KYC

‘Over-Collateralization Can Help Mitigate the Risk of Stablecoin Depegging’ — Pendulum CTO

April 5, 2023 Bitcoin.com

Masa announces soulbound ID tokens for Coinbase’s Base Network

April 4, 2023 Coin Telegraph

The token protocol can be used for a wide variety of applications, including membership badges, loyalty programs, decentralized captcha bots, and credit underwriting.

Masa Finance’s soulbound tokens will soon be available on Coinbase’s Base network, according to an April 4 announcement from Masa Finance. The new tokens will allow users to link identifying and reputational characteristics to their wallet addresses, making credit underwriting possible on the blockchain, the company said.

@getmasafi to Launch Soulbound Token Protocol & Developer Toolkit on @Build0nBase

Blockchain With the Base SBT Developer Toolkit Masa will support the seamless deployment and interaction with SBTs on Basehttps://t.co/MA9RDWYBAA #SBT #web3 #Masa #Soulbound #nft #identity pic.twitter.com/bGRxTXxYqb
— Wartask (,) (, ) (@Wartask1) April 4, 2023

Masa had previously released its Soulbound Token protocol for Ethereum and Celer.

In its announcement, Masa stated that the protocol can be used for a wide variety of applications, including human-readable domain names, membership badges, loyalty programs, achievement badges, decentralized captcha bots, and more.

It will release a Base SBT Developer Toolkit within the coming weeks that “will support the seamless deployment and interaction with SBTs on Base,” which will include a quickstart guide, Masa command line interface, software development kit, REACT developer tools, and examples of how to build applications using Masa soulbound tokens.

Coinbase is the largest centralized crypto exchange in North America. It launched its Base Network testnet on Feb. 23, planning to implement it as an optimistic rollup layer 2 for Ethereum. On March 23, Coinbase issued a Request for Builders asking developers to create several protocol types for Base, including an on-chain reputation system.

In response to this request, Masa began developing a Base version of its soulbound protocol, the company said in its announcement.

The announcement of Base Network’s creation has contributed to bullish sentiment within the Ethereum community, with some users expressing hope that it will lead to greater onboarding of Coinbase users to Ethereum. In an interview with Bloomberg Radio, Coinbase CEO Brian Armstrong claimed that “centralized players” on Base will need to implement some form of identity verification for users.

DeFi KYC: Not an issue as ‘99% have nothing to hide,’ industry execs say

March 30, 2023 Coin Telegraph

Alexander Sheer

Traditional finance observes “money laundering happening every day” despite rigorous KYC measures, according to DeFi industry execs.

DeFi execs at the World of Web3 (WOW) Summit in Hong Kong argued that implementing “Know Your Customer” (KYC) measures will tackle the “biggest issue” in decentralized finance (DeFi), which is hackers laundering millions of stolen funds into “clean money.”

During a panel session at the summit on March 29, titled “Blockchain Security to Smart Compliance: AML & KYC Solutions in DeFi,” industry leaders endorsed KYC in DeFi as a solution to tackle Anti-Money Laundering (AML) issues.

Dyma Budorin, CEO of smart contract auditing firm Hacken, warned of the prevalence of tools readily available to hackers to “launder the money” stolen from DeFi platforms, which he described as the “biggest issue” in the industry.

He explained that hackers can easily steal millions of dollars and launder the funds into various wallets “to make clean money again,” making it difficult to track the source of the funds.

“KYC is about transparency and accountability. I don’t think it’s an issue for a majority of people. I’m sure 99% of people don’t have things to hide. I’m happy to see it as part of our world.”

However, Victor Yim, the head of fintech at Hong Kong’s incubator for entrepreneurship, Cyberport, suggested that KYC alone won’t solve all AML problems.

Yim explained that even in traditional finance, where KYC measures are prominent, “there is still money laundering happening every day.”

Blockchain Security to Smart Compliance : #AML & #KYC for #DeFi Path to compliance is : Now is the best time to prove that Defi can be secure and compliant @jessecogo from @Cointelegraph @buda_kyiv @tyyim Alexander Scheer @WOWsummitWorld pic.twitter.com/Lk5mnhMKDS
— Charu (@Charu_Sethi) March 29, 2023

However, he believes KYC measures will make a “better tomorrow” for the DeFi industry, adding that it will require a collective effort, including “regulators, policy, bureau and other players,” to execute successfully.

Yim cited the concept of “anonymous traceable” as an example of a balance between anonymity and compliance, with individuals remaining anonymous unless called upon by law enforcement, adding that it will “protect the good people while still getting the bad people.”

Alexander Scheer, the founder of zkMe, emphasized that different mechanisms should be used for different solutions, as crypto mixers, for example, “need to be handled completely differently” to DeFi front-ends, and on- and off-ramps.

Scheer also touched on regulations, stating that the DeFi industry should proactively take the lead and “front run” regulations before they are imposed by regulators.

Top 7 legal and compliance jobs in the crypto market

March 27, 2023 Coin Telegraph

AML

Explore essential skills for top legal and compliance jobs in the crypto market.

Cryptocurrencies are a rapidly growing market that is changing how people invest, buy and sell goods and services, and transfer money. However, with the growth of this market comes an increasing need for legal and regulatory compliance, particularly concerning issues such as money laundering, fraud and data protection.

As a result, there is a demand in the cryptocurrency sector for legal and compliance specialists. The positions listed below are just a few examples of the various legal and compliance positions available in the cryptocurrency sector. Each one is crucial to ensuring that the market functions fairly, openly and lawfully.

Compliance officer

A compliance officer in the crypto market is responsible for ensuring that the company complies with all relevant laws and regulations, including Anti-Money Laundering (AML) and Know Your Customer (KYC) requirements.

Knowing the relevant laws and regulations, having strong analytical and problem-solving abilities, and having the capacity to effectively interact with internal and external stakeholders are all necessary qualifications for this position.

Legal counsel

A legal counsel in the crypto market provides legal advice and support to the company on a range of legal issues, including regulatory compliance, contracts, intellectual property, and data protection.

Legal counsels in the crypto world require unique skills due to the complex and evolving nature of the cryptocurrency market. This also entails technological and legal skills. Legal counsels need to know the rules and legislation that apply to cryptocurrencies and other digital assets, as well as the underlying technologies like blockchain and smart contracts. Additionally, they must be able to handle the dynamic regulatory environment of the cryptocurrency business.

They must also have exceptional analytical and problem-solving abilities to decipher complicated legal and technical data, giