Chapter 4 — Transparency with Privacy…Empowering Users to “Be the Bank”
Users can share KYC & humanness data privately with VASPs and with each other
Technological advances are allowing consumers to be more in control of their financial services than ever before. Users increasingly want to “be the bank”, and with mobile wallets, neo-banks, and distributed systems, their keys to their wallets deliver on this desire. Like when VHS allowed movies to leave the cinema and come home with the consumer, the associated copyright regulations also came along with the content — consumers could not rebroadcast the video without permission. Technological advances do not negate the underlying regulatory environment, at most they delay enforcement until the regulator has caught up and modified the law to reflect the new tech.
Similar to the requirement to inform the tax authorities on stock or crypto gains and losses, or when receiving a gift over a certain threshold in a given year, these new financial service freedoms come with the responsibility to adhere to the regulatory requirements and laws. That responsibility, however, does not need to invade privacy, be costly or cumbersome.
When the consumer “is the bank” (their keys), they need to conform to the same regulations that financial institutions do. These include (a) verifying transactions aren’t sent to illegal jurisdictions, people or entities, (b) reporting on transactions over certain thresholds (e.g. name & address of sender or receiver; KYC status), © automating compliance to ensure one doesn’t perform transactions that will get them fined or sanctioned… and this needs to be performed on-the-fly and cost-effectively.
Regulators across the globe are taking their cue from FATF and demanding that laws on value transfer are enforced uniformly. The recent Fincen proposal requiring self-custody wallets to report and institute compliance rules similar to financial institutions, as well as the MLD5, VFA & MICA regulations in Malta and Europe preventing licensed entities to connect to anonymizing services, demonstrate that the financial regulators will achieve the transparency they require on what is currently opaque — but this can be accomplished without a wide-spread invasion of privacy.
Following the Principles on Identification for Sustainable Development, Everest built a solution to empower users to privately share only the bare minimum amount of data required by law, along with the automated compliance engine to (a) seamlessly share the data privately over mainnet to only the participants in the transaction, (b) ensure users don’t send to bad jurisdictions, actors or go over-threshold amounts, © automatically fill and file reports for users, and (d) do it all on-the-fly, cost-effectively.
As an oracle that “rolls up” to mainnet, Everest’s solution grants any human their own private data store that allows them to prove they are human, and share such data as name, address, KYC/AML status and wallet address. Most importantly, the solution is not a centralized database that an entity controls, nor can Everest or any other institution gain access to users’ datastores. Through an MPC architecture requiring a user’s live biometrics (who they are), plus PIN (what they know), users can, for example, share the minimum amount of identifying data required for a given transaction. All transactions are performed privately, wherein Everest is the oracle, and users are given human-readable addresses. The solution functions as a whitelist-as-a-service for mainnet; details can be seen here: https://hackernoon.com/how-vasps-can-comply-with-fatf-regulations-without-missing-a-beat-em9e32k8
Users will be able to share and connect their identity and transaction data in a straightforward and decentralized manner. Everest‘s oracle service enables users to privately share KYC, humanness, identity attributes and other transaction data on Ethereum mainnet. This user-centric, cost-effective approach empowers consumers to privately and transparently “be the bank”, while conforming to the new realities of the evolving regulatory environment.