How-To Guides: Beginner

What Are KYC and AML?

By Jinia Shawdagor | July 1, 2021

Preventing illegal transactions through money laundering and other illegal activities is one of the biggest problems financial regulators need to solve today. Unfortunately, even as technological advancements make it easy to make borderless payments, the cryptocurrency industry stands as one of the ripest venues for criminal activity through money laundering.

This challenge of identifying and preventing illicit transactions is already out of hand in the world of traditional finance, where reports indicate how U. S banks alone handle trillions of dollars in suspicious transactions.

If a solution was to be found, such a solution would require the collaboration of all stakeholders to create a robust method of tracking and identifying illicit transactions. Could blockchain be the missing link to solving this problem?

In this article, we take a detailed look at what KYC/AML requirements are all about as we discuss the impact of regulatory compliance on crypto exchanges and the crypt industry at large. 

What is KYC? 

KYC stands for ‘know your customer,’ and it is a term used to refer to client or customer verification process. Payment service providers implement KYC while verifying the identity of their customers. The objective of implementing KYC processes is to discern with a high degree of confidence the true identity of clients on a platform and identify or even prevent fraud, terrorist financing, or money laundering.

KYC rules are designed to work in concert with Anti-Money Laundering (AML) regulations to mitigate risk and protect the overall integrity of financial institutions. Financial institutions can establish a clear reputation with regulators by screening the identity of their customers through a KYC process, therefore, keeping bad actors off the books. 

The KYC Process

In most cases, regulators will leave the regulated entities the freedom of picking their own KYC process. Therefore financial entities determine what rules are appropriate based on a risk-based determination. 

In most cases, the KYC program will include a Customer Identification Program (CIP) where the financial institution identifies the identity of the customer. Here, the specific documents required for verification may vary depending on the jurisdiction or organization. Typically, customers and clients of a financial entity will be required to upload the following documents:

  • Customer’s portrait and ID proof
  • Proof of physical or residential address
  • Full government names
  • Phone number or email
  • A copy of the customer’s passport 
  • Social security number
  • Driving license or passport

Other KYC components include Customer Due Diligence (CDD) where a thorough background check of the client is conducted to understand any risks a new client could bring to the company. In some cases, companies will use an enhanced due diligence process as part of their KYC where trained compliance officers will be deployed to vet the entity or individual partnering with the company.

Lastly, some companies will implement ongoing monitoring as part of their risk management KYC process where the financial institution continues to oversee its customers and their transactions consistently and thoroughly to nip any suspicious behavior. 

Origin of KYC 

Global financial regulations are heavily influenced by policies and laws that shape the United States and even though the country has had decades of regulatory requirements for financial service providers to curb financial crime, it was until 2001 that KYC laws emerged.

KYC requirements were introduced as part of the USA PATRIOT Act that required the compliance of financial service firms. The law was further extended to the FinTech sector in 2016 after an update by the Financial Crimes Enforcement Network (FinCEN) declared virtual currency exchanges as money services businesses. This meant that crypto exchanges now had a KYC and AML obligation similar to Banks.

KYC in crypto

There is still a lot of regulatory uncertainty when it comes to KYC in the crypto space as the industry is still young and regulators are yet to catch up. However, there are varying levels of KYC programs on crypto exchanges. Some exchange platforms bring on new customers without any kind of KYC processes however they limit functionality allowing such customers to only deposit or withdraw small amounts. In most cases, customers will be required to go through additional KYC processes to withdraw large sums of money or unlock certain features on the platform. There is also a growing number of decentralized exchanges that do not require any KYC procedures. 

What is AML (Anti-Money Laundering?)

Money laundering is an illegal activity where the money gained from criminal activity is made to appear as if it comes from legitimate sources. The money is considered dirty money and through some elaborate means, it is “laundered” to appear clean.

Anti-money laundering, therefore, is an all-inclusive legal term referring to the rules and procedures set in place to enable financial institutions to identify and prevent illegal transactions. There are several illegal activities that AML regulations target. These include tax evasion, illicit trading, misappropriation of public funds, and market manipulation.

Annually, hundreds of millions are laundered through the global banking system as regulators fear cryptocurrencies could become the next big instrument for laundering money across the globe. 

Even though various jurisdictions worldwide develop their own AML procedures, the Financial Action Task Force acts as a watchdog institution that updates regulations as well as overseeing the measures set to curb domestic money laundering activities. 

The Financial Action Task Force (FATF) is an intergovernmental body that develops AML rules applicable worldwide. This global financial watchdog institution investigates money laundering and terrorist financing activities to limit financial crimes. FATF also audits the AML programs of countries holding governments accountable when not in compliance with FATF recommendations. 

In the US, the Financial Industry Regulatory Authority (FINRA) oversees and reviews the integration of AML procedures across different financial firms. While it is up to the financial firms to administer AML training to company employees, FINRA sets the minimum standards of the AML compliance programs implemented by the company. 

Given that AML is an umbrella term denoting all the measures financial institutions take to prevent illegal transactions, KYC (Know Your Customer) is an important part of AML compliance programs as it is used to verify a customer’s identity.

AML in crypto

A majority of crypto institutions are still behind on their implementation of AML processes; however, as the industry is still developing, regulatory requirements are constantly changing. Interestingly, tracking transactions in the crypto world is easy thanks to the blockchain as crypto exchanges can build cyclic graphs to identify transactional movements. 

Eliptic for instance develops compliance solutions that help crypto businesses and regulators detect and prevent financial crime in crypto assets. They use the Eliptic monitor that detects money flow with a visualized graph that distinguishes transactions based on several risk factors as shown in the image below.

