BitMEX Introduces Data Storage Framework for FATF’s Travel Rule

Compliance chief Malcolm Wright led the development of BitMEX’s data storage principles for crypto exchanges.

AccessTimeIconFeb 9, 2021 at 5:00 a.m. UTC
Updated May 9, 2023 at 3:15 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Crypto exchange BitMEX has published a framework of principles for how best to store additional batches of transactional provenance data, a requirement exchanges face as part of new anti-money laundering (AML) rules.

In order to fall in line with the rest of the financial system, virtual asset service providers (VASPs) have been asked to obtain, hold and exchange information about the originators and beneficiaries of transactions, known colloquially as the “Travel Rule.” Global anti-money laundering watchdog, the Financial Action Task Force (FATF) expects the crypto industry to implement the new rule by June 2021.

  • What Challenges Do Appchains Solve?
    00:59
    What Challenges Do Appchains Solve?
  • Appchain Protocol Tanssi Raises $6M
    18:57
    Appchain Protocol Tanssi Raises $6M
  • Breaking Down Internet Computer's 40% Rally
    00:59
    Breaking Down Internet Computer's 40% Rally
  • HSBC Brings Tokenized Gold to Hong Kong; Munchables Exploited for $62M
    02:14
    HSBC Brings Tokenized Gold to Hong Kong; Munchables Exploited for $62M
  • The response from the crypto industry has been enthusiastic, including a widely agreed-upon standard for the format of the data payload VASPs must share (known as the InterVASP messaging standard, or IVMS101), as well as a number of technical solutions focused on how best to implement the rule currently being built by crypto firms, banks and consortia.

    Less attention has been given to how all this additional customer data should be stored, according to Malcolm Wright, chief compliance officer of 100x Group, the owner of BitMEX.

    “Solution providers have been concentrating on the transmission of the data to make sure that it's immediate and secure,” Wright said in an interview. “But what about when the data actually arrives at its destination? How can you ensure that it’s stored securely and appropriately to the right sort of standards?” 

    Wright, who led the development of the data-storage principles (and was also instrumental in working with Sian Jones of XReg Consulting to create the IVMS101 standard), decided to leverage BitMEX’s seasoned security experts, with the intent to “start a conversation” around data storage via an open-source project that industry and regulators can chime in on. 

    “This kind of completes the puzzle,” Wright said. “You have the IVMS standard for the format of the data. You have the protocol providers, who will be transmitting the data. And then you have some principles around the storage of the data.” 

    BitMEX post-enforcement

    Seychelles-based BitMEX was thrust into the spotlight last year following an enforcement action from U.S. authorities around weak compliance procedures at the firm, which saw arrest warrants issued for some senior executives and co-founders.

    BitMEX owner 100x Group hired Wright, formerly the compliance chief at Diginex, in October 2020. Since then the firm’s know your customer/anit-money laundering (KYC/AML) processes have been revamped, starting with the removal of any historic non-KYC’d accounts on the platform. 

    BitMEX’s Travel Rule Data Storage Principles focus on things like access management, encryption standards and keeping Travel Rule data separate from other operational customer data. 

    Like the IVMS101 messaging standard, Wright thinks this security benchmark will further grease the wheels when it comes to implementing the FATF mandate, which may involve VASPs looking to onboard each other as they side with certain technical solutions.

    “So If BitMEX chooses to be exchanging data with another VASP, then we can say, 'Are you operating to a minimum set such as these?' So that also helps to get confidence among VASPs that they can work together,” said Wright.

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.