Over the past few years, buying top digital currencies such as Bitcoin and Ether is common in off-exchange trading. The utilization of digital assets at a corporate level is quite promising. The cash management is revolutionizing, which is revamping the conventional payment flows using blockchain. Here is how to know the “know your customer” regulations in the crypto exchanges.
Corporate banking entities use a distributed ledger where all the transactional information is stored.
An end-to-end process pledges a level of assurance to all the parties that have participated in the fund pool and their security. Digital currency services have eliminated the intermediaries and reduced the cost of all the payment transfer infrastructure for transaction records and security.
Before diving deep, let’s look into the types of exchanges active today in the crypto market:
Crypto exchanges are divided into two major groups: “fiat-to-crypto” and “crypto-to-crypto” exchanges.
The exchanges perform ‘due diligence measures’ as they deal with the fiat money. The exchanges are required to conduct business with financial institutions.
It’s therefore required to perform stringent KYC procedures to ensure a clean customer base before doing business with the entities. In fiat-to-crypto exchanges, fiat money enters into the market of cryptocurrency.
The exchanges allow exchanging the fiat currency with the supported digital assets. For exampl,e dollars for ether.
The crypto-to-crypto exchanges allow the users to exchange one cryptocurrency for the other. These are online platforms like stock/currency exchange. Here, buyers and sellers trade are performed based on the current price in the cryptocurrency market.
Exchanges play as a middle-man. One cryptocurrency is exchanged with another type of cryptocurrency to get profit.
Other than the Bitcoin and Ether, there are other altcoins, and to buy them, people will need a crypto exchange. The exchanges are an important component of the whole crypto market. The investments, buying, and selling take place through a crypto exchange as an intermediary.
Investors and stakeholders are facilitated through exchanges. Now, most of the time unknowingly, bad actors participate in the crypto network and perform financial crimes such as money laundering and other malevolent activities.
The global regulatory scrutiny has pinpointed the crypto exchanges to undergo stringent ‘customer due diligence’ measures to deter the risk of financial frauds.
The fifth Anti Money Laundering Directive (AMLD5) has clearly declared the need for identity verification measures of each customer opt to participate in the crypto exchanges. AMLD5 obligations include Know Your Customer (KYC) compliance, Anti Money Laundering (AML), and Combating the Financing of Terrorism (CFT) compliance.
Crypto exchanges across the globe are required to verify each onboarding customer against the identity verification parameters to make sure that no bad actor is facilitated. Such critical concerns make KYC and AML compliance mandatory for the crypto exchanges that ensure a filtered clean customer base.
Components of Know Your Customer
KYC refers to a set of processes and procedures adopted by businesses to identify and verify the identity of onboarding customers to deter the risk of fraud and final crimes. KYC fundamentally incorporates four elements: identification procedures, acceptance policy, risk management, and transaction monitoring.
The concern of the KYC verification process in cryptocurrency is as a result of money laundering. Through stringent identity verification procedure, crypto exchanges can fight against the acts of terrorism and money laundering. KYC verification includes verification of an individual against the collected information such as name, address, date of birth, etc.
How crypto exchanges approach regulatory obligations?
As per regulatory compliance, KYC verification needs to be done throughout the customer lifecycle. A distributed ledger or blockchain is a complex infrastructure that holds the record of all transactions.
Using strong cryptography, the blocks are encrypted to make it hard for an unauthorized entity to access it or temper it. There are a total of four levels in which KYC verification is divided. These are:
Customer Acceptance Policy (CAP):In this stage, a company makes a document containing the details on the basis of which customer is allowed to make a relationship with its customers. The company selects a customer only if their identity is credible and is found appropriate after assigning a risk rating in the process of customer due diligence.
Customer Identification Program (CIP):This is a stage in which customer identification is done to ensure that a company can continue financial transactions with a customer.
Risk Management:Customer identification is done and a rating is given to the profile as per the risk associated with the customer.
Continuous Transaction Monitoring:Throughout the customer lifecycle, transactions should be monitored continuously to identify suspicious transactions if any.
The current state of regulatory compliance in Crypto Exchanges
With respect to compliance, the current situation in crypto exchanges is not that satisfactory or we can say it is not according to the obligations of regulators. It is studied that two-third of crypto exchanges fail to strongly comply with the regulations. They have a vague understanding regarding molding the operations according to the requirements.
Crypto exchanges ask for name, email address, and contact number, nothing else, which is not enough information for customer verification. This is the reason that banks and financial institutions prefer not to work with crypto exchanges.
After the evaluation, it is found that some crypto exchanges now ask primary documents from the customers such as a photograph, passport, and a written certificate. However, these pieces of information might not be enough to conduct a proper KYC procedure.
Some exchanges perform low-level compliance, for example a crypto exchange, Binance asks its customers to provide a passport at the time of sign-up. With this, security concerns about user personal data collection are raised. However, some exchanges do not even ask for this information.
Reasons why crypto exchanges overlook compliance procedures
Regulatory scrutiny has shown a lack of adoption of regulatory demands in cryptocurrency exchanges. Following are the reasons why crypto exchanges do not take into account regulators:
- The crypto market is in full swing.The competition between the pool of exchanges disregards the regulatory obligations. Ther customers find KYC procedures cumbersome due to which exchanges prefer not to include them in their operations.
- KYC compliance is a time taking process.It takes hours for crypto exchanges, just like commercial banks to perform customer due diligence that increases customer drop-out rate.
- The cost to undergo KYC proceduresin an organization is too much. Banks are already spending millions of dollars every year on ‘due diligence’ measures. The similar norms to take into account as compliance costs for crypto exchanges can become critical.
- There are vague statements.Crypto exchanges find hard times in analyzing the requirements of KYC and AML regulations in the light of virtual assets. Whether the industry is supposed to undergo KYC compliance, exactly the banks do or there s some leverage.
- Regulatory bodies such as FATF and AMLD5 enforce the adoptionof KYC/AML/CFT compliance on virtual currency service providers that perform ‘customer due diligence’ measures. For example, from identity verification to transaction monitoring and record-keeping to reporting suspicious transactions. Further elaboration for crypto exchanges is required by regulators to act accordingly.
The highly complex financial infrastructure of blockchain is out of the scope of regulators who face a hard time understanding the flow. However, the anonymity factor in the cryptocurrency paves the paths for criminal activities for whom the platform is not less than a haven.
Similarly, financial crimes such as money laundering and terrorist financing are facilitated through them due to which crypto exchanges are under the red zone of regulatory scrutiny. As per regulatory requirements, there is a need for proper KYC/AML procedures in the crypto industry to make it transparent in the whole financial market.
Crypto exchanges are in need of the right direction and clear testaments by regulatory authorities with respect to the compliance requirements. However, another challenge of balancing the high compliance costs can be solved by utilizing the third-party compliance solutions that align according to the requirements of global and local regulators.
If one crypto exchange takes the initiative of adherence to compliance, to maintain the reputation, other cryptocurrency platforms would definitely contribute their devotion and cost to such measures.
James Efron is a tech enthusiast, currently serving as infosecurity management expert at Shufti Pro . He has been involved in designing organisational strategies for tech firms, and is often found assisting digital transformations.