Know Your Customer (KYC)

banner-layer2.jpg
atm2.jpg
cover_372_720-630.jpg
networks-20110202.jpg
banner-layer2.jpg
atm2.jpg
cover_372_720-630.jpg
networks-20110202.jpg
sold out

Know Your Customer (KYC)

0.00

What is KYC?


KYC stands for “know your customer”. It consists of a set of procedures and documentation, to know the customer with whom you plan to do any sort of business. It is mandated by strict government regulations globally for financial institutions.

In the USA, after the Patriot Act, banks and other financial institutions are required by force of Law to properly identify their clients, their sources of income and their transaction patterns.

This is done to stop usage of banking channels for criminal activities - especially fraud, illicit purchasing, and terrorism. Good KYC prevents crime and saves lives. 

Although, banks invest a lot in performing KYC procedures (estimated at around 25% of their budget), is justified as strict regulatory actions can be taken against them by government if they are found to hold or transfer money which has an illegal source or is used for illegal purposes.

 

Add To Cart

What is KYC?

KYC stands for “know your customer”. It consists of a set of procedures and documentation, to know the customer with whom you plan to do any sort of business. It is mandated by strict government regulations globally for financial institutions. 

In the USA, after the Patriot Act, banks and other financial institutions are required by force of Law to properly identify their clients, their sources of income and their transaction patterns. 

This is done to stop usage of banking channels for criminal activities - especially fraud, illicit purchasing, and terrorism. Good KYC prevents crime and saves lives. 

Although, banks invest a lot in performing KYC procedures (estimated at around 25% of their budget), is justified as strict regulatory actions can be taken against them by government if they are found to hold or transfer money which has an illegal source or is used for illegal purposes.

Blockchain technology

Blockchain technology is based on the architectural concept of a distributed ledger. Several independent network nodes verify and reach a collective mathematically enforced agreement before any data committed and shared across the network.

This decentralization of key records makes tempering of record almost impossible without the network detecting the change. This ensures transparency and eliminates conflicts arising from the influence of third parties with political or finanical motive. The data is consistently validated due to the decentralized architecture and can be accessed when needed.

This eliminates unnecessary intermediaries - drastically reducing the cost of KYC. Assets in blockchain technology are held on the decentralized ledger and are locked to verified identities rather to sureties provided by unknown organisations which act as middlemen.

General Requirements

Role based participation - allow users of different roles to query or update different attributes of a record.
Roles:
•    Consumers
•    Bankers
•    Regulators
•    Government Authorities

User Story

Consumer wants to open a bank account and brings the documents needed for KYC procedure to the branch. The documents are verified, originals sighted and scanned. As there is no record for the consumer in the global KYC database the data and images are uploaded, the record is created and the consumer is given a key to his record. Retail Bank now has read only access to the identity record and write access to update consumer's risk profile.

User Story

Consumer wants to apply for a mortgage and Mortgage Bank requires a subset of identity data the consumer already has in the global KYC database. Consumer fills out an application on Mortgage Bank's website and invokes a procedure similar to third pary login with which opens a window hosted by the KYC server prompting consumer which attributes of his record to share with Mortgage Bank. Consumer inputs his key and selects only the ones needed for his mortgage application and allows to share the data. Mortgage Bank now has read only access to the record; this fact is recorded on the ledger.

User Story

Regulator queries the ledger to check if Mortgage Bank followed KYC procedures for Consumer.
User Story Retail bank sees unusual activity in consumer's account and updates consumer's record in the KYC database with a risk flag.

User Story

Consumer refinances his mortgage: he applies on another mortgage bank's website, allows to share his identity data and at the same time revokes the access by the original Mortgage Bank.

User Story

Consumer asks Government Authority to verify and stamp an individual document uploaded to the KYC database as valid. Authority has write access to add an attribute marking this particular document as valid. Authority verifies the document against their own database.

User Story

Regulator creates requirements for an identity record to bear a stamp of approval: a certain number of documents need to be stamped by Authorities. Consumers can build up reputation by having their KYC record endorsed by trusted parties.

