As the adoption of cryptocurrency grows, cryptocurrency-related issues increase as well. Recently, a new argument over the use of unhosted cryptocurrency wallets is currently trending, as they are deemed risky. Most countries are only now realising that introducing anti-money laundering (AML) measures into the realm of private or unhosted wallets is critical to the overall security, credibility, and longevity of the blockchain industry.
What are Unhosted Wallets?
An unhosted wallet, also known as cold storage or self-custody, allows the user to keep a cryptocurrency balance outside of an exchange. A hosted wallet, on the other hand, is one that sits on a third-party platform, such as a trusted exchange like Coinbase, Crypto.com, or Binance.
Issues Regarding Unhosted Wallets
The FATF (Financial Actions Task Force) and FinCEN (Financial Crimes Enforcement Network) are both concerned about unhosted wallets. In 2019, The FATF recommended and FinCEN required them to provide all transaction data reports as they are deemed risky.
This is because there is no third party involved in the transfers. In other words, KYC (know your customer) is not required for these wallets, which implies that anyone may register an account with them while remaining anonymous. As a result, tracing transactions to determine who and where the transactions were made becomes challenging.
The latest prospective requirement on most common exchanges would be to validate the identification of every individual behind an unhosted wallet with each transaction above 1,000 euros and report it to the authorities. Coinbase CEO Brian Armstrong expressed his thoughts in a Twitter post, “Imagine if the EU required your bank to report you to the authorities every time you paid your rent merely because the transaction was over 1,000 euros.”
Private keys are another concern with unhosted wallets. When opening an account on any of these wallets, the user must know his 12-digit private key. You cannot access your crypto if you lose your private key. If someone has access to your private key, they will also have access to your crypto.
Current Unhosted Wallet Dynamics are Risky
According to Crystal Blockchain, unhosted wallets are progressively engaging with higher-risk providers. While the specific reason is unknown, it is presumed that this is for convenience and speed rather than illegal activity. Similarly, the usage of unhosted wallets is increasing, posing a greater problem for VASPs who must comply with Travel Rule obligations.
Over the two years 2020 and 2021, the percentage of all exchange transfers above $1,000 USD increased marginally. In 2021, the average percentage of such transfers was 2.5% higher than in 2020. The proportion of intra-exchange transactions over $1,000 USD is increasing, accounting for approximately 99% of all activity from Q1 2020 to the end of Q4 2021.
Various Countries Responded to the Travel Rule
Switzerland and Singapore are now requiring identification of transactions over $1,000, made with what the FATF refers to as “unhosted wallets”, as a result of initial guidelines issued by FinCEN in 2020, and subsequent support for the Travel Rule guidance from the FATF (which includes G20 countries) and the EU.
The Dutch National Bank (DNB) now requires crypto service providers to register with the central bank and formally affirm their compliance with the 1977 Sanctions Act verification criteria.
As part of its efforts to safeguard its customers, the UK FCA has signalled plans to incorporate Travel Rule guidelines into its cryptocurrency regulatory framework.