The Travel Rule is a global regulation. It applies to digital asset payments. It is a key rule to prevent money laundering in the cryptocurrency space.

The Travel Rule mandates financial institutions to verify and share certain information (such as name, account number, or other reliable identifiers) about the originator and beneficiary of the transaction before/when making wire transfers and other similar types of payments.

The Travel Rule applies to companies collectively known as VASPs.

A VASP is a business that facilitates the buying, selling, and exchanging of virtual assets and enables the transfer, storage, and management of virtual assets.

Additionally, it may support the launch and distribution of virtual assets, such as through ICOs or token sales.

On-ramp and off-ramp services, as well as DeFi platforms, may also be subject to Travel Rule requirements in some jurisdictions.

The definition and scope of VASP services may vary across different countries, depending on local regulations.

You can find the Travel Rule requirements for your jurisdiction in this article.

An unhosted wallet is a wallet that is not controlled by a third party such as an exchange.

It is a wallet where the user owns, controls, and is in possession of their own private keys.

Such wallets are typically found on applications like Metamask, Phantom, Ledger, and so on.

Incoming transactions without Travel Rule data can be handled in different ways. VASPs can:

• Initiate Travel Rule transactions to understand the source of the transaction.
• Risk-screen the entity.
• Request information from the counterparty VASPs.

If a VASP has already received the transaction, they are possibly dealing with a Sunrise VASP, a VASP outside the Sumsub Ecosystem or an Unhosted Wallet.

Sumsub is able to work with thresholds. These have to be configured by VASPs during the integration process in line with their jurisdictions requirements.

Sumsub works with a number of technological partners. You can find the list of these partners on this page.

Sumsub also offers its own solution built to cater to the Travel Rule requirements. To learn more about it, refer to this article.

In crypto, the transactions are anonymous, so to comply with the Travel Rule, you need VASP attribution.

VASP attribution is the process through which Sumsub tries to find the VASP that controls a wallet address on behalf of their user.

We do this by using blockchain analytics providers like Crystal Intelligence, Chainalysis, Merkle Science, and so on.

We also maintain an internal Wallet Address Book and encourage VASPs to populate it with their clients’ wallet addresses for easier identification and attribution.

A protocol is a Travel Rule service provider that carries out the secure transaction information exchange as required by the regulators.

Sumsub is connected to different protocols, such as GTR, TRP, CODE, and so on. You can find more information about each of these protocols in this article.

We offer a fully fledged Transaction Monitoring solution that includes AML screening, wallet risk screening.

VASPs can join the Sumsub Ecosystem by signing the Travel Rule ecosystem agreement either via the registration form, Due Diligence questionnaire, or via the agreement included in your service contract or supplemental agreement.

Our pricing is flexible and based on volumes. For more information and quotes, reach out to your Customer Success Manager at [email protected].

Sumsub is designed with strict security measures in mind. The list of Sumsub certifications can be found on this page.

VASPs are able to use the Sumsub Travel Rule protocol to screen counterparty wallets through various blockchain analytics tools to understand the risk associated with such wallets.

These data points (risk factors) can then serve as indicators for automated transaction decision-making.

Sumsub can also obtain data through selected providers like Chainalysis and Elliptic based on the client preference. For more information, refer to this article.

You can find the list of supported assets and the explanation of how to work with them in this article.

Sumsub is connected to different protocols, such as GTR, TRP, CODE, and so on.

These allow us to exchange data with VASPs like Coinpass, Bitpanda, Binance, Kriptomat, OKX, and many more.

You can reach out to your Customer Success Manager at [email protected] for a full list of VASPs.

Sumsub solution is uniquely customizable and can be used to ensure compliance for exchanges, custodians, on and off-ramps, neobanks, digital asset groups, foundations, etc.

To clarify the exact use case, reach out to your Customer Success Manager at [email protected] or book a demo via our website.

Sumsub offers a wide variety of reports. You can export data for either individual transactions, a group of transactions, or regulatory reports. To learn more about the available report types, refer to this article.

Currently our Unhosted Wallet Verification covers majorly BTC, ETH and SOL assets. We are constantly working on expanding this list.

We are constantly working on expanding our list of supported assets. You will soon be able to verify transactions with assets not supported at this moment either through a self-declaration form or screenshot method.

These providers play a key role in VASP Attribution, Wallet Screening, and Transaction Screening.

Users who have existing contracts with these providers can plug in their API keys and get access to the full functionality of these products in Sumsub's dashboard and use these data points to ensure more comprehensive transaction monitoring and compliance.

