News is coming that European Union Court of Justice has just nuked the travel rule, and invalidated it with immediate effect.
This includes bitcoin and crypto currencies. All banks in the EU have to immediately stop putting their customer data into payment messages for payments sent to the US.
With the consequence that implementing the Travel Rule in Europe is prohibited under EU law, where this ends up in less well protected jurisdictions like the US. Also all banks in the EU should immediately stop putting their customers names and address into payment messages that end up in the US or are sent to the US. The ruling is immediately effective.
The standard argument: we may put personal data in because it is in the general interest, is shredded, for those who read carefully. All data transfers must be done on a case by case basis, so automated sending is off-limits.
I guess this kills the whole sales pitch CoolBitX and Sygna were tossing around at consensus last year. That’s nice because it was nonsense from the start. “We’re here to help you give the man all the information he’s not asking for about your customers”
Unfortunately, when forced to pick banks and FI will always pick AML compliance over GDPR compliance. Penalties for the former are critical and widely administered. Meanwhile penalties for GDPR are much less likely and small, especially in complicated cases like this.