June 10th, 2022
“Know Your Customer” or KYC is a common term in the crypto and blockchain space. The term KYC comes from the financial industry and the intersection of the blockchain with governments and legal systems.
KYC standards were put into place to protect against fraud, money laundering, corruption, and the financing of terrorist organizations. Financial institutions in certain jurisdictions are required to “know their customers”, meaning that they must solicit proof of a person’s identity as part of the account creation process.
By performing KYC processes, an organization manages its risk of being involved in criminal activity. The visibility that KYC provides makes it possible for institutions to gain visibility into illegal flows of money (bribery, etc.) and to refuse service to terrorist organizations.
The original goal of blockchain and crypto is to provide an alternative to traditional, centralized financial systems. Bitcoin was created as a decentralized financial system that would hopefully evade the risks associated with banks making risky financial decisions.
Cryptocurrency exchanges and similar organizations perform many of the same roles as traditional financial institutions. As a result, they are subject to the same regulations and requirements where those regulations exist.
Over a dozen countries have KYC regulations designed to protect against fraudulent and illegal financial activity. Cryptocurrency exchanges and other organizations located in those countries or providing services to their citizens are subject to these KYC regulations as well.
Blockchain technology is designed to be pseudonymous, and KYC provides most of the visibility used to identify the perpetrators of attacks and other illegal activities on the blockchain. For example, if a DeFi hacker cashes out using a cryptocurrency exchange — without using Tornado Cash or another obfuscation service first — it may be possible to learn the real-world identity of the attacker. Similarly, law enforcement has a history of using KYC to identify criminals using cryptocurrency, such as the actors behind ransomware attacks.
KYC provides insight into the identify of blockchain users, but this visibility is limited. KYC is only required when creating an account with a cryptocurrency exchange that complies with applicable regulations.
Some of the ways in which a blockchain user could evade KYC include:
KYC is a result of the theoretical anonymity of blockchain and crypto meeting the real-world limitations of laws and regulations. KYC provides a certain level of visibility into actors on the blockchain, but this visibility is imperfect and can be evaded by criminal actors.