What Is the Travel Rule?
In this blog post, we’ll be explaining what the Travel Rule is and giving details about who this rule applies to, how to comply in 2025, and more. The Travel Rule, also known as the Recommendation 16 of the FATF’s 40 Recommendations, is a regulation put in place to fight money laundering and terrorist financing. The most recent update to Travel Rule was done by the FATF in June, 2025.
What is the Purpose of the Travel Rule?
The Travel Rule is there to help companies avoid money laundering and terrorist financing. Failing to comply with FATF requirements will place your company under risk and you may end up with fines, reputational damage, and more caused by non-compliance. There are several rules that ensure the safety of your company, ranging from collecting correct information about the customer, acting according to the scope of the application for transfers you receive, to exemptions and thresholds that’s been decided for companies and customers by the FATF.
Who Does the Travel Rule Apply to in 2025?
The Travel Rule is really important to reach compliance since it is decided by the FATF. Different sectors are affected by these requirements the Travel Rule brings. Virtual asset service providers (VASPs) like crypto firms should share information like transaction details. Banks with digital asset transaction offerings also is affected by this obligation of transparency. Finally, wallet providers and more are expected to comply with the Travel Rule and verify users accordingly. İt doesn’t stop with the Travel Rule; regulators like FinCEN in the US, the FCA in the UK, MAS in Singapore, and many more asks these regulations of your company as well.
In its annual ‘State of Crypto Travel Rule: 2025 Report’, Notabene surveyed data from 91 Virtual Asset Service Providers (VASPs) and 10 regulatory bodies, with its findings indicating that approximately nine in ten are expected to meet requirements in the first half of the year, in turn suggesting a broad move toward regulatory compliance.
What Types of Transactions Are Covered by the Travel Rule?
Let’s talk more about the several types of transaction that are covered by the Travel Rule. One type is the crypto-to-crypto transfers where crypto is sent from one company to another. Fiat-to-crypto transactions are another example of transactions that need extra rules; we can explain this type by the example of converting euros to digital assets using a company. The final type we’ll mention is transactions above $1,000 USD or the equivalent of it, smaller transactions were not included in this list.
What are the FATF Travel Rule Requirements?
Information to Be Collected & Transmitted
The first rule our readers should know about and comply to is the information they need to have in hand after transactions of certain customers. The sender should include their whole name, wallet or account ID, and finally, their address or date of birth. The recipient’s details that are needed are their whole name and wallet or account ID.
Scope of Application
This rule is mainly for transfers that occur between entities that are regulated. One example we can give is a transfer between two VASPs like crypto firms. Another example of these transactions is a transaction between a VASP and a financial firm of traditional kind. Peer-to-peer transfers are general exempt from this.
Obligations for VASPs
The obligations for VASPs that are put in place are the next on our list. They should send their data safely, keep records of transactions, reports, and more for at least five years. Some more obligations are performing due diligence on their customers, screening transactions agains sanctions lists, and finally, using privacy-compliant protocols like IVMS 101 or TRISA to protect the data that is being transmitted from getting stolen.
Exemptions & Thresholds
FATF has a threshold suggestion for companies. Transactions of over $1,000 should be closely watched according to the FATF.
What are the Pros and Cons of the Travel Rule?
Despite the overwhelming benefits the Travel Rule brings, there are negative sides we’ll have to talk about as well. Firstly, let’s mention the pros of complying with the Travel Rule. These requirements improve transparency in crypto transactions since it is more difficult for fraudsters to hide their odd activities. Also, the Travel rule aligns the industry with global AML and CFT standards; it helps companies be more legitimate and build trust with firms like banks and regulators.
Now, it’s time for the downsides. Implementing the rule is, of course, great for things like compliance and transparency of transactions; however, this process of implementation will most likely be complex and costly, more so for smaller VASPs that likely don’t have the resources for it. Privacy concerns also may cause trouble; sharing these user informations with other firms may cause trouble with data protection laws like GDPR. Also, adoption levels are not even worldwide, this makes it difficult for companies while reaching compliance.
How Is the Travel Rule Implemented in Different Countries?
The Travel Rule is encouraged worldwide but it’s not applied in the same way in every jurisdiction. In the U.S., FinCEN is responsible for enforcing the Travel Rule to crypto money service businesses (MSBs); the reporting threshold is $3,000. The EU, with MiCA and the Transfer of Funds Regulation (TFR), is stricter since it requires compliance for all crypto firm transfers of any amount. EU’s Transfer of Funds Regulation (TFR) enforcement has led to a 200x increase in Travel Rule-compliant transaction volumes from EU-based firms. In Singapore, MAS is applying this rule to all transfers that pass SGD 1,500. The UK’s FCA is enforcing this rule for all crypto asset service providers (CASPs) that are based in the UK.
Other countries like Japan, South Korea, and Canada also adopted guidelines that are encouraged from the FATF with their own local nuances for data collection and sharing.