Why a distributed private ledger?

When it comes to KYC checks, such a solution is useful because:
•    It is more secure: If we are going to entrust the banking system with our KYC information (which we already do), we should transfer that information as securely and privately as possible. Arguably, blockchains can (but not without expertise) have better security protocols than a traditional database
•    The transfer of this information should be audit-able and in accordance with law. We should be able to hold actors on the network accountable (for defrauding shareholders or bondholders in a debt or equity financing situation, for example).
•    It is immutable: All records cannot be changed.
•    It is redundant: A failure at one point does not mean a system-wide failure
•    It helps to reach consensus and avoid “double identity” or “double spend:” When dealing with identity, there can be only one instance. Sharing a distributed ledger helps prevent one legal entity or individual having multiple identities.
•    It allows for better integration across applications: Open-source blockchain solutions are a longer lasting platform to build on than a traditional SQL database controlled by a single corporation.
•    It is outside the complete control of any one entity: Distributed ledgers can be designed to stave off the hostile or negligent actions of a single or even large groups of malicious actors

A ledger has advantages over a traditional database, as there is redundancy, there is not “one silo” and it is immutable. Finally, DeOS is a good fit as it is open source and also outside the control of any one entity (enterprise, government or otherwise).
 

KYC Today

Currently, KYC is kept in different silos — each company maintains its own due diligence on customers. KYC, or Know Your Customer, has become a bane to regulated businesses in many industries, due to increased costs incurred from the collection and maintenance of customers’ due diligence materials. Essentially, these institutions must collect (and later, if audited, prove to regulators that they have sufficiently collected) documents that show that their customers satisfy the following three criteria: Proof of identity, proof of address, and proof of wealth. 

The exact standards for these documents are less important, and they vary slightly according to different jurisdictions.

They are:
1.    Proof of identity: Usually, a passport or government-issued ID, which should be certified or displayed in person. (First Flag of Flag Theory: Citizenship)
2.   Proof of residency: Usually, a utility bill or address that clearly lists the customer’s name and is current within 60 days (Second Flag of Flag Theory: Residency)
3.   Proof of wealth: Letter of recommendation from a banker, accountant or lawyer who knows your financial affairs and can certify that your wealth was acquired by legitimate means. (Third Flag of Flag Theory: Banking)

For a company, the following are usually requested for KYC purposes:
 
Standard Charter Requirements for KYC on company:
•    Certificate of Incorporation
•    Memorandum and Articles of Association
•    Directors list
•    Registered Agent
•    Registered Address
•    Utility bill for operating address
•    KYC for signatories and UBO over 10 percent and above of the registered shares
•    KYC for any company that is a shareholder

Although these documents are more involved, we can perform the initial due diligence and then add the company to the blockchain in the same way. Furthermore, we can fast-track the KYC process of the natural persons who are shareholders of the entity.

For such individuals, since they have joined the network, future KYC checks would not be as painful anymore. There are a number of reasons for this — the first and foremost being that we have a unified ledger to reach consensus, and the second being that such individuals will no longer have to go through the entire KYC process from step one again.

The KYC process currently involves in-person interviews, as well as collecting and analyzing paper documents. Most — though crucially, not all —of the time, certifications and notarizations must be done in person. However, new laws and technology are allowing breakthroughs in this area, such as bills SB 827 and HB 2318 passed by the U.S state of Virginia. 

Listed below are some ways in which individual institutions can gain an advantage over their competitors when facilitating KYC onboarding within a blockchain. The examples listed seek to make KYC collection easier. A major increase in reliability is accompanied by a an equally significant reduction in cost as firms move from independent silos to a shared permissioned ledger.

The following are ways in which we can use existing technology to alleviate pain involved in collecting and analyzing the due diligence documents needed in most jurisdictions.

Proof of Identity: We can use different systems to satisfy this criterion. I suggest using video, as proof of identity is harder to fake when doing so than with a picture that is uploaded or scanned. We can also potentially use other systems if a higher level of authentication is needed. In the U.S., Europe and other regions that require this, knowledge-based authentication (KBA) can be utilized to provide an additional layer of verification. However, the quickest and easiest way to get authenticated is to use a public notary.

