[동북아 5지역 AML/AFC 전문가 컨퍼런스 릴레이 인터뷰]
④ “디지털 자산 규제는 이제 실험이 아니라 제도다’”
Mr. Colin Chen, Chairman of the Taipei Digital Asset Association
(서울 핀테크투데이 임명수 기자) 지난 11월 말, 서울 IFC 포럼에서 열린 ‘동북아 5지역 AML/AFC 전문가 심포지움’은 중국·홍콩·마카오·대만·한국의 규제기관과 금융회사, 디지털 자산 및 블록체인 보안 기업들이 한자리에 모여 디지털 자산 시대의 금융범죄 대응 전략을 논의한 첫 공동 무대였다.
핀테크투데이에서는 이번 심포지움에 참석한 해외 주요 전문가들과의 릴레이 인터뷰를 통해, 동북아 AML·AFC 협력이 직면한 현실과 향후 방향성을 심층적으로 조명하고 있다.
네번째 인터뷰 대상은 대만 디지털자산산업협회(Taipei Digital Asset Association, TDAA) 회장인 Mr. Colin Chen이다. 그는 컴플라이언스 기술 기업 TheMoonGroup을 이끄는 동시에, 대만 디지털 자산 업계를 대표해 규제당국, 금융권, Web3 산업 간의 가교 역할을 수행해 온 인물이다.
Colin Chen 회장은 이번 인터뷰에서 디지털 자산과 스테이블코인에 대한 글로벌 AML/CFT 규제가 이미 ‘실험 단계’를 지나 ‘제도화 단계’에 진입했으며, 이제 기업 경쟁력의 핵심은 기술 자체가 아니라 규제 대응 역량과 컴플라이언스 설계 능력에 있다고 강조했다.
“디지털 자산 규제, 실험에서 제도화로 이동 중”
Q. 글로벌 관점에서 볼 때, 디지털 자산과 스테이블코인 AML/CFT 규제는 어느 단계에 와 있다고 보십니까?
: “현재는 분명히 실험에서 제도화로 넘어가는 전환기입니다. 지난 5년간 FATF의 가상자산 권고안, 특히 권고사항 15와 트래블룰을 중심으로 글로벌 규제의 수렴이 뚜렷하게 나타났습니다. 많은 국가들이 ‘동일한 활동, 동일한 리스크, 동일한 규제’ 원칙에 따라 암호자산에도 전통 금융과 유사한 AML/CFT 기준을 적용하고 있습니다.”
그는 EU의 MiCA 체계와 홍콩의 스테이블코인 규제를 대표 사례로 들며, “원칙 선언 수준을 넘어 인허가, 거버넌스, 준비금 관리, 상환 메커니즘까지 매우 구체적인 운영 요건이 제시되고 있다”고 설명했다. 다만 국가별 규제 성숙도 차이로 인해 규제 차익과 국경 간 컴플라이언스 복잡성은 여전히 중요한 과제로 남아 있다고 지적했다.
“스테이블코인, 이제 금융안정의 영역으로 들어왔다”
Q. 글로벌 스테이블코인 규제의 핵심 트렌드는 무엇입니까?
: Colin Chen 회장은 세 가지 흐름을 짚었다.
첫째는 준비금의 질과 투명성 강화, 둘째는 상환 가능성과 리스크 관리 요건의 엄격화, 셋째는 지급결제·금융안정 정책과의 본격적 결합이다.
“스테이블코인은 더 이상 단순한 암호자산 상품이 아닙니다. 지급결제 인프라, 자본시장, 나아가 통화 주권 논의의 일부로 인식되고 있습니다. 발행사와 금융기관은 처음부터 ‘규제 대응형’ 상품을 설계해야 하며, 실시간 온체인 AML/CFT 통제와 국경 간 감독을 전제로 한 데이터 투명성이 필수입니다.”
“VASP 실사, 체크리스트 KYC로는 부족하다”
Q. 금융기관이 VASP에 대해 강화된 고객확인의무(ECDD)를 수행할 때 중요한 점은 무엇입니까?
: 그는 VASP 실사가 이미 코레스폰던트 뱅킹과 온·오프램프 관계의 핵심 요소가 됐다고 평가했다.
