Jiangtao Sun
10 min readJan 24, 2019

China Binary New Fintech Group — ST View Article 8

Past and Present and Self-evolution of KYC

This article is published by China Binary New Fintech Group (ID: shenzhoushuzi_group), and is written by SUN Jiangtao (CEO of China Binary New Fintech Group and founder of Goopal Group). Please indicate the author and source when reprinting.

Over the past two weeks, the most prominent move for STO is the attitude announced by Chinese regulators. After Beijing Local Financial Supervision Bureau and BJIFIA stated that they don’t welcome STO at the beginning of this month, this weekend, deputy president of the People’s Bank of China also publicly stated that the substantive behavior of STO is illegal financial activity in China.

Repeated statements by different levels of government and regulators re-confirmed that the Chinese government has an ultra cautious attitude toward financial regulation, especially in the wake of the global economic downturn and the financial crisis. The cautious attitudes and behaviors are aimed at minimizing the financial chaos.

However, we know that STO, as a global securities-tokenized financial practice, has very deep regional properties. In China, which implements strict regulation and holds a prudent attitude, it is now not obviously legal. However, the US, which has the relatively complete laws and regulations, has already had a number of STO cases. So we shall look at STO separately in different countries and regions, such as STO in the US, STO in Singapore, STO in Hong Kong and STO in mainland China. And what we’ve been focusing on is how to create legal and compliant STO projects.

In the last few articles, we detailed the business close-loop of STO (ST), one of the most important sectors of which is KYC (customer survey) and AML (anti-money laundering), which are the two important factors of winning trust from project companies and investors. This article will detail KYC and AML.

I. Past and Present of KYC

KYC and the resulting AML originate from the traditional financial industry, and then are gradually applied in the field of technological and financial innovation sectors, such as Internet finance, until blockchain-based STO (the asset securities tokenized financial practice sector) emerges. In terms of technology, its developments experienced the most primitive paper age, electronic age, big data, cloud platform and blockchain era.

The main legislation on anti-money laundering is the Bank Secrecy Act (BSA) of 1970, which is the core legislation of the US’ legal system of punishing financial crime. Its supporters stress that the law should not be a burden on financial institutions, because they have kept most records as required. The Finance Minister is free to offer exemptions when regulatory costs exceed earnings.

The Bank Secrecy Act is designed to curb the use of secret foreign bank accounts and to provide audit clues for the law enforcement authorities by requiring regulators to identify sources, quantities and flows of currencies and financial instruments in and out of the US or deposited in financial institutions by submitting the report and keeping the records.

The 11 additional legal provisions add more requirements for banks and money-transfer providers. Now the regulatory framework is commonly referred as the KYC and AML rules, which are gradually used in the financial sector.

KYC (Know Your Customer) refers to the process of obtaining customer-related identification information by a trading platform, primarily to ensure that users who do not meet the standards are not able to use the services provided by the platform. It can also provide investigation evidence for law agencies in their criminal investigation activities in the future.

AML (Anti-Money Laundering) represents “Anti-money Laundering”, which essentially refers to the various regulations enacted to prevent income generated by illegal transactions.

Now, in addition to the above-mentioned transaction reports, banks are also required to know who the customer is and notify any “Suspicious Activity” and other information. Due to the complex KYC and AML review processes, coupled with the huge volume, fixed mode and extremely high centralization of traditional financial institutions, there is information barrier among firms, resulting in lower communication efficiency. So for them, the work needed for compliance becomes the greatest burden.

II. The Significance of KYC on STO (ST)

For the legal STO (ST), KYC and AML are the necessary customer screening and review during circulation processes. They are the processes of companies to verify customer identity and evaluate the potential risk of illegal intent in relation to enterprise relationships. Regulators in various countries have been trying to ensure that all those who convert digital currencies or Token-based securities into fiat currencies must comply with the KYC requirements of traditional banks.

