What is the FATF Travel Rule for crypto?

The FATF Travel Rule (Recommendation 16) requires Virtual Asset Service Providers (VASPs) to collect and exchange originator and beneficiary information for virtual asset transfers above certain thresholds. This includes sender's name, account number, address or ID, and beneficiary details. The rule aims to prevent money laundering and terrorist financing in crypto transactions.

Which APAC countries have implemented the Travel Rule in 2026?

As of March 2026, Hong Kong, Singapore, Japan, South Korea, India, Indonesia, Malaysia, New Zealand, Philippines, and Taiwan have implemented the Travel Rule. Australia's implementation became effective March 31, 2026 under the new Digital Assets Framework. Thailand is still developing its framework.

What is the Travel Rule threshold in each APAC jurisdiction?

Thresholds vary by jurisdiction: Hong Kong (HKD 8,000/~USD 1,000), Singapore (SGD 1,500/~USD 1,100), Japan (no threshold - all transfers), South Korea (KRW 1,000,000/~USD 750), Australia (AUD 1,000), India (INR 50,000/~USD 600). Japan has the strictest requirement with no threshold.

What information must VASPs collect under the Travel Rule?

VASPs must collect: Originator's name, wallet address or account number, physical address/ID number/date and place of birth; Beneficiary's name and wallet address or account number. For transfers below threshold, only basic identifiers are required. Above threshold, full verification is mandatory.

Does the Travel Rule apply to self-hosted wallets?

Yes, but with variations. Most APAC jurisdictions require VASPs to collect originator/beneficiary information for transfers to/from self-hosted wallets, though they cannot exchange data with a non-VASP counterparty. Hong Kong, Singapore, and the EU require risk-based measures for unhosted wallet transfers. Japan requires verification for all unhosted wallet transfers.

What are the penalties for Travel Rule non-compliance in APAC?

Penalties vary: Hong Kong (up to HKD 5 million + 7 years imprisonment), Singapore (up to SGD 1 million per offence), Japan (administrative sanctions including license revocation), South Korea (up to KRW 50 million + 3 years), Australia (civil penalties up to AUD 555,000 per contravention for body corporates). Non-compliance can also result in license suspension or revocation.

FATF Travel Rule APAC 2026: Complete Implementation Guide

Executive Summary

The FATF Travel Rule (Recommendation 16) is now one of the most critical compliance requirements for crypto businesses worldwide. As of March 2026, 85 of 117 jurisdictions have implemented or are actively implementing Travel Rule requirements for Virtual Asset Service Providers (VASPs).

🎯 Key Development - Q1 2026: Australia's Travel Rule implementation became effective March 31, 2026 under the new Digital Assets Framework Bill, making it the final major APAC jurisdiction to enforce full compliance.

This guide covers Travel Rule requirements across 10 APAC jurisdictions, including thresholds, data requirements, self-hosted wallet rules, and enforcement mechanisms.

What is the FATF Travel Rule?

The Travel Rule requires financial institutions and VASPs to collect, verify, and transmit originator and beneficiary information when transferring virtual assets above certain thresholds. This information must "travel" with the transaction to enable:

Sanctions screening — Verifying parties are not on prohibited lists
AML/CFT compliance — Detecting suspicious activity patterns
Audit trails — Maintaining records for regulatory examination
Law enforcement cooperation — Tracing illicit funds when required

FATF Recommendation 16: Core Requirements

Transfer Amount	Required Originator Information	Required Beneficiary Information
Below Threshold (e.g., <USD 1,000)	• Name • Wallet address or unique reference	• Name • Wallet address or unique reference
Above Threshold (e.g., ≥USD 1,000)	• Name • Wallet address or unique reference • Physical address, national ID, OR date/place of birth	• Name • Wallet address or unique reference

💡 Note: The FATF sets minimum standards. Individual jurisdictions may impose stricter requirements, lower thresholds, or additional data fields.

