AllianceBlock Case Study: Know Your Customer

Nexera Foundation
7 min readFeb 23, 2021

Introduction

Know Your Customer (KYC) is an omnipresent feature of modern life. Want to open a bank account? Using Klarna to spread payments? Open an account at (most) centralized crypto exchanges? Then you will find yourself completing KYC requirements. These checks are designed to prevent money laundering and other illicit activities and aim to stop the illegal flow of money around the world.

KYC is not a ‘nice to have’. Banks that fall foul of KYC and Due Diligence (DD) regulations face huge fines that run into the billions for enabling illegal activities. However, financial institutions also face the large costs of compliance. Maintaining KYC checks is an expensive and resource intensive process. It is also inefficient for both the individual being checked and the firm. Individuals have to go through the same KYC check for each new institution, leaving a larger data footprint each time. Institutions must not only incur the cost of the checks themselves , they also need to safely store the data in a GDPR compliant fashion subsequently.

AllianceBlock aims to solve these issues, by providing a solution that enables institutions to reduce their compliance burden, while still enabling them to meet all of the regulations they must adhere to.

However, it is also an important problem to solve for DeFi. As the space matures, and more participants and institutions begin to utilize DeFi projects and protocols, it is inevitable that some projects will wish to be able to onboard TradFi participants in order to attract more capital. In order to achieve this, one of the most basic building blocks any project will have to incorporate will be KYC and AML.

Our trustless KYC product is a fit not only for TradFi, but also for DeFi. This is part of our vision to build the future of finance by bridging TradFi and DeFi.

Problem

Although KYC laws are now commonplace, their modern incarnation was spurred on by the 9/11 attacks as part of the Patriot Act which required financial institutions to introduce stricter checks to prevent the flow of funds to terrorists. Penalties for banks found to have allowed anti-money laundering activities include the $1.9 billion punishment levied to HSBC for acting as a conduit for “drug kingpins and rogue nations” and the record breaking $9 billion fine handed out to BNP Paribas in 2014 for breaking US sanctions with the likes of Cuba and Sudan.

There are several issues that firms face in adhering to KYC regulations. These include:

  1. The resource intensive nature of a check and the difficulty in ‘re-using’ a completed KYC
  2. Data storage and client privacy
  3. The breadth of regulations globally
  4. The complex nature of financial transactions and obfuscation that many individuals undertake to hide the source of assets

Performing KYC checks

KYC checks require institutions to check identity documents to confirm the individual is who they say they are. The manner of this can take many forms. At its most basic, it may be simply the submission of a passport photo and an address. However, most banks will require more stringent checks, including establishing your place of residence (through the provision of bills or official documents). Certain transactions will require you to provide details as to how you acquired the funds. These checks become more intensive if the transaction is more valuable. For example, an individual purchasing a $150m apartment overseas will face scrutiny over the source of funds, especially if they have any political connections or are from a country that has a higher proportion of money laundering.

Despite the need for one, there does not really exist a central KYC repository which would enable businesses to share information with one another to reduce the number of KYC checks individuals have to undergo. Neither too, can institutions trust another to have performed the checks satisfactorily. As a result, the effort is duplicated. Not only is this effort duplicated externally, but often KYC checks are required across different divisions within the same company.

Data storage and client privacy

This duplication of effort is partially because of the difficulty of storing and sharing data. Recent regulations such as GDPR and MiFID II place a large burden on firms to provide control to individuals over personal data, as well as preventing the transfer of data between, for example, a European firm and an American firm. This means KYC data cannot be shared.

It also means institutions must expend more resources and cost to ensure that all data is stored in a secure manner. Data breaches bring high penalties, costs of after-care, and unwanted negative press.

Breadth of regulations

As with many of our other case studies, global institutions face a breathtaking array of regulations that vary country to country. UK institutions adhere to the Money Laundering Regulations 2017, Italian institutions meet the requirements set out by the Banca d’Italia, Australia has the Australia Transaction Reports and Analysis Centre, South Korea has the Act on Reporting and Using Specified Financial Transaction Information, and so on. Multiple global frameworks touch upon KYC. All of this adds to the complexity of doing business, particularly when completing cross-border activities.

