Understanding the “Travel Rule” and its impact on the web3 landscape

Regulatory standards for traditional finance are often applied without many–or any–adjustments to new or different digital-based approaches to finance, even though the new approaches to finance may be fundamentally different. These digital-based financial organizations face challenges to either change their services to be more like the traditional approach or–optimally–leverage the unique strengths of their new approach to fulfill those compliance standards.

One example is application of the Travel Rule–originating from traditional banking wire transfers–to crypto asset service providers. How crypto assets are transferred and held is fundamentally different from how cash is transferred between and held by banks. Nonetheless EU Crypto Asset Service Provider (CASPs) will need to comply with the Travel Rule from 30 December 2024.

What is the “Travel Rule”?

The Travel Rule requires certain financial institutions to exchange information about their customers when a customer at one institution sends funds to a customer at another institution. The two institutions exchange personal information like names, addresses and identification numbers of their customers, which then become part of the transaction records of both institutions. This Travel Rule requirement helps regulators and law enforcement trace the flow of funds–i.e., who sent the funds and who received them. For example, law enforcement can subpoena a bank’s Travel Rule records for a particular account to see who sent money to and received money from that account, and then approach those sending and receiving banks to follow the trail.

This exchange of Travel Rule information between regulated institutions is separate from the systems that actually transfers funds. Messaging systems (such as SWIFT) have been established to exchange Travel Rule information—if the information exchange is complete, the funds transfer is then initiated via separate funds transfer systems.

Note that the “I” in SWIFT for Interbank references messages exchanged between banks.

Travel Rule Meets web3

On December 30, 2024, a version of the Travel Rule will apply to certain EU-based Crypto Asset Service Providers, such as crypto exchanges and custodial wallets. Of course, crypto assets can be held at these regulated Crypto Asset Service Providers or by individuals directly in a self-custody wallet. And the crypto Travel Rule applies to transfers of crypto assets that involve just one Crypto Asset Service Provider. So the crypto Travel Rule applies in either of the following situations:

1. CASP to CASP transfer: a customer of a CASP transfers crypto assets to a customer of a different CASP
2. CASP to or from a non-custodial wallet: a customer of a CASP engages in a transfer of crypto assets with a self-custodial wallet.

Meaning–unlike traditional wire transfers that involve an interbank transfer, a transfer between two regulated institutions–the crypto Travel Rule applies if a CASP engages in a transfer with an individual’s self-custodial wallet.

In traditional finance, widely-adopted centralized systems like SWIFT facilitate compliance for centralized financial institutions. In web3, the story is different. Web3 involves decentralized infrastructure, self-custodial wallets, and permissionless protocols. Regulated Crypto Asset Service Providers face substantial challenges in fulfilling compliance requirements based on assumptions from the centralized nature of traditional finance.

• How can a regulated Crypto Asset Service Provider exchange Travel Rule information with a self-custodial wallet?
• How does a regulated Crypto Asset Service Provider verify that the user owns the self-custodial wallet involved in the transfer?
• Will CASPs cease interacting with self-custodial wallets due to these challenges?

The impact on web3 projects

The Travel Rule’s expansion poses unique challenges for various types of web3 businesses:

While there are typically no major concerns for these projects in adopting more structured approaches to responsible operation, the challenge oftentimes is lack of infrastructure to support their transition within a more decentralized environment. For example, if CASPs could employ a SWIFT-like system for crypto that would facilitate Travel Rule compliance while preserving the decentralized ethos of the blockchain, they’d be able to work with evolving regulations and compliance changes like the Travel Rule, without needing to worry about development or imposing impact on their customers.

Compliance Creates an Opportunity

Complying to the Travel Rule isn’t just about limiting regulatory scrutiny and penalties—it’s about unlocking growth opportunities:

• Legitimacy: Demonstrating compliance establishes trust with regulators, (traditional) financial institutions, and users.
• Partnerships: Regulatory compliance opens doors for collaboration with traditional finance players–allowing crosspollination of each industry’s strengths and user base.
• Adoption: A compliant ecosystem encourages broader participation, bridging the gap between web2 and web3.

By aligning with regulations, web3 institutions position themselves as leaders in shaping the future of blockchain, squashing scrutiny while helping the industry mature into a credible alternative to traditional systems.

Pioneering solutions for compliance

With the crypto Travel Rule coming into effect in the EU before 2025, a number of EU Crypto Asset Service Providers are working hard to incorporate best practices into their product offering by partnering with software providers like Reown that enable solutions for Travel Rule compliance – showing a positive impact on the industry’s maturity and ability to adapt and evolve already.

Reown’s AppKit leverages the decentralized WalletConnect communication and web3’s blockchain infrastructure to enable solutions for Travel Rule compliance, namely the requirement that a Crypto Asset Service Provider verifies that a user controls a sending or receiving self-custodial wallet. Reown AppKit’s 1-click authorization feature enables a streamlined, web3-native way for a user to do just that. A web3-native solution to compliance!

For instance, Mesh, a connectivity layer and API for crypto projects, is leveraging Reown’s AppKit to support Travel Rule compliance through its decentralized verification tool, Mesh Verify. Mesh Verify incorporates Reown AppKit’s solution to authenticate a user’s control over a self-custodial wallet. Regulated Crypto Asset Service Providers can integrate Mesh Verify with these features to fulfill the EU Travel Rule’s requirement that a Crypto Asset Service Provider verifies the ownership of a self-custodial wallet in real-time. This collaboration between Mesh and Reown demonstrates how innovative tools can enable institutions to meet regulatory demands without compromising on user experience or web3 principles.

Most importantly, this solution helps maintain the important role of self-custodial wallets in the web3 ecosystem within this updated regulatory landscape.

Looking Ahead

The Travel Rule represents a critical turning point for web3 institutions, forcing a balance between privacy, self-sovereignty, innovation, and regulatory compliance. As the 30 December 2024 deadline approaches, institutions that embrace compliance will set themselves apart, driving trust, growth, and adoption across the ecosystem.

To understand more about the Travel Rule changes and guidelines, see here.