Crypto and compliance - what's shaking?

Cryptocurrencies have increasingly become mainstream. Despite that, until recently the world of crypto has been largely unregulated and it's been down to individual providers to take the lead in terms of KYC good conduct. So, what's changing around crypto and compliance?

The rise and rise of crypto

When Bitcoin launched in 2009, it was the only cryptocurrency on the market. Over subsequent years, various cryptocurrencies headed on to the world stage and exchanges became more accessible to the public at large. 

Despite recent turbulence, the global cryptocurrency market is currently worth $1.65 trillion, which is a big chunk of change.

Crypto is now becoming more and more mainstream. El Salvador has made Bitcoin legal tender, Miami Mayor, Francis Suarez, recently announced he would take his next paycheck in Bitcoin and plans to pay his employees in cryptocurrency. He also has plans for residents to pay fees and taxes in Bitcoin. 

In 2020 and 2021, the number of unique crypto wallets increased at a rate of around 20 million users each year. Additionally, DeFi (decentralised finance – financial services that are built on public blockchains) is gaining in popularity. 

Back in October 2021, the Eurosystem began investigation into the introduction of a digital euro: electronic money issued by the central bank (different from cryptos as it would be guaranteed by the state). 

And in the UK, around 2.3 million people are now thought to own a crypto asset.

However, as more people have started to invest in cryptocurrencies, fraudsters have taken this as an opportunity to join the game. The threat landscape has changed, with consumers being increasingly drawn to riskier markets - new businesses and products have sprung up in response, but so have new criminal enterprises - capitalising on weaknesses in the system. 

Sadly, cryptocurrencies are widely used for money laundering and terrorist financing, as well as being used as a means to hide income from the tax authorities. This is causing regulatory change, so what's new with crypto and compliance?

Moves towards compliance

Until recently, cryptocurrency was basically an unregulated area of financial services. There have been exchanges and providers that have acted as though they were regulated, taking anti-money laundering (AML) responsibilities seriously, but that hasn’t necessarily been because it was mandated. 

Back in March 2021, the UK’s Financial Conduct Authority (FCA) added crypto companies to the list of businesses required to submit a financial crime report. The new rules apply to cryptocurrency exchanges and custodial wallet providers. 

Since January 2020, any businesses undertaking crypto-asset activity in the UK needed to be compliant with the Money Laundering, Terrorist Financing and Transfer of Funds, including registering with the FCA. 

In 2021, The Commodity Futures Trading Commission (CFTC) issued an order filing and settling charges against digital asset exchange operator Coinbase Inc for “reckless, false, misleading, or inaccurate reporting”. And Coinbase was ordered to pay a civil monetary penalty of $6.5 million. 

Currently in the United States, any FinCEN (Financial Crimes Enforcement Network) cryptocurrency exchanges are required to carry out Know Your Customer (KYC) checks on new applications and use effective AML controls. And in the European Union (EU), a special regime is being proposed through MiCA (Markets in Crypto Assets (MiCA) regulation. When the regime is adopted, only licensed providers will be allowed to offer cryptocurrency and operate crypto exchanges in the EU. 

The UK government is also planning to bring the promotion of crypto assets within the scope of financial promotions legislation and subject to FCA rules – bringing it in line with the same standards applied to other financial products such as stocks, shares, and insurance. 

Compliance conduct in crypto

Despite the fragmented nature of regulation surrounding cryptocurrencies, some crypto firms have voluntarily acted as though they were regulated when it comes to KYC and AML activity. 

Diginex’s EQUOS exchange combines financial technology and traditional finance features to create a new standard for crypto investing. Diginex has partnered with PassFort, now a Moody’s Analytics company, since December 2019, using its risk and compliance solutions for onboarding and ongoing risk monitoring of its customers. 

Global blockchain company, BitPay, enables businesses to accept cryptocurrency payments globally for ecommerce goods and services or cross-border transactions while receiving settlements in fiat currency. BitPay has been working with PassFort for more than two years to carry out its KYC and risk monitoring activity. 

The future of crypto compliance

Cryptocurrency’s journey so far has been marked by successes, swings in fortune but also scams and scandals. Experts have predicted that the next decade will “bring an explosion of low-cost, high-speed payments that will transform value exchange the way the internet transformed information exchange”. 

Looking ahead, the US Securities and Exchange Commission (SEC) has proposed new rules that could bring more digital asset exchanges under its remit. The Financial Times reports that sector experts believe the industry might fall under an expanded SEC definition of an “exchange”, possibly aimed at capturing platforms trading securities that lie outside the agency’s scope.

One of the key problems right now is that individual countries and regions take very different approaches to regulation and dealing with issues related to cryptocurrency. This is a particular challenge, as many crypto service providers operate across borders. 

To that end, the International Monetary Fund (IMF) has proposed a global regulatory framework, which includes licensed crypto-asset service providers, capital and liquidity requirements and limits on exposure. It suggests, providing a “comprehensive and coordinated approach to managing risks to financial stability and market conduct that can be consistently applied across jurisdictions, while minimizing the potential for regulatory arbitrage, or moving activity to jurisdictions with easier requirements.” 

Wider institutional adoption and regulation means the future (and value) of cryptocurrencies will look very different in the years to come. Until then, much of the onus for good conduct in compliance will remain on the exchanges and providers themselves.

Get in touch

PassFort is a SaaS RegTech solution used by crypto companies and other financial institutions to automate KYC and AML processes. Onboarding checks and ongoing risk monitoring are digitally executed and workflows can be tailored for any product, jurisdiction or customer journey.

If you are reviewing your approach to KYC, please get in touch - we would love to hear from you!