Proof of Address: This criterion can be satisfied by the individual typing in his address, which is then cross-referenced with his utility bill. We could then cross-refer his IP address or browser heading with the stated address or utility bill. Eventually, we may be able to use a webhook or API provided by the utility company to gather the data directly. This would be particularly useful when it comes to utility bills that are issued in a foreign language, as such documents currently require a certified translation.

Most importantly, we can be assured of not only the existence of these due diligence documents, but also their ongoing veracity. Currently, individuals or companies are required to submit these documents each time they open a new account, and banks and other financial institutions have no knowledge of account closures or adverse actions taken against the individual or company. However, with a blockchain, we can have a shared ledger to write and read, and financial institutions can then easily verify a client’s bankability.

KYC with Privacy

DeOS is a permissioned blockchain for KYC’ed individuals.  A system that allows users to get KYC-verified just once, with their information being available from inception onwards The high availability and resilience of decentralized systems mean all parties save time while minimizing risk in real-time. A key aspect of DeOS is users may choose to easily prove they are who they say they are, but in a way that is private.

Pain Points

Currently, each bank has its own independent silo of customer information, and while they can refer to other databases, there is not a unified, shared agreement on the status of identities. A global blockchain achieves a network effect through controlled shared information. This helps prevent fraud, costs in repeated KYC checks throughout the industry, which is a “regulatory requirement” rather than a brand benefit to the customer.

Currently, KYC information is not easily shared between parties, and oftentimes consumers and businesses revert to unencrypted email (which is one of the least secure way to transfer sensitive information). Even a single company adopting an end-to-end encryption, hashing and watermarking system on a permissioned ledger would enjoy privacy benefits in a world that is lacking such elementary protections.

Capital markets

Currently, KYC checks must be performed on companies in a capital market, and whether a company will offer debt or equity is of little consequence. In this section, I will briefly discuss two very common options for financing within capital markets: Equity financing (through the sale of shares), and debt financing (through corporate bonds). I will also lay out the advantages to be gained from blockchain technology integrated with DeOS.

Equity Financing

Equity financing in most jurisdictions require the firm conduct due diligence and perform KYC checks on the individual or company buying shares.

While there are several companies that work on clearing and settlement of bonds and equity, DeOS will integrate with any chosen KYC provider, allowing participants to easily add their KYC to their account, and then referencing that when necessary.. By utilizing smart contracts or even traditional legal documents, we can refer to the verified entity on the DeOS blockchain and have confidence that KYC checks have already been performed successfully by qualified and authorised professionals.

Debt Financing

Debt instruments are currently very difficult to transfer. DeOS is an excellent solution for settlement, it facilitates identity and ownership of assets. and does all the homework of maintaining the required audit trail. Let’s imagine that a Citbank branch in New York City needs the KYC information on a client of HSBC Hong Kong. The two banks could come to an agreement that HSBC would be the custodian of this information, which would be shared between them instantly.
 
The loan origination documents could reference the file, where it was stored, when it was verified, and even who at Citibank had performed the KYC check. As the company has one set of information shared between banks, we would update the DeOS blockchain to reference the loan.
 
In some instances, Citibank may be required by regulators to maintain their own KYC information on a client. We would therefore need to transfer the actual KYC documents (such as articles of association, certificate of incumbency), rather than a reference. Citibank would make a request to the HSBC system for the data. They would also send their public key with the request, so the files can be signed authorised to Citibank in an encrypted fashion, which makes the process safer.

This is the built solution, where we can utilize DeOS Decentralized Storage and smart(er) contracts to gain time and cost advantages.


The KYC system can also act as an input to a global credit system to access risk across verticals, demographics, and regions. 


DeOS Platform provides KYC

  •  (1) specifically for companies,
  • (2) In accordance with existing KYC laws and regulations, and
  • (3) In a way that enables debt and equity financing in capital markets