“단순한 문서 기반 KYC를 넘어, 규제 환경, 사업 모델, AML/CFT 기술 역량, 온체인 행태를 종합적으로 분석하는 리스크 인텔리전스 모델이 필요합니다. 또한 ECDD는 일회성 절차가 아니라, 신규 서비스 출시나 시장 확장 시 자동으로 작동하는 지속적 실사 프로세스여야 합니다.”
“DeFi와 토큰화, 규제 공백을 기술로 메워야”
Q. DeFi, NFT, 실물자산 토큰화가 확산되면서 가장 큰 AML/CFT 과제는 무엇입니까?
: Colin Chen 회장은 △중개자 책임의 불명확성 △비수탁·크로스체인 환경 확대 △자산 분류의 복잡성을 주요 도전 과제로 꼽았다.
“이제는 지갑·프로토콜 단위의 리스크 스코어링, 스마트컨트랙트와 UI에 내재화된 컴플라이언스, 그리고 개발자·컴플라이언스·규제당국 간의 협력이 동시에 필요합니다. RegTech는 혁신과 규제 사이의 간극을 메우는 핵심 인프라가 될 것입니다.”
“혁신과 보호는 대립하지 않는다”
Q. TDAA와 같은 산업 협회의 역할은 무엇이라고 보십니까?
: 그는 산업 협회를 규제당국과 시장을 잇는 ‘번역 계층’이라고 표현했다.
“TDAA는 정책 대화, 컴플라이언스 기준 상향, 국제 협력을 통해 디지털 자산 산업 전체의 신뢰도를 높이는 데 집중하고 있습니다. 높은 컴플라이언스 수준을 갖춘 시장일수록 장기적으로 기관 자본을 끌어들이고 지속 가능성이 높아집니다.”
“디지털 자산은 글로벌 금융 인프라의 일부가 될 것”
Q. 향후 3~5년, 컴플라이언스를 갖춘 디지털 자산의 미래를 어떻게 보십니까?
: “규제 수렴은 더 진전될 것이고, 컴플라이언스는 ‘사후 대응’이 아니라 설계 단계부터 내재화된 기능이 될 것입니다. 전통 금융과 Web3의 결합도 본격화될 것입니다.”
Colin Chen 회장은 TheMoonGroup과 TDAA를 통해 “글로벌 기준에 부합하는 AML/CFT 기술 확산과 규제당국에 대한 기술적 지원을 이어가며, 신뢰받는 디지털 자산 생태계를 구축하는 데 기여하겠다”고 밝혔다.
(사진 앞줄 좌측 다섯번째가 Mr. Colin Chen, Chairman of the Taipei Digital Asset Association )
[Northeast Asia AML/AFC Experts Conference – Relay Interview ]
④ “Digital Asset Regulation Is No Longer an Experiment, but an Institution”
Colin Chen, Chairman of the Taipei Digital Asset Association, on the Next Phase of Global AML/CFT
(Seoul, FintechToday – Reporter Myung Su Im)
In late November, the “Northeast Asia Five-Region AML/AFC Experts Symposium,” held at the IFC Forum in Seoul, brought together regulators, financial institutions, and digital asset and blockchain security companies from China, Hong Kong, Macau, Taiwan, and South Korea. The event marked the first joint platform in the region dedicated to discussing strategies to combat financial crime in the era of digital assets.
Through a series of relay interviews with leading international experts who participated in the symposium, FintechToday is taking an in-depth look at the realities facing AML and AFC cooperation in Northeast Asia, as well as its future direction.
The fourth interview in this series features Mr. Colin Chen, Chairman of the Taipei Digital Asset Association (TDAA). Mr. Chen leads the compliance technology firm TheMoonGroup and has long served as a bridge between regulators, the financial sector, and the Web3 industry, representing Taiwan’s digital asset ecosystem.
In this interview, Mr. Chen emphasized that global AML/CFT regulation for digital assets and stablecoins has already moved beyond the “experimental phase” and entered a stage of institutionalisation. He noted that corporate competitiveness in this new environment no longer hinges on technology alone, but increasingly on regulatory readiness and the ability to design robust, compliance-by-design frameworks.
Q1. From a global perspective, how do you assess the current stage of AML/CFT regulation for digital assets and stablecoins?
A1: I would describe the current stage as a transition from experimentation to institutionalization.
