- Travel Rule compliance — Singapore (separate guide, coming soon)
- Travel Rule compliance — EU (separate guide, coming soon)
Who this is for
Customers using theCrypto Withdrawals API and/or Orchestration APIs to move crypto to external addresses.
Travel Rule does not apply to:
- Transfers under $3,000 USD-equivalent
- First-party transfers between Paxos sub-accounts you own
- Fiat payment flows
- Internal Paxos-to-Paxos transfers
- Regulated Customers using their own licensing
How it works
Travel Rule information is collected and stored on the destination address, not on the transaction. Once an address is saved with valid Travel Rule metadata, every subsequent withdrawal or orchestration to that address inherits it automatically. You collect once, transact many times. This is a shift away from the legacybeneficiary field on POST /v2/transfer/crypto-withdrawals, which was per-transaction. This field will be deprecated.
Three actors are involved in every above-threshold transfer:
| Actor | Who | What you provide |
|---|---|---|
| Originator | The person or entity sending the crypto | Nothing — Paxos derives this from existing KYC information |
| Beneficiary | The person or entity receiving the crypto | Provided on the destination address via travelrule_metadata |
| Receiving VASP | The VASP holding the beneficiary’s wallet, if any | vasp.id (preferred) or vasp.custom_vasp_name + vasp.custom_vasp_website (fallback) |
Looking up VASPs
Paxos maintains a directory of known VASPs. UseGET /v2/travelrule/vasps to power a type-ahead picker in your UI:
vasp.custom_vasp_name + vasp.custom_vasp_website — the transfer proceeds and Paxos handles the Travel Rule obligation for off-directory institutions.
You can cache directory results; changes to the directory happen as often as daily.