Inside the Osaka Conference Where Crypto Got Serious About FATF’s ‘Travel Rule’

Leah-Callon-Butler-1
31 December 2019

This post is part of CoinDesk’s 2019 Year in Review, a collection of 100 op-eds, interviews and takes on the state of blockchain and the world. Leah Callon-Butler is the director of Emfarsis, a consulting firm focused on the role of technology in advancing economic development in Asia.

There he was, belting out Fats Waller jazz vibes like it was nobody’s business: Roger Wilkins, the former president of the Financial Action Task Force (FATF). 

We’d just completed a practice run for the next day’s V20 Summit, and while the rest of us were exhausted and ravenous, sniffing out dinner options, Wilkins relished the opportunity to jump behind the keys of a lonely baby grand at the farthest end of the Grand Ballroom at the Hilton Osaka. Leaving my run-sheet behind, I sidled up to catch an impromptu performance from the man who once steered international standards in the fight against money laundering, terrorist financing and the proliferation of weapons of mass destruction.

“I usually play Bach or Chopin,” Wilkins said, wrapping up his medley.

The next morning, more than 100 of the world’s most formidable figures in crypto compliance assembled to unpack one of the most pivotal regulatory developments in the history of our fledgling industry. Held June 28-29, 2019, in parallel to the G20 Leaders’ Summit in Osaka, Japan, the V20 Summit was a chance for the industry to respond to a highly controversial new set of recommendations handed down by the FATF.

Some saw it as an opportunity to legitimize crypto and bring virtual assets into the mainstream financial system; others feared an assault against our community’s most fundamental values of privacy and decentralization. CoinDesk’s Marc Hochstein told me via Twitter DM he thought it might be a bigger story than Facebook’s recently announced Libra. Another journalist suggested it might be crypto’s Bretton Woods moment.

Recommendation 16 was the one causing all the ruckus. As per the FATF’s new guidance, Virtual Asset Service Providers (VASPs) would be required to identify the sender and recipient on either side of a crypto transaction. Known as the “Travel Rule” due to the fact that data that must “travel” along with a traditional wire transfer, international banks and financial institutions had been forced to comply with these standards since the mid-1990s, giving law enforcement greater transparency and traceability to combat financial crime. And while the vast majority of major crypto exchanges already have Know Your Customer (KYC) policies in place for remitters, including beneficiaries opened up a Pandora’s Box of complexity. In any case, the FATF delivered their directives in Osaka, giving G20 member countries a tight 12 months to implement the guidelines, with a review set for June 2020.

Not-so-draconian

“It would have been nice for these FATF recommendations to be more accommodating to the sector but time constraints effectively ruled that out,” said Siân Jones, co-founder of xReg Consulting. “The major nations of the world got together to set that timetable and the FATF policy group had very little time to develop something more tailored to virtual assets.”

Jones, a self-described poacher-turned-gamekeeper-turned-poacher, has worked both sides of the regulatory fence and has watched the whole thing unfold over the past few years. She said the resulting guidelines were not as draconian as they might have been, were it not for the technical experts in that policy group – herself included – that were able to provide some balance. 

During her technical overview on the implications of the FATF guidance, Jones congratulated VASPs at the V20 on being included in the global financial system. She said this might come with some benefits, such as making it easier for VASPs to get bank accounts, but it would also come with responsibilities. The critical piece now was to find the most appropriate strategies to help the industry develop and innovate in ways that still meet public-policy objectives to thwart money launderers and terrorists.

“This is a rapidly evolving landscape where regulators and industry just have to catch up with the new reality,” said Jones, who was also instrumental in enacting blockchain-friendly legislation in Gibraltar. Her presentation to the V20 opened with a warning slide: 

Wake up! Smell the coffee!

“The V20 was a great effort to bring the world of crypto together in one room with FATF on the sidelines of the G20,” said Bénédicte Nolens, advisor to Circle, who said that even though crypto-assets have presented a great challenge to traditional finance, they have also opened up opportunities that will continue to evolve in the years ahead.

“We have to keep in mind that the goal of Anti-Money Laundering (AML) regulation is not to impose unnecessary process, but rather to demand process, so that the most nefarious activity in the world is starved for funding,” Nolens said. Examples of this could be slavery and the drug trade as well as terrorist activity.

A month prior, Nolens was at the FATF Private Sector Consultative Forum in Vienna, invited to present on Recommendation 16. There, she reiterated the importance of a globally-coordinated and consistent approach to implementing the new regulations in G20 member countries, to avoid a situation where firms might try to sidestep the new rules via regulatory arbitrage or through moving jurisdiction, known as “island hopping.”

