Legichain

Travel Rule by Jurisdiction: EU vs UK vs Turkey

A structural comparison of how three jurisdictions implement the Travel Rule: threshold, scope, unhosted wallets and reporting obligations.

Legichain Team 12 min read 26 May 2026

The Travel Rule is a global standard, but its implementation varies meaningfully by jurisdiction — sometimes in ways that feel small on paper but matter operationally at scale. This guide compares the EU's TFR (Regulation 2023/1113, in force December 2024 with a €0 threshold), the UK's MLR 2017 amendment (in force September 2023, £1,000 threshold), and Turkey's KVHS framework now in development. A decision-hub article for VASPs operating across all three markets.

Comparison table — Quick view

Dimension EU (TFR) UK (MLR 2017) Turkey (KVHS draft)
In force 30 December 2024 1 September 2023 KVHS licensing process 2025–2026
Threshold €0 (every transfer) £1,000 Not yet finalized (FATF alignment signaled)
Data format IVMS 101 (de facto) IVMS 101 (JMLSG guidance) Not specified; IVMS 101 in practice
Unhosted wallet Beneficial-owner verification above €1,000 Risk-based, JMLSG guidance Not yet defined
Counterparty due diligence Detailed TFR articles JMLSG Chapter 22 General AML perimeter (KVHS draft)
Reporting authority National competent authorities (EBA coordination) FCA MASAK
Data retention 5 years + national supplements 5 years + FCA additions General AML regime (min 5 years)
Enforcement TFR Article 28 fines + other measures FCA enforcement (unlimited fines) KVHS regulation plus MASAK sanctions

European Union — TFR (Transfer of Funds Regulation)

The EU's TFR (Regulation EU 2023/1113) came into force on 30 December 2024. Our TFR deep dive covers article-by-article detail; this article gives the high-level summary:

  • Threshold: €0 — every CASP-to-CASP transfer is in scope.
  • CASP definition: aligned with MiCA's CASP (Crypto-Asset Service Provider).
  • Originator data: name, account number, address, "personal document number" (national ID or equivalent), customer identifier, or place + date of birth.
  • Beneficiary data: name, account number.
  • Unhosted wallet: for transfers above €1,000, the CASP must obtain beneficial-owner evidence from the customer (e.g. screenshot, video, digital signature).
  • Data verification: originator data must be "verified" — simple collection is insufficient.
  • Transmission timing: the originating CASP must send before or in parallel with the transfer.

TFR's strictest feature is the €0 threshold. This is a deliberate deviation from FATF's $1,000 recommendation — a clear signal of the EU's policy preference for full traceability. The practical effect: intra-EU transfers force the sector to compliance investment even for low-value transfers.

United Kingdom — MLR 2017 amendment

The UK approach is detailed in our JMLSG Travel Rule guide; summary:

  • Legal basis: Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, amended in September 2023 to bring cryptoasset transfers into scope.
  • Threshold: £1,000 — close to FATF baseline, considerably more flexible than EU TFR.
  • Cryptoasset business definition: cryptoasset exchange provider + custodian wallet provider (FCA-registered).
  • Originator data: name, account number, address OR date/place of birth + national ID + customer identifier.
  • Beneficiary data: name, account number.
  • Unhosted wallet: risk-based; can sit below threshold but high-risk cases trigger additional verification.
  • JMLSG guidance: Chapter 22 and Chapter 24 outline practical expectations for cryptoasset business — FCA treats this guidance as "good practice" reference.

The UK approach: minimal rules in the statute, detail in JMLSG guidance. This gives the sector operational flexibility but creates a de facto minimum standard that cannot be defended by saying "we did not follow JMLSG."

Turkey — Emerging KVHS framework

As covered in our KVHS guide, Turkey's crypto regime took shape under Law 7518 in 2024; SPK (Capital Markets Board) is now leading the secondary regulation process. A Travel Rule-specific regulation has not yet been published, but KVHS drafts explicitly reference FATF alignment.

Expected Travel Rule structure:

  • Threshold: likely to follow FATF baseline (around $1,000 / 25,000–30,000 TRY band).
  • Format: IVMS 101 not mandated but practically the only choice.
  • Counterparty: SPK-licensed KVHS operators with each other and international counterparties.
  • Reporting: through MASAK; specific "Travel Rule reporting" format not yet defined.

Practical recommendation: build Travel Rule infrastructure in parallel with the KVHS licensing process. Inspection looks at "AML/CFT infrastructure" — an incomplete Travel Rule implementation can delay licensing.

How the three differences shape operations

Architectural decisions for a VASP operating across all three markets:

Threshold management

The same system must handle three different thresholds:

  • EU customer (as CASP) → €0 (every transfer).
  • UK customer → £1,000.
  • Turkish customer → likely FATF $1,000 baseline.

Practical: detect the customer's jurisdiction at onboarding (country of residence in KYC), apply the threshold rule dynamically at transfer time. Using a single global threshold either picks the strictest (EU €0) and damages UX, or picks the loosest and creates compliance risk.

Data collection depth

EU TFR requires the deepest data set — designing your KYC around TFR is pragmatic since the others are automatically satisfied. Specifics: full address, verified national ID, and "verified" status.

Counterparty verification

EU CASP list (per national NCA, EBA-coordinated), UK FCA registered list (our FCA crypto registration guide), Turkish KVHS license list (via SPK, not yet fully published). All three need daily sync.

Reporting formats

MASAK, FCA, EU national NCAs all want different formats and cadences. A single Travel Rule stack must generate all three from a common template layer.