Over the past five years, we have seen a clear global convergence around the FATF standards for virtual assets and VASPs, especially Recommendation 15 and the Travel Rule.
Many jurisdictions now apply traditional AML/CFT expectations to crypto in a “same activity, same risk, same regulation” manner, even if their technical frameworks differ.
At the same time, leading markets are moving from principle-based statements to very detailed, operational requirements. The European Union’s MiCA framework, for example, sets very concrete expectations for licensing, governance and market abuse prevention for crypto-asset service providers and stablecoin issuers.
Hong Kong is doing something similar with its new regime for fiat-referenced stablecoin issuers, which brings reserve management, redemption mechanisms and risk controls into a single, coherent framework.
However, implementation is uneven. Some jurisdictions have very mature regimes, while others remain in a “wait-and-see” mode or focus mainly on bans. This creates regulatory arbitrage risks and makes cross-border compliance more complex. As a compliance technology provider and as part of 台北數位資產商業同業協會(Taipei Digital Asset Association, TDAA), our role is to help institutions navigate this patchwork while still meeting the highest global standards, not just the minimum local requirements.
Q2. What are the main global trends you see in stablecoin regulation, and how should issuers and financial institutions respond?
A2: Globally, I see three dominant trends in stablecoin regulation:
1. Emphasis on reserve quality and transparency.
Regulators now look very closely at the composition, valuation and segregation of reserves, as well as the frequency of disclosure. The direction of travel is towards bank-like expectations for large stablecoins that may have systemic impact.
2. Stricter redemption and risk-management requirements.
Authorities are asking: “Can users always redeem at par, in a timely manner, even under stress?” That means clear redemption policies, robust liquidity buffers and realistic stress-testing. The new stablecoin frameworks in the EU and Hong Kong embody this approach.
3. Integration with broader financial stability and payment policy.
Stablecoins are no longer seen only as a crypto product. They are now part of discussions about payment systems, capital markets and even monetary sovereignty. Central banks and securities regulators are both getting involved.
For issuers and their banking partners, the response should be:
● Design products to be “regulation-ready”. Assume that more stringent reserve, disclosure and governance requirements are coming, and build them into your product from day one.
● Adopt real-time, on-chain AML/CFT controls. Generic transaction monitoring is not enough. You need behaviour-based risk scoring, link analysis and screening for typologies like mixers, darknet markets and ransomware, leveraging KYT and blockchain analytics tools.
● Prepare for cross-border supervision. Large stablecoin issuers must expect scrutiny from multiple regulators. Having transparent data, auditable processes and strong technology partners makes those conversations much smoother.
At 萬旭浤資訊科技(TheMoonGroup), our focus is to provide exactly these kinds of monitoring, risk-scoring and reporting capabilities so that issuers and banks can treat compliance as a built-in feature rather than an after-thought.
Q3. When banks and other financial institutions conduct Enhanced Customer Due Diligence on VASPs, what global best practices do you recommend?
A3: Enhanced Customer Due Diligence on VASPs is now a core part of correspondent banking and fiat on-/off-ramp relationships. From a global perspective, I would highlight three best practices:
1. Move from “checklist KYC” to a true risk-intelligence model.
Financial institutions should evaluate VASPs using a multi-factor framework, including:
○ Regulatory status and quality of supervision in home and major operating jurisdictions.
○ Business model and product complexity (e.g. derivatives, leverage, DeFi access).
○ Strength of AML/CFT governance, technology stack and independent audits.
○ On-chain behaviour, including exposure to high-risk counterparties and jurisdictions.
2. Combine off-chain documentation with on-chain analytics.
Traditional questionnaires and policy reviews are necessary but not sufficient. Banks should complement them with KYT tools that continuously monitor the VASP’s wallets and flows, flag unusual spikes in risk exposure and analyse interactions with mixers, high-risk services or sanctioned entities.
3. Treat ECDD as a living process, not a one-time gate.
The risk profile of a VASP can change quickly, for example when it enters a new market or launches a new product. Institutions need dynamic risk reviews, triggered by on-chain indicators, news signals or material changes in the business.
Through our work with 台北數位資產商業同業協會(Taipei Digital Asset Association, TDAA), we encourage both VASPs and banks to adopt this “continuous due diligence” mindset, so that long-term partnerships are built on transparency and shared risk understanding.
