Liechtenstein -- Travel Rule Implementation Regulatory Overview

Liechtenstein has been a proactive jurisdiction in regulating virtual assets (VAs) and virtual asset service providers (VASPs), often referred to as VT Service Providers under their local legislation. The country has adopted the FATF recommendations, including the Travel Rule, by integrating them into its existing anti-money laundering and combating the financing of terrorism (AML/CFT) framework.

Here's a breakdown of the FATF Travel Rule implementation in Liechtenstein:

1. Adoption & Legal Framework

• Adopted: Yes, Liechtenstein has adopted the FATF Travel Rule principles. This is primarily implemented through its Token and VT Service Provider Act (TVTG), often known as the Blockchain Act, which came into force in 2020. The TVTG integrates with and is subject to the broader AML/CFT framework, specifically the Due Diligence Act (DDA – Sorgfaltspflichtgesetz) and the Due Diligence Ordinance (DDO – Sorgfaltspflichtverordnung).
• Key Legislation:
  • Token and VT Service Provider Act (TVTG) / Blockchain Act: Regulates VT Service Providers and lays the groundwork for AML/CFT compliance in the VA space.
    • Reference (FMA information page on TVTG): https://www.fma-li.li/en/financial-market-supervision/vt-service-providers-blockchain-act/
  • Due Diligence Act (DDA) / Sorgfaltspflichtgesetz: The main AML/CFT law in Liechtenstein, applicable to all obliged entities, including VT Service Providers.
  • Due Diligence Ordinance (DDO) / Sorgfaltspflichtverordnung: Provides specific implementation details for the DDA.
• The Financial Market Authority (FMA) Liechtenstein is the supervisory body responsible for enforcing these regulations.

2. Effective Date

• The TVTG came into force on January 1, 2020. While the core AML/CFT obligations were already in place, the TVTG explicitly brought VT Service Providers under the purview of the DDA, thus making the Travel Rule principles effective for them from that date, with subsequent guidance providing more specifics.

3. Threshold Amounts

• The threshold for transfers of virtual assets, consistent with FATF guidelines, is EUR 1,000 (or equivalent in other currencies).
  • VASP-to-VASP Transfers: For transfers between two obliged entities (VT Service Providers), the Travel Rule generally applies regardless of the threshold for the transfer of information. However, the full set of originator and beneficiary information (as detailed below) is required for transactions exceeding €1,000. For transfers below €1,000, simplified information might be acceptable, but some basic information must still be exchanged.
  • Transfers to/from Unhosted Wallets: When a VASP initiates or receives a transfer from an unhosted (non-custodial) wallet, the VASP is required to collect originator or beneficiary information (and potentially verify it) if the transaction exceeds €1,000. Below this threshold, risk-based approaches apply.

4. Which VASPs Are Covered

• The TVTG broadly defines "VT Service Providers" (Liechtenstein's term for VASPs). These include, but are not limited to:
  • VT Custodians: Entities that safeguard VT for third parties.
  • VT Exchange Service Providers: Entities that provide services for the exchange of VT against fiat currency or other VT.
  • Physical Validators: Entities that validate VT transactions (e.g., miners/stakers if providing a service).
  • Token Issuers: Entities that issue tokens.
  • Identity Service Providers: Entities that manage identity for token holders.
  • Key Depositaries: Entities that securely store private keys.
• Essentially, any entity that provides services related to tokens or VT and falls under the scope of the TVTG and conducts transfers on behalf of customers will be subject to Travel Rule obligations.

5. Technical Implementation Requirements

• The FMA, like most regulators, does not mandate a specific technical solution or protocol (e.g., TRISA, OpenVASP, Sygna). Instead, it requires VT Service Providers to have robust systems and procedures in place to:
  • Collect the required originator and beneficiary information accurately.
  • Verify the accuracy of the information where appropriate (especially for unhosted wallet interactions above the threshold).
  • Store the information securely and accessibly for the required retention period (typically 5 years after the business relationship ends or transaction).
  • Transmit the information to the beneficiary VASP in a secure and reliable manner.
  • Identify and handle transactions where the required information is missing or incomplete (e.g., block the transfer, report to FIU).
• While not explicitly mandated by law, the industry-standard InterVASP Messaging Standard (IVMS 101) is widely adopted and recommended as a data model for exchanging Travel Rule information, ensuring interoperability.

6. Required Information

Consistent with FATF standards, VT Service Providers must collect and transmit the following information:

• For the Originator:
  • Originator's full name
  • Originator's account number (or unique transaction identifier)
  • Originator's physical address (or national identity number, customer identification number, or date and place of birth)
  • Beneficiary's full name
  • Beneficiary's account number (or unique transaction identifier)
• For the Beneficiary (to be received by the Beneficiary VASP from the Originator VASP):
  • Originator's full name
  • Originator's account number (or unique transaction identifier)
  • Beneficiary's full name
  • Beneficiary's account number (or unique transaction identifier)

The beneficiary VASP must also ensure it can identify the beneficiary.

7. Penalties for Non-Compliance

• Non-compliance with AML/CFT obligations, including the Travel Rule, can lead to severe penalties under the Due Diligence Act (DDA) and the TVTG. These can include:
  • Administrative Fines: Significant financial penalties imposed by the FMA on the VASP and/or its responsible individuals. These can range from tens of thousands to millions of Swiss Francs/Euros, depending on the severity and nature of the breach.
  • Withdrawal of Licenses/Registrations: The FMA can revoke a VASP's registration or license, effectively preventing it from operating in Liechtenstein.
  • Public Censure: The FMA may publicly name non-compliant entities.
  • Operational Restrictions: The FMA can impose restrictions on a VASP's operations.
  • Criminal Charges: In cases of severe or intentional breaches, particularly those linked to money laundering or terrorist financing, individuals responsible could face criminal prosecution, including imprisonment.

The FMA actively supervises VT Service Providers to ensure compliance with these regulations.