News and Insights / Hot off the block

What Exactly is a Virtual Asset Service Provider (VASP)?

Analysis, anti-money laundering, Crypto Regulation, FATF
Share
January 8, 2021
CipherTrace

Cryptocurrency, digital asset, convertible virtual currency… there seems to be an endless list of terms for the same concept. If that wasn’t enough, a cryptocurrency exchange can also be referred to as a Virtual Asset Service Provider(VASP), Virtual Asset Entity, Digital Asset Customer (DACs), Money Service Business (MSB), or any other series of classifications depending on the context. While some may be inclined to refer to any and all entities related to virtual assets as VASPs—just as they may refer to all virtual assets as “crypto”—there are some key differentiators between the different Digital Asset Entity typologies that effect how that entity is regulated.

Some entities like cryptocurrency exchanges and bitcoin ATMs are always VASPs, other digital asset entities must be reviewed on case-by-case basis

Digital Asset Entity (DAE)

A Digital Asset Entity is an umbrella term for a range of businesses built on cryptocurrency transactions. Digital Asset Entities include Virtual Asset Service Providers (VASPs) such as cryptocurrency exchanges and ATMs, which are financial institutions in their own right, in addition to gambling sites, incubators, and other entities that use crypto but are not always classed as financial institutions. Alternative names include Virtual Asset Entity and Crypto Asset Entity.

Digital Asset Customer (DAC)

 A Digital Asset Customer is any Digital Asset Entity that uses the services of a bank or other formal financial institution. DAC was first used to describe a broad grouping of cryptocurrency-based customers in the US Department of the Treasury’s OCC enforcement action against M.Y. Safra Bank in early 2020.

On January 30,2020 the Office of the Comptroller of the Currency (OCC) issued the first cryptocurrency-related enforcement action against a U.S. bank—M.Y. Safra Bank (MYSB), which is headquartered in New York City. The enforcement action consisted of a cease and desist order that was wholly focused on deficient anti-money laundering (AML) practices for compliance and monitoring of the bank’s digital asset customers (DAC). These entities included cryptocurrency exchanges, bitcoin ATM operators, and virtual OTCs as well as other crypto-related businesses.

Read more https://ciphertrace.com/occ-hits-new-york-based-bank-with-first-ever-enforcement-action-for-lack-of-crypto-aml-compliance/

Virtual Asset Service Provider (VASP)

When a digital asset entity engages in certain financial activities involving virtual assets, AML/CFT and other obligations may apply to it for the entity’s role as a money transmitter. These digital asset entities can be referred to as Virtual Asset Service Providers (VASPs) or money transmitters engaged in convertible virtual currency, depending on the regulatory or policy making body.

A VASP is defined by the Financial Action Task Force (FATF) as a business that conducts one or more of the following actions on behalf of its clients:

    • exchange between virtual assets and fiat currencies;
    • exchange between one or more forms of virtual assets;
    • transfer of virtual assets;
    • safekeeping and/or administration or virtual assets or instruments enabling control over virtual assets;
    • participating in and provision of financial services related to an issuer’s offer and/or sale of a virtual asset;

This definition encompasses a range of crypto businesses, including exchanges, ATM operators, wallet custodians, and hedge funds. FATF further recommends that VASPs be subject to the same stringent AML/CTF and KYC requirements as traditional financial institutions.

FATF’s VASP definition is intended to capture specific financial activities and function and doesn’t depend on the specific kind of entity, rather “how the person uses the [virtual assets] and for whose benefit.” According to FATF, if a person (natural or legal) is engaged as a business in any of the activities described in the bullet list above “for or on behalf of another person” then they are a VASP, regardless of what technology they use to conduct the covered VA activities.

This means there are some digital asset entities—for example, miners—that could or could not be classified as VASPs depending on their activities and functions. While the activities of an individual miner may not be enough to classify him or her as a VASP, a mining pool’s activity could if it engaged in any of the points listed above. According to FinCEN regulations, for example, a mining pool operator would not be considered a money transmitter if they are only transferring virtual assets to the pool members or contract purchasers to distribute the amount earned, “as these transfers are integral to the provision of services.” However, if the leader combines their managing and renting services with the service of hosting virtual currency wallets on behalf of the pool members (i.e. safekeeping of virtual assets according to FATF’s list), then the leader would be considered a money transmitter for engaging in account-based money transmission.

Is a Decentralized Exchange (DEX) a VASP?

According to FATF guidance, Decentralized Exchanges (DEXs) are VASPs and should be regulated as such. A DEX, or any other decentralized (distributed) app (DApp), its owner/operator, or both, fall under the definition of VASP if they “facilitate or conduct the exchange or transfer of value (whether in VA or traditional fiat currency)…” Likewise, a person that develops a DEX may be a VASP when they engage as a business in facilitating or conducting the previously listed activities on behalf of another natural or legal person.

Countries must be able to determine how best to mitigate the risks associated with centralized and decentralized VASP business models. FinCEN’s May 2019 guidance clarified their position on DApps, stating, “the same regulatory interpretation that applies to mechanical agencies such as CVC kiosks applies to DApps that accept and transmit value, regardless of whether they operate for profit. Accordingly, when DApps perform money transmission, the definition of money transmitter will apply to the DApp, the owners/operators of the DApp, or both.”

Why it Matters: All VASPs are Money Service Businesses (MSBs)

While there may not be much difference in interchanging the terms digital asset, virtual asset, and crypto, calling an unhosted-wallet a VASP when it isn’t implies certain AML obligations that the entity may not actually have. Understanding the different typologies can grant clarity to the different obligations each digital asset entity has. For example, a VASP by FATF standards would also be considered an MSB by FinCEN standards, meaning they have specific AML obligations under the BSA. Conversely, not all VASPs fall into the EU’s AMLD5 regulations on cryptocurrency.

As new regulations develop, choosing the right terminology from an existing pool can help alleviate confusion by preventing the introduction of new terms or creating conflicting definitions with those already formed. Some common ways of talking about VASPs and cryptocurrency can be found below.

  • Financial Action Task Force (FATF) – Virtual Asset Service Provider (VASP); Virtual Assets
  • Financial Crimes Enforcement Network (FINCEN) – Money Transmitter/Money Service Business; convertible virtual currency (CVC)
  • U.S. Commodity Futures Trading Commission (CFTC) – Designated Contract Markets (DCMs); virtual currency
  • Securities Exchange Commission (SEC) – Digital Asset Trading Platform; digital asset
  • EU AMLD5 – Providers engaged in exchange services between virtual currencies and fiat currencies; virtual currency

 

 

 

 

Back To Top