FATF Publishes Report on Unlicensed Virtual Asset Service Providers
The FATF wants regulators to stop playing whack-a-mole with offshore crypto operators.
What Changed
In March 2026, the FATF published a report examining how offshore Virtual Asset Service Providers (oVASPs) structure their activities to avoid or evade regulatory obligations. The report recommends an activity-based licensing approach — regulating firms based on what they do, not where they are incorporated. Key recommendations include requiring financial institutions to assess exposure to unlicensed VASPs, applying consistent AML/CFT rules regardless of registration jurisdiction, and ensuring no group entity operates outside regulatory oversight.
Who It Affects
Crypto exchanges operating across borders, financial institutions with crypto-related counterparty relationships, compliance teams at banks processing crypto transactions, and national regulators developing VASP licensing frameworks.
What to Do
Assess your institution's exposure to unlicensed or unregistered VASPs in your counterparty network. Review whether your AML framework applies consistent rules regardless of a counterparty's registration jurisdiction. Evaluate whether any group entities in your corporate structure could be classified as operating outside regulatory oversight.
What is deepidv?
Not everyone loves compliance — but we do. deepidv is the AI-native verification engine and agentic compliance suite built from scratch. No third-party APIs, no legacy stack. We verify users across 211+ countries in under 150 milliseconds.
Learn More