Q4. DeFi, NFTs and tokenised real-world assets are growing rapidly. What are the biggest AML/CFT challenges here, and how can technology help?
A4: DeFi and tokenisation are exciting because they can improve capital efficiency and market access, but they also challenge traditional AML/CFT frameworks in three ways:
1. Blurred lines between intermediaries and infrastructure.
In DeFi, responsibilities are spread across protocol developers, governance token holders, front-end operators and liquidity providers. Regulators are still debating who should be treated as a VASP. Until this is settled, institutions must apply a conservative, risk-based approach.
2. High use of non-custodial and cross-chain tools.
Non-custodial wallets, bridges and privacy-enhancing technologies are attractive for legitimate users and criminals alike. This makes traditional, account-based monitoring less effective and increases the importance of on-chain pattern analysis.
3. Complexity of asset classification.
Tokenised assets can represent securities, commodities, payment instruments or entirely new categories. The legal classification determines the applicable rules, and misclassification can create serious regulatory gaps.
To address these challenges, we advocate:
● Protocol-level and wallet-level risk scoring, using graph analytics and machine-learning models to evaluate counterparties even when identities are not directly known.
● Integration of compliance checks into user interfaces and smart contracts, for example denying access to known high-risk addresses or regions and embedding Travel-Rule-ready data flows.
● Close collaboration between developers, compliance teams and regulators, so that new products are designed with a clear view of their regulatory perimeter from day one.
This is precisely where RegTech companies like 萬旭浤資訊科技(TheMoonGroup) can bridge the gap between innovation and compliance, turning complex on-chain data into actionable risk signals.
Q5. How do you see the role of industry associations, such as 台北數位資產商業同業協會(Taipei Digital Asset Association, TDAA), in shaping responsible innovation in digital assets?
A5: Industry associations are becoming critical “translation layers” between regulators, traditional finance and Web3 builders.
In TDAA, we focus on three roles:
1. Policy dialogue and knowledge sharing.
We bring together regulators, banks, exchanges, startups and academics to discuss global regulatory trends, from FATF guidance to MiCA and the latest stablecoin and securities-token regimes. This helps local stakeholders benchmark themselves against international best practices, not just local rules.
2. Raising the baseline of compliance.
By publishing guidelines, organising training and sharing typologies, we help smaller firms and new entrants build robust AML/CFT frameworks more quickly. This reduces the risk that a few bad actors damage the reputation of the entire market.
3. Building international bridges.
Taiwan has strong strengths in technology and financial infrastructure. Through cross-border collaboration with associations and institutions in other regions, we can contribute our technical expertise and learn from their regulatory experience, creating a healthier global ecosystem.
Ultimately, our goal is to show that innovation and investor protection are not in conflict. A high-compliance digital asset industry is more attractive to institutional capital and more sustainable over the long term.
Q6. Looking ahead three to five years, what is your vision for the future of compliant digital assets, and how do you plan to contribute?
A6: I believe the next three to five years will bring three major shifts:
1. Regulatory convergence with local nuance.
While details will differ, most major jurisdictions will align around a core set of standards for licensing, AML/CFT, market integrity and consumer protection. This will reduce regulatory arbitrage but increase expectations on governance and technology.
2. Compliance as a built-in feature of financial infrastructure.
We will move from separate compliance systems to compliance-by-design infrastructure: smart contracts with access controls, interoperable Travel Rule messaging, and on-chain proof of reserves and risk. Technology will make good compliance cheaper and bad compliance harder.
3. Deeper integration between traditional finance and Web3.
As tokenisation and stablecoins mature under clear rules, we will see more banks, asset managers and real-economy firms using blockchain rails. The winners will be those who combine strong risk management with user-friendly experiences.
My personal ambition, through 萬旭浤資訊科技(TheMoonGroup) and 台北數位資產商業同業協會(Taipei Digital Asset Association, TDAA), is to:
● Help financial institutions and Web3 companies adopt advanced AML/CFT and risk-management tools that meet global standards.
● Support regulators with technical insights, so that rules are both effective and innovation-friendly.
● Position our ecosystem as a trusted, globally connected hub for compliant digital asset business.
If we can achieve that, then digital assets will no longer be seen as a parallel system, but as an integrated, secure layer of the global financial infrastructure.
