Privacy-Preserving Claims Exchange Networks for Virtual Asset Service Providers

TL;DR

This paper introduces a privacy-preserving claims exchange network for Virtual Asset Service Providers (VASPs) that enables regulatory compliance and data privacy through a secure, trust-based system for sharing verified claims about transaction subjects.

Contribution

It proposes a novel privacy-preserving claims issuance model and a consortium trust network for secure, verifiable data exchange among VASPs, addressing regulatory and privacy challenges.

Findings

The claims issuance model preserves data privacy while providing provenance indicators.

The trust network facilitates secure, signed claim exchanges among VASPs.

The approach supports compliance with FATF, GDPR, and CCPA requirements.

Abstract

In order for VASPs to fulfill the regulatory requirements from the FATF and the Travel Rule, VASPs need access to truthful information regarding originators, beneficiaries and other VASPs involved in a virtual asset transfer instance. Additionally, in seeking data regarding subjects (individuals or organizations) VASPs are faced with privacy regulations such as the GDPR and CCPA. In this paper we a propose privacy-preserving claims issuance model that carries indicators of the provenance of the data and the algorithms used to derive the claim or assertion. This allows VASPs to obtain originator and beneficiary information without necessarily having access to the private data about these entities. Secondly we propose the use of a consortium trust network arrangement for VASPs to exchange signed claims about subjects and their public-key information or certificate.