She also explained how there was currently no crypto equivalent to the International Bank Account Number (IBAN) system, which is what banks use to achieve compliance with the Travel Rule, so VASPs would be forced to come up with something new. Further, Nolens observed that coordination would be tricky given the still very nascent, albeit global nature, of the crypto industry. 

“It’s true the cryptocurrency sector isn’t very used to talking to regulators, and it can be very hard and very time consuming to build a constructive relationship between companies and their regulators,” said FATF Senior Policy Analyst Tom Neylan, who showed up alongside Wilkins, ready for a grilling from top VASP execs from Circle, Coinbase, Coincheck, bitFlyer, Kraken, BitMEX, Huobi, OKCoin, Bitfinex, Bithumb, Crypto.com, BITPoint, Liquid and more. “But it’s a critical step we have to go through if cryptocurrencies are going to become a real part of peoples’ daily lives.”

At the V20, Neylan told attendees that regulation can be a good thing for industry; it’s not something we should fear. 

“The fear was that these new rules would force VASPs out of business,” said Ronald M. Tucker, convener of the V20 and founder of the Australian crypto exchange Bit Trade. “This risked driving the industry back underground and into dark markets, which, ironically, would make it even more difficult for law enforcers and regulators to do their job.”

Tucker was quick to realize the true gravity of the FATF intervention, as he dealt with a similarly existential threat back in 2014, when Australia was grappling with the issue of double taxation. The rules meant consumers were taxed at the time of buying crypto, and again later, when they used it to purchase items subject to local goods and services tax.

Many exchanges thought that the new rules wouldn’t apply to them.

To tackle the problem, the blockchain community needed clear direction and leadership, and at the time, there was no such vehicle. This moved Tucker to form the Australian Digital Currency Association (ADCA), with the goal of coordinating key stakeholders to develop a robust governance framework to organize all sectors. ADCA was to become a unified voice for the burgeoning industry, ensuring commercial operators were aligned, media were informed and government was educated.

Recently rebranded to Blockchain Australia, today the organization is recognized globally as a leader in regulatory engagement and best practice. And so, with the FATF rules pending implementation, and a lack of global coordination taking place, a sense of déjà vu gave Tucker the impetus to elevate ADCA’s proven formula to a global stage.

A community effort

It was just after CoinDesk’s Consensus 2019 in New York City when Tucker mobilized the core V20 organizing team – including myself, Anson Zeall of ACCESS Singapore, Philippe Le Saux of GMI Post, Nathan Smale of Emfarsis Consulting and the futurist Mark Pesce, well-known for his podcast, The Next Billion Seconds, who championed the role of Summit Chair.

We had less than seven weeks to pull the whole thing together and, at the beginning, our outreach efforts were met with some skepticism. For the VASPs that had actually heard about the FATF issue (most hadn’t, so that required a considerable education effort on our part), many thought the new rules wouldn’t apply to them. Or, they thought their time and money would be better spent lobbying against the FATF.

“We spent a lot of time rallying the community to stop petitioning against the Travel Rule and start collaborating toward a compliance solution of the industry’s own design,” said Teana Baker-Taylor, executive director of Global Digital Finance (GDF), an industry membership body that sets out standards and best practices for blockchain and digital assets.

GDF members knew the FATF’s hasty timeline and global coordination requirements posed a significant risk to the industry, especially given the additional operational and commercial costs of compliance. But it was also the perfect imperative to finally get the crypto compliance clique working together on a globally interoperable solution. As such, GDF was one of the first to lend its support to Blockchain Australia and ACCESS Singapore to help get the V20 off the ground.

“As a community, we talk about mainstreaming and mass-scale adoption, but it’s often inside our own echo chamber,” said Baker-Taylor, who was named Blockchain Leader of the Year at the 2019 Women in Tech Awards. “If we want the future to reflect our ideals, we’ve got to take some responsibility and step up to educate policymakers, as opposed to resisting them.”

When a trio of policymakers pledged their support to the V20 – namely ex-FATF President Wilkins, Japanese Congressman Naokazu Takemoto and Taiwanese Congressman Jason Hsu – we observed a ripple effect throughout the industry, with huge momentum building among the VASPs. Behind the scenes, we were working like mad to rejig the agenda for Day 2 to accommodate Hsu’s schedule. Hellbent on speaking at the V20, he’d have to fly straight to Osaka from Washington, D.C., where he’d been participating in the U.S. Department of State’s International Visitor Leadership Program and other key think-tanks discussing major industry developments, such as Libra. 