There are two primary reasons: firstly, cryptocurrencies including Bitcoin and Token-based securities have the anonymity and decentralization features. Without the prudential requirements, including KYC, ST may become the hard-hit sector of illegal behaviors, such as money laundering and black market transactions. As the important channel for exchanging cryptocurrencies and flowing capitals into the market, ST’s circulation sector will definitely receive more and more attention. Secondly, STO (ST) is the securities Token-based financial practice based on the blockchain technology. It is an innovation of the financial sector, so must comply with the financial rules, such as KYC and AML.

III. Different Rules on KYC and AML across the World

As mentioned above, the US adopted the Bank Secrecy Act in 1970 to validate and regulate investor identities. The Financial Crimes Enforcement Network (FinCEN), a subsidiary of the Ministry of Finance, is now responsible for the regulatory effort, fighting against financial crimes in the US and beyond on AML, CFT and KYC. On one hand, AML is targeted at the terrorist financing service, while the very important way of CFT (Combating the Financing of Terrorism) is to implement strong AML measures, so AML usually contains both aspects. On the other hand, one of the most important aspects of AML is KYC, so we can see that some AML provisions contain direct or indirect KYC requirements. To sum up, the regulatory scopes of the three aspects in the US have overlapped parts, but are not all the same.

Regulation on KYC has become increasingly stricter worldwide in recent years. Singapore has the world’s strictest regulation, in addition to the US and the UK. Commerzbank, the second largest commercial bank in Germany, was censored for compliance issues in Singapore, mainly because the Company didn’t strictly follow Singapore’s KYC rules to conduct background reviews on its customers.

As the economic hub in Asia, Singapore is opening up its capital market for global investors, requiring financial institutions to implement strong measures to monitor and prevent illegal capitals to flow into the country’s financial system. The Monetary Authority of Singapore (MAS) recently published the “Digital Currency Guideline”, summarizing the legal process of ICO. The document clearly states that digital currencies do constitute products and therefore subject to MAS supervision and the regular KYC review to report any suspicious or illegal activity.

In addition, the popularity of digital currencies has also promoted the development of KYC in Southeast Asia. For example, Hong Kong Securities and Futures Commission (SFC) recently issued a number of documents on ICO risks and KYC of the cryptocurrency-related companies; the Central Bank of Malaysia has also issued anti-money laundering and anti-terrorism financing laws specifically for cryptocurrencies.

IV. Blockchain Drives Iteration of KYC

One of the essences of financial activities is financing. The main function of traditional financial institutions is financial intermediaries, to help fund suppliers and receivers to complete the flow of funds; while Internet finance hopes to build value circulation network through Internet, achieving the decentralization and disintermediation goals. Blockchain is the main technology to support this idea.

The main influences of blockchain on the traditional financial industry are cost saving and risk reduction. Streamlining procedures and processes of various financial activities can save costs, while blockchain-based smart contracts can greatly reduce the credit risks for both parties.

In terms of KYC and AML, we all know that their review processes include: verifying customers’ basic identity information, the actual beneficiary status of transactions; confirming customers’ current business and risks; and investigating capital source of transactions and the related parties of customers. The review processes of traditional financial institutions are cumbersome and time-consuming. Especially for enterprise customers who hope to reach long-term cooperation, the processes often require long-term follow-up due diligence.

As blockchain data can’t be tampered with, can protect privacy and are open and transparent, the formed KYC and AML user authentication management platforms can help share information on users among trusted members and simplify the review processes. However, it needs to be noted that the establishment of platforms needs support from national authorities, and can promote public trust through government agencies’ entry or issuance of relevant laws and regulations. The essence is combination of centralization and decentralization, and the interaction of authority endorsement and technical endorsement.

V. Existing Problems of KYC

Although the blockchain empowers KYC and drives it to complete technological iteration, there are still many problems, which lead to extensive discussions and disputes in the industry. In my opinion, at least three things are worth discussing.

1. The financial exclusion caused by threshold raise is contrary to the idea of inclusive finance. Is it fair or not?

KYC and AML reviews will inevitably result in a significant number of users being excluded from the threshold. According to reports by related media, since 2009, 25% of the global agency banks have been cut off, and many corporate accounts have been closed, failing to receive bank services, especially in areas such as Africa and the Caribbean. Nearly 70% of Caribbean banks were cut off in 2015. A higher threshold could exclude millions of people from the financial system at once.

