The report provides an update on country compliance with FATF’s Recommendation 15 and its Interpretative Note (R.15/INR.15), including the Travel Rule, and updates on emerging risks and market developments, including on decentralized finance (DeFi), peer-to-peer transactions (P2P), and non-fungible tokens (NFTs), unhosted wallets, and stablecoins.

While some jurisdictions have introduced regulations, FATF found that global implementation is "relatively poor" and compliance remains behind most other financial sectors. Based on 98 FATF mutual evaluation and follow-up reports since the standards on virtual assets and VASPs were adopted, 75% of jurisdictions are only partially or not compliant with the FATF’s requirements.

There has also been insufficient progress on jurisdictions implementing the Travel Rule, which is a key AML/CFT measure, said FATF. Of the 151 jurisdictions that responded to the 2023 Survey, more than half have not taken any steps towards implementing the Travel Rule. FATF said this is a "serious concern as the risks posed by virtual assets and VASPs continue to increase and the lack of regulation creates significant loopholes for criminals to exploit." This shows there is "an urgent need for jurisdictions to accelerate implementation and enforcement of R.15/INR.15 to mitigate criminal and terrorist misuse of virtual assets and VASPs."

The report acknowledges collaboration among the private sector members to improve industry compliance with R.15/INR.15 including the Travel Rule and highlights that all players need to have appropriate risk identification and mitigation measures and continue to work towards fully compliant Travel Rule compliance tools.

Although DeFi and unhosted wallets, including P2P, do not account for a large share of transactions, they "are at risk of misuse, including by sanctioned actors." FATF will therefore continue to monitor the illicit financing risks and developments in this sector.

FATF called on all countries to urgently implement the Standards on virtual assets and VASPs, including the Travel Rule. In February 2023, the FATF adopted a roadmap to improve implementation of R.15. In line with this roadmap and to address the findings of the report, the FATF will:

• continue to conduct outreach and provide assistance to low-capacity jurisdictions;
• identify and publish steps FATF member jurisdictions and other jurisdictions with materially important VASP activities have taken towards implementing R.15/INR.15;
• facilitate sharing of finding, experiences, and challenges including relating to DeFi, unhosted wallets, and P2P and monitor market trends in this area for material developments that may necessitate further FATF work;
• continue to engage with member countries and the private sector on progress and challenges; and 
• conduct a further review on progress and remaining challenges for implementation by June 2024.

The group met in Tokyo last week to discuss global progress and challenges in regulating virtual assets.

Among the topics discussed were:

• "strengthening implementation of the FATF Standards on virtual assets in each jurisdiction and measures to promote its implementation;
• progress of implementation of the Travel Rule and challenges for effective implementation;
• emerging sectors, for example decentralized finance, unhosted wallets including peer-to-peer payments, non-fungible tokens (NFTs);
• growing risks, for example thefts and misuses of virtual assets by North Korea, sanctions evasion, ransomware attacks, misuse of virtual assets by terrorists."

This report comes three years after FATF extended its anti-money laundering and counter-terrorist financing measures to VAs and VASPs to prevent criminal and terrorist misuse of the sector.

The report builds on the FATF’s previous two reviews on implementation by providing a short update on the latest country compliance with FATF’s Recommendation 15 and its Interpretative Note (R.15/INR.15). The report places a specific focus on FATF’s Travel Rule to respond to FATF’s June 2021 findings that countries and private sector face particular challenges in this area. Further, the report includes relevant emerging risks and market developments, including on Decentralised Finance (DeFi), Non Fungible Tokens (NFTs) and unhosted wallets.

At the meeting, among other things, FATF:

• Finalised a targeted update on the implementation of the FATF standards to prevent the misuse of virtual assets and Virtual Asset Service Providers (VASPs) for money laundering, and the financing of terrorism and proliferation. FATF is due to publish a report at the end of June 2022, focussing on the implementation of FATF's travel rule, which requires VASPs to collect or send information on the identities of the originator and beneficiary with virtual asset transfers. The report will also provide an update on emerging risks and market developments that FATF continues to monitor, such as DeFi, NFTs and unhosted wallets.
• Discussed progress in developing guidance that aims to help countries implement the revised requirements of FATF relating to implementing the FATF standard on beneficial ownership information for legal persons. FATF intends to finalise the guidance in October 2022. 
• Finalised a report sharing good practices and recommendations for combating money laundering and terrorist financing by sharing information while adhering to data protection and privacy. This is the first report that provides tangible examples of information sharing initiatives with analysis of the data protection implications. It highlights the importance of collaboration and co-operation between anti-money laundering and data protection authorities and is due to be published in July 2022.

The updated guidance sets out new requirements, amends existing ones and clarifies the 2019 guidance, which this update will replace.

The revised document updates six main areas to:

(1) clarify the definitions of VA and VASP to make clear these definitions are expansive and there should not be a case where a relevant financial asset is not covered by the FATF Standards (either as a VA or as a traditional financial asset);

(2) provide guidance on how the FATF Standards apply to stablecoins;

(3) provide additional guidance on the risks and potential risk mitigants for peer-to-peer transactions;

(4) provide updated guidance on the licensing and registration of VASPs;

(5) provide additional guidance for the public and private sectors on the implementation of the ‘travel rule’; and

(6) include Principles of information-sharing and co-operation among VASP supervisors. The guidance has also been updated to reflect the passage of time and the publication of other relevant FATF reports.

The revision sets out functions and assets that are within scope of the guidance, for example  stablecoins and virtual assets issuers; and those that fall outside, such as cloud service providers. It also provides options to ban or restrict the use of unhosted wallet software providers.

The update also expands the travel rule requirements, where VASPs have to submit information to counterpart VASPs with regard to transaction originators and beneficiaries.

These changes to the pre-existing guidance aim to maintain a level playing field for VASPs, based on the financial services they provide in line with existing standards applicable to financial institutions and other AML/CFT-obliged entities, as well as minimisng the opportunity for regulatory arbitrage between sectors and countries.

The consultation closes on 20 April 2021 and the updated guidance is likey to be adopted at the June FATF plenary session.

Firstly, in March of this year FATF will publish, for consultation, an update to it’s Guidance for Virtual Assets and VASPs.  This Guidance, first published in June 2019 in support of the FATF Standards  (read more here) and subjected to a 12-month review in June 2020 (read more here), will be updated to address specific areas, including:

• how to apply the FATF Standards to so-called stablecoins
• how public and private sectors can implement the travel rule. The ‘travel rule’ is a key AML/CFT measure, which mandates that VASPs obtain, hold and exchange information about the originators and beneficiaries of virtual asset transfers.
• how to address the risks of disintermediated peer-to-peer transactions. 

Once the FATF has considered feedback it expects to publish the revised Guidance in June 2021. 
 
Secondly, and concurrently, the FATF has also launched its second 12-month review looking at global  implementation of the FATF Standards on virtual assets, and identifying any further challenges.