On 20 April 2021, the Financial Action Task Force (FATF) hosted a meeting of its private consultative forum to discuss its ongoing work streams concerning virtual assets. The meeting was organised in two main sessions: the first session was focused on money laundering (ML) and terrorist financing (TF) risks in virtual assets, and the second session was focused on addressing the revised FATF Guidance on virtual assets and virtual asset service providers (VASPs). The meeting gathered over 240 industry representatives as well as representatives of public authorities from FATF jurisdictions. Both sessions featured a lively debate with the audience, key points to note include:
- ML/TF risks and virtual assets: the purpose of the session was to provide additional feedback to FATF in the context of the ongoing 12-month review of FATF Standards on virtual assets and VASPs. Focussing on ML/TF risks, the participants sought to address what has changed over the course of the last year, how risks may evolve in the coming years and the challenges and opportunities in monitoring and mitigating ML/TF risks in the area of virtual assets.
Starting the discussion, a representative of the US Department of Justice stressed growing sophistication of the illicit use of virtual assets, but on the other hand, more law enforcement successes. Some of the trends noticed by law enforcement authorities included uses of virtual asset exchanges and wallets for the purposes of laundering virtual assets – but also regular – fraud proceeds. In this context jurisdictional arbitrage is a big issue, and criminals tend to use VASPs located in non-compliant jurisdictions.
A representative of a blockchain analytics company noted that while in 2011/2 a large proportion of illicit funds derived from bitcoin was going to traditional crypto exchanges, currently this amount is less than 50%. More of the illicit proceed activity is now moving into so called no-KYC exchanges and the so called “mixers” and privacy wallets.
A representative of a major regulated crypto exchange stressed that current ML risks sit mainly with unregulated crypto-exchanges in non-compliant jurisdictions – and not with VASPs generally, which is supported by data from data analytic companies. Therefore one of the suggestions is that from a law enforcement and compliance perspective, it is best to focus on these unregulated exchanges. There are other increasing risk-generating trends, such as use of peer-to-peer (P2P) exchange platforms and to a lesser extent the use of the bitcoin ATMs. Finally, another industry representative explained some of the new typologies used to launder and use virtual assets, and including chain-hopping, shell VASPs and programmatic ML.
- Revised FATF Guidance: this session took place in the context of the ongoing public consultation on the proposed FATF revisions to its 2019 Guidance for a risk-based approach on virtual assets and VASPs (consultation document), for which the deadline to provide responses expired on 20 April 2021.
By way of background, the proposed updates to the FATF Guidance focus on six main areas: (1) clarification of the definitions of virtual assets and VASP to make clear that these definitions are expansive and there should not be a case where a relevant financial asset is not covered by the FATF Standards (either as a virtual asset or as a traditional financial asset), (2) provision of guidance on how the FATF Standards apply to so-called stablecoins, (3) provision of additional guidance on the risks and potential risk mitigants for peer-to-peer transactions, (4) provision of updated guidance on the licensing and registration of VASPs, (5) provision of additional guidance for the public and private sectors on the implementation of the ‘travel rule’ and (6) inclusion of the FATF Principles of Information-Sharing and Co-operation Amongst VASP Supervisors.
The session started with a short overview of the revised Guidance provided by selected members of the FATF project team. It was explained that the origin of the project was the recent 12-month review of the Guidance, where areas that required further clarity were identified and resulted in proposed drafting. The intention was not to change the definitions, just deepening and broadening them, while emphasizing FATF’s expansive approach. Regarding the rules, the revised Guidance included among other things counterparty VASP due diligence requirements, plus clearer requirements of key terms and requirements for ordering and beneficiary institutions. In respect of licensing and registration, the revised Guidance included – among other things – a new section on information-sharing and cooperation between VASP supervisors.
In the subsequent panel presentations one of the private sector representatives raised an issue concerning a potential unintended consequence that the revised Guidance – if adopted as proposed – may have from the human rights point of view. Therefore the question who is and who is not a VASP is absolutely critical and the current draft has internal contradictions (demonstrated by using an example of technology developers). More generally, the lack of clarity in drafting increases interpretation uncertainties and this erodes the rule of law, extends mass surveillance beyond the norm (i.e. chasing free software advocates in the light of research indicating that ML takes place on centralised crypto exchanges seems pointless) and can result in an extra burden on public authorities. Prohibiting P2P transactions may also have adverse consequences from a human rights perspective and to avoid this, they should instead be treated as cash transactions. It is also not appropriate to consider extending the travel rule to transactions between VASP and non-VASP by means of updating the Guidance. A representative from a group of software companies recommended extending time needed for the adoption of the revised Guidance, and stressed that capturing technology providers within the revised VASP definition would be detrimental and not proportionate. The same participant also provided an extensive explanation of the DeFI protocols and stressed increased transparency and traceability of transactions based on DeFi, while noting that the draft Guidance seem to presuppose otherwise.
Next steps: following analysis of feedback received by stakeholders, FATF may include further amendments to the revised draft during its June 2021 plenary meeting.