The U.S. Financial Crimes Enforcement Network (FinCEN) and the Board of Governors of the U.S. Federal Reserve System (FRB) proposed new rules that would expand the applicability of recordkeeping and travel rule requirements, while potentially increasing information collection requirements for all financial institutions (FIs) engaged in any aspect of cross-border money transfers. The proposed rules would further solidify the requirement that virtual asset service providers (VASPs) comply with the travel rule and with recordkeeping requirements related to funds transfers.1 On 27 October, the FRB and FinCEN (the agencies) issued a Joint Notice of Proposed Rulemaking (NPRM) describing plans to lower, to $250 from $3,000, the threshold for the application of recordkeeping and information transmission requirements related to cross-border funds transfers/transmittals.2 The NPRM also includes a proposal to add to the Bank Secrecy Act (BSA) regulation a definition of “money”—currently undefined in the BSA—that specifically includes convertible virtual currencies (CVCs) and central bank digital currencies.
- The new, lower, travel rule and funds transfer/transmittal recordkeeping threshold proposed in the NPRM would apply only to transactions that “begin or end outside the United States.” The NPRM states that a transaction meets this description only if “the financial institution knows or has reason to know that the transmittor, transmittors financial institution, recipient, or recipient’s financial institution is located in, is ordinarily resident in, or is organized” outside the United States.3 FIs can determine the applicability of the threshold reduction based on information received in the payment order, or rely on information already gathered pursuant to other BSA regulations.
- An FI that is only involved in the domestic portion of the transaction but that is aware that any of the parties mentioned above are outside of the United States will also be required to comply with the recordkeeping and travel rule requirements at the $250 threshold.
- The proposed changes are not meant to extend recordkeeping and travel rule obligations to any payment or clearing entities or arrangements—such as payment service providers and private settlement arrangements—that are not currently covered under the BSA.
- The agencies estimate that the impact of the rule change on FIs—including initial costs and time associated with reading and understanding the regulations, training staff, and implementing technological changes—will be limited.4 FinCEN estimates that the lowered threshold, however, will triple the volume of transactions that require recordkeeping.
|Compliance with Global Standards for Funds Transmittals / The “Travel Rule”
The changes proposed in the NPRM would bring the United States into compliance with the Financial Action Task Force (FATF) standards for information that FIs are required to transmit along with a cross-border payment order. The FATF requires that FIs include certain information about the originator and beneficiary of a transaction in the payment order, and to ensure that this information reaches the beneficiary FI. FATF allows jurisdictions to exempt cross-border wire transfers below a threshold of $/€ 1000, meaning that the United States’ current threshold of $3,000 does not comply with global standards.
The proposed regulations would also ensure that U.S. VASPs are required to comply with the travel rule, further undergirding U.S. compliance with revised FATF standards. In 2019 the FATF revised its standards to explicitly state that VASPs should be required to comply with requirements—specifically including the travel rule—that apply to other types of FIs.
The proposed changes are intended to make it harder for criminals to stay below the radar of law enforcement agencies and FIs and to codify FinCEN’s application of the travel rule to VASPs. FinCEN and the FRB have been considering lowering the “travel rule” recordkeeping threshold since at least 2006; the NPRM specifically highlights concerns about terrorist financing (TF) and drug trafficking linked to low-value cross-border transactions not captured under current requirements.
- The NPRM cites several TF and drug trafficking prosecutions and investigations involving transactions that fell below the current $3,000 threshold.5 The agencies note that 57 percent of transactions noted in suspicious activity reports related to TF were at or below $300 in value, and that 52 percent of a set of 78,000 transactions potentially related to fentanyl trafficking were at or below $300.
- In 2006, the agencies issued an Advance Notice of Potential Rulemaking seeking comment on lowering the threshold by an unspecified amount.6 No changes to the threshold were made at that time; financial institutions were concerned that a change would increase their regulatory burden and would prove difficult for smaller institutions to implement.7
- FinCEN has maintained since at least 2013 that administrators or exchangers of virtual assets are money services businesses, and thus subject to requirements under the BSA, including requirements related to transactional recordkeeping and the travel rule.8 The NPRM notes, however, that “at least one” VASP industry group has asserted that these requirements do not apply to transactions involving virtual assets because such assets are not “money” as defined in the Uniform Commercial Code.9
If enacted, the proposed rule change would require all FIs engaged in any aspect of cross-border money transfers to consider whether their systems, procedures, and staff training are sufficient to implement the lowered threshold—including identification and verification requirements for occasional customers and the identification of cross-border transactions. The proposed changes will have the greatest impact on sectors that frequently engage in cross-border transactions on behalf of occasional customers. FIs should consider whether more prescriptive guidance and regulation would lessen or increase their regulatory burden, and how the lowered threshold may affect their implementation of existing requirements.
- By increasing the volume of qualifying transactions, the proposed rule changes will place additional pressure on FIs’ implementation of certain travel rule and recordkeeping requirements—such as the requirement to identify and verify the identity of in-person originators and recipients—where regulators’ expectations may require additional clarification. The NPRM indicates that the agencies are open to providing additional guidance and clarity on these issues, or to encode further details in regulation; the outcome of this process could affect existing procedures and systems for travel rule and recordkeeping compliance.10
- Because other jurisdictions have set their de minimis threshold at $1,000 or above, FIs involved in cross-border transfers may not receive full travel rule information from a foreign originator. FIs that engage in such transactions may wish to consider developing systems to identify inbound transfers lacking travel rule information, and will need to consider how they should respond if they receive such transfers.
- The lower threshold will also lower the value of structured transfers intended to evade recordkeeping requirements, making it harder for FIs to distinguish structuring from ordinary remittances. The new threshold could reduce suspicious activity report (SAR) filings related to structuring, which have historically accounted for a large percentage of SARs filed with FinCEN.
- The higher volume of covered transactions would place a greater compliance burden and responsibility on first-line employees facilitating occasional transactions, requiring additional training and quality assurance.
The proposed rule change would pose serious compliance challenges to VASPs, particularly those whose business model involves so-called ‘privacy coins.’ The agencies are considering issuing additional guidance that would clarify expectations; FIs—including VASPs—should use this opportunity to consider what additional information would help them understand their obligations under the proposed rule changes.
- For VASPs, the lack of an industry-wide secure messaging service (such as SWIFT) makes travel rule compliance in the virtual assets sector difficult. VASPs have begun to develop information-sharing standards and consortia that would facilitate travel rule compliance, but these approaches have not yet been widely adopted.11
- Inconsistent regulation and supervision of VASPs around the world have contributed to varying levels of compliance with global standards related to know your customer and customer due diligence practices among VASPs from different jurisdictions. As such, VASPs seeking to comply with the travel rule may encounter instances in which counterparty VASPs, particularly those located in jurisdictions that have weaker VASP supervision, lack necessary information or have poor quality information.
- Certain CVCs, known as privacy coins, are designed in a way that makes travel rule compliance very difficult. These coins, which include widely adopted virtual assets such as Monero, are programmed to allow users to engage in transactions while concealing identifying information such as their wallet address and even transaction amount, both from observers with access to the blockchain and from counterparties.12 It is unclear how or whether VASPs dealing in such privacy coins and transacting with counterparties who are not customers would be able to meaningfully comply with recordkeeping and travel rule requirements.
1 The ‘travel rule,’ codified at 31 CFR § 1010.410(f), requires financial institutions conducting funds transfers/transmittals to include certain information on the originator and recipient of the transfer/transmittal in the payment order. This information must accompany, or “travel” with, the payment order until it reaches the beneficiary’s institution.
2 Financial Crimes Enforcement Network [FinCEN], “Threshold for the Requirement To Collect, Retain, and Transmit Information on Funds Transfers and Transmittals of Funds That Begin or End Outside the United States, and Clarification of the Requirement to Collect, Retain, and Transmit Information on Transactions Involving Convertible Virtual Currencies and Digital Assets With Legal Tender Status,” [NPRM] 85 Federal Register 68005, October 27, 2020, https://www.govinfo.gov/content/pkg/FR-2020-10-27/pdf/2020-23756.pdf.
3 FinCEN, NPRM, 68011.
4 FinCEN, NPRM, 68014.
5 FinCEN, NPRM, 68007-8.
6 FinCEN and FRB, “Threshold for the Requirement to Collect, Retain, and Transmit Information on Funds Transfers and Transmittals of Funds,” 71 Federal Register 35564, June 21, 2006, https://www.govinfo.gov/content/pkg/FR-2006-06-21/pdf/06-5567.pdf.
7 American Bankers Association, “Re: FinCEN RIN 1506-AA86,” August 21, 2006, https://www.federalreserve.gov/SECRS/2006/August/20060831/R-1258/R-1258_19_1.pdf.
8 FinCEN, “Application of FinCEN’s Regulations to Persons Administering, Exchanging, or Using Virtual Currencies,” FIN-2013-G001, March 18, 2013, https://www.fincen.gov/sites/default/files/shared/FIN-2013-G001.pdf; Kenneth Blanco, “Prepared Remarks of FinCEN Director Kenneth A. Blanco, Delivered at the Consensus Blockchain Conference,” May 13, 2020, https://www.fincen.gov/news/speeches/prepared-remarks-fincen-director-kenneth-blanco-delivered-consensus-blockchain.
9 FinCEN, NPRM, 68011.
10 FinCEN, NPRM, 68013.
11 See, e.g., Ian Allison, “Inside the Standards Race for Implementing FATF’s Travel Rule,” Coindesk, February 4, 2020, https://www.coindesk.com/inside-the-standards-race-for-implementing-fatfs-travel-rule; Joint Working Group on interVASP Messaging Standards, https://intervasp.org/; OpenVASP, https://openvasp.org/.
12 Andrea O’Sullivan, “What Are Mixers and ‘Privacy Coins’?” Coin Center, July 7, 2020, https://www.coincenter.org/education/advanced-topics/what-are-mixers-and-privacy-coins/.