It depends on your risk policies. For example, you can add it to a blacklist and stop transacting with it.

Alternatively, you can apply the risk-based approach that is applicable in your jurisdiction.

An unreachable VASP is a VASP that is not connected to any of our supported protocols.

This means the data cannot be sent to them, and the response from the counterparty cannot be received.

You can try to contact such a VASP via our Email Notification Tool and invite them to join the Ecosystem.

However, this action will not be taken into account when determining the VASP’s Travel Rule status.

The VASP list is a general list of all the VASPs, Sumsub detected.

We are working hard to add the exact protocols each VASP uses for more clarity.

However, a VASP on the list may be unreachable for a number of reasons. For example, if it is not on the Sumsub's protocol or any other supported protocols.

The VASP Score for these VASPs was calculated to give you a general understanding of how safe it may be to work with them.

You can use the data points to see which VASPs are actually communicating shortly to avoid the communication issues.

The interoperability issues occur when the counterparty VASPs use different data exchange protocols. This could prevent them from sharing the required information.

When a VASP is identified as not belonging to the Sumsub Ecosystem, Sumsub uses the Email Notification Tool to reach out to such VASP.

The success of using this tool depends on whether the VASP has an available email on their profile.

However, this action will not be taken into account when determining the VASP’s Travel Rule status.

Sumsub can pull the required fields from your applicants’ profile and use the collected data when processing your Travel Rule transactions. However, VASPs will still have to provide information about the counterparty beneficiary.

Sumsub offers VASPs the ability to work with either its natively integrated technology partners or their own partners through a BYOK (Bring Your Own Key) method. Currently supported partners include Crystal Intelligence (Native), Chainalysis (BYOK), Merkle Science (Native), Elliptic (BYOK), and ComplyAdvantage (Native and BYOK).

If your provider is not supported, reach out to your Customer Success Manager at [email protected] and request a new feature addition.

For the full list of different scenarios, refer to this article. We offer built-in rulesets to handle most of these as well as rulesets specific to certain jurisdictions.

Within Sumsub, VASPs can set up solutions where they are able to either automatically or semi-automatically validate incoming transactions that have been processed from the same details.

Best practice, however, is to always screen the counterparty against AML, Sanctions Lists, and Warning databases.

You can find all information about creating and editing rules in this article.

Transactions can be created either via API, Dashboard, or CSV upload. You can find all information about creating transactions in this article.

The most important fields for most jurisdictions are the Full Name, Wallet Address, and Transaction Details.

Besides that, jurisdictions may have additional required fields such as POI, POA. For more information about the local Travel Rule requirements, refer to this article.

When creating a transaction, you are required to fill in the beneficiary information.

This means that you need to request such information from your user before creating any travel rule transaction. Sumsub does not automatically know or fill the beneficiary data with personal identifiable information.

You can view this information in the Transactions tab of the Applicant's Profile.

At all stages during the transaction processing, you will receive a number of webhooks as described in this article. You can use this to track the status of the transaction.

To get transaction details, you will also need to carry out calls to this endpoint.

You can also specifically screen for certain data points in the response and respond accordingly.

To simulate the system behavior, we recommend creating a mirrored transaction for two users within your VASP and modifying the responses and feedback you get.

This way you will see how the rules are triggered as well as how the information exchange, AML screening, and transaction monitoring are carried out.

Alternatively, you can simulate transactions using the test VASPst which are available to all our users.

In most cases, VASPs use Crypto Monitoringt as an extra step to remain compliant by screening transactions or wallet addresses for blockchain risk.

By default, Sumsub uses Crystal Intelligence as the data provider when processing crypto transactions.

It returns risk scores and risk signals related to the screened wallet/transaction.

You may decide to use your own provider, such as Chainalysis and Elliptic. Then in the dashboard, you will see the results of the screening done through the provider you choose.

To find out more about wallet screening, refer to this article.

Based on your VASP Travel Rule settings, Sumsub can automatically process all incoming or outgoing transactions, which are to the same users as it did when the data was sent for the first time.

Inbound travel rule transactions sent to you by other VASPs are not billed.

When you receive a transaction with no information, you need to request this information from your user. Then you can create a Travel Rule transaction and send it to Sumsub for the necessary checks.

To learn more about the process, refer to this article.

You can test this by creating a mirrored transaction. You will receive the webhooks and process the transaction based on the requirements outlined in this article.