“I felt I needed to be there to support industry and act as a bridge between them and the policymakers and regulators,” said Hsu, who was nicknamed “The Crypto Congressman” by Vitalik Buterin in 2018. Coming from a background in entrepreneurship, Hsu is a rare breed of politician, uninhibited by the usual glacier-pace of government innovation.

“If we want to go long on this industry, we need to regulate, but the current government are still scratching their heads on how best to do it,” said Hsu. He believes FATF will ultimately shed a positive light on the crypto industry, which still struggles to shake its associations with the darknet.

In the absence of clear guidance, Hsu said it’s critical for industry players to lay down the guardrails.

“This industry is prone to security infringement and the crypto operators have to look that truth square in the eyes,” said Hsu, with a nod to the hacks, data leaks and other security hazards making headlines every other day. “If we set the bar high and pave the way for the industry to be formalised, we will see less and less misunderstandings about the true qualities of crypto from the public as well as governments. The VASPs must bring their determination to the table to fix this.”

The site for the V20 Summit was apt. After all, Japan is home to the two biggest crypto exchange hacks in history: Mt Gox and Coincheck. These hefty security breaches ultimately led to Japan’s proactive stance on VASP regulation, becoming the only nation in the world to grant legislative status to its self-regulatory body, the Japan Virtual Currency Exchange Association (JVCEA). The Financial Services Agency (FSA) was the regulatory body behind the establishment of JVCEA in October 2018. Both JVCEA and Japan’s Ministry of Finance were on the speaker lineup for the V20, together with representatives from public sectors including FSA and the Australian Government agency, AUSTRAC. 

“The impact of hacking tends to be bigger than that of ordinary crypto-related money laundering transactions in terms of amount,” said Katsuya Toshihiko, who was the president of Coincheck when he attended the V20. The target of a major hack in January 2018, Coincheck had 500 million NEM tokens stolen by hackers, worth an eye-watering USD $530 million at the time. He says that “painful” experience is what triggered Coincheck’s deep sense of social responsibility and seriousness about responding appropriately to the FATF’s new guidance.

Yuzo Kano, representative director of the Japan Blockchain Association and co-founder of bitFlyer, an exchange, says it was Japan’s troubled history that motivated it to put its security protection and compliance standards under the microscope.

“Today, Japan is two to three years ahead of the rest of the world when it comes to self-regulation,” Kano said, demonstrating how painful circumstances can lead to innovation, provided we embrace the discomfort and look for growth opportunities. Kano spoke at the V20 about the contributions JBA has made, including its strong backing for the establishment of JVCEA as well as a Cryptoassets Governance Task Force aimed at developing safety standards for consumer protection. 

Drawing insights from Japan’s story, V20 participants broke into groups to workshop a blueprint for the requirements of a technical solution that could satisfy the FATF (rather than prescribing any specific product, brand or service provider). A key outcome of these discussions was that the industry needed a governing body to represent its interests at an international level. As such, the International Digital Asset Exchange Association (IDAXA) was established as a vehicle to continue proactive engagement with the FATF.

Since the V20, more organizations have joined the initiative, and now, IDAXA represents the national blockchain associations of Australia, Singapore, Taiwan, Hong Kong, Korea, Switzerland and JBA and JVCEA from Japan.

Work to do

To arrive at something that satisfies the FATF Recommendations while still being workable for business, a sustained industry-led effort is necessary to ensure the blockchain community’s ethos of decentralization is upheld and consumer privacy is protected above all.

The V20 was an early catalyst but the work is far from done. Most VASPs are still coming to grips with how to comply and how much it’s going to cost, especially all those smaller firms that are struggling to navigate a jumble of regulatory regimes and requirements with less staff and less resources. Meanwhile, a slew of exchanges have already delisted privacy coins such as monero and Zcash due to regulatory pressure. 

Despite the near-term hurdles, it’s widely believed that the crypto sector’s strong tech focus can actually help achieve FATF’s goals to stymie financial fugitives. Further, industry frontrunners in the race to compliance believe that FATF compliance and data privacy needn’t be mutually exclusive.

In any case, with the big review due in June 2020, there is a very real need to demonstrate progress and a number of groups around the world are working tirelessly to ensure we have the necessary languages, protocols and products to make sense of this new chapter. So by the time the V20 convenes again, at the G20 Leaders’ Summit in Riyadh, November 2020, we could be another step closer to seeing crypto go mainstream.