standard (IVMS 101), which details exactly the format the message payload of PII data sent between VASPs should take. Following on from this achievement, the V20 summit heard that several more standards have been tabled and are under discussion.
Malcolm Wright, head of AML at Global Digital Finance, highlighted areas where standards could help remove pain points – including directory sharing and customer data storage.
“Some solutions are working on a VASP directory or look-up and so we need to smooth out how a Sygna Bridge will talk to a Notabene,” said Wright. “Another could be a security standard for what happens to data when that is stored, like how that is secured and kept separate. We also mustn’t overlook the need to screen info for sanctions, although that’s probably not going to need a standard.”
Leaving aside the wrinkle-smoothing being done across FATF’s VASP universe – which is fairly limited to the so-called “industrialized crypto” space – the elephant in the room remains what happens with private or non-hosted wallets.
This is often seen by regulators as some kind of proxy for illicit activity but as previously stated it’s a core tenet of crypto, not to mention a necessary way to avoid regularly recurring exchange hacks.
“Over the next few years there are a whole set of issues around non-custodial private wallets which are just massive,” said CipherTrace CEO Dave Jevans. “That would make all the work we’ve done over the past 18 months seem like child’s play.”