The global cryptocurrency regulatory landscape has evolved rapidly in recent years, and this rapid pace of regulatory rulemaking is unlikely to slow down anytime soon. Regulators are increasingly shifting their focus from centralized cryptocurrency exchanges to decentralized finance (DeFi) protocols and applications (dApps).
The adoption of MICA legislation in the EU is already putting pressure on DeFi companies to start KYCing their users due to the fact that only “truly decentralized” projects are exempt from MICA while in reality most DeFi applications are ultimately controlled by an organization or individual. Additionally, the European Commission has set a deadline of the end of 2024 to produce its full report on risks and recommendations for DeFI. In the US, the SEC has launched an enforcement action against the world’s largest DEX, Uniswap.
You read Long and Short Cryptocurrenciesour weekly newsletter containing information, news and analysis aimed at the professional investor. register here to receive it in your mailbox every Wednesday.
As the number of DeFi participants grows (as illustrated in the chart below), regulators are increasingly focusing on the DeFi space. While the exact nature of future legislation remains uncertain, it is safe to assume that the basic principles of anti-money laundering (AML) and know-your-customer (KYC) will become applicable to DeFi.
Regulated institutions typically follow a standardized KYC framework to meet their regulatory requirements:
- Establish customer identity by documentary or non-documentary means (Customer Identification Program/CIP).
- Assess client risk by analyzing sanctions, politically exposed persons (PEPs), unfavorable media lists, client occupation, anticipated activity, etc.
- Continuous monitoring for subsequent inclusion on AML watch lists, adverse media lists, activity spikes, etc.
Currently, the three-step KYC process is repeated at every institution where a person holds an account. This requires individuals to submit the same documents and information multiple times. Since opening a new bank account is not a frequent activity, the inconvenience of repeated KYC is generally not felt acutely by customers. In DeFi, however, a person can interact with ten or fifteen protocols per day. Requiring individuals to complete KYC multiple times causes frustration and turns DeFi into a digital version of the traditional financial system.
There is an alternative: portable KYC.
DApps now have a unique opportunity to implement this approach, both in the current, largely unregulated environment, and in the future, when DeFi-specific AML/KYC regulations are adopted. In an unregulated environment, public blockchain technology allows users to submit their identity documents, have their names checked against AML watchlists, have their on-chain activity analyzed for AML risks, and store proof of each check in their wallet. Users can then interact with permissioned dApps, whose smart contracts can filter out those that have not passed KYC checks.
This method is beneficial for individuals, who do not need to go through the friction of repeatedly submitting documents. It also offers significant benefits to dApps, ensuring they do not run the risk of violating sanctions and money laundering rules, while saving money on compliance staff and systems and providing resistance to Sybil attacks.
DApps subject to AML/KYC regulations can use portable KYC to meet certain aspects of their regulatory obligations in the same way as unregulated dApps. However, regulated dApps will need full access to their customers’ underlying documentation to make onboarding decisions. While customer documentation cannot be stored on a public blockchain, regulated entities are permitted to use service providers to help them meet their AML/KYC obligations. Therefore, portable KYC service providers can store and transmit customer documentation to the entity, allowing it to decide whether or not to onboard the user.
The upcoming shift towards regulated DeFi protocols underscores the need for innovative compliance solutions. Portable KYC offers a practical approach to balance user convenience and regulatory requirements, allowing dApps to reduce compliance costs and mitigate risks. By preparing now, DeFi organizations can ensure a smooth transition to a more regulated future, fostering trust and resilience within the ecosystem.
Note: The opinions expressed in this column are those of the author and do not necessarily reflect those of CoinDesk, Inc. or its owners and affiliates.
This story was originally published on Coindesk
