09 November 2021

New FATF Virtual Assets Guidance Finally Published

  • Articles
  • Legal
  • FinTech
  • Blockchain / Digital Assets

The Financial Action Task Force (FATF) - which makes anti-money-laundering rules followed by governments worldwide - has on 28 October 2021 published its updated Guidance for a Risk-Based Approach for Virtual Assets (VAs) and Virtual Asset Service Providers (VASPs).

According to the FATF, governments shall put additional AML-regulatory burdens on companies that offer stablecoins, blockchain-based DeFi applications and services supporting peer-to-peer transactions. In particular, these entities shall in the future be required to identify their users and funds to prevent money laundering and terrorism financing.

The Financial Action Task Force - which proposes anti-money laundering rules to be implemented by governments worldwide - called for increased disclosure and oversight of the crypto ecosystem. The organization has members from about 200 countries. Since the publication of the first draft of the Guidance in 2019, several countries have started to implement the standards. The updated Guidance now reflects inputs from the March/April 2021 public consultation and explains how the FATF recommendations apply to VA activities and VASPs.

OVERVIEW ON CONTENT

The Guidance especially focuses on the following six topics:

  • Stablecoins: With regard to stablecoins, the Guidance addresses the risk of "mass adoption" and assesses specific design features that may impact ML/TF risks. To address and mitigate potential risks, the Guidance calls countries, VASPs and other obligated parties, to identify and assess the ML/TF risks associated with stablecoins prior the launch and on ongoing basis, to take appropriate measures to manage and mitigate risks prior to implementation of stablecoins, to be aware and understand risks associated with peer-to-peer transactions.

  • DeFi: The FATF concludes that creators, owners and operators - or people who have influence over a DeFi dApp’s functionalities - may need to comply with FATF rules. This at least to the extent that the DeFi-setups are not sufficiently decentralized and someone actually holds a to be specified level of control: “It seems quite common for DeFi arrangements to call themselves decentralized when they actually include a person with control or sufficient influence, and jurisdictions should apply the VASP definition without respect to self-description”, the guidelines point out. Even if a team of developers behind a DeFi dApp - designed to let people trade, lend and borrow without intermediaries - sold or distributed related governance tokens to investors and users, the team should be responsible for anti-money-laundering checks, the Guidance said. If a central party responsible for the service can’t be identified, countries can ask a regulated entity to be involved in the dApp’s activities to help with mitigating the risks.

  • Peer-to-Peer Transactions. The Guidance lays out possible measures which countries should consider mitigating the risks of P2P transactions. Among other things, the revised version refines the description of licensing/registration and clarifies the definition of "correspondent banks and other relationships" in the FATF standards.

  • Licensing and Registration of VASPs. Further updates have been provided on the application of the FATF standards to VASPs and other obliged entities carrying out or offering to carry out VA activities as defined by the FATF definition.

  • Implementation of the “Travel Rule”. A huge practical impact has the application of the travel rule on VA transactions. Here additional Guidance is given which provides country examples of the risk-based approach to VAs/VASPs and updated case studies.

  • Information-Sharing and Cooperation amongst VASP Supervisors. Finally, a new section has been added to the Guidance containing non-binding FATF principles of information exchange as well as cooperation between VASP supervisory authorities.

CONCLUSION

In the course of the consultation on the Guidance, a number of oversimplifications led to substantial criticism from the industry. Whether and to which extent these grievances have been considered in the final version of the document needs to be analyzed in detail over the next weeks. In particular, the FATF statements regarding the applicability of the FATF standards on stablecoins, NFTs, DeFi applications and multi-signature arrangements could turn out as a sword of Damocles for many projects that did not consider themselves subject to the FATF standards. We will provide a more detailed analysis of the Guidance in a later post.

Although the Guidance per se is non-binding and needs to be implemented by local legislators, its influence for the further development of the VA industry cannot be overestimated. How the greater clarity and predictability for the VA industry will influence the further development at national and international level is now to be seen. Switzerland has with its latest updated on the AML-regulations (August 2021) already implemented the FATF-recommendations to a large extent (for further information on the updated AML/DLT-regulation in Switzerland, please refer to our magazine article “New Swiss DLT Regulations to enter into force starting February 2021”).