Blockchain analytics startup CipherTrace has released its anti-money laundering (AML) tool for cryptocurrency firms, called “CipherTrace Traveler.” 

The CipherTrace solution is named after the so-called Travel Rule, a set of strictures that require funds over a certain amount being transferred between exchanges to be accompanied by personally identifiable information (name, date of birth, etc.) of the originator and beneficiary of the transaction.

Over two years in the making, CipherTrace Traveler is based around TRISA, or the “Travel Rule Information Sharing Alliance,” a non-profit collaboration of 150 cryptocurrency stakeholders. Traveler is aimed at all virtual asset service providers (VASPs), such as crypto exchanges, custody providers, over-the-counter trading desks, banks and other financial institutions.

“It’s a commercial offering but with an open-source and decentralized component that has involved 150 VASPs working on TRISA technical standards,” CipherTrace CEO Dave Jevans said in an interview, adding:

“There are large financial institutions that need a commercial product to base their business on, as well as many small VASPs and OTC desks that aren’t going to hire a programmer at $10,000 a month to build this stuff.”

In terms of the cost of deploying CipherTrace Traveler, Jevans said commercial arrangements work on a sliding scale, based on the size of the operation and its needs, adding that the solution is affordable for small firms. 

It goes to show how far new VASP rules will reach.

A couple of years ago, global AML watchdog the Financial Action Task Force (FATF) recommended cryptocurrency service providers fall in line with the AML measures followed by the rest of the financial system, a difficult problem since crypto is pseudonymous by design.

The next FATF plenary meeting in June will see a review of progress made by countries and VASPs. While travel rule insiders emphasize this is not a hard and fast deadline, some jurisdictions, such as Singapore, already require firms to show a travel rule solution is in place, Jevans pointed out.

“As of this year, Singapore has said there’s no license if you don’t have a solution,” said Jevans. “The U.S. has claimed that you should have been doing it already. However, they’re also realistic and have said until there are solutions and people are using them, there’s not going to be fines for anyone, so you get a period of relaxed enforcement.”

There have been a number of proposed technical solutions, some using blockchain technology itself to create open directories of VASPs. CipherTrace Traveler and the TRISA VASP directory rely on battle-tested certificate authority technology widely used across the internet. 

In terms of TRISA interoperability, or the extent to which the protocol can talk to other proposed travel rule solutions, CipherTrace has conducted tests with most of the other players in the market, including Switzerland’s OpenVASP, the Ethereum-based Shyft Network and the ING Bank and Standard Chartered-backed Travel Rule Protocol (TRP).

“On the TRISA side of things, I think there’s pretty good interoperability with the TRP travel protocol and also a fair bit of work done with OpenVASP, the Swiss offering,” Jevans said. “When it comes to the U.S. Travel Rule Working Group, one of their members are on the TRISA weekly calls.”