FATF publishes draft guidance on VASPs

Source: Jake Chervinsky, Crypto Law & Policy Newsletter, Q1 2021 in Review.

In case anyone didn’t get their fill of AML policy after the FinCEN saga, the FATF surfaced on March 19 with a draft update to their guidance on virtual assets and VASPs (virtual asset service providers). The draft represents a significant expansion of the FATF’s prior recommendations.

As Coin Center explained, the FATF’s earlier guidance on VASPs published in June 2019 treated crypto companies the same as traditional financial institutions, imposing AML obligations only on intermediaries with independent control of customer funds. The FATF’s new draft guidance would expand the definition of a VASP far beyond custodial intermediaries, also capturing non-custodial actors and market participants.

To be fair, the draft could have been worse. The FATF could’ve taken a harder stance on privacy and self-custody, such as by recommending a total prohibition on transactions between VASPs and non-custodial wallets. Thankfully, the FATF didn’t go that far.3 The draft also recognizes a few important points, such as that software developers aren’t VASPs just because they develop code (¶ 68), and that miners aren’t VASPs just because they create and broadcast blocks containing transactions (¶ 69).

Yet, the draft does call for member countries to vastly expand the scope of their AML regulations, with particularly troubling implications for DeFi. The draft contemplates treating any number of DeFi market participants as VASPs (¶¶ 72-79), and even seems to reject the very concept of a decentralized financial protocol:

“The FATF takes an expansive view of the definitions of VA and VASP and considers most arrangements currently in operation, even if they self-categorize as P2P platforms, may have at least some party involved at some stage of the product’s development and launch that constitutes a VASP” (¶ 75).

Reading between the lines, the draft says a lot about the FATF’s struggle to reconcile traditional AML regulations with the emergence of DeFi protocols. The former relies on deputizing custodial intermediaries to surveil and censor customers’ transactions, while the latter is designed specifically to enable complex financial activity without relying on intermediaries. At one point, the FATF articulated this point directly:

“Moreover, full maturity of these protocols that enable P2P transactions could foreshadow a future without financial intermediaries, potentially challenging the effectiveness of the FATF Recommendations” (¶ 35).

It’s worth noting that the draft guidance is still subject to change, and may look different when it’s finalized in June. The FATF is accepting comments until April 20 and seeking input from industry leaders. Let’s not get our hopes up for a substantial improvement in the next two months, though—the FATF isn’t a democratically-elected body and doesn’t answer to anyone but itself.

Before you get too worried, remember that the FATF only makes recommendations, not laws. Even if the draft guidance is finalized exactly as-is, it won’t have any effect until and unless it’s implemented by one or more of the FATF’s member countries.

From the US perspective, I have trouble believing the United States would or could implement the FATF’s new recommendations. In addition to directly contradicting FinCEN’s May 2019 guidance, the draft’s restrictions on free speech and financial privacy are likely unconstitutional. Plus, the United States has a habit of taking what it likes from the FATF and leaving the rest—for example, we still haven’t implemented the FATF’s recommendations related to lawyers, accountants, and real estate agents, even though they were finalized nine years ago in 2012.

Read more: Jake Chervinsky, Crypto Law & Policy Newsletter, Q1 2021 in Review.


Contact us

Subscribe to our news Letter

Subscribe to our news Letter

Subscribe to our newsletter

Thank you!