Vanuatu -- Travel Rule Implementation Regulatory Overview

Vanuatu has made significant strides in adopting and implementing the FATF Recommendations, including those pertaining to Virtual Assets (VAs) and Virtual Asset Service Providers (VASPs), to strengthen its Anti-Money Laundering (AML) and Counter-Terrorist Financing (CFT) regime. This was partly driven by efforts to address deficiencies identified by the FATF and was crucial for its removal from the FATF's grey list in June 2022.

Here's a breakdown of the FATF Travel Rule implementation in Vanuatu:

Status of Adoption

Adopted: Yes, Vanuatu has adopted legislation that brings VASPs and virtual assets under its AML/CFT framework, thereby implementing the spirit and requirements of the FATF Travel Rule.

The key legislative instruments are:

1. Proceeds of Crime (Amendment) Act No. 23 of 2020: This Act amended the principal Proceeds of Crime Act [CAP 262] to include definitions for "virtual asset" and "virtual asset service provider" and extended the scope of AML/CFT obligations to these entities.
2. Financial Intelligence Unit (Amendment) Act No. 24 of 2020: This Act granted the Vanuatu Financial Intelligence Unit (VFIU) explicit powers to supervise and regulate VASPs for AML/CFT compliance.
3. Anti-Money Laundering and Counter-Terrorism Financing Act No. 12 of 2014 (as amended): This overarching Act provides the general framework for AML/CFT obligations, which now explicitly apply to VASPs.

These amendments ensured that Vanuatu's legal framework for VAs and VASPs is largely aligned with FATF Recommendations.

Effective Date

The Proceeds of Crime (Amendment) Act 2020 and the Financial Intelligence Unit (Amendment) Act 2020 were assented to and commenced in late 2020. This means that the provisions covering virtual assets and VASPs became effective around that time, extending AML/CFT obligations, including the Travel Rule requirements, to these entities.

Threshold Amounts

Vanuatu's AML/CFT framework, consistent with FATF Recommendation 16, requires the collection and transmission of originator and beneficiary information for virtual asset transfers.

• The FATF Travel Rule typically applies to transactions above EUR/USD 1,000. While specific Vanuatu legislation or VFIU guidance publicly available online might not explicitly state a different threshold unique to Vanuatu, it is generally understood that countries implementing the FATF standard will adhere to this EUR/USD 1,000 (or equivalent local currency) threshold for non-obligated person-to-person transfers, and apply the rule to all transfers for transactions involving another VASP, regardless of amount.
• For fiat currency wire transfers, the threshold for originator and beneficiary information collection under the AML/CFT Act 2014 is generally around VT 100,000 (approximately USD 800-900), but for VA transfers, the international standard of EUR/USD 1,000 is typically adopted.

Which VASPs Are Covered

The definition of "Virtual Asset Service Provider" under Vanuatu law is broad, aligning with FATF definitions, and covers entities that conduct one or more of the following activities or operations for or on behalf of another natural or legal person:

• Exchange between virtual assets and fiat currencies.
• Exchange between one or more forms of virtual assets.
• Transfer of virtual assets.
• Safekeeping and/or administration of virtual assets or instruments enabling control over virtual assets.
• Participation in and provision of financial services related to an issuer's offer and/or sale of a virtual asset.

This effectively covers a wide range of entities including crypto exchanges, custodial wallet providers, brokers, and other businesses facilitating virtual asset transfers. All such entities are required to register with the VFIU and comply with AML/CFT obligations.

Technical Implementation Requirements

Vanuatu's legal framework mandates that VASPs comply with AML/CFT obligations, which implicitly includes the technical requirements for implementing the Travel Rule. This means VASPs must:

• Collect Required Information: For transactions meeting the threshold (or all VASP-to-VASP transfers), VASPs must obtain accurate and meaningful originator and beneficiary information. This includes:
  • Originator Information: Name, account number (or unique transaction identifier), physical address, and national identity number (or customer identification number, or date and place of birth).
  • Beneficiary Information: Name, and account number (or unique transaction identifier).
• Transmit Information: The collected information must be transmitted immediately and securely to the beneficiary VASP.
• Store Information: VASPs must retain records of all collected and transmitted information for a specified period (typically 5-7 years) for potential inspection by the VFIU or law enforcement.
• Screen for Sanctions and PEPS: VASPs must screen all parties involved in a virtual asset transfer against sanctions lists and identify politically exposed persons (PEPs).
• Monitor Transactions: Implement robust transaction monitoring systems to detect suspicious activities.
• Comply with VFIU Guidance: The VFIU, as the supervisory authority, may issue specific guidance or directives on the technical implementation of these requirements, including preferred data formats or communication protocols. VASPs are expected to adopt technology solutions (e.g., Travel Rule Protocol solutions) that facilitate secure and compliant information exchange.

Penalties for Non-Compliance

Non-compliance with Vanuatu's AML/CFT framework, including obligations related to virtual assets and the Travel Rule, carries significant penalties, which may include:

• Fines: Substantial monetary penalties for both the VASP entity and its management.
• Imprisonment: Individuals responsible for non-compliance (e.g., directors, compliance officers) may face terms of imprisonment.
• Suspension or Revocation of License/Registration: The VFIU has the power to suspend or revoke the registration or license of a VASP that fails to comply with its AML/CFT obligations.
• Reputational Damage: Public disclosure of non-compliance can severely damage a VASP's reputation and business operations.

These penalties are designed to be deterrent and proportionate, reflecting the seriousness of AML/CFT breaches.

References and Guidance

While specific "Travel Rule Guidance" might not be easily accessible online as a standalone document, the overarching AML/CFT legislative framework and VFIU's mandate are clear:

• Vanuatu Financial Intelligence Unit (VFIU): The VFIU is the primary authority for AML/CFT supervision in Vanuatu, including for VASPs. Their official website is the best source for official guidance, legislation, and updates.
  • Vanuatu Financial Intelligence Unit Website: http://www.vfiu.gov.vu/ (While specific direct links to the Acts might be embedded or linked within their publications, the VFIU website confirms their role and the legislative framework.)
• Proceeds of Crime (Amendment) Act No. 23 of 2020: This is the key legislation that defines VAs and VASPs. You would typically find it within the Vanuatu Parliament's legislative records or the Attorney General's Chambers publications.
• Financial Intelligence Unit (Amendment) Act No. 24 of 2020: Empowers the VFIU regarding VASPs.

These legislative updates and the VFIU's active role demonstrate Vanuatu's commitment to implementing the FATF Travel Rule and other AML/CFT standards for virtual assets.