Transition scenarios — A Turkish exchange expanding into the EU

The typical path for a Turkish exchange opening in the EU:

  1. MiCA CASP license: obtain a MiCA CASP license in an EU member state (Estonia, Netherlands, Malta are common). Our MiCA guide covers the process.
  2. TFR compliance: Travel Rule infrastructure that supports the €0 threshold is mandatory — your old system that only handled above $1,000 is insufficient.
  3. KYC deepening: TFR-level "verified" originator data for EU customers.
  4. Counterparty pool: intra-EU CASP message flow; the sunrise gap will be very low here.
  5. Reporting: periodic reporting to the national NCA (BaFin, AFM, MFSA).

If the same exchange is also expanding into the UK:

  • FCA registration is additional (separate licensing process).
  • £1,000 threshold = different rule set.
  • Operations governed by JMLSG guidance.

Common core — Valid across all three jurisdictions

What the three regimes share:

  • IVMS 101: de facto data standard in all three.
  • VASP/CASP/cryptoasset business: different labels, broadly the same scope.
  • Counterparty due diligence: required in all three.
  • 5+ year data retention: standard everywhere.
  • Suspicious transaction reporting (STR): required, on a separate channel.
  • Audit trail: timestamped, immutable record of all messages.

Each jurisdiction layers its own nuances on this common core — getting the foundation right makes cross-jurisdictional operation manageable.

Frequently Asked Questions

If a UK exchange accepts EU and Turkish customers, which regime applies?

The rules of the customer's jurisdiction of residence apply. For an EU-resident customer, TFR (€0 threshold, deep data); for a UK-resident customer, MLR 2017 (£1,000 threshold). This is not just an onboarding question but an ongoing monitoring one — if the customer relocates, the rules change. Practical: maintain an "applicable_jurisdiction" field per customer, with the transfer-time rule selected dynamically.

Does the EU TFR €0 threshold really cover every transfer?

Yes — for CASP-to-CASP transfers, every transfer is in scope, including a €1 transfer. For unhosted wallet transfers, the €1,000 threshold applies (for beneficial owner verification). This creates significant operational overhead for small-value user transfers — particularly tips, gifts and micropayments. The gap between EU sector views and FATF baseline was heavily debated during TFR adoption.

Can UK and EU regimes run in parallel on the same VASP?

Yes — and most large VASPs are structured this way. A single Travel Rule infrastructure (with appropriate policy engine) supports both regimes in parallel. The key: customer-side jurisdiction detection + jurisdiction-specific rule set + separate reporting. When a UK CASP transfers to an EU CASP, both sides apply their own regime; the message format (IVMS 101) is shared.

How will a Turkish exchange handle EU↔Turkey transfers once KVHS is in force?

Two-way compliance: the EU side demands TFR's full data set (€0 threshold), the Turkish side satisfies KVHS requirements (not yet defined but FATF baseline expected). When the message originator is an EU CASP, the full TFR data arrives — the Turkish exchange consumes it and integrates with local reporting. When the message originator is the Turkish exchange, sending the broadest data set (enough for EU + necessary for Turkey) satisfies both regimes.

How does the sunrise problem play out across the three jurisdictions?

As detailed in our sunrise problem guide, intra-EU transfers have minimal sunrise gap (all CASPs must be compliant); intra-UK the same. Intra-Turkey — since KVHS is not yet in force — there is a de facto sunrise gap. EU/UK ↔ Turkey transfers have a situational gap: EU CASPs cannot rely on Turkish exchange capability and may invoke their fallback policy. This is a tense zone until KVHS is in force and Turkish exchanges are licensed.

How Legichain helps

Managing three jurisdictional rule sets in a single Travel Rule stack is an architectural concern. Legichain ships with a jurisdiction-aware policy engine: customer jurisdiction detection, jurisdiction-specific threshold/data/reporting rules, and pre-built templates for EU TFR, UK MLR, and Turkish KVHS. For counterparty verification, the EU EBA list, UK FCA registered list and Turkish SPK-licensed KVHS list sync daily. Stay compliant across three markets through a single API. Module breakdowns at /en/travel-rule and /en/blockchain-aml.

Next steps

Legichain Team· Compliance editorial

Written by Legichain's compliance editorial team — regulated-financial-services veterans who built and integrated AML platforms for banks and crypto exchanges across EMEA.

Related reading

You may also like

travel-rule

What Is a VASP? Definition, Categories, Obligations

FATF's 2018 VASP definition is the foundational concept in global crypto regulation. This article covers the formal definition, the five activity categories, the AML/KYC and Travel Rule obligations that follow, the EU's CASP equivalent under MiCA, and the practical scope analysis for exchanges, custodians and OTC desks.

Read article
travel-rule

The Travel Rule Sunrise Problem and Practical Workarounds

The sunrise problem is the operational gap created by uneven global adoption of the FATF Travel Rule. This article covers the causes, the jurisdictional map, the three main fallback strategies (reject, hold, retain), real-world gap rates, and near-term trends — particularly for exchanges with EU/UK/US transfer flows.

Read article
travel-rule

FATF Travel Rule: The Definitive Guide for VASPs

The Travel Rule — FATF Recommendation 16 adapted to virtual asset transfers — mandates that originator and beneficiary data accompany crypto transfers between VASPs. This guide covers scope, the IVMS 101 data standard, the sunrise problem, jurisdictional differences (EU, UK, Turkey), and an 8-step implementation architecture for crypto exchanges, custodians and licensed VASPs in EU/UK markets.

Read article

Be screen-ready in an afternoon.

Spin up a free workspace, paste your first API key into a curl, ship a verified onboarding flow before your next stand-up.

Start freeBook 30 min with sales