[동북아 5지역 AML/AFC 전문가 컨퍼런스 릴레이 인터뷰]
④ “디지털 자산 규제는 이제 실험이 아니라 제도다’”
Mr. Colin Chen, Chairman of the Taipei Digital Asset Association
(서울 핀테크투데이 임명수 기자) 지난 11월 말, 서울 IFC 포럼에서 열린 ‘동북아 5지역 AML/AFC 전문가 심포지움’은 중국·홍콩·마카오·대만·한국의 규제기관과 금융회사, 디지털 자산 및 블록체인 보안 기업들이 한자리에 모여 디지털 자산 시대의 금융범죄 대응 전략을 논의한 첫 공동 무대였다.
핀테크투데이에서는 이번 심포지움에 참석한 해외 주요 전문가들과의 릴레이 인터뷰를 통해, 동북아 AML·AFC 협력이 직면한 현실과 향후 방향성을 심층적으로 조명하고 있다.
네번째 인터뷰 대상은 대만 디지털자산산업협회(Taipei Digital Asset Association, TDAA) 회장인 Mr. Colin Chen이다. 그는 컴플라이언스 기술 기업 TheMoonGroup을 이끄는 동시에, 대만 디지털 자산 업계를 대표해 규제당국, 금융권, Web3 산업 간의 가교 역할을 수행해 온 인물이다.
Colin Chen 회장은 이번 인터뷰에서 디지털 자산과 스테이블코인에 대한 글로벌 AML/CFT 규제가 이미 ‘실험 단계’를 지나 ‘제도화 단계’에 진입했으며, 이제 기업 경쟁력의 핵심은 기술 자체가 아니라 규제 대응 역량과 컴플라이언스 설계 능력에 있다고 강조했다.
“디지털 자산 규제, 실험에서 제도화로 이동 중”
Q. 글로벌 관점에서 볼 때, 디지털 자산과 스테이블코인 AML/CFT 규제는 어느 단계에 와 있다고 보십니까?
: “현재는 분명히 실험에서 제도화로 넘어가는 전환기입니다. 지난 5년간 FATF의 가상자산 권고안, 특히 권고사항 15와 트래블룰을 중심으로 글로벌 규제의 수렴이 뚜렷하게 나타났습니다. 많은 국가들이 ‘동일한 활동, 동일한 리스크, 동일한 규제’ 원칙에 따라 암호자산에도 전통 금융과 유사한 AML/CFT 기준을 적용하고 있습니다.”
그는 EU의 MiCA 체계와 홍콩의 스테이블코인 규제를 대표 사례로 들며, “원칙 선언 수준을 넘어 인허가, 거버넌스, 준비금 관리, 상환 메커니즘까지 매우 구체적인 운영 요건이 제시되고 있다”고 설명했다. 다만 국가별 규제 성숙도 차이로 인해 규제 차익과 국경 간 컴플라이언스 복잡성은 여전히 중요한 과제로 남아 있다고 지적했다.
“스테이블코인, 이제 금융안정의 영역으로 들어왔다”
Q. 글로벌 스테이블코인 규제의 핵심 트렌드는 무엇입니까?
: Colin Chen 회장은 세 가지 흐름을 짚었다.
첫째는 준비금의 질과 투명성 강화, 둘째는 상환 가능성과 리스크 관리 요건의 엄격화, 셋째는 지급결제·금융안정 정책과의 본격적 결합이다.
“스테이블코인은 더 이상 단순한 암호자산 상품이 아닙니다. 지급결제 인프라, 자본시장, 나아가 통화 주권 논의의 일부로 인식되고 있습니다. 발행사와 금융기관은 처음부터 ‘규제 대응형’ 상품을 설계해야 하며, 실시간 온체인 AML/CFT 통제와 국경 간 감독을 전제로 한 데이터 투명성이 필수입니다.”
“VASP 실사, 체크리스트 KYC로는 부족하다”
Q. 금융기관이 VASP에 대해 강화된 고객확인의무(ECDD)를 수행할 때 중요한 점은 무엇입니까?
: 그는 VASP 실사가 이미 코레스폰던트 뱅킹과 온·오프램프 관계의 핵심 요소가 됐다고 평가했다.
