Cryptocurrency transactions have introduced an entirely new environment that compliance teams must operate in. As a relatively new monetary market, compliance regulations around new currencies and platforms are subject to more frequent changes as regulatory bodies try to adapt. The crypto exchange market as a whole poses several new risks to compliance, particularly to customer identification programs such as Know Your Customer (KYC) processes.
What is KYC?
KYC is one of the fundamental and first AML/CFT compliance processes that financial institutions must conduct in order to be compliant with regulations. In short, it means doing due diligence on customers when onboarding, including identity and background checks. This ensures financial institutions know whether there are any AML/CFT risks that may come with allowing that individual to conduct business. For more information on KYC for more traditional forms of currency, view our webinar on how to make your financial institution’s KYC more effective for AML compliance.KYC for Crypto
KYC is vital for financial institutions to maintain AML/CFT crypto compliance, allowing businesses to understand who their customers are and the nature of their business. Bad actors try to evade this process throughout the stages of money laundering. In this article, we will take a look at what your KYC for crypto should look like.What Do Regulatory Bodies Say?
When in doubt, it’s always best to see what regulatory bodies say about KYC compliance and identity verification for crypto businesses. The Financial Action Task Force (FATF) recommends applying a risk-based approach to virtual currencies. For information on FinCEN requirements, check out our webinar on complying with FinCEN cryptocurrency regulations.Risk-Based Approach to Crypto
Verifying a customer through the risk-based approach means taking a look at individual customers to asses customer risk. This risk-based KYC process would be as follows: For KYC compliance it is vital to complete the following process for the onboarding of new customers to understand their risk level and identify and report any suspicious transactions or activities:- Gather personable identifiable information of new customer
- i.e. full legal name, place of birth, date of birth and current address
- Biometric information
- Compare the identifiable information collected to government-issued identification
- Make sure the new customer is not a Politically Exposed Persons (PEP) or sanctioned individual
- Monitor for any media relating to the customer, as it may provide information before official sources can
- After confirming that the new customer does not pose a high risk, make sure to conduct ongoing transaction monitoring
The Challenges of Crypto Compliance
Crypto is both a relatively new and anonymous form of currency. We won’t be delving into the technical nuances of new currencies, however, it is important to know that cryptocurrencies are secured on their blockchains, allowing for transactions to be made between anonymous users. Given that these transactions are conducted digitally, it allows users to perform many transactions in a short period of time – all the while remaining anonymous. As you may have guessed, this makes for a desirable currency for money launderers and criminals. According to The Wall Street Journal, cryptocurrency-based crime hit a record $14 billion in 2021 alone. It is important to note, however, this same article clarifies that, “the volume of illicit activities remains a small share of the total cryptocurrency transactions volume.”1 As a result, many regulatory bodies are introducing new legislation, such as the new ‘crypto travel rule‘, in order to combat money laundering with virtual currencies. So how does a compliance team in 2022 mitigate these risks and comply with changing regulations?Crypto Transaction Monitoring
Conducting ongoing transaction monitoring is difficult when transactions can be anonymous and completed in seconds. Financial institutions should implement these four tactics that may differ from non-crypto-related transaction monitoring:- The gathering of identifiable biometric information, such as fingerprint and face scans
- Ensure that all AML/CFT transaction monitoring processes are completed before any crypto assets are transferred
- Monitor and prevent the creation of multiple accounts so a customer cannot get around reporting thresholds
- Monitor for transactions and behavior that is out of the norm for customers
- i.e. performing transactions that are unexpected for the customer’s wealth or normal financial behavior
- Consider adding solutions with real-time or AI capabilities
