Safeguarding cryptocurrency

Can an effective identity verification process become a competitive advantage for crypto exchanges while safeguarding their customers? Interview of Garient Evans from Trulioo by The Paypers.

Garient, how would you portray the current crypto industry?

As crypto becomes more mainstream, users represent a wider range of views. The traditional crypto enthusiast was someone on the cutting edge of the tech world, but now we’re seeing a variety of investors who are drawn to it as another asset class.

There is a lot of excitement in the industry and great potential for future use cases. Specifically, I see a significant opportunity for improving payments, especially cross-border. Much lower fees make a big difference for people in developing countries. There are many other opportunities, from new ways to operate investment vehicles to ways to value and trade creative assets.

But many of the models are still in development and there are no clear regulatory frameworks to handle the diversity of ideas. Without clarity, developers and investors have to worry about lawsuits or rug-pulls. A lot of things can go wrong.

Regulation is coming, it’s just a matter of time. As long as the regulations are clear, fair, and reasonable, they will be good for the industry; people will know what types of licences to apply for, what types of activities to include and what to avoid. Perhaps most importantly, regulations will create consumer protections that will eventually broaden the appeal of the crypto market to even more audiences.

What would your experience with crypto products be? What would you like to see in terms of the use of your digital identity?

At Trulioo, one of our largest customer bases is crypto exchanges so we have a lot of experience working with industry leaders on developing best practices.

There are two main factors to consider, trust and privacy. On the trust side, as crypto is dealing with financial information, there needs to be an understanding of who the customer is and the risks posed, which is where Know Your Customer (KYC) comes into play. No one wants to be ripped off or be an unwitting actor in financial crimes or money laundering, so effective identity verification helps establish the legitimacy of the user and creates trust when transacting with them.

Simultaneously, there is an emphasis on privacy within the crypto industry and that cannot be swept aside. Finding a balance between trust and privacy is imperative.

Right now, the major exchanges require KYC and I see that expanding to other industry services. But ensuring personal information is kept as private as possible and is only shared under certain circumstances is crucial. Finding ways to both strongly protect private information and ensure compliance and fraud protections will be the way forward.

Now let’s switch the user’s hat with the one of a regulator. How does the crypto industry look now?

Regulators looking at the crypto industry have three top priorities: first, they are focused on protecting consumers from illicit crypto companies (think scammers, or unstable companies, those vulnerable to ATO). Second, regulators are working to ensure that crypto isn’t being used to facilitate nefarious activities by bad actors including terrorist organisations, criminals, rogue nations and money launderers. Third, regulators are putting in place the same standards with regards to transparency, taxes, insurance, and equality that is required of the traditional financial services space.

Are you happy with the anonymity of crypto? What should crypto exchanges keep top of mind as governments consider new regulations?

A better way to describe most crypto would be pseudonymous. While there are some privacy coins that make it difficult to track down the identity of the owner, most blockchains have a permanent record of all transactions. And there are ways to uncover who the actual owner of an account is. So it’s not truly anonymous.

With the Travel Rule, exchanges need to understand the originator and beneficiary information of transactions; who is behind the account of someone you are trading with? This comes from a Financial Action Task Force recommendation and is a work in progress. Different countries are looking at different thresholds for the requirement. There are different industry groups working on solutions. As crypto is cross-border, and there are many different players with different capabilities, it's difficult to standardise one workable solution.

This is where fair and reasonable regulations should be considered. Should crypto have different thresholds than other financial sectors? Should crypto be treated as an investment, as an alternative payment, or as a fiat currency? Is making requirements too complicated to implement useful to regulators? The crypto industry will need to solve this, but let's hope that there’s a risk-based approach to the current situation and the industry is given enough time to properly solve what is a very complex problem.

How can a crypto service provider balance anonymity and KYC so that both clients and regulators are happy?

Crypto service providers need to do KYC. End of story. Just like bank accounts or broker accounts, all financial service companies have to do their due diligence as part of their licence obligations. Operators that don’t follow the rules will be forced to non-compliant jurisdictions and eventually shunned entirely by legitimate operators.

Ultimately, it’s up to the providers to protect the privacy of their clients. As regulations become clearer about what information must be legally disclosed, and under what circumstances, there might be a competitive advantage for exchanges that are considered more privacy-centric.

How can digital identity verification help keep exchanges in line with the evolving legal requirements while establishing trust with their consumers? With what results?

It’s about providing a relatively quick and seamless onboarding experience. When people come in, they are excited, they want to start transacting and get their first Bitcoin. They don’t want to fill in super long forms or do all these complicated procedures. Or, worst of all, wait for approvals.

So, the idea is to get them signed up with the least amount of friction possible. Having a tiered approach often makes the most sense. If they are a newbie and not transacting a lot, what is the risk level? So, at that point, it might be checking the bare minimum legal requirement to get them an account.

After that, you can always ask for more information, depending on their activities, or some other risk assessment. It’s important though to explain to them the requirements, what they need to do and why.

Often, the easiest way to get started is using digital identity verification. The person just provides some basic identity information in a form, and they can start. Behind the scenes, you can run numerous checks on the information to help ensure compliance, detect fraud, and perform other risk-mitigation strategies.

This article first appeared on The Paypers.