While the industry of cryptocurrency matured greatly over the past decade, financial solutions that hinge on cryptocurrency are still perceived by regulators with great ambiguity. Brokers and exchanges are constantly being scrutinized closely for red flags, feeling that their future is far from certain. For exchanges, who are able to deal in fiat, the necessity of abiding by transparency regulations and rules becomes a significant chore. For such exchanges, proper processes of Know Your Customer (KYC) and Anti Money Laundering (AML) are a lifeline to legitimacy that must not be broken.
Several crypto brokers, due to the hope of providing a faster user experience, choose to ignore the crucial checkpoints of AML and KYC. Justifying their decision by claiming that significant money laundering or fraud cannot be accomplished in small amounts, such brokers and fiat-enabled platforms decide that they can allow a new account to trade without verification, up to a maximum lifetime transaction volume. In doing so, they often take a significant risk of breaking the lifeline of regulators’ trust.
Is It Safe to Give Low-Volume Fraud a Free Pass?
The common tactic of skipping KYC and AML checkpoints, as described above, entails inherent risks, which perhaps weren’t as deliberated as they should have been. Apart from raising the eyebrows of the regulators, it leaves an open door for happy fraudsters. Fraud absolutely occurs at these low volumes in countless creative ways. A key to understanding the magnitude of low-volume fraud and money laundering lies in bracing one’s technology against a user who maliciously performs multiple transactions under the disguise of several different, allegedly unrelated, entities.
A nearly effortless way to skirt the maximum lifetime volume model is called Structuring: Fraudsters simply create multiple accounts at a single exchange to filter their dirty dollars or tokens through, and all will eventually point at the same destination wallet. Without proper KYC procedures, fraudsters will easily perform this type of attack without being noticed. Because of unfortunate data breaches of the last decade, attackers currently have access to so much compromised personal data, that they easily undertake massive attacks, by stacking up thousands of low-volume orders under different, allegedly unrelated, fabricated or stolen identities.
Co founder and CEO, Simplex
Data breaches gave a healthy push to the booming industry of commoditizing stolen identities. Attackers find it increasingly simple to buy bulks of stolen personal info, which can be used very quickly in order to impersonate a legitimate user, or to design a well-orchestrated social engineering attack, tailored to the taste of the victim.
Armed with rich stolen personal data, fraudsters perfected a common trick called Smurfing: instead of the same person creating multiple accounts they use a single broker, with money laundering completed by using it to make multiple transactions to unsuspecting individuals who don’t know they’ve helped the fraudster diversify. When “smurfs” and money-mules are recruited to the aid of the fraudster, detecting illegitimate activity becomes even trickier, because the innocent “smurfs” do not exhibit malicious indicators. North America and EMEA are equally prone to the risk of social engineering, with dozens of fake websites going live on a daily basis to lure in unsuspecting “smurfs”.
Structuring, Smurfing and many other less known schemes make it easy for fraudsters to exploit the naïve approach of organizations who assume that fraud and money laundering doesn’t occur in low amount transactions. Most cryptocurrency brokers don’t have the technology to determine if any bad actors are floating around in their ecosystems, and this corner-cutting represents a big problem ahead of the rollout of Europe’s fifth anti money laundering directive—or 5AMLD.
The KYC Bar is Higher in 2020
Come January 2020, brokers will need to take additional measures to prevent money laundering by acting to promote transparency, sharing of information, and . That means applying KYC practices to all transactions, no exceptions, and investing in the technology that makes these identification verification and data sharing processes less of a burden on user experience.
All cryptocurrencies themselves are considered “obliged entities” under 5AMLD, leaving no room to escape the stringent KYC requirements imposed by regulators. Brokers with noncompliant practices or an absence of KYC technology to attain compliance will soon need to make a big push if they want to do business in Europe, and in the young crypto sector the scramble to compliance is nearly audible.
Even today, before 5AMLD goes into full effect, regulators are looking at the full flow of user experience. Each and every checkpoint that the user goes through is often perceived as liable by the regulators, be it exchange, broker or payment platform. Sanctions by regulators in case of money laundering become a financial risk in the form of fines, but also a business risk, when regulators decide to limit or ban an exchange from catering to significant regions.
Falling in Line Ahead of 5AMLD
Brokers and exchanges, who were eager to jump into the crypto goldrush, may now feel unfairly bogged down by the new standards and tempted to neglect 5AMLD rules. The globality of blockchain makes this kind of cavalier operation possible, but not recommended, as KYC failures also detract from brokers’ ability to avoid clients with specific nationalities. Proof that enforcement is in effect comes in the form of fines which , as well.
Practically, there are all the reasons in the world for a broker or exchange to begin integrating more sophisticated KYC, not the least of which being that unification in this regard will help build a secure base for mainstream adoption and retail crypto use. The KYC solutions to lean on are numbered, though wallets and exchanges working with Simplex enjoy its high standards, advanced KYC processes.
Crypto Evolution Comes from Within
At amid record and EU regulators, cryptocurrency industry stakeholders are shaking off the mentality of the last decade and preparing themselves for a new regulatory climate. Brokers are already educating themselves to an impressive degree on what the new situation means for them realistically, the types of fraud being proliferated by savvy culprits, and how to deploy the tools they’ve found to deal with KYC and AML needs.
Though they may not be the most attractive selling point with retail users, this is a pivotal moment for the entire industry, making the collective upkeep of good faith anti-fraud practices vital for the future. If all goes according to plan, the crypto companies that get the recipe right will find an even greater foothold that’s much harder to shake when the market really starts to stir.
Be First to Comment