What is KYC? Know Your Client in the World of DeFi

What is KYC? Know Your Client or KYC in the World of DeFi

KYC, is a standard in traditional finance, especially if you enter the world of investments. It is a way to ensure that users of certain products and services are eligible, and also safe-guards whole ecosystems from the potential of bad actors. How does this fit into the world of blockchain and crypto whose tenets are anonymity and decentralization? 

In this lesson we will look into what KYC is and its place in the world of blockchain technology and decentralized finance (DeFi). By the end of this lesson you will learn what KYC is, how it is practiced in the blockchain DeFi ecosystem and its uses and benefits.

What is KYC?

The Know Your Customer/Client (KYC) procedure is an important process required by various financial organizations and banks to verify the credentials of a service user. This regulatory process is aimed at gathering identity and personal information to ensure the user is who they say they are. This information is also gathered so that an organization can do its due diligence on a user to see if they reach certain requirements - an acceptable credit score, seeing if they are potential bad actors; for example when we try to get loans or credit cards.

The required documentation for KYC can differ depending on the jurisdiction, but generally, users must provide a government-issued identity document as proof of identity. Others might accept a driver's license, birth certificate, or passport. Additionally, this is usually accompanied by residential information or a document that serves as proof of residence e.g a utility bill or bank statement. 

KYC is only a part in a broader set of rules and regulations used around the world. These standards were introduced to fight financial crime, money laundering, terrorism funding, and other illegal financial activity. 

Information obtained by KYC and other anti-money-laundering (AML) regulations are used to create a risk profile as a baseline for suspicious behavior. By maintaining current and accurate customer information institutions can monitor suspicious behavior of customers and potentially stop financial crime. 

Why is KYC Required to Complete Some Transactions?

All financial services that use some form of fiat currency require their users to do KYC. It’s stipulated by the U.S. Financial Crimes Enforcement Network (FinCEN) that financial institutions verify the identities of their customers and their respective beneficial owners. In order to complete a transaction or subscribe to a financial service it is required that they know who you are. 

Important to remember that different countries have different laws regarding KYC and the enforcement thereof. Therefore each company may have different KYC requirements depending on where their company is registered.

‍

KYC in Crypto

Generally, the Know Your Client / Customer (KYC) process is required when it comes to any financial product outside crypto. This identity verification process stands in stark contrast to the nature of the decentralized cryptocurrency ecosystem and blockchain technology. Where the benefit was largely to be able to do transactions while staying anonymous and keeping personal information private from any central authority.

Since exchanges and projects in the crypto space don’t work with fiat money (the official currency of a nation) they don’t have the same requirements as traditional organizations to implement KYC. The crypto space has long been the black hole where ransomware attackers hid, leveraging the decentralized anonymous technology to hide from law enforcement. In 2020, victims paid nearly $350 million in crypto to attackers using decentralized currency as a means of payment. Following these attacks, many security experts, such as the Ransomware Task Force (RTF) lead by the Institute for Security and Technology (IST) who conducted a report with a comprehensive framework for action, advocate the enforcement of stronger KYC regulations to make sure malicious actors can't evade detection.

However, at the stage where crypto is now, various players are looking to include KYC due to illicit activities taking place. This is because many crypto firms are not able to identify who their customers actually are, and due to this regulators and lawmakers want to clamp down on the crypto industry. Even the most reluctant crypto firms have been compelled to introduce more stringent KYC measures, as the mounting pressure and penalization from regulators continues.

In 2021, FinCEN proposed that cryptocurrency and digital asset market participants submit, maintain, and verify customers' identities. This came after Larry Dean Harmon - operator of Bitcoin “mixer” - was given a $60 million penalty for violations of the Bank Secrecy Act (BSA) and its implementing regulations. 

What Can Happen if Projects Don't Implement KYC?

Projects that don't implement KYC can be seen as untrustworthy or not in compliance with regulations which could impact their image. Besides not looking official/authentic KYC assists with establishing a secure ecosystem, with strong compliance and robust identification procedures it could help in ensuring its perceived association with money laundering and criminal activity. 

Projects that don’t employ these measures can have their services used to launder stolen money or cover up other illicit financial activity. On the other side of the coin, services can also be used to fund other malicious projects like in the case of TornadoCash. 

Lesson Recap (TL:DR)

The process of KYC was established globally by international regulators to deter financial crime. It has been seen in traditional finance for years, and has become an accepted step in receiving financial services from institutions such as banks.   

Recently the crypto space has been plagued with bad actors resulting in millions of lost dollars. To combat this, security experts have advocated the implementation of KYC. There is a difference in opinions on KYC in the space as it removes the anonymity blockchain technology is supposed to provide, in some cases leading to a loss of customer base when implemented.

Some projects that have chosen to implement KYC procedures based on the requirements of the location/jurisdiction they are based in. Some believe that KYC procedures can protect the integrity of an ecosystem by mitigating exposure to bad actors, which creates safety and security for the majority. Compliance with regulations also allows companies the ability to operate within their locale. 

Sources:

1. Ryan, D. (2016, 7 February).FinCEN: Know Your Customer Requirements. Harvard Law School Forum on Corporate Governance. https://corpgov.law.harvard.edu/2016/02/07/fincen-know-your-customer-requirements/
2. Chainanalysis. (2021, 26 January). Ransomware Skyrocketed in 2020, But There May Be Fewer Culprits Than You Think. Chainanalysis.com. https://blog.chainalysis.com/reports/ransomware-ecosystem-crypto-crime-2021/‍
3. Ransomware Taskforce. (n.d). The Ransomware Task Force Report. Institute for Security and Technology. https://securityandtechnology.org/ransomwaretaskforce/‍
4. FinCEN. (2020, 19 October) First Bitcoin “Mixer” Penalized by FinCEN for Violating Anti-Money Laundering Laws. Financial Crimes Enforcement Network. https://www.fincen.gov/news/news-releases/first-bitcoin-mixer-penalized-fincen-violating-anti-money-laundering-laws‍
5. Sriashi0397. (2022, 11 May). Blockchain and KYC. GeeksforGeeks.org. ​​https://www.geeksforgeeks.org/blockchain-and-kyc/ 

About Hacken‍

Hacken is a cybersecurity auditor born in 2017 with a vision of transforming Web3 into a more ethical place. With 5+ years of experience, hundreds of blockchain partners, and thousands of secured crypto projects, Hacken protects technological businesses and crypto communities worldwide with the most competitive suite of professional cybersecurity services. 

Hacken in figures:

• 1,070+ clients, including THORSTARTER, ConstitutionDAO, XTblock, Paribus, to name a few
• 180+ partners including Avalanche, Polkastarter, CoinMarketCap, Weld Money, CoinGecko, Solana Foundation, Simplex, to name a few
• 23/50 top crypto exchanges are Hacken clients
• $10B in users’ assets saved from being stolen by hackers

Strategic goal: get a 20% share in the Web 3.0 cybersecurity market by 2024.‍

For more on Hacken follow them on:

Twitter | Discord |Telegram | Hacken.io

‍