What Are the Penalties for Non-Compliance?
We’ve talked about how important the Travel Rule is, so you can imagine the severity of the penalties that comes after non-compliance. Regulators will give high amounts of fines, mainly millions of dollars, to companies who don’t comply. License suspensions or even full revocation is also seen regularly to stop these companies from operating. Non-compliance also leads to reputational damage that potentially leads to another penalty, losing customers and partnerships. If your case is seriously extreme, executives of your company can even face criminal charges, which can lead to time in prison.
What Are the Challenges of Travel Rule Compliance?
There are several obstacles that may come your way when you’re looking to reach compliance with applying the Travel Rule. The first obstacle is identifying whether the other party in a transaction occurring is a regulated VASP; you can’t be sure of this always, international transfers are especially tricky. Another challenge you may face is securely sharing customer data using agreed protocols; this may be difficult because operating in different countries brings different standards with it.
Another obstacle put in your company’s way may be jurisdictional differences that are often faced; some countries have stricter rules or are too lax with their rules and this affects how you should apply the Travel Rule. The final challenge we’ll mention is data privacy laws like GDPR; these laws require firms to handle data entrusted to them carefully and they can’t always go hand-in-hand with the information-sharing requirements needed to comply with the Travel Rule.
How Can VASPs Comply With the Travel Rule in 2025?
In 2025, many VASP firms are implementing industry protocols like TRISA, IVMS 101, or OpenVASP to ensure safely data sharing between firms. With technology improving, specialised compliance tools are also recommended in 2025. Sanction Scanner, Notabene, Sumsub, and Sygna Bridge may help your company in the process of automating data sharing. Also, automating KYC and onboarding processes make your job easier while also reducing manual work and errors.
What Are the Best Travel Rule Solutions in the Market?
Let’s talk more about the Travel Rule solutions you can use for compliance. TRISA, our first example, is a company with peer-to-peer messaging technology that was designed with the Travel Rule in mind; this option is great for secure data exchange. CipherTrace Traveler is our second example; this company offers plug-and-play compliance solutions that integrate well with your already existing transaction monitoring systems and their solutions are known for their ease of use.
Shyft Network is there to bring trusted identity verification and consent-based data sharing to your company; their solution is great for companies who care about user control and privacy. Elliptic is another example; this company uses blockchain analytics with Travel Rule messaging to help companies reach compliance as well as crypto transaction insights.
Sanction Scanner, widely known for AML screening, will also offer Travel Rule support in the near future. We provide both real time transaction and sanction monitoring for your firm to meet the requirements easily.
Does the Travel Rule Violate User Privacy?
We’ve mentioned above how some data protection laws clash with the Travel Rule since it requires the sharing of identification details and more. Our readers might be worrying about this also. VASPs and banks may need your personal details to comply with the Travel Rule, and this can potentially irritate privacy laws like GDPR in Europe or CCPA in California.
New technologies are currently being developed to help with this problem. Solutions like zero-knowledge proofs (ZKPs) also known as not giving the entire personal detail and off-chain verification methods also known as using private channels to verify identity are helping companies prove their compliance withoout giving out personal details.
4 Steps to Comply with the Travel Rule Using Automation
Here’s how our readers can comply with the Travel Rule while using a new technology like automation to help speed the process. The first step is data collecting real-time; the information you need during onboarding and before every transaction can be collected real time with this. Afterwards as your second step, you’ll use counterparty VASP detection; this step involves verifying your recipient’s regulated nature by using tools like TRISA or Sygna Bridge.
After completing these steps, you can start the third step, which is ensuring secure data transmission. You should make sure the required information you need to share are safely transmitted, you can use platforms like Notabene, 21 Analytics, or our software (soon) for this. The final step is to monitor and audit continuously. The integration of a tool that helps you with sanction screening and transaction monitoring will help you reach compliance immensely.
FAQ's Blog Post
The Travel Rule is a regulation requiring Virtual Asset Service Providers (VASPs) to share sender and recipient information when transferring virtual assets above a certain threshold.
It applies to all VASPs, including crypto exchanges, custodians, and wallet providers involved in transactions above the regulatory threshold (often $1,000 or €1,000).
VASPs must exchange the sender's and recipient's name, account number (or wallet address), and in some cases, physical address or national ID details.
FATF recommends that the Travel Rule be applied to transactions equal to or above USD/EUR 1,000. However, jurisdictions may enforce stricter or more lenient thresholds.
They use secure messaging protocols (e.g., TRISA, IVMS 101) to share required data while maintaining privacy and security standards.
While FATF sets the standard, enforcement depends on local jurisdictions. Countries like the U.S., Switzerland, and Singapore already have Travel Rule laws in place.
Penalties may include fines, license revocation, or restrictions on operations depending on local regulators and severity of non-compliance.
Currently, most Travel Rule regulations target regulated entities like VASPs, but discussions are ongoing about extending it to DeFi and unhosted wallets.
