KYC, AML and what they mean for crypto

While the terms anti-money laundering (AML) and know your customer (KYC) are sometimes thrown around interchangeably, they mean different things in practice and are far less clear when it comes to the cryptocurrency market.

Currently, the regulatory evolution of crypto varies widely around the world. Lax and inconsistent AML regulations across jurisdictions can result in financial crime and crypto scams exploiting cryptocurrencies and crypto consumers continue to increase. So, KYC and AML processes become essential protective measures against criminal activity.

The benefits of AML action

Anti-money laundering (AML) describes a range of compliance actions that financial institutions must take to ensure that they don’t facilitate illegal financial activities through their services.

Apart from the moral imperative to combat crime and promote healthy global financial services, taking action on AML has many tangible benefits for business, including:

• Keeping customer data secure across digital and physical channels
• Creating automated fraud detection services that can stand in the way of identity theft
• Using global customer databases to check the backgrounds of new customers and compare them against lists of sanctioned individuals
• Monitoring transactions closely and reporting illegal or suspicious activity
• Preserving and enhancing brand reputation and maintaining value for shareholders by avoiding association with criminal activity
• Reducing fines or costs associated with non-compliance where AML regulations apply

Preventing crime with KYC

Know your customer (KYC) is a subset of AML compliance focused on customer identity verification. One of the core activities involved in KYC checks is customer due diligence (CDD). CDD describes the type of identifying information your business must collect from customers to be able to confirm who they are. It covers business relationships with individual customers as well as business-to-business relationships, which can include activities like:

• Collecting personal information to verify a customer’s identity and prevent fraud before engaging in financial activity, and checking this against global watch lists or sanctions against individuals
• Collecting business information to understand a business customer’s structure, funding sources and beneficial ownership
• Creating risk profiles or conducting risk assessments – at this point, enhanced due diligence (EDD) may be done for customers identified as high-risk
• Monitoring customers regularly for any suspicious activity or signs of illegal financial activities and updating customer risk profiles

In EDD, extra steps are taken to assess and monitor customers who may be a high risk for money laundering, including:

• Collecting more customer information to meet more rigorous standards
• Documenting detailed customer reports and providing easy access to regulators
• Providing ‘reasonable assurance’ in risk assessments to reflect the EDD process
• Closely monitoring politically exposed persons (PEPs) who can be exploited for illegal or unethical financial gain

Anti-money laundering and cryptocurrency

Due to inconsistent regulation compared to fiat currencies, AML and KYC requirements relating to cryptocurrency are less clear and consistent. Regulations are increasing in number and complexity, however, with the wider adoption of digital currency by both private companies and governments around the world.

The Financial Action Task Force (FATF) established the first worldwide AML regulations for cryptocurrency in 2014, and these have since been adopted by other global agencies like the Financial Crimes Enforcement Network (FinCEN), in the US, and the European Commission. These organisations work with cryptocurrency exchanges and other virtual asset service providers (VASPs) to encourage the development of AML and KYC protocols, transaction monitoring and compliance teams on the frontline of digital asset exchange.

When financial crimes related to cryptocurrency are detected by VASPs, they report this activity to FATF, FinCEN and others to record in a global database of illicit activities and bad actors. These global organisations often use blockchain regulation tools that can further assess patterns of money laundering on the blockchain’s public ledger.

KYC checks for cryptocurrency

KYC checks can look a little different for crypto compared to other financial services. There are no off-the-shelf solutions for crypto exchanges. Companies tend to use existing identity verification solutions, such as:

• Identity document verification via a global database of ID documents
• Identity data verification checking one or more global data sources or credit bureaus
• Biometrics including FaceMatch technology and active and passive liveness checks
• Transaction monitoring and sanctions screening
• Bespoke end-to-end solutions that combine some or all of the above solutions 

So, there’s a wide selection of KYC solutions the crypto industry can leverage to take action on AML and comply with existing regulation. As crypto and regulations governing it continue to evolve, exchanges and other VASPs will need to have the right technologies in place to ensure regulatory compliance, detect fraud and prevent financial crime.

This article was originally published by Acuant, a GBG company.