# Travel Rule compliance

Ripple Custody integrates with [Notabene](https://notabene.id/) to enable Travel Rule compliance for digital asset transfers. This integration automates the exchange of required customer information between Virtual Asset Service Providers (VASPs) during transactions.

Travel Rule compliance is available in Ripple Custody v1.30 and later.

## Why Travel Rule matters

When you send or receive digital assets above certain thresholds, regulators require you to exchange customer information with the counterparty. This is the Travel Rule — FATF Recommendation 16 — and it applies to VASPs globally.

Without Travel Rule compliance:

- Transactions may be blocked or delayed by counterparties
- Your organization risks regulatory penalties
- You cannot operate in jurisdictions with strict Travel Rule enforcement


Ripple Custody handles this automatically through its Notabene integration, so your transactions flow smoothly while meeting regulatory requirements.

## Key concepts

### VASPs and the Notabene network

A **VASP** (Virtual Asset Service Provider) is any business providing custody, exchange, or transfer services for digital assets. VASPs must exchange customer information for transactions above regulatory thresholds.

[Notabene](https://notabene.id/) operates a global network connecting VASPs for Travel Rule compliance. When you send assets to another VASP on the network, Notabene facilitates the secure exchange of required information. Your organization is identified on this network by a **DID** (Decentralized Identifier)—a unique identifier like `did:web:your-domain.com`.

### IVMS-101 data format

Customer information is exchanged using the **IVMS-101** standard (Inter-VASP Messaging Standard). This includes:

- **Natural persons**: Name, address, date of birth
- **Legal entities**: Business name, registration number, address
- **Account information**: Wallet addresses, account identifiers


### PII encryption

Customer data (PII) must be encrypted before transmission. You have two options:

- **Plaintext submission**: Submit PII in IVMS-101 format and Notabene encrypts it
- **Pre-encrypted submission**: Encrypt PII yourself using Notabene's hybrid encryption (AES-256-GCM + RSA-2048/ECIES) for end-to-end encryption


Ripple Custody does not store or encrypt PII.

## How it works

Travel Rule compliance integrates with existing transaction workflows in Ripple Custody:


```mermaid
flowchart TD
    Request["Customer Request"]
    Compliance["Compliance Service"]
    Screening["Transaction Screening<br/>(Chainalysis/Elliptic)"]
    TravelRule["Travel Rule<br/>(Notabene)"]
    Decision["Combined Decision"]
    Execute["Transaction Execution"]

    Request --> Compliance
    Compliance --> Screening
    Compliance --> TravelRule
    Screening --> Decision
    TravelRule --> Decision
    Decision --> Execute
```

For **outgoing transactions**:

1. Create a Travel Rule message with counterparty information
2. Create a transfer intent using the returned `suggestedIntentId`
3. System runs screening and Travel Rule checks in parallel
4. If PII is required, you submit it via the API
5. Transaction executes when both checks pass


For **incoming transactions**:

1. Indexer detects incoming transfer
2. Funds are quarantined pending compliance checks
3. System notifies the originating VASP via Notabene
4. Transaction releases when checks pass


### Compliance decisions

Ripple Custody evaluates both risk screening and Travel Rule results. The strictest outcome determines the final decision:

| Combined Result | Decision |
|  --- | --- |
| Both pass | `AUTO_APPROVED` — Transaction executes |
| Either flagged | `FLAGGED` — Manual review required |
| Either rejected | `AUTO_REJECTED` — Transaction blocked |


## Supported blockchains

| Blockchain | Native Asset | CAIP-19 Identifier |
|  --- | --- | --- |
| Bitcoin | BTC | `bip122:000000000019d6689c085ae165831e93/slip44:0` |
| Ethereum | ETH | `eip155:1/slip44:60` |
| XRP Ledger | XRP | `xrpl:mainnet/slip44:144` |
| Polygon | MATIC | `eip155:137/slip44:966` |
| Stellar | XLM | `stellar:pubnet/slip44:148` |
| Solana | SOL | `solana:mainnet/slip44:501` |
| TRON | TRX | `tron:mainnet/slip44:195` |


For tokens, use the format: `{chain}/erc20:{contractAddress}` (ERC-20), `solana:mainnet/spl:{address}` (SPL), or `stellar:pubnet/asset:{code}:{issuer}` (Stellar).

## Getting started

1. **Register with Notabene** — Complete VASP registration and KYB verification
2. **Configure credentials** — Provide your Notabene API credentials to your Ripple partner engineer
3. **Register addresses** — Wallet addresses are registered with Notabene


For detailed setup instructions, see [Travel Rule setup](/products/custody/v1.34/resources/guides/travel-rule-setup).

For transaction workflows with API examples, see [Travel Rule API](/products/custody/v1.34/api/accounting/travel-rule).

## Glossary

| Term | Definition |
|  --- | --- |
| **VASP** | Virtual Asset Service Provider — a business providing custody, exchange, or transfer services |
| **DID** | Decentralized Identifier — unique identifier for VASPs on Notabene (e.g., `did:web:domain.com`) |
| **DIDdoc** | DID Document — contains public keys for PII encryption and VASP discovery |
| **IVMS-101** | Inter-VASP Messaging Standard — structured format for customer data exchange |
| **PII** | Personally Identifiable Information — customer data required for Travel Rule |
| **CAIP-19** | Chain Agnostic Identifier Protocol — standard for identifying assets across blockchains |
| **FATF** | Financial Action Task Force — international body setting AML/CFT standards |
| **Recommendation 16** | FATF guidance requiring VASPs to exchange originator/beneficiary information |


Travel Rule requirements vary by jurisdiction. This documentation provides technical guidance only. Consult legal counsel for regulatory advice.

## Next steps

- [Transaction screening](/products/custody/v1.34/concepts/compliance/transaction-screening): Configure risk thresholds with Chainalysis or Elliptic
- [Compliance overview](/products/custody/v1.34/concepts/compliance): How screening and Travel Rule work together
- [Policies](/products/custody/v1.34/concepts/governance/policies): Create governance policies for compliance workflows