Join the Community

22,260
Expert opinions
44,236
Total members
382
New members (last 30 days)
183
New opinions (last 30 days)
28,760
Total comments

KYC AND BLOCKCHAIN

Introduction

Know Your Customer (KYC) processes require banks to validate and verify primary documents as part of due diligence. Currently the market is flooded with KYC utilities that help manage these documents and share them with multiple entities. In some cases these utilities may even perform due diligence, but regulations are such that the task of due diligence and investigation is still handled by the client onboarding teams at financial institutions given the business and reputational risks involved. This KYC process can delay business as it can take 30 to 50 days to complete to a satisfactory level.   Global efforts to prevent money laundering and the financing of terrorism are incredibly expensive for financial firms. In 2014 it was estimated that global spending on AML compliance alone amounted to $10 billion. Banks are also coming under pressure from investors and analysts to reduce cost, but many expect the compliance budgets to increase in the coming years rather than to decrease. Banks are also penalized through regulatory fines for failing to follow KYC guidelines.   In such a VUCA world banks are now turning to the blockchain as a possible solution to their KYC challenge. Will blockchain solve their KYC problem or is the blockchain nothing but a proverbial hammer that sees every problem as a nail?

Blockchain- A Blessing for KYC & AML?

Blockchain is "shared global infrastructure that can move value around and represent the ownership of property”. It basically gives people (/ systems) the ability to hold and make transactions as strangers but in a completely transparent manner. There is no central mediator between the parties to the transaction, making it economical and removing a single point of failure/risk. This was the concept used in Bitcoins and digital currencies. Banks and fintechs are now attempting to apply this in other areas such as digital contracts (movement of information), KYC (movement of information / identity), security settlement (movement of custodial positions) etc. The movement of assets (read money, securities, commodities, gold etc.) from one institution (custodian) to another requires that the ledger balances of these assets have to move. For instance in a payment transaction ledger entries need to be passed by the ordering bank, intermediary banks, central clearing houses , beneficiary bank in a tedious and time consuming manner. In the “blockchain for payments use-case” there is already talk that SWIFT is under pressure as it is a messaging platform while distributed ledger based solutions like RIPPLE take care of both messaging and settlement.  While the payments and securities settlement space has seen good progress with blockchain/distributed-ledger based solutions, the KYC & AML space is still in a nascent stage. It is interesting to draw an analogy that the KYC Use Case is also about movement of information /identity and it can involve multiple parties.  Now since the blockchain is an immutable shared ledger of transactions that is maintained by a network of computers, rather than a centralized authority it potentially creates a shared golden source of data and can reduce errors and the need for reconciliation. Hence the thinking goes that blockchain may be of help in the KYC space as well. ? )

Blockchain may come to the aid of banks, and help prove the identity of the customer, with details like source of funds, business interests, history, and also monitor the progress along the way. Every bank and financial institution has to perform the KYC process individually, and upload the validated information and documents to the central registry that stores digitized data tagged to a unique identification number for each customer. By using this reference number, banks can access the stored data to perform due diligence whenever customers request for a new service within the same banking relationship, or from another bank.

 

A blockchain-based registry could remove the duplication of effort in carrying out KYC checks. The ledger could also enable encrypted updates to client details to be distributed to all banks in near real-time. The KYC ledger could also provide a historical record of all documents shared and compliance activities undertaken for each client. This will form the evidence to be provided to the regulators. SWIFT launched the SWIFT KYC Registry in December 2014, and more than 2000 banks have already enrolled with it and it is worth noting that the SWIFT KYC Registry does not use Blockchain and neither does the other large KYC Registry KYC.Com. Maybe in due course these registries may use the Blockchain in a manner where updates are made to the blockchain by various parties (tax authorities, company registries, law enforcement bureaus, media houses, judicial bodies, banks and corporates) and are made available for public consumption as shown in the figure below. But then again there are questions as to who would validate these updates and if a central party needs to validate these changes, then we would be diverging from the raison d'être of the blockchain.

If this has to successfully move onto the blockchain two criteria must be met. First the parties making the updates to the ledger must all be “trusted parties” such as company registries, law enforcement bureaus etc. and second there must already be an international legal entity identifier to ensure that all trusted parties are updating the right record. Finally using some kind of private / hybrid blockchain where a set of parties can update and the rest can “read” off the blockchain, there could be a solution to KYC using the blockchain.

