MiCA Travel Rule: Notabene vs Sumsub vs Sygna vs Veriscope (2026)

Every Crypto-Asset Service Provider authorised under the Markets in Crypto-Assets Regulation in the EEA in 2026 must operate a Travel Rule capability before the regulator grants the licence — not after. The Transfer of Funds Regulation extended FATF Recommendation 16 to crypto-asset transfers ≥ €1,000 from 30 December 2024, and national competent authorities will not approve a CASP authorisation file that promises 'we will procure on day one'. The vendor contract must be signed and the integration evidenced before submission.¹^[1]²^[2]³^[3]

Four providers dominate the European Travel Rule market: Notabene, Sumsub Travel Rule, Sygna, and Veriscope. Each takes a different architectural approach to the same regulatory problem: identify the originator and beneficiary of a crypto-asset transfer, exchange that data with the counterparty CASP before settlement, and verify wallet ownership for transfers to or from a self-hosted wallet.

This guide compares the four head-to-head: protocol coverage, counterparty network size, self-hosted wallet treatment, integration complexity, pricing, and the operational signals NCAs look for at authorisation. By the end you will know which provider fits a Class 2 exchange-only CASP, which fits a Class 3 custodian, and which combination handles the Sunrise issue without leaving you stranded between member states.

The Transfer of Funds Regulation requires a CASP to transmit originator and beneficiary information with every crypto-asset transfer it executes on behalf of a client. The data set scales by transfer size and counterparty type.

• Below €1,000 between two CASPs: minimum data set — originator name, originator account, beneficiary name, beneficiary account.

• ≥ €1,000 between two CASPs: full data set — originator address, official ID number or date and place of birth, beneficiary address. Verified before release of funds.

• Any size to or from a self-hosted wallet: customer must self-identify as the wallet controller. CASP applies risk-based EDD on the address using blockchain analytics.

• Aggregation: linked transfers below €1,000 within a 24-hour aggregation window are aggregated and treated as a single transfer. Structuring detection rules are mandatory.

The four providers diverge most in two areas: protocol support (which Travel Rule networks they participate in) and self-hosted wallet workflow (how they verify wallet ownership). The table below compares all dimensions that matter at authorisation.

Notabene operates the largest Travel Rule counterparty network of any provider currently deployed in the EEA, with 200+ obliged entities live including Coinbase, Kraken, Bitstamp, BitGo, and Fireblocks. The protocol stack is TRP-native plus full IVMS 101 message support, so a CASP using Notabene reaches the broadest counterparty base from day one.⁵^[4]

The self-hosted wallet workflow — Address Ownership Proof — combines a signature challenge with a blockchain analytics risk score from Chainalysis, TRM Labs or Elliptic before allowing the transfer. Notabene does not bundle the analytics; you bring your own contract. This is operationally clean for CASPs with existing analytics relationships and slightly more work for those starting from zero.

Pricing is the highest of the four at €60,000–€120,000/year for a mid-sized CASP, but the network reach and dashboard quality justify the premium for any CASP serving more than 5,000 active customers. Implementation runs 4–8 weeks with a dedicated technical account manager.

Sumsub Travel Rule is the natural choice if you already use Sumsub for KYC, KYB and identity verification. The Travel Rule module bundles into the same compliance dashboard, the same case management workflow, and the same audit trail — meaning your MLRO has a single screen for onboarding, ongoing monitoring, and Travel Rule data. Implementation can run as fast as 2 weeks because the customer database is already in place.

The trade-off is network reach. Sumsub Travel Rule's counterparty network is materially smaller than Notabene's (~120 vs 200+), and is weighted toward Sumsub's existing CASP customer base. This is improving rapidly but matters today for any CASP whose customer flows touch large US or APAC counterparties not yet on the Sumsub network.

Pricing is the lowest of the four — €20,000–€60,000/year bundled with KYC. For a Class 2 CASP whose KYC volume is Sumsub-resolved, this is the highest ROI Travel Rule deployment available.

Sygna (operated by CoolBitX) was one of the earliest Travel Rule providers, with origins in Asia regulatory deployments. Its Sygna Bridge protocol is widely deployed across Singapore MAS-licensed CASPs, Hong Kong SFC VASPs, and Japan FSA-registered exchanges, and it integrates natively with IVMS 101 for EEA cross-compatibility. EEA presence is growing but smaller than Notabene's.

Native blockchain analytics and risk scoring are bundled — meaning a CASP using Sygna does not necessarily need a separate Chainalysis or TRM Labs contract for basic Travel Rule purposes (though most still maintain one for sanctions screening and transaction monitoring).

Sygna is the right choice for any CASP active across both EEA and APAC — particularly EEA Class 2 and Class 3 firms with material Singapore, Hong Kong, or Japan counterparty volume.