“단순한 문서 기반 KYC를 넘어, 규제 환경, 사업 모델, AML/CFT 기술 역량, 온체인 행태를 종합적으로 분석하는 리스크 인텔리전스 모델이 필요합니다. 또한 ECDD는 일회성 절차가 아니라, 신규 서비스 출시나 시장 확장 시 자동으로 작동하는 지속적 실사 프로세스여야 합니다.”
“DeFi와 토큰화, 규제 공백을 기술로 메워야”
Q. DeFi, NFT, 실물자산 토큰화가 확산되면서 가장 큰 AML/CFT 과제는 무엇입니까?
: Colin Chen 회장은 △중개자 책임의 불명확성 △비수탁·크로스체인 환경 확대 △자산 분류의 복잡성을 주요 도전 과제로 꼽았다.
“이제는 지갑·프로토콜 단위의 리스크 스코어링, 스마트컨트랙트와 UI에 내재화된 컴플라이언스, 그리고 개발자·컴플라이언스·규제당국 간의 협력이 동시에 필요합니다. RegTech는 혁신과 규제 사이의 간극을 메우는 핵심 인프라가 될 것입니다.”
“혁신과 보호는 대립하지 않는다”
Q. TDAA와 같은 산업 협회의 역할은 무엇이라고 보십니까?
: 그는 산업 협회를 규제당국과 시장을 잇는 ‘번역 계층’이라고 표현했다.
“TDAA는 정책 대화, 컴플라이언스 기준 상향, 국제 협력을 통해 디지털 자산 산업 전체의 신뢰도를 높이는 데 집중하고 있습니다. 높은 컴플라이언스 수준을 갖춘 시장일수록 장기적으로 기관 자본을 끌어들이고 지속 가능성이 높아집니다.”
“디지털 자산은 글로벌 금융 인프라의 일부가 될 것”
Q. 향후 3~5년, 컴플라이언스를 갖춘 디지털 자산의 미래를 어떻게 보십니까?
: “규제 수렴은 더 진전될 것이고, 컴플라이언스는 ‘사후 대응’이 아니라 설계 단계부터 내재화된 기능이 될 것입니다. 전통 금융과 Web3의 결합도 본격화될 것입니다.”
Colin Chen 회장은 TheMoonGroup과 TDAA를 통해 “글로벌 기준에 부합하는 AML/CFT 기술 확산과 규제당국에 대한 기술적 지원을 이어가며, 신뢰받는 디지털 자산 생태계를 구축하는 데 기여하겠다”고 밝혔다.
(사진 앞줄 좌측 다섯번째가 Mr. Colin Chen, Chairman of the Taipei Digital Asset Association )
[Northeast Asia AML/AFC Experts Conference – Relay Interview ]
④ “Digital Asset Regulation Is No Longer an Experiment, but an Institution”
Colin Chen, Chairman of the Taipei Digital Asset Association, on the Next Phase of Global AML/CFT
(Seoul, FintechToday – Reporter Myung Su Im)
In late November, the “Northeast Asia Five-Region AML/AFC Experts Symposium,” held at the IFC Forum in Seoul, brought together regulators, financial institutions, and digital asset and blockchain security companies from China, Hong Kong, Macau, Taiwan, and South Korea. The event marked the first joint platform in the region dedicated to discussing strategies to combat financial crime in the era of digital assets.
Through a series of relay interviews with leading international experts who participated in the symposium, FintechToday is taking an in-depth look at the realities facing AML and AFC cooperation in Northeast Asia, as well as its future direction.
The fourth interview in this series features Mr. Colin Chen, Chairman of the Taipei Digital Asset Association (TDAA). Mr. Chen leads the compliance technology firm TheMoonGroup and has long served as a bridge between regulators, the financial sector, and the Web3 industry, representing Taiwan’s digital asset ecosystem.
In this interview, Mr. Chen emphasized that global AML/CFT regulation for digital assets and stablecoins has already moved beyond the “experimental phase” and entered a stage of institutionalisation. He noted that corporate competitiveness in this new environment no longer hinges on technology alone, but increasingly on regulatory readiness and the ability to design robust, compliance-by-design frameworks.
Q1. From a global perspective, how do you assess the current stage of AML/CFT regulation for digital assets and stablecoins?
A1: I would describe the current stage as a transition from experimentation to institutionalization.
