There are more than 100 million users of cryptocurrencies around the world. These adventurous investors are increasingly drawn to virtual currencies, such as Bitcoin and Ethereum, as they look to buy a growing range of goods and services or trade the currency
for profit. However, despite their increasing popularity, cryptocurrencies face hurdles in reaching the next maturity stage – mainstream acceptance as a form of payment.
One of the biggest hurdles is cryptocurrencies not being subject to the same rigorous ID verification requirements faced by mainstream financial institutions when onboarding customers. There are a number of reasons for this, including regulations on cryptocurrencies
often lagging in the markets where they operate. The global nature of virtual currencies making them hard to regulate. And, because they are a decentralised form of finance, they are considered an anonymous form of currency.
Fraudsters and crypto
It’s these factors that make cryptocurrency an appealing proposition for criminals intent on laundering money. For example, 2019 saw $2.8 billion laundered through cryptocurrency exchanges, up $1 billion from 2018. This is be expected when research highlights
56 per cent of all cryptocurrency exchanges don’t have know your customer (KYC) processes in place.
It’s a key reason why many vendors remain unwilling to accept virtual currencies as payment, along with concerns over the volatility in the price of the likes of Bitcoin, which is another important factor impacting these currencies’ ability to go mainstream.
Today, the regulation of cryptocurrencies is actively being looked at by many governments and intergovernmental organisations, such as the EU.
With the Fifth Anti-Money Laundering Directive (5AMLD), the EU has already made a start in bringing regulation to the cryptocurrency industry. As “obliged entities,” cryptocurrencies face the same regulations applied to financial institutions, including
combating the financing of terrorism (CFT) and AML. This necessitates customer due diligence and the submission of suspicious activity reports. Furthermore, 5AMLD mandates EU Financial Intelligence Units (FIU) to obtain the addresses and identities of owners
of virtual currency – pushing back against the anonymity associated with the use of cryptocurrency.
In the UK the Financial Conduct Authority (FCA) requires all firms offering cryptocurrency-related services to register and demonstrate compliance with AML rules - though, as yet, very few have done so. This is despite recent news around the FCA banning
one of the largest cryptocurrency exchanges, Binance, from operating in the UK.
AML and KYC checks are essential
Are these moves by the EU and FCA sufficient to drive those in the cryptocurrency world to deliver effective AML and KYC checks? Probably not in light of recent steps by the UK bank TSB. It is the first big bank to prevent their customers – all five million
of them - from using their accounts to buy cryptocurrencies on virtual currency exchanges. They discovered that one in eight payments made to crypto-trading platforms from TSB customers were made to fraudsters, whereas only one in 5,500 non-crypto transactions
Obtaining customer ID knowledge to ensure criminals aren’t making purchases is the best way for cryptocurrencies - and the exchanges where they are traded - to avoid being blacklisted by regulatory bodies and financial institutions. Taking this approach
may go against the ethos on which cryptocurrency was founded but, to go mainstream, the sector needs to take additional steps to confirm ID verification and leave behind its anonymity heritage.
To succeed in this, they must:
Undertake electronic identity verification (eIDV)
When someone goes through the process to buy cryptocurrency an eIDV tool can run real-time cross-checks against the contact data provided – such as name, address, phone number, email address, and date of birth - in the background. For this to happen effectively,
the eIDV service must have access to
billions of global records in real time, including up-to-date watch lists, such as politically exposed persons (PEP) data as part of this dataset.
eIDV will help prevent fraud in real time, at the point of online customer access, by ensuring cryptocurrency exchanges and others offering virtual currency are dealing with the actual identified individual and meeting KYC and AML objectives. As the cross-checks
take place instantaneously, there’s no negative impact on the customer experience.
eIDV can be delivered through apps, SaaS, and web APIs, enabling these tools to integrate seamlessly into existing online platforms. Additionally, they can be easily scaled up, delivering as little as 100 checks, through to many millions per year.
Implement document verification and biometrics to deliver secure, real-time online customer onboarding
As part of its eIDV toolkit, the cryptocurrency industry should employ machine readable zone (MRZ) and optical character recognition (OCR) technologies to collect ID and obtain crucial information when onboarding customers online. These assure the ID is
genuine and validated in real time. The photo ID embedded in these scanned documents supports biometric ID verification, such as facial recognition, which can also accelerate customer engagement in a secure manner. The biometric technology must be able to
undertake liveness checks, such as via eye movement, for proof of life confirmation. It’s because creative methods are being increasingly used by fraudsters, such as 2D images and video playback, in an attempt to trick facial recognition technology and ‘prove’
they are the person they are impersonating. Importantly, this process also enables those in the cryptocurrency industry to receive a due diligence report related to AML and KYC that can be used to demonstrate regulatory compliance.
While anonymity and lack of regulation have certainly made crypto a tempting investment for many investors, to grow into a mainstream form of currency there must be compromise that requires effective ID verification processes. This is the only way for virtual
currencies to break through and have a long term future. It’s tools like eIDV, document verification and biometrics that will help achieve this objective, and prevent funds ending up in the accounts of cybercriminals and terrorists.