Digital Identity and Digital Signatures

Another aspect related to KYC is Digital Identity and Digital Signatures. Once a corporate has had their documentation verified once, a digital identity could be created for that customer – this is essentially their digital passport for transacting in financial services and would be appended to every transaction they undertake, effectively ‘signing’ the transactions for them. This digital identity could potentially be used to access relevant information about the customer such as addresses, account details, director’s details, PEPs etc. which could be used during AML / transaction monitoring, thus increasing the accuracy of the monitoring and reducing the likelihood for false positives. Taking this further, banks that positively identify a fraudulent transaction could distribute details of that transaction globally to all connected banks, thus preventing the opportunity for further fraud. However, once again, it must be noted that there are Digital signature and Digital identification solutions (not based on blockchain) in the market today and used for signing Contracts , for Tax fillings and for insurance sales. These are “digital signature” solutions and not a holistic digital identity which may contain a lot more information.

This potential model of using a holistic digital identity provides significant benefits over the simple usage of blockchain for KYC, namely:

ü  Enhanced customer experience through only having to submit documentation once, increased security (less opportunity for identity theft), and fewer transactions being flagged as false positives and stalling transaction flows. In due course, a digital identity could be used across many industries, not just for financial transactions

ü  Reduced operational costs for banks through not having to KYC-check every customer (if they’ve already been checked and given a digital identity), and fewer operational staff needed for handling false positives

ü  Increased security through near real-time distribution of updated KYC documentation, verified digital identities, and the opportunity to share, in near real-time, fraudulent transaction details

 

ü  Increased transparency for regulators as both the immutability of the blockchain, and the opportunity for regulators to have nodes on Blockchain networks, support the ability to get a full, transparent audit trail of all transactions

Ultimate Beneficial Owner (UBO which is like a UFO today)

 

UBO refers to the natural person(s) who ultimately owns or controls a customer and/or the person on whose behalf a transaction is being conducted. Banks generally define anyone with a >=25% holding as a UBO. The challenge with tracking UBO data is that it is constantly changing as people / firms buy and sell shares in an entity. Again tracking direct and indirect ownership can also be a challenge, when to escape the 25% rule, investments are broken up. For instance as shown in the figure below it is not immediately clear that Cyprus investments owns more than 25% of CRB Caps ( 0.7 * 24% + 0.90*24% )

 

Tracking UBO data is a conundrum that can be thrown at the Blockchain as this seems closer to the concept of the digital currency with multiple parties making updates ( investments) and the resultant value (%age holding) constantly changing. (Of course just like cash transactions are difficult to track, it can become difficult to track an off-market investment transaction)

Conclusion

Blockchain is all about shared control and not just shared data. Blockchain offers anonymity and security despite the shared control. Is it an Oxymoron that will fail the test of time? Is it a passing fad? Or will a Blockchain-based solution offers a unique set of advantages over the current crop of technology solutions, given its immutable ledger that can be replicated across different nodes and its use of cryptography to convert information to hash codes for secure distribution?  .  The KYC Space is an area of enormous risk and hence investment. Blockchains are being investigated as solutions for this challenge by many a bank and many a fintech and it is not entirely clear how the use case will evolve. Will the Blockchain be used for multiple participants to approve / stamp / update the "central kyc registry" with their validations or will it be a "private blockchain where only the corporate updates its data" or will it be a "hybrid blockchain where the corporate and other market participants like Income tax agency, company registry, exchanges etc." jointly update the "ledger "in real time? Or will the blockchain act as a network to unify / "give a stamp of authority" to the various registries that are already out there (KYC Registries, Skills Registries, National ID Registries , Legal Entity databases etc. ) ?

 

Only time will tell…but meanwhile, as Lewis Caroll says in “Alice Through the Looking Glass” – “Now, here, you see, it takes all the running you can do, to keep in the same place. If you want to get somewhere else, you must run at least twice as fast as that”.  Ergo, many  fintechs and Banks are exploring in the Wonderland of the Blockchain to find answers to many an issue and to help them better manage the VUCA future.

 

 

 

 

 

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

22,260
Expert opinions
44,236
Total members
382
New members (last 30 days)
183
New opinions (last 30 days)
28,760
Total comments

Now Hiring