KYC and AML

Image Source: Eliptic.com

Why is KYC/AML compliance important? (Who needs to comply?)

Even though crypto’s regulatory climate is uncertain, crypto-related businesses should still work towards implementing AML and KYC processes as employing a robust KYC/AML process will help reduce scams and loss of cryptocurrencies. The unregulated nature of the crypto market leaves an open door for bad actors to launder millions of dollars. If exchanges can implement KYC/AML procedures, the authorities will have an easier time identifying suspected scammers and criminals. 

KYC and AML procedures also hold the keys to mainstream adoption as implementing KYC/AML processes will protect crypto exchange users from exposure to illicit financial activity thereby making exchange platforms safer for the masses. 

What’s more, crypto exchanges will establish a positive relationship with regulators by being compliant with local rules and regulations. Most exchanges are illegal in many countries because regulators are concerned about the safety of their citizens in terms of exposure to non-compliant financial services. By being compliant with local as well as international KYC/AML laws, crypto exchanges can perhaps regain a positive stance among regulators. This can have a stabilizing effect on the crypto market. 

KYC and AML laws matter as they can help the crypto industry build transparency as well as trust between customers which is great for crypto projects looking to raise funds from the public.

Overall, any financial institution that provides a payment service or other financial services needs to comply with AML/KYC laws. Crypto-related businesses are particularly vulnerable to regulatory scrutiny and any sign of failure to comply can be catastrophic for the business as well as its shareholders. 

How KYC and AML affect exchanges. (Why they need KYC and AML)

Crypto exchanges need KYC and AML compliance as they are a perfect fit for criminals looking to launder money or perform other illicit financial transactions given the hundreds of billions in trading volume that are transacted across crypto exchanges daily. 

While it is possible to curb money laundering through crypto exchanges that have adopted KYC and AML processes, a recent study shows that up to 69% of crypto exchanges lack proper and transparent KYC and AML programs. 

Crypto exchanges need to implement effective KYC and AML programs that include a Customer Acceptance Policy, a Customer Identification Program as well as ongoing monitoring of transactions. These procedures will help exchanges manage risks and identify any suspicious transactions.

Crypto projects and their KYC compliance status

Big and popular crypto exchanges such as Gemini and Coinbase have made attempts to implement AML processes. However, some platforms still have questionable policies. Here is a look at how crypto exchanges perform when it comes to KYC/AML compliance

Gemini

Gemini is one of the popular crypto exchanges in the crypto space and offers a platform for both beginners as well as advanced traders. The exchange was founded by the Winklevoss twins who famously sued Mark Zuckerberg over the creation of Facebook. Gemini boasts of being fully regulated with compliance across more than 13 regulatory environments. Funds withdrawal on Gemini requires users to go through a full KYC process. Some of the details required include an address and valid phone number as well as a social security number and email. 

Coinbase 

Coinbase is a well-established crypto exchange and the largest crypto exchange in the US. Launched in 2012, Coinbase offers unique security features such as an insurance service that covers its platform users from losses due to hacks or theft on the site. When it comes to KYC/AML compliance, Coinbase allows users to send and store crypto funds without going through the full KYC procedures. A user only has to submit their full name and an email address to get registered on the platform. However, trading crypto requires the submission of official documents. Coinbase also features an automated KYC tool that scores users based on the likelihood of them using the platform for illegal activity. 

Binance

Binance is known for being one of the biggest crypto exchanges in the world and offers traders a wide variety of crypto assets to pick from. Similar to Coinbase, Binance allows users to make trades and withdraw cryptocurrencies without completing their verification process. The platform however restricts withdrawal of large sums of cash to fully verified platform users. The challenge with Binance is that in a 2019 study the exchange was found to have loopholes in its KYC procedures. However, Binance has since taken steps to beef up its compliance procedures. 

Houbi Global

This exchange is a top player; however, its biggest market is the Asian market. Compared to the rest we have covered, Houbi Global does not implement any KYC procedures on its platform. Users can deposit, trade, and withdraw funds without any KYC processes. 

Companies offering compliance solutions

Crypto companies, unlike conventional companies, follow varying KYC procedures as the regulations deal with anonymous transactions on different blockchains. Therefore, most AML/KYC solutions are bespoke solutions designed to serve the need of a specified institution.

The following companies offer custom solutions for various crypto entities. 

Eliptic

This company is a pioneer of crypto compliance services and has worked to ensure compliance with big-time crypto companies such as Binance and Coinbase. The company was launched in 2013.

CipherTrace

CipherTrace claims to help its clients identify several patterns that indicate illegal activity. The company was founded in 2015 as a solution for the challenge of establishing KYC and AML processes. Crypto exchanges can use CipherTrace to block the trading of stolen funds.

Chainalysis

Chainalysis is popular especially when it comes to blockchain-related research. The company also offers AML solutions that help banks, businesses, and even banks trace the origin and destination of crypto-related transactions.

Regulatory procedures designed for the crypto industry

AML and KYC compliance can help cryptocurrencies remove the badge of a sector full of suspicious transactions. However, while KYC/ AML processes are a plus to the industry as well as to crypto enthusiasts, there are several challenges. 

These challenges include the cost of traditional KYC, as well the friction of manual integration between organizations given the fact that crypto KYC processes are not transferable between exchanges. 

Going forward, regulation is bound to increase and crypto exchanges will be required to implement even more stringent KYC procedures. Fortunately, we have highlighted some compliance solutions that can help crypto-projects achieve their goal.