VASP (Virtual Asset Service Provider)

A VASP is any legal entity or natural person engaged in the transfer, exchange, custody, or management of virtual assets on behalf of customers, as defined by the Financial Action Task Force. VASPs encompass cryptocurrency exchanges, custodial wallet providers, decentralized finance (DeFi) platforms offering intermediated services, mining pools offering withdrawal services, and staking-as-a-service providers. Under FATF's Travel Rule and evolving global regulations, VASPs must implement comprehensive AML/CFT programs, maintain customer and transaction records, conduct due diligence, and report suspicious activity to appropriate authorities. The VASP classification triggers substantial regulatory obligations including compliance technology implementation, staff training, audit requirements, and potential licensing or registration with financial regulators depending on jurisdiction. FATF recommendations increasingly require VASPs to exchange customer and transaction data similar to traditional wire transfer requirements. Example: Coinbase operates as a VASP and implements comprehensive compliance programs including KYC/AML procedures, transaction monitoring through Chainalysis, suspicious activity reporting to FinCEN, and compliance with OFAC sanctions lists across all customer transactions. Why it matters for compliance: VASP designation creates direct regulatory accountability for crypto businesses, requiring substantial infrastructure investments. Operating as an unregistered VASP in regulated jurisdictions carries criminal penalties, making formal compliance framework adoption essential for legitimacy and operational continuity.

Category: compliance, regulatory frameworks

Explore the full Web3 Glossary — 2,062+ expert-curated definitions. Need guidance? Talk to our consultants.