Over the past five years, we have seen a clear global convergence around the FATF standards for virtual assets and VASPs, especially Recommendation 15 and the Travel Rule.
Many jurisdictions now apply traditional AML/CFT expectations to crypto in a “same activity, same risk, same regulation” manner, even if their technical frameworks differ.
At the same time, leading markets are moving from principle-based statements to very detailed, operational requirements. The European Union’s MiCA framework, for example, sets very concrete expectations for licensing, governance and market abuse prevention for crypto-asset service providers and stablecoin issuers.
Hong Kong is doing something similar with its new regime for fiat-referenced stablecoin issuers, which brings reserve management, redemption mechanisms and risk controls into a single, coherent framework.
However, implementation is uneven. Some jurisdictions have very mature regimes, while others remain in a “wait-and-see” mode or focus mainly on bans. This creates regulatory arbitrage risks and makes cross-border compliance more complex. As a compliance technology provider and as part of 台北數位資產商業同業協會(Taipei Digital Asset Association, TDAA), our role is to help institutions navigate this patchwork while still meeting the highest global standards, not just the minimum local requirements.
Q2. What are the main global trends you see in stablecoin regulation, and how should issuers and financial institutions respond?
A2: Globally, I see three dominant trends in stablecoin regulation:
1. Emphasis on reserve quality and transparency.
Regulators now look very closely at the composition, valuation and segregation of reserves, as well as the frequency of disclosure. The direction of travel is towards bank-like expectations for large stablecoins that may have systemic impact.
2. Stricter redemption and risk-management requirements.
Authorities are asking: “Can users always redeem at par, in a timely manner, even under stress?” That means clear redemption policies, robust liquidity buffers and realistic stress-testing. The new stablecoin frameworks in the EU and Hong Kong embody this approach.
3. Integration with broader financial stability and payment policy.
Stablecoins are no longer seen only as a crypto product. They are now part of discussions about payment systems, capital markets and even monetary sovereignty. Central banks and securities regulators are both getting involved.
For issuers and their banking partners, the response should be:
● Design products to be “regulation-ready”. Assume that more stringent reserve, disclosure and governance requirements are coming, and build them into your product from day one.
● Adopt real-time, on-chain AML/CFT controls. Generic transaction monitoring is not enough. You need behaviour-based risk scoring, link analysis and screening for typologies like mixers, darknet markets and ransomware, leveraging KYT and blockchain analytics tools.
● Prepare for cross-border supervision. Large stablecoin issuers must expect scrutiny from multiple regulators. Having transparent data, auditable processes and strong technology partners makes those conversations much smoother.
At 萬旭浤資訊科技(TheMoonGroup), our focus is to provide exactly these kinds of monitoring, risk-scoring and reporting capabilities so that issuers and banks can treat compliance as a built-in feature rather than an after-thought.
Q3. When banks and other financial institutions conduct Enhanced Customer Due Diligence on VASPs, what global best practices do you recommend?
A3: Enhanced Customer Due Diligence on VASPs is now a core part of correspondent banking and fiat on-/off-ramp relationships. From a global perspective, I would highlight three best practices:
1. Move from “checklist KYC” to a true risk-intelligence model.
Financial institutions should evaluate VASPs using a multi-factor framework, including:
○ Regulatory status and quality of supervision in home and major operating jurisdictions.
○ Business model and product complexity (e.g. derivatives, leverage, DeFi access).
○ Strength of AML/CFT governance, technology stack and independent audits.
○ On-chain behaviour, including exposure to high-risk counterparties and jurisdictions.
2. Combine off-chain documentation with on-chain analytics.
Traditional questionnaires and policy reviews are necessary but not sufficient. Banks should complement them with KYT tools that continuously monitor the VASP’s wallets and flows, flag unusual spikes in risk exposure and analyse interactions with mixers, high-risk services or sanctioned entities.
3. Treat ECDD as a living process, not a one-time gate.
The risk profile of a VASP can change quickly, for example when it enters a new market or launches a new product. Institutions need dynamic risk reviews, triggered by on-chain indicators, news signals or material changes in the business.
Through our work with 台北數位資產商業同業協會(Taipei Digital Asset Association, TDAA), we encourage both VASPs and banks to adopt this “continuous due diligence” mindset, so that long-term partnerships are built on transparency and shared risk understanding.
