The Travel Rule Protocol (TRP), a working group favored by banks and traditional financial institutions and focused on bringing crypto in line with global anti-money laundering (AML) standards, has released the first version of its API.
Announced Thursday, the 25-member TRP working group, which includes Standard Chartered, ING Bank and Fidelity Digital Assets, has published the TRP API version 1.0.0.
The product aims to offer a straightforward way for firms to swap identification data about the originators and beneficiaries of crypto transactions, as per the requirements of global AML watchdog the Financial Action Task Force (FATF).
The headache of sharing personally identifiable information between virtual asset service providers (VASPs) has engendered a range of technical solutions from individual crypto firms and consortia dotted around the world. The TRP working group is the first to include high street banks among its founding members, however.
“The impetus for the TRP API was a desire by the working group to ensure an easy path to Travel Rule compliance, as well as communications standardization and interoperability for VASPs around the world,” Maxime de Guillebon of SC Ventures, Standard Chartered’s innovation unit, said in a statement. “Our API allows organizations to do this as they mature, rather than attempting to integrate a number of already existing complex solutions during critical periods of time.”
How TRP works
The TRP release uses two simple RESTful APIs, designed for querying address ownership and sending required originator and beneficiary information about digital asset transfers.
The TRP API release builds on the widely-adopted InterVASP Messaging Standard (IVMS-101), said BC Group CEO Hugh Madden. (The TRP working group is chaired by Hong-Kong-based BC Group and its institutional crypto-focused subsidiary, OSL.)
The IVMS-101 project, which is also a founding member of TRP, came up with a standard data format for the payload of Travel Rule messages. This innovation harmonized how information like date of birth, for example, is written in order to avoid data-field and formatting wrinkles.
“The TRP working group and API is about how you allow VASPs to share that [IVMS-101] data,” said Madden. “A RESTful API is the world standard for integrating business systems. It’s lightweight, well understood, and very interoperable. There’s no need to join any expensive industry associations or invest in vendor solutions, and it’s not an overly complicated technical implementation.”
Travel Rule implementation time
Travel Rule solutions coming to market comprise a range of approaches. Some solutions involve heroic attempts to preserve decentralization as much as possible while constructing global directories of VASPs, while others are focused on the tricky business of VASP discovery; in other words, flagging who is on the other end of a transaction and whether they can be trusted with customer data.
Madden said it makes sense to break things down into discovery type protocols and payload delivery systems. The work the TRP is doing, he said, is not so concerned with the discovery part, and rather concentrates on the process by which firms can compliantly deliver the information payload.
“The TRP focus doesn’t assume large-scale auto-discovery – although I know some groups are working on doing advanced auto-discovery, delivered transparently with nice user experience,” said Madden. “Not everyone is taking the same approach, but some TRP members are just intending to ask the user, before withdrawal goes out, which VASP are you sending it to. Then there’s no need for auto-discovery.”
This will obviously impact user experience, Madden said, “but once you know which VASP it is, and if the respective compliance teams are happy to share the data with the corresponding VASP, the TRP is about actually sharing that data in a secure way.”
It’s not surprising the TRP’s membership is growing, given the financial clout of its founding team. A spokesman for the working group said that while the names of new joiners could not be disclosed without their permission, it included four large exchanges and a host of large tech firms.
What can be revealed, however, is that the new TRP API is being integrated by the consortium of financial institutions behind Pyctor, a digital-asset custody solution invited into this year’s Financial Conduct Authority (FCA) sandbox cohort.
Led by ING Bank, Pyctor includes ABN AMRO, BNP Paribas Securities Services, Citi, Invesco, Société Générale, State Street and UBS.
“We’re excited for the future as TRP is scalable in the financial sector while maximizing interoperability with other emerging Travel Rule solutions,” Hervé Francois, blockchain initiative lead at ING bank and Pyctor CEO, said in a statement. “We are implementing the TRP protocol in Pyctor and looking forward to driving the ecosystem adoption even further.”