Docs
Legal

VASP Compliance

This page lists the common VASP Travel Rule obligations at a practical level.

High-level overview: Travel rule.

Exact requirements vary by jurisdiction. Treat the 1,000 USD/EUR threshold as “common”, not universal.

Core requirements

The Travel Rule usually requires VASPs to:

  • Perform counterparty due diligence before sharing data.
    Example: verify the counterparty is a regulated VASP and supports secure data exchange.
  • Collect required originator/beneficiary fields.
  • Transmit required fields to the counterparty VASP before or during transfer execution.
  • Screen names against sanctions lists.
  • Monitor transactions and file reports when suspicious.
  • Retain records for the required period.

Responsibilities by role

Originating VASP (sender-side VASP)

  • Identify the customer (originator).
  • Collect the required originator + beneficiary data.
  • Validate and retain the record.
  • Screen the beneficiary (and/or beneficiary VASP) for sanctions.
  • Share the required information with the beneficiary VASP after checks.
  • Monitor and report suspicious activity.

Beneficiary VASP (receiver-side VASP)

  • Receive required information from the originating VASP.
  • Verify completeness/consistency (to the extent required).
  • Screen the originator (and/or originating VASP) for sanctions.
  • Retain the record.
  • Monitor and report suspicious activity.

Data to collect (common threshold model)

Transfers under 1,000 USD/EUR

  • The name of both the originator (sender) and beneficiary (recipient)
  • A VA wallet address for each or a unique transaction reference number
  • Verification is only required if there are ML/TF risks

Transfers at or above 1,000 USD/EUR

Collect everything above, plus:

  • Originator details:
    • Full name
    • Account number (e.g., wallet address)
    • Physical address, national ID/tax number, or date and place of birth
  • Beneficiary details:
    • Full name
    • Account number (e.g., wallet address)

Product mapping (optional account feature)

If you expose Travel Rule support as an optional “Travel Rule mode”:

  • Opt-in accounts should be able to store and submit the extra identity fields required above.
  • Opt-in can be used to unlock regulated partner flows.
  • Data should be shared only when a transfer requires VASP-to-VASP exchange.
  • Secure transport + encryption for VASP-to-VASP messages.
  • Data minimization: collect only what the rule requires for the flow.
  • Audit logs: what was shared, when, with whom, and why.
  • Error handling: what happens when counterparty data is missing or fails checks.
PreviousTravel RuleNext Terms of Use