APAC Travel Rule Implementation Status

Jurisdiction	Status	Threshold	Effective Date	Regulator
🇭🇰 Hong Kong	✅ Live	HKD 8,000 (~USD 1,000)	June 1, 2023	SFC
🇸🇬 Singapore	✅ Live	SGD 1,500 (~USD 1,100)	January 28, 2020	MAS
🇯🇵 Japan	✅ Live	None (all transfers)	June 1, 2023	JFSA
🇰🇷 South Korea	✅ Live	KRW 1,000,000 (~USD 750)	March 25, 2022	FSC/FIU
🇦🇺 Australia	🆕 Live	AUD 1,000 (~USD 650)	March 31, 2026	ASIC/AUSTRAC
🇮🇳 India	✅ Live	INR 50,000 (~USD 600)	March 7, 2023	FIU-IND
🇮🇩 Indonesia	✅ Live	IDR 100M (~USD 6,500)	January 2025	Bappebti/OJK
🇲🇾 Malaysia	✅ Live	MYR 5,000 (~USD 1,100)	2020	SC Malaysia
🇵🇭 Philippines	✅ Live	PHP 50,000 (~USD 900)	2021	BSP
🇹🇼 Taiwan	✅ Live	NTD 30,000 (~USD 1,000)	2024	FSC
🇹🇭 Thailand	⏳ Developing	TBD	Expected 2026	SEC/BoT
🇻🇳 Vietnam	❌ No Framework	N/A	N/A	SBV (drafting)

Jurisdiction Deep Dives

🇭🇰 Hong Kong

Threshold: HKD 8,000

Regulator: Securities and Futures Commission (SFC)

Key Requirements:

Information exchange before or simultaneous with transfer
Counterparty due diligence mandatory
Self-hosted wallet transfers require full originator/beneficiary info
5-year record retention
Shell VASP prohibition

Penalties: Up to HKD 5M + 7 years imprisonment

🇸🇬 Singapore

Threshold: SGD 1,500

Regulator: Monetary Authority of Singapore (MAS)

Key Requirements:

Basic info required for all DPT transfers
Above SGD 1,500: full verification required
Risk-based approach for unhosted wallets
Payment Services Act Notice PSN01

Penalties: Up to SGD 1M per offence

🇯🇵 Japan

Threshold: None ⚠️

Regulator: Financial Services Agency (JFSA)

Key Requirements:

All transfers require information exchange
Strictest regime in APAC
TRUST protocol compliance
Self-hosted wallet verification mandatory

Penalties: License revocation, administrative orders

🇰🇷 South Korea

Threshold: KRW 1,000,000

Regulator: Financial Services Commission (FSC) / FIU

Key Requirements:

Real-name verified bank accounts required
VASP↔VASP info exchange at threshold
Additional ID available on request
DABA (Digital Asset Basic Act) integration

Penalties: Up to KRW 50M + 3 years

🇦🇺 Australia New 2026

Threshold: AUD 1,000

Regulator: ASIC + AUSTRAC

Key Requirements:

Part of Digital Assets Framework Bill 2025
AFS licence holders must comply
AUSTRAC reporting obligations
Integration with existing AML/CTF Act

Penalties: Up to AUD 555,000 per contravention (body corporate)

🇮🇳 India

Threshold: INR 50,000

Regulator: FIU-IND

Key Requirements:

VDA Service Providers must register with FIU-IND
PMLA compliance mandatory
KYC verification before onboarding
STR/SAR reporting

Penalties: PMLA Act penalties + registration revocation

Self-Hosted (Unhosted) Wallet Requirements

One of the most challenging aspects of Travel Rule compliance is handling transfers to/from self-hosted wallets, where there is no counterparty VASP to exchange information with.

Jurisdiction	Requirement	Verification
🇭🇰 Hong Kong	Collect full originator/beneficiary info	Risk-based assessment required
🇸🇬 Singapore	Collect information, risk-based handling	Enhanced due diligence for high-risk
🇯🇵 Japan	Full verification for ALL transfers	Proof of ownership required
🇰🇷 South Korea	Limited support (real-name accounts focus)	Self-custody discouraged
🇦🇺 Australia	Risk-based verification	AUSTRAC guidelines apply

⚠️ Japan Warning: Japan has the strictest self-hosted wallet requirements globally. All transfers to/from unhosted wallets require verification of ownership, making Japan operations significantly more complex.

