Bitcoin and other cryptocurrencies continue to gain ground as investors buy in, looking for high returns, and as acceptance of it as payment takes hold. However, with such growth come risks and challenges that fall firmly under the compliance umbrella and must be addressed in a proactive, rather than reactive, manner.
Cryptocurrency Challenges
One of the greatest challenges faced by the cryptocurrency industry is its volatility and the fact that the cryptocurrency markets are, unlike mainstream currency markets, a social construct. Just as significantly, all cryptocurrency business is conducted via the internet, placing certain obstacles in the path of documentation. The online nature of cryptocurrency leads many, especially regulators, to remain dubious of its legitimacy and suspicious that it is used primarily for nefarious purposes, such as money-laundering and drug trafficking, to name a few.
This leaves companies that have delved into cryptocurrency with an onerous task: building trust among regulators and customers alike, with the ultimate goal of fostering cryptocurrency’s survival. From a regulatory standpoint, building trust around cryptocurrency involves not only setting policies and procedures pertaining to the vetting of customers and the handling of cryptocurrency transactions and trades, but also leveraging technology to document and communicate them to the appropriate parties. Earning regulators’ trust also means keeping meticulous records rendered legally defensible by technology. Such records should detail which procedures for vetting customers were followed; when, by whom and in what jurisdiction the vetting took place; and what information was shared with customers at every step of their journey.
On the customer side, records must document the terms of all transactions and the messages conveyed to customers throughout their journey. Records of what customers were told regarding how a company handles its cryptocurrency transactions and any measures it takes to ensure the legitimacy of activities connected with transactions should be maintained as well.
Once regulators are made privy to detailed records, they will become more confident in the legitimacy of individual companies’ cryptocurrency activities. They will trust that companies are acting in good faith and will be easily able to differentiate good actors from bad actors, based on the transparency of records and the lack of opacity with regard to revealing information. The same will be true of customers, increasing their inclination to invest their funds in cryptocurrency rather than using their funds for other purposes.
Beyond Recordkeeping
While meticulous recordkeeping and a lack of opacity will go a long way toward reducing some of the risk inherent in cryptocurrency dealings, compliance departments must also grapple with regulatory issues. Notably, money services businesses — among them, financial institutions — are required to comply with regulations and laws set forth in the Bank Secrecy Act of 1970. This includes Anti-Money Laundering (AML) requirements and Know Your Customer (KYC) rules.
The procedures mandated within AML requirements and KYC rules are intended to afford financial institutions and similar entities an enhanced knowledge and understanding of their customers in general, as well as of those clients’ financial activities. Thus, they are rather complex, involving not only the collection and analysis of basic identification data, but a search for known nefarious actors by name-matching against lists of known parties. These procedures also entail deeper examination to determine individuals’ propensity to commit money laundering, engage in identity theft for the purpose of supporting nefarious activities funded by cryptocurrency or utilize cryptocurrency to finance terrorist activities.
Not surprisingly, completing the steps needed to remain in compliance with AML requirements and KYC rules is a time-consuming endeavor. At best, the process spans two to three days, but it often takes a week before all the boxes can be checked off. However, cryptocurrency is a volatile instrument whose price can change drastically from one day to another as compliance departments work through AML and KYC procedures. Should prices move in the wrong direction, companies will encounter frustration, anger and other negative reactions from potential customers, placing companies in jeopardy of losing these individuals’ business.
Just as solutions harnessed for recordkeeping help to build regulator and customer trust in the cryptocurrency market, technology can play a role in overcoming some AML- and KYC- related challenges. Solutions that automate the procedures mandated under AML requirements and KYC rules hasten the completion of necessary investigations and follow-up, thereby reducing the likelihood of losing customers. They also support more thorough investigations than would otherwise be feasible, bringing to light important information (e.g., patterns of activity that indicate possible plans to use cryptocurrency toward a less-than-scrupulous end) while simultaneously reducing costs.
Additionally, the technology enables companies to keep more detailed accounts of steps taken to investigate their prospective cryptocurrency customers as prescribed by AML requirements and KYC rules. With comprehensive records in hand, it is easier to build a robust legal defense in court, should the need arise. Ready access to comprehensive records that can be shared with regulators and will doubtless increase their trust also bodes well for companies.
In fact, the combined advantages of solutions for automating AML and KYC compliance render the solutions worthy of over-investment. It is even possible that the latter could allow players in the cryptocurrency industry to become better at compliance than their counterparts in the mainstream financial services market.
Cryptocurrency and the cryptocurrency market do not enjoy a guarantee of support equal to that given to mainstream financial institutions. It is incumbent upon companies and their compliance officers to act as exemplars of best practices (i.e., engendering trust, exercising proper governance and leveraging technology along the way) for the good of the cryptocurrency industry now and in the future.
Kevin Gibson is CEO & Chairman of 