Even the legal US STO projects, the review of qualified investors could directly exclude a large number of ordinary people out of the system. The exclusion of so many people has led to a good desire for the inclusive finance, which had been promoted by national governments and the financial community.

2. Whether it is in line with the modern spirit that the risk is avoided but the privacy of users is infringed

With the intervention of big data, cloud platform and blockchain technology, KYC and AML review processes are increasingly stricter and more accurate. Especially in terms of blockchain, because information is shared on the distributed account system, all information on record and archive are safe, transparent and immutable, such as customer backgrounds, financial records, income sources, wealth and assets.

The blockchain technology reduces data fuzziness, and reduces the possibility of fraud. It can be said that if all organizations use the blockchain technology, KYC and AML data can be more secure, transparent and seamless.

But at the same time, the anonymity of blockchain itself has gone. All qualified investors passing the KYC and AML reviews are exposed to institutions and even the whole world. Is the privacy right display in line with the modern spirit?

3. Whether the centralization of organizations will lead to the beneficiaries to gain profits from the user information violation

The current KYC and AML systems are mainly reviewed by trading firms, most of which are centralized institutions, which means that reviewed users, regardless of whether pass or not, are facing the potential risks. In addition to the purpose of reviewing, we don’t know whether the personal information they upload will be used for other purposes or directly used to cash in by the firms.

Indeed, it is very common for many financial institutions to sell information of investors, whether in the US, Europe or Asia. How to protect security of personal information or data assets is a problem derived from KYC and AML, and is also a challenge in future.

VI. Future Improvements of KYC

Everything will face various problems in their development. In fact, there is a lot of space for improvements in KYC’s current problems. And related regulators, institutions and blockchain companies are also trying to make improvements, but it can’t be done overnight and need a certain time. After all, STO is still in exploration.

Firstly, it depends on whether regulatory restrictions on ordinary investors can be moderately relaxed, including qualification of investors and the length of the closing period. On one hand, it depends on the cognition and balance of regulators, and on the other hand, it depends on the process of development and improvement of STO, which are complementary to each other.

Secondly, the blockchain technology enables information recognition and validation, such as signing a smart contract with a private key, verifying users’ private information, without exposing them to risks. This can meet the needs of both individual investment and government regulation, and can limit the project company’s bad behaviors to a great extent.

As we see, these changes have been happening. The EU, for example, issued its data protection rules — General Data Protection Rule (GDPR), and formally began to implement it on May 25, returning authorization for the use of personal data to users. It is believed that with the adjustment and optimization of supervision measures and perfection of the blockchain technology, these problems facing KYC and AML will be solved step by step.

VII. Outlook for Killer Apps

In the last article, we said that, although it is an emerging thing, as regulation becomes more and more standardized and closer to the regulation in the traditional sector, the KYC system demonstrates two features: 1. More and more traditional forces have stepped in, empowering the digital currency trading firms as well as the future STO platforms with the new KYC system; 2. KYC will upgrade the iteration, not only taking on the basic function of screening customers, but also giving rise to more personalization functions.

For traditional forces, the previously mentioned Thomson Reuters’ financial and risk business department has evolved into the KYC financial software company Refinitiv, and provides software for Binance. Vdax is also planning to use software from Refinitiv. LU.com introduced the 4.0 version of KYC system, providing personalized services.

The blockchain sector has a technological advantage and is closer to regulation. For example, TraceTo, a blockchain company in Southeast Asia, uses the blockchain technology to provide revolutionary KYC processes to promote financial regulation in the encrypted sector. BITMAIN opens up a privacy-centric KYC code, called Coconut, which uses Intel’s enhanced privacy ID to verify identification, separating management of information needed for business from information identification. This resolves the problem of potentially jeopardizing user identification, as KYC allows unfettered tracking of customers and their activities.

It is believed that in the future, as the verification results are stored and transferred on the blockchain, KYC’s verification results can be used by multiple times. As all personal data are encrypted and stored on the blockchain, the identity information can only be used with user’s authorization.

(To be continued)