Financial obfuscation

Off-shore accounts have become ubiquitous in recent years thanks to exposes such as the Panama Papers scandal. However, there are many more ways in which individuals and businesses seek to hide or obfuscate the source of their funds. This can include shell companies and holding entities that are designed to keep the individual ultimately behind the money hidden. This is made more difficult by the often-opaque nature of transactions, which means that institutions are unable to trace back to the original source of the funds.

Challenge

Construct a protocol that enables:

  • KYC and AML checks to be performed in a more efficient manner
  • Institutions to adhere to all necessary regulations and compliance, including according to all GDPR and data governance rules
  • Us to achieve this while also making it possible to complete KYC and AML checks in an anonymous manner, so as to protect participant privacy

Solution

The AllianceBlock protocol comprises three layers. One of these is the Data Layer. As part of the client onboarding process, an individual or organization is vetted. This onboarding process includes KYC, AML, and DD checks. Using the data layer, a consortium of validators (who are approved by regulators and stakeholders such as institutions) perform the checks and only when these validators arrive at consensus is the verified data committed to the Data Layer.

The difference here is that the institutions do not have to perform the verification themselves, they just have to approve the operators performing the KYC checks. These operators will be required to adhere to the conditions that the institutions and their regulators set out. If they do not, then institutions are able to provide a Do Not Comply (DNC) list of the operators they do not accept meet their standards. The institution can, of course, do the verification themselves still. However, the benefit of using the operators is twofold; one, it means the task is outsourced, and two, the institution can reuse the KYC data on an individual from a prior check.

This obviously is also beneficial for the individual being vetted as it means they do not have to undergo the same process. Furthermore, their digital identity includes not only all of their KYC data, but also transaction history, preferences, and profile. The user has ownership over their data and who they share it with at all times, as opposed to multiple institutions holding data (which may be incorrect or outdated and which is often hard to view/check) on them.

Our Single Sign On (SSO) integration is key to this digital identity and brings a number of benefits. It means that anyone can quickly and easily sign into their account, even if they are not technically adept at using blockchain wallets or services. It also allows for KYC checks to be performed without the participant having to surrender their identity to each firm. Because the participant has verified themselves with the initial operator, subsequent checks can verify the participant’s data without having to disclose their full identity.

It also lets projects raise money in a more compliant manner; projects raising funds through contracts can whitelist participants ahead of time by using our solution to verify the user is allowed to participant, and is KYC and AML verified. Anyone who wasn’t whitelisted and attempts to send in funds would find their transaction simply rejected. This lowers the barrier for new projects, as it means they don’t need to create an expensive and new verification process. It also means new projects don’t have to take on and subsequently protect user data in accordance with data protection rules.

Importantly, this solution also has far-reaching applications in how we can integrate it into DeFi projects. Decentralized Exchanges (DEXs) are inaccessible to institutional participants at present. One reason for this is the lack of compliance. To solve this, what if AllianceBlock’s KYC/AML solution was integrated with a DEX, to ensure only whitelisted participants were allowed to trade? How much capital might possibly flow into DeFi if there was a compliance-friendly DEX that for the first time enabled institutions to participate in DeFi?

About AllianceBlock

AllianceBlock is building the first globally compliant decentralized capital market. The AllianceBlock Protocol is a decentralized, blockchain-agnostic layer 2 that automates the process of converting any digital or crypto asset into a bankable product.

Incubated by three of Europe’s most prestigious incubators: Station F, L39, and Kickstart Innovation in Zurich, and led by a heavily experienced team of ex-JP Morgan, Barclays, BNP Paribas, Goldman Sachs bankers, and quants, AllianceBlock is on the path to disrupt the traditional markets with its state-of-the-art and globally compliant decentralized capital market.

Website | Telegram | Discord | CoinGecko | White Paper | Green Paper | Token Economics Paper

--

--

Nexera Foundation

Nexera Foundation is empowering the future of finance with cutting-edge open-source innovation.