Veriscope is built on the Shyft network as an open, decentralised counterparty discovery layer. The architecture appeals to institutional CASPs and OTC desks that want protocol portability rather than vendor lock-in. Veriscope speaks both its own messaging format and TRP, and integrates with TRM Labs for blockchain analytics.

Counterparty network size is the smallest of the four (~80 globally) but skewed toward institutional and OTC operators rather than retail exchanges. For a CASP whose volume is dominated by 5–10 institutional counterparties (typical OTC desk profile), Veriscope's counterparty count is less of a constraint than it appears.

There is no single right answer. The right Travel Rule provider depends on customer geography, existing vendor stack, counterparty volume, and licence class.

Implementation is the second-most-asked question after price. The headline numbers below assume a CASP with an existing core ledger and KYC stack — not greenfield builds.

• Week 1: contract negotiation, NDAs, scoping workshops with the provider's solutions architect.

• Weeks 2–4: API integration into the deposit and withdrawal flows. Sandbox testing with the provider's test counterparties.

• Weeks 4–6: self-hosted wallet workflow integration — signature challenge UI, micro-deposit verification fallback, blockchain analytics risk-score routing.

• Weeks 6–8: production cutover for inter-CASP traffic, then phased rollout for self-hosted wallet flows.

• Ongoing: weekly counterparty network review, monthly false-positive rate reporting to MLRO, quarterly review with the provider's relationship team.

• Treating Travel Rule as a checkbox at authorisation. NCAs increasingly request volume metrics and counterparty discoverability data at supervisory inspection.

• Not budgeting for the Sunrise issue. Plan operational responses for inbound transfers from non-Travel-Rule counterparties — risk-based crediting, holds, or rejections.

• Self-hosted wallet UX that drops conversion. Signature-challenge flows must be friction-light or customers route around them via a sister CASP.

• Using a single provider when your counterparty footprint spans regions. Sygna does not reach a small US OTC desk; Notabene does not reach every Japanese exchange.

• Failing to integrate with transaction monitoring. Travel Rule data must flow into the AML rules engine — not sit in a parallel silo.

Yes. NCAs in Lithuania, Cyprus, Ireland, Germany and Malta all require evidence of operational Travel Rule capability in the authorisation file — a signed contract with a named provider, integration architecture, and a documented self-hosted wallet workflow. 'We will procure post-authorisation' is rejected on first review.

The Sunrise issue is the period during which not every counterparty CASP/VASP has Travel Rule infrastructure live. You will receive crypto transfers from counterparties that cannot send Travel Rule data and cannot receive yours. EBA Guidelines and the Transfer of Funds Regulation require risk-based decisions: reject, hold pending verification, or credit with enhanced monitoring. Document your policy, train front-line staff, and run quarterly reviews of the Sunrise-rejection rate.⁴^[5]

In principle, yes — IVMS 101 is an open standard. In practice, no — the value of a Travel Rule provider is not the message format but the counterparty network. A homegrown solution speaks IVMS 101 to nobody. Several large institutional players run hybrid architectures (own messaging stack + provider-supplied counterparty access) but no significant CASP has fully replaced the providers.

Not directly — the fiat leg is governed by PSD2 / payment services regulation. The crypto delivery to the customer's account is internal book-entry and not in scope. The Travel Rule applies the moment the customer instructs a withdrawal of crypto to an external wallet (custodial or self-hosted). At that point the €1,000 threshold and the data-set rules engage.

Sumsub Travel Rule is the lowest list price, particularly when bundled with Sumsub KYC. Notabene is the highest. But cheapest at the provider line can be most expensive at the operational line — if your counterparties are not on the Sumsub network you spend operational compliance time managing Sunrise rejections that a Notabene CASP avoids.

Notabene and Sygna both cover all three regimes (TFR in the EEA, MLR 2017 / FCA in the UK, PSA in Singapore). The data fields and threshold differ slightly by regime; both providers handle the mapping. Sumsub Travel Rule is strong in EEA and UK, growing in Singapore. Veriscope handles all three but with smaller MAS-side counterparty reach.

• MiCA Compliance Guide for CASPs: Authorisation walkthrough — capital, governance, supplier stack

• AML Compliance for Crypto Firms: What the 6AMLD requires from CASPs and VASPs

• How to Get a Bank Account for a VASP or CASP: The 2026 banking playbook for regulated crypto firms

• EMI vs PSP vs VASP vs CASP: Which financial licence do you actually need?

Travel Rule infrastructure is no longer a compliance afterthought — it is a precondition of CASP authorisation and a daily operational variable that determines how much of your crypto withdrawal volume completes without friction. The AMLR regime taking effect from July 2027 will only tighten the operational expectations. Pick the provider that matches your counterparty footprint, integrate it before you submit, and assume you will run two providers in parallel within 18 months of going live. The cost is modest. The cost of getting it wrong is rejected authorisation, blocked deposits, and supervisory follow-up letters.⁶^[6]