Q4. DeFi, NFTs and tokenised real-world assets are growing rapidly. What are the biggest AML/CFT challenges here, and how can technology help?
A4: DeFi and tokenisation are exciting because they can improve capital efficiency and market access, but they also challenge traditional AML/CFT frameworks in three ways:
1. Blurred lines between intermediaries and infrastructure.
In DeFi, responsibilities are spread across protocol developers, governance token holders, front-end operators and liquidity providers. Regulators are still debating who should be treated as a VASP. Until this is settled, institutions must apply a conservative, risk-based approach.
2. High use of non-custodial and cross-chain tools.
Non-custodial wallets, bridges and privacy-enhancing technologies are attractive for legitimate users and criminals alike. This makes traditional, account-based monitoring less effective and increases the importance of on-chain pattern analysis.
3. Complexity of asset classification.
Tokenised assets can represent securities, commodities, payment instruments or entirely new categories. The legal classification determines the applicable rules, and misclassification can create serious regulatory gaps.
To address these challenges, we advocate:
● Protocol-level and wallet-level risk scoring, using graph analytics and machine-learning models to evaluate counterparties even when identities are not directly known.
● Integration of compliance checks into user interfaces and smart contracts, for example denying access to known high-risk addresses or regions and embedding Travel-Rule-ready data flows.
● Close collaboration between developers, compliance teams and regulators, so that new products are designed with a clear view of their regulatory perimeter from day one.
This is precisely where RegTech companies like 萬旭浤資訊科技(TheMoonGroup) can bridge the gap between innovation and compliance, turning complex on-chain data into actionable risk signals.
Q5. How do you see the role of industry associations, such as 台北數位資產商業同業協會(Taipei Digital Asset Association, TDAA), in shaping responsible innovation in digital assets?
A5: Industry associations are becoming critical “translation layers” between regulators, traditional finance and Web3 builders.
In TDAA, we focus on three roles:
1. Policy dialogue and knowledge sharing.
We bring together regulators, banks, exchanges, startups and academics to discuss global regulatory trends, from FATF guidance to MiCA and the latest stablecoin and securities-token regimes. This helps local stakeholders benchmark themselves against international best practices, not just local rules.
2. Raising the baseline of compliance.
By publishing guidelines, organising training and sharing typologies, we help smaller firms and new entrants build robust AML/CFT frameworks more quickly. This reduces the risk that a few bad actors damage the reputation of the entire market.
3. Building international bridges.
Taiwan has strong strengths in technology and financial infrastructure. Through cross-border collaboration with associations and institutions in other regions, we can contribute our technical expertise and learn from their regulatory experience, creating a healthier global ecosystem.
Ultimately, our goal is to show that innovation and investor protection are not in conflict. A high-compliance digital asset industry is more attractive to institutional capital and more sustainable over the long term.
Q6. Looking ahead three to five years, what is your vision for the future of compliant digital assets, and how do you plan to contribute?
A6: I believe the next three to five years will bring three major shifts:
1. Regulatory convergence with local nuance.
While details will differ, most major jurisdictions will align around a core set of standards for licensing, AML/CFT, market integrity and consumer protection. This will reduce regulatory arbitrage but increase expectations on governance and technology.
2. Compliance as a built-in feature of financial infrastructure.
We will move from separate compliance systems to compliance-by-design infrastructure: smart contracts with access controls, interoperable Travel Rule messaging, and on-chain proof of reserves and risk. Technology will make good compliance cheaper and bad compliance harder.
3. Deeper integration between traditional finance and Web3.
As tokenisation and stablecoins mature under clear rules, we will see more banks, asset managers and real-economy firms using blockchain rails. The winners will be those who combine strong risk management with user-friendly experiences.
My personal ambition, through 萬旭浤資訊科技(TheMoonGroup) and 台北數位資產商業同業協會(Taipei Digital Asset Association, TDAA), is to:
● Help financial institutions and Web3 companies adopt advanced AML/CFT and risk-management tools that meet global standards.
● Support regulators with technical insights, so that rules are both effective and innovation-friendly.
● Position our ecosystem as a trusted, globally connected hub for compliant digital asset business.
If we can achieve that, then digital assets will no longer be seen as a parallel system, but as an integrated, secure layer of the global financial infrastructure.