Travel Rule Compliance Checklist for APAC VASPs

Identify applicable jurisdictions — Map your customer base to regulatory requirements
Select Travel Rule solution — Implement TRUST, OpenVASP, Sygna, Notabene, or proprietary protocols
Configure thresholds — Set jurisdiction-specific threshold triggers
Implement data collection — Originator/beneficiary fields in transaction flow
Counterparty due diligence — VASP verification and risk assessment process
Self-hosted wallet procedures — Risk-based verification for unhosted transfers
Record retention — 5+ year storage for all Travel Rule data
Sanctions screening — Real-time OFAC/UN/local sanctions list checks
STR/SAR reporting — Suspicious transaction reporting procedures
Staff training — Regular Travel Rule compliance training
Audit trail — Maintain logs for regulatory examination
Technology interoperability — Test data exchange with counterparty VASPs

Travel Rule Technology Protocols

VASPs must implement technical solutions to exchange Travel Rule data. Major protocols include:

Protocol	Description	APAC Adoption
TRUST	Travel Rule Universal Solution Technology — industry consortium standard	High (Japan, global exchanges)
OpenVASP	Open-source, decentralized protocol	Medium (Switzerland-led)
Sygna Bridge	Commercial solution with APAC focus	High (Taiwan, APAC exchanges)
Notabene	Network-agnostic compliance platform	High (global, multi-protocol)
21 Analytics	Compliance automation platform	Medium-High (Europe, APAC)
Chainalysis Reactor	Blockchain analytics + Travel Rule	High (law enforcement integration)

💡 Interoperability Challenge: VASPs may need to connect to multiple protocols to ensure coverage of all counterparties. Solutions like Notabene and 21 Analytics offer multi-protocol bridges.

APAC Travel Rule Timeline

June 2019

FATF issues Recommendation 16 update applying Travel Rule to VASPs

January 2020

🇸🇬 Singapore MAS Payment Services Act Travel Rule provisions take effect

March 2022

🇰🇷 South Korea implements Travel Rule under Specific Financial Information Act

June 2023

🇭🇰 Hong Kong VASP licensing regime with Travel Rule goes live
🇯🇵 Japan enforces Travel Rule for all JFSA-licensed exchanges

March 2023

🇮🇳 India FIU-IND registration requirement includes Travel Rule compliance

January 2025

🇮🇩 Indonesia Travel Rule enforcement under OJK supervision begins

March 2026

🇦🇺 Australia Digital Assets Framework Bill Travel Rule provisions take effect (March 31)

2026 (Expected)

🇹🇭 Thailand SEC expected to finalize Travel Rule framework

Common Travel Rule Compliance Failures

Failure Type	Description	Consequence
Incomplete Data Collection	Missing originator address/ID fields for above-threshold transfers	Regulatory fines, license conditions
Delayed Transmission	Sending Travel Rule data after transaction settlement	Non-compliance finding in audits
Counterparty Gaps	Transacting with non-Travel Rule compliant VASPs	Enhanced scrutiny, potential sanctions exposure
Self-Hosted Wallet Blindness	No verification process for unhosted wallet transfers	Japan: license revocation risk; others: regulatory action
Record Retention Failure	Deleting Travel Rule records before retention period	Audit failure, potential fines
Protocol Fragmentation	Unable to exchange data with counterparties on different protocols	Transaction delays, compliance gaps

Resources & References

Official FATF Documents

APAC Regulator Guidelines

Hong Kong SFC: AML/CFT Guideline for VASPs
Singapore MAS: Payment Services Act Notice PSN01
Japan JFSA: Act on Prevention of Transfer of Criminal Proceeds
South Korea FSC: Specific Financial Information Act
Australia AUSTRAC: AML/CTF Act + ASIC Digital Asset Facility rules

🌏 FATF Travel Rule APAC Implementation Guide 2026

Executive Summary

What is the FATF Travel Rule?

FATF Recommendation 16: Core Requirements

APAC Travel Rule Implementation Status

Jurisdiction Deep Dives

🇭🇰 Hong Kong

🇸🇬 Singapore

🇯🇵 Japan

🇰🇷 South Korea

🇦🇺 Australia New 2026

🇮🇳 India

Self-Hosted (Unhosted) Wallet Requirements

Travel Rule Compliance Checklist for APAC VASPs

Travel Rule Technology Protocols

APAC Travel Rule Timeline

Common Travel Rule Compliance Failures

Resources & References

Official FATF Documents

APAC Regulator Guidelines

Related APAC FINSTAB Guides