KYC/AML
Why should we comply?
KYC/AML is good for business
Welcome to Part II of our exploration of the Know Your Client & Anti-Money Laundering (KYC/AML) regulation and its application to the blockchain financial ecosystem. Following my previous introduction article on the Web3 InsurTech Foundation's 8-part KYC/AML for InsurTech framework, I received many comments about why KYC/AML should be applied to the blockchain space.
Fair question; after all, blockchain was founded on the principle of a distributed and trustless platform, which appears to put it at odds with such “centralizing” regulations. This poses an interesting question: Does decentralization mean deregulation? Are these mutually exclusive, or can we seek to understand the lessons of regulations to improve decentralization? If regulations are our codified human experiences, what are thousands of years of global human knowledge teaching us?
Reflect on the following two statistics to put some perspective on the stakes and why we should listen to those voices.
Approximately $5.5 billion in crypto/blockchain funds were stolen from hacks during 2022 and 2023 [1]. Blockchain hacks culminate in failures to secure the “who” the customer is. Hackers can gain elevated access through account takeover or system misconfiguration.
Secondly, as reported by ChainAnalysis [2], over $100 billion has been transferred from illicit accounts to the blockchain from 2019 to 2024. Society-destroying funds from the drug trade, gambling, and terrorism have infiltrated legitimate circulation. We must ensure our customers' actions and use of funds align with our values [3].
Taking that cue to explore further, let's address the “why.” Why do we need KYC/AML regulations for InsurTech? How would it address the two statistics above?
Know Your Client and Anti Money Laundering are the regulated terms used for: Is your customer who they say they are, and are their actions aligned with their words? More nefariously, is your customer a criminal, or does your customer have criminal intent? Naturally, in the distributed and trustless blockchain world, where everyone and everything is an address that interacts with smart contracts, state transitions, and fund transfers, this sounds problematic, or is it? InsurTech, although built on a trustless ecosystem, still provides business services for the betterment of society.
A KYC/AML strategy makes for a good business strategy. Business goals are the same as those of KYC/AML. Every company should seek to understand their customers and their customers’ needs. It should ask, understand, and challenge its customers, as these insights are essential in delivering superior personalized outcomes.
Most customers see a business as a partner in solving a problem, whereas some “customers” know a business as an opportunity to exploit the business’s good nature and ignorance. We think the best of our customers, but we must plan for the worst. KYC/AML outlines safeguards and controls as our first defense to prevent those among us from exploiting our goodwill and best intentions. These safeguards identify and isolate the proverbial wolf in sheep's clothing.
The financial world, and by extension, InsurTech, has an increased responsibility due to the financial fluidity we chase. The better InsurTech becomes, through reduced financial friction, lighter customer touchpoints, and instantaneous gratification, the more it becomes a target. To protect ourselves, leveraging a proven strategy is a prudent business strategy. The most appropriate plan is to start from a known good state and learn from past mistakes to guide the future. KYC/AML is a strategy that makes excellent business sense.
Besides making excellent business strategy, the core answer to WHY rests on a single global truth. Foundationally, governments worldwide, for thousands of years, have influenced society's outcomes through careful regulation to stabilize and protect society (and sometimes themselves) from threats. The undocumented/unreported movement of money (laundering) is generally facilitated to fund illicit activity, most notoriously, terrorism. InsurTech, as an enabler of financial fluidity and raising global standards, upholds these ideals and ensures we serve the betterment of society. Eliminating illicit economic activity and terrorism is a core value of InsurTech and is a cornerstone of KYC/AML.
So, we see that the two worlds of trustless commerce and society’s safeguards are deeply aligned. We see that, foundationally, InsurTech, as a business, needs to know more about its customers to satisfy them and create a better society. Society needs to know that customers and companies act in good faith to enable society to flourish.
The Web3 InsurTech Foundation’s (W3IF) path for KYC/AML establishes a global blueprint that simplifies this critical obligation while ensuring society's values are not overlooked. Through a strong governance practice, the W3IF establishes core infrastructure around how KYC/AML manifests on the blockchain—governance of smart contracts, multi-signature wallets, and smart AI Oracles enabling on-chain and off-chain augmentation.
Now that we have addressed why KYC/AML is suitable for the IncurTech space, I will explore the 8-part framework in the following articles as we unpack its considerations, implementation, and governance.
References
1 - https://www.investopedia.com/news/largest-cryptocurrency-hacks-so-far-year/
2 - https://www.chainalysis.com/blog/money-laundering-cryptocurrency/