KYC & Crypto
What is KYC for crypto and why does it matter?
Understanding Know Your Customer requirements for cryptocurrency exchanges
What is KYC?
KYC is a set of procedures critical to assessing customer risk and is legally required to comply with Anti-Money Laundering (AML) laws. Effective KYC involves knowing a customer’s identity, financial activities and risk.
What is KYC crypto?
KYC crypto is a set of steps cryptocurrency exchanges take during onboarding to verify customers’ identity and perform due diligence to understand their financial activities and risks. Those steps are legally required and, when executed correctly, should be relatively quick, seamless and secure.
The crypto company obtains identifying information such as:
- Legal name
- Date of birth
- National ID number
Each country has different requirements. Some require presenting ID documents. Often, though, customers can fill out an online form with their identity to quickly get an account.
Behind the scenes, the crypto company uses an identity verification service to prove the identity, ensuring it legitimately and accurately represents the person. Those identity procedures help protect the exchange and the financial system from money laundering, fraud and other financial crimes. Legal obligations and advanced security technology preserve account information. In summary, getting KYC for a crypto account is a normal, safe and easy process.
What is crypto AML?
Crypto Anti-Money Laundering (AML) covers the requirements for regulated exchanges to prevent criminals from performing transactions. The goal is to stop illicit funds from entering the legitimate financial system.
KYC is part of AML, but AML also includes creating and enabling policies, training, designated responsibilities and review procedures. Screening accounts against , monitoring transactions and having an adaptable risk-based approach helps ensure an exchange is compliant with AML regulations.
What are KYC standards?
KYC standards help safeguard regulated organizations (such as banks, credit unions, financial firms and crypto exchanges) against fraud, corruption, money laundering and financial terrorism. KYC measures also inform investment advisors about a client’s risk tolerance and financial position.
Essentially, crypto exchanges must ensure their clients are who they claim to be. Several steps comprise KYC measures:
- Establish customer identity
- Understand the nature of clients’ financial activities and the legitimacy of their funding source
- Assess money laundering risks associated with customers
The KYC process can include digital identity verification, facial verification, biometric identification and ID document verification.
KYC procedures are essential to ensuring the safety and security of relationships and transactions between crypto exchanges and their clients by assessing and monitoring risk or suspicion of illegal activity. Exchanges may pause a business relationship or refuse to open an account if a client fails to meet the minimum mandatory KYC requirements. The pressure to conform to KYC standards increases as crypto becomes more mainstream and regulators ramp up penalties and fines.
Are crypto exchanges a money service business?
In the U.S., AML and KYC measures are mandatory for most crypto exchanges because they are defined as money service businesses (MSB) under federal regulations. According to the Financial Crimes Enforcement Network (FinCEN), the Bank Secrecy Act (BSA) applies to companies that involve cryptocurrencies:
“The definition of a money transmitter does not differentiate between real currencies and convertible virtual currencies. Accepting and transmitting anything of value that substitutes for currency makes a person a money transmitter under the regulations implementing the BSA.”
MSBs must register with FinCEN and are subject to AML controls and regulatory compliance regarding record keeping and reporting requirements.
KYC and crypto exchanges
With crypto exchanges, financial transactions can instantly connect consumers and financial institutions in the digital space. Unfortunately, with such ease of use, the digital space is also the perfect breeding ground for illicit activity and privacy invasions.
While integral to AML compliance on a global level, compliance with KYC is challenging because:
- Regulations differ by jurisdiction and are in constant flux
- Different solutions use varying technology
- New models and innovations introduce unique challenges
- Global markets and decentralized channels create loopholes and uneven enforcement.
KYC requirements do not have a single definition or rigidly accepted course of compliance across different countries and institutions, making for highly varying and confusing verification requirements between exchanges.
With hundreds of providers in the market, deciding which crypto trading platform to use can be challenging. But exchanges with strong KYC requirements demonstrate they understand compliance requirements and take those obligations seriously. The top crypto exchange platforms require identity verification procedures to meet KYC requirements.
