What is the Travel Rule?
Introduced in 2019 by the Financial Action Task Force (FATF), an intergovernmental body setting global anti-money laundering protocols, FATF Recommendation #16 proposes a consistent strategy to tackle money laundering and terrorist financing in the crypto industry.
This rule mandates Virtual Asset Service Providers (VASPs) (also known as cryptoasset service providers in the UK) to exchange transaction details — such as sender and recipient identities — for transactions exceeding a specified limit.
Member states tailor these guidelines to their local crypto industries. For instance, in the U.S., the travel rule applies to transactions exceeding $3,000, necessitating VASPs to share data such as the execution date, transaction amount, and provider identity.
Contrastingly, in the UK, all transactions mandate at least the beneficiary's name, with additional information required for transactions over €1,000.
The specific information required, as well as the rule's applicability to transactions involving self-hosted wallets, may differ across jurisdictions.
The following data is shared between Virtual Asset Service Providers as a minimum, supplementing any additional details required by individual regulators:
- Sender and recipient names
- Sender's account number (crypto address)
- Account numbers of both sender and recipient.
Primarily introduced to prevent terrorist financing and money laundering, the Crypto Travel Rule holds further importance for several reasons:
- It ensures compliance of crypto enterprises with sanctions.
- It simplifies the process for law enforcement to request transaction data.
- As a global crypto rule, it could pave the way for more standardized crypto regulation.
Transactions between VASPs
When executing transactions above a certain size to a customer of another Virtual Asset Service Provider (VASP), you’ll need to provide at least the name of the beneficiary (i.e., the person to whom you are sending the assets), which we’ll then supplement, where required, with any details we hold, such as the destination account address.
We expect a wait of no more than 5 minutes for 98% of transactions while the information is verified between parties and committed to the blockchain, (or rejected). In the other roughly 2% of the cases, the receiving VASP may require additional information, delaying the transaction slightly more.
Transactions to non-custodial wallets
For transfers to non-custodial wallets, we’ll collect the beneficiary name only. For inbound transfers exceeding 1,000 euros originator details may be requested at a later date.
When you initiate a withdrawal to another exchange, we gather and transmit the necessary information for that exchange to process the transaction. It's important to note that the receiving exchange makes the final decision on whether to accept or reject the transaction.
Rejections may occur if there is a discrepancy between the name associated with your account in our records and the one registered with the receiving exchange. Another possibility is if the receiving exchange's transaction monitoring systems detect a potential issue with the transaction.
Should a transaction be rejected, we will promptly notify you via email and suggest that you either attempt the withdrawal again, or reach out to the receiving exchange for further clarification.
Uphold has partnered with Notabene to ensure Travel Rule Compliance.
Our Third Party vendor risk team has performed a thorough security and privacy assessment on Notabene to ensure that their security controls adhere to the highest security standards.
Notabene is SOC2 Type II certified and compliant with both EU and UK GDPR.