Despite persistent volatility, the cryptocurrency market continues to see overall gains — as noted by Forbes, popular currencies such as Bitcoin, Ethereum, BNB, and Dogecoin have recently driven a $300 billion price boom.
While the market will likely continue to fluctuate, the rise of crypto investments and exchanges suggests that the concept is here to stay. This permanent presence is bolstered by a 2019 joint statement from the SEC, FinCEN, and CFTC that classified crypto exchanges as money service businesses (MSBs) — making them subject to Know Your Customer (KYC) and Anti-Money Laundering (AML) rules under the Bank Secrecy Act of 1970.
But it’s one thing to recognize the need for KYC compliance and another to implement these rules at scale. Here’s what crypto firms need to know about knowing their customers and ensuring KYC compliance.
Understanding Know Your Customer (KYC) for crypto
The purpose of KYC regulations is to reduce identity theft and fraud by having businesses collect and verify key data about customers to truly understand who they are. Financial institutions (FIs) often have customers go through KYC measures when they open new accounts, apply for loans, make investments, and take other important actions. These measures often include requests for identity data — such as driver’s licences, SSNs, and other financial statements — verification, and the storage of this data to ensure compliance in the event of an audit.
While cryptocurrency exchanges are now subject to the same rules as their traditional financial counterparts, some have pushed back against regulations, arguing that collecting this data undermines the anonymous nature of crypto. Other exchanges require clients to upload identity data when creating accounts but immediately allow trading access before verifying this data — privileges are only revoked if the KYC checks reveal something worrisome. Still others have decided to opt out of US KYC regulations by suspending access for American users.
However, despite attempts to shortcut or circumvent KYC cryptocurrency regulations, the growing cryptocurrency market and more mainstream appeal virtually guarantee that KYC rules will not only expand for exchanges but also spur increased regulatory enforcement.
What are the benefits of KYC in crypto?
Despite the operational changes and challenges that come with KYC regulations, crypto exchanges stand to gain substantive benefits by ensuring regulatory compliance, including:
Improved customer transparency and trust
Verifying user identities can both improve transparency and build customer trust — when users are confident your crypto exchange is taking proactive and precautionary measures to protect their accounts, they’re more likely to continue using your service.
Reduced potential for money laundering and other scams
As noted by Forbes, more than 80,000 instances of cryptocurrency fraud occurred in the United States last year — up 24,000% from 2016. Robust identity verification can significantly reduce fraudulent activity and boost market reputation.
Reduced legal risk
With legal expectations continually evolving, implementing robust KYC policies can put companies ahead of the curve — instead of running to catch up, they can focus on improving conversion rates, streamlining transactions, and ensuring compliance with evolving international guidelines. By demonstrating KYC due diligence, companies can reduce their risk of legal challenges or regulatory penalties.
Enhanced stability of the crypto market
The crypto market is notoriously volatile, in part thanks to anonymous transactions that are potentially suspect or criminal. Increased identity verification as part of KYC programs can help stabilize the market at large and boost its market value.
Why is KYC now mandatory for most crypto exchanges?
KYC is now mandatory for most crypto exchanges because they’re defined as MSBs (money service businesses) under federal regulations. While these businesses have always handled money in some form, initial market skepticism led to lagging rules around exchanges, especially as trading proved complex and frustrating for the general population.
However, increased diversity in the market along with larger sums of digital currency being traded have made crypto exchanges more mainstream, in turn prompting government agencies to impose more serious regulations on these operations.
For example, along with the classification of exchanges as MSBs, a new rule proposed by the Treasury Department in December 2020 would require users who want to transfer cryptocurrency from a centralized exchange to a personal wallet to provide personal information about the wallet’s owner if the amount of the transaction is more than $3,000. If the amount of the transaction is greater than $10,000 in one day, exchanges must both obtain personal data and send information about the transaction to FinCEN. While the rule may not pass exactly as currently described, it’s likely that some form of this regulation will be approved in the next year.
What challenges do crypto exchanges face with KYC?
Along with emerging expectations around KYC for crypto exchanges in the United States, companies also need to keep up with regulatory evolution worldwide, thanks to the global nature of cryptocurrencies such as Bitcoin. The anonymous nature of these currencies combined with the public ledger framework of blockchain security makes them easy to trade across international borders without the need for complicated conversion calculations or rigorous central bank oversight.
To address this largely unregulated market, countries such as the Netherlands, Switzerland, and France have rolled out identification requirements for users. In the Netherlands, clients must verify their wallet ownership and describe their intended use of cryptocurrencies, while in Switzerland users must prove their ownership of non-custodial wallets with verified documentation. In France, meanwhile, anonymous accounts have been barred altogether.
As global regulatory requirements grow more complex, KYC processes — collecting customer data, verifying key information, protecting personally identifiable information (PII), and more — can prove a complex and cumbersome task.
How to ensure your customers’ personal data is handled safety
Streamlined and seamless identity verification is the cornerstone of crypto KYC, but it’s also critical for companies to ensure that all data collected from customers is handled and stored safely. Not only does this align exchanges with current and evolving privacy regulations, but it also boosts consumer confidence, especially when they’re dealing with a historically variable market that has strict rules around anonymous exchanges and immutable transactions.
With Persona, your business gets GDPR and CCPA compliance right out of the box. We meet all of the highest security standards and store PII securely in our system, which means you don’t carry the liability of any potential breaches or leaked customer data but still have easy and reliable access to it whenever you need it. “I don’t ever want to store PII, and it’s awesome that with Persona, we don’t have to even think about it — we just send everything through Persona, and SSNs never even hit our system. I asked for that from other players and nobody else really provides that feature,” shares Ahmed Siddiqui, Branch's Chief Payments Officer.
Solving for crypto KYC
KYC for crypto is here to stay — and regulatory expectations are increasing worldwide as the volume and velocity of cryptocurrency transactions ramps up. As a result, crypto exchanges can’t afford to wait on deploying and integrating best-of-breed KYC solutions.
When it comes to solving for KYC, crypto companies are best-served by identity verification (IDV) solutions that offer robust international coverage, a streamlined user experience, automation, and multiple verification types for differing risk profiles and use cases. Persona is the only identity platform that gives businesses the building blocks they need to build their ideal KYC program, along with automation and orchestration tools to streamline the entire process from end to end.
Case study: how one crypto management platform boosted conversions while meeting compliance standards
Before Persona, a major crypto management platform was losing potential customers because of a cumbersome verification process. Not only was their verification system denying access to legitimate users, but its UI was also poorly designed, causing individuals to drop out before completing the verification process.
By leveraging Persona’s identity infrastructure, the platform was able to create customizable workflows for different use cases and employ a variety of verification methods to comply with KYC regulations while more than doubling their conversion rate. “Switching to Persona really increased our conversion rate and allowed folks to fly through the pipeline in a more efficient manner," their chief compliance offer shared.