If an exchange cuts corners on KYC, what other protections are they missing?
Some other crypto exchange considerations include:
- Ease of use
- Security and privacy measures
- Reasonable trading fees and requirements
- Coin availability
Case study: MetalPay – Fast and safe onboarding
What’s next for KYC and cryptocurrency?
Improved KYC regulations can help address malicious financial and illegal activity to better protect the digital transaction space for financial institutions and customers. Those regulations and systems will continue to adapt to innovations that can create opportunities and unique risks and threats.
Following Financial Action Task Force (FATF) recommendations, regulators are increasing requirements for the Travel Rule,
“… obligations to obtain, hold, and transmit required originator and beneficiary information in order to identify and report suspicious transactions, monitor the availability of information, take freezing actions, and prohibit transactions with designated persons and entities.”
Different industry groups are working to create coordinated systems to deliver solutions effectively.
Decentralized finance (DeFi) uses smart contracts to perform functions that were the sole domain of financial entities. The World Economic Forum suggests:
“Open-source technology, economic rewards, programmable smart contracts and decentralized governance might offer greater efficiencies, opportunities for inclusion, rapid innovation and entirely new financial service arrangements.”
Any DeFi protocol that enables financial transactions without KYC is a potential magnet for transferring criminally tainted funds sourced from such activities as bribery and corruption, fraud, ransomware, narcotics and terrorism.
Non-Fungible Tokens (NFTs) are mathematically provable as unique, and their ownership is verifiable on a public blockchain. NFTs aren’t just fancy digital collectibles but are a way to bring foundational business concepts such as ownership and contracts into the rapidly developing web 3.0 platforms.
Without effective KYC, money launderers can quickly and easily convert tainted funds into NFTs, hide their assets or cover the money trail with multiple NFT transactions.
Custodial vs. noncustodial crypto wallets
A customer’s crypto holdings reside on a blockchain, but how can a customer access them? A crypto wallet contains a customer’s private keys, or passwords, to keep crypto assets secure and accessible. People can use a custodial or noncustodial wallet to store their funds. Most crypto wallets are custodial, where a third party controls the private keys and holds more responsibility for fund security.
In eliminating third-party control, noncustodial, or unhosted, wallets give consumers total control over their private keys and funds. They also provide anonymity because they don’t require registration with regulated exchanges.
KYC requirements around anonymous crypto wallets are not defined, but both the U.S. and the EU are starting to investigate the issue.
According to Meta (Facebook), “The metaverse is the next evolution of social connection.” As the use of virtual worlds increases, how will people interact and transact safely?
“I think cryptocurrency will become the coin of the realm for the metaverse. It just makes sense,” said Hal Lonas, Trulioo CTO. “And all those same concerns will travel with crypto into the metaverse. As we look at that financial bridge, as money moves across the boundary,” it will require scrutiny.
Why KYC is essential to cryptocurrency’s longevity?
KYC regulations improve cryptocurrency systems by decreasing customer risk factors, improving fraud prevention and deploying AML standards. A highly functioning and well-regulated identity verification system helps make digital transactions more secure for people and businesses. Compliance with KYC regulations also increases consumer satisfaction in crypto by creating trust and safety for the industry.
As Garient Evans, senior vice president of Identity Solutions at Trulioo, states:
“Crypto service providers need to do KYC. End of story. Just like bank accounts or broker accounts, all financial service companies have to do their due diligence as part of their license obligations. Operators that don’t follow the rules will be forced to noncompliant jurisdictions and eventually shunned entirely by legitimate operators.
Ultimately, it’s up to the providers to protect the privacy of their clients. As regulations become clearer about what information must be legally disclosed, and under what circumstances, there might be a competitive advantage for exchanges that are considered more privacy-centric.”
Understanding the regulation measures necessary to protect their institution and consumers can help businesses engaging in cryptocurrency transactions. KYC is essential to crypto, and organizations that excel at it are positioning themselves for growth.