Capitalizing on Cryptocurrency: Tips for Protecting Against Fraud, Minimizing Risk and Maintaining Compliance
By Gervasio Tirigall, GBG Americas
While there’s no denying that cryptocurrency has been volatile over the years, its global adoption and popularity are on the rise. Consequently, we’ve seen an increase in cryptocurrency regulations aimed at preventing related criminal activities, such as money laundering and terrorist financing.
With any market, growth and value can be unpredictable and cryptocurrencies are no different. However, even with the volatility, the future for digital currencies has immense potential.
COVID-19 played a significant role in accelerating the move toward a cashless society which, despite the many conveniences, a world without cash can be seen as a negative when it comes to financial inclusion. However, as more companies and governments back cryptocurrencies, including the expansion of digital wallets and decentralized finance (DeFi), they are making strides toward financial inclusion by removing the barriers tied to bank accounts, especially for the underbanked and unbanked.
As governments evaluate the risk that comes with cryptocurrency, new widespread industry AML sanctions and regulations have been introduced to ensure more secure and regulated transactions. Some of the recent legislation that crypto exchanges, financial institutions and other players in the industry must comply with include:
Guidelines from the Office of the Comptroller of the Currency (OCC). In the US, the OCC introduced new guidelines that enable banks and other financial institutions involved with cryptocurrency to use new technologies to perform acceptable payment activities and services, meaning that a bank may use stablecoins (cryptocurrencies designed to minimize the price volatility) to facilitate payment transactions for customers. This is a big step forward and opens the door for banks to use INVNs and stablecoins to transfer funds between financial institutions faster, without the need of a government intermediary.
The 6th Anti-Money Laundering Directive (6AMLD). The 6AMLD is part of European efforts for significantly stronger AML measures to prevent fraud and money laundering. It includes the use of virtual currencies, with stricter and more defined measures that will include the expansion of penalties to more parties and harsher penalties.
Financial Crimes Enforcement Network (FinCEN). The U.S. Treasury Department proposed new KYC requirements that would require detailed identifying information of users to be provided to the FinCEN for transactions over $10,000 for an individual moving currency from a crypto exchange to a private or self-hosted digital wallet. This proposed rule is facing pushback for the extra amount of work it will cause users and exchanges when transacting, and for the extra personal information that will be gathered and shared.
FATF Recommendations. The recommendations require that virtual asset service providers, such as crypto exchanges, collect and share beneficiary and recipient transaction data with each other for transmittals over $1,000. Known colloquially as the FATF Travel Rule, the non-binding guidance was adopted during June 2019 by the FATF in its Risk-based Approach to Virtual Assets and Virtual Asset Service Providers.
Solving Crypto Complexities with Identity Verification: What to Look For
As the cryptocurrency landscape continues to rapidly evolve, organizations of all sizes must determine how to capitalize on its benefits while also deterring illicit activity, safeguarding reputations, ensuring compliance with regulatory agencies and minimizing risk. Gaining a holistic view is essential but can be difficult, especially where lines of business are siloed, systems are fragmented and processes are inconsistent – leading to greater risk and higher overall costs.
While the right solution can streamline workflows and provide seamless visibility into hidden crypto risks, identifying the best option can be difficult. Following are tips for finding an identity verification solution to solve crypto complexities, from performing customer due diligence and identifying high-risk customers to monitoring transactions and maintaining AML compliance.
- Take a Risk-Based Approach. Choose a solution that allows for a dynamic assessment of the risk the business takes on when onboarding new clients, applying friction when its needed. This includes proper identity verification techniques. Many platforms today offer a robust orchestration layer that helps create a flow of identification and validation checkpoints and are adjustable depending on the perceived risk of the customer being onboarded.
- Incorporate a Variety of Identity Verification Technologies. Choose a platform that includes data-centric validation, document verification and biometrics, risk analysis and proper orchestration across these technologies. Keep in mind the depth of coverage based on the type of customers (individual or institutional) and regions or jurisdictions that need to be covered. These solutions can be layered to increase assurance for high risk transactions.
- Account for Integrated Sanctions/PEP Screening. The sanctions landscape is dynamic, as underscored by the importance of sanctions during the Russian invasion of Ukraine. Thus, integrating sanctions/PEP screening into the KYC and the monitoring process is essential. Look for a solution that regularly maintains and updates its sanction and watch lists.
- Analyze Blockchain Risk. When dealing with crypto users and addresses, it’s important to utilize blockchains analysis tools that focus on the virtual currencies in use.
- Consider Transaction Monitoring. Depending on the nature of the business, a transaction monitoring system that leverages KYC, sanctions/PEP screening and blockchain analysis may be required. Consider an enterprise transaction monitoring system that allows for both real-time fraud detection and detection of suspicious activities based on customer behavior. This can be critical in identifying suspicious behavior, fraud rings and money laundering.
- Evaluate the Need for Case Management Capabilities. Depending on the nature and size of the business a case management capability may be necessary to keep track of investigations, escalations and bonus points if it is integrated into a regulatory reporting capability like for example, automated SAR filing features. These can be very handy as your compliance and risk managers will need to file reports with regulators.
- Enhance Due Diligence. An effective AML program should cover all the bases with a solution that offers ongoing evaluation of the risk being held across the customer portfolio. This includes Adverse Media, which is now a regulatory requirement in some countries, for ongoing reputational assessment of a customer base.
- Don’t Forget About Integration. Last but not least, integration, sometimes an afterthought in the selection the integration of an AML solution could be a deal breaker. A single API with a full suite AML solution vendor will deliver the most value in getting up and running quickly and allows for future flexibility in the ever changing regulatory and threat landscape.
About the Author:
Gervasio Tirigall is the Director of Product Management for GBG Americas and oversees their Acuant Compliance suite of AML solutions. He is a seasoned product manager and compliance officer in the financial sector including broker dealer, investment banking and insurance with experience developing enterprise-wide systems and delivering high market impact products. With deep knowledge of the regulatory environment surrounding the financial industry, Gervasio has previously worked at Liberty Mutual, Goldman Sachs and LPL Financial.
Banking1 day ago
In-Store, Online & In-App – Unifying Payment Authentication
Top Stories2 days ago
Oil markets steady as investors weigh banking crisis, Russia
Top Stories1 day ago
U.S. mid-tier lenders shares rise in Frankfurt after SVB deal
Technology1 day ago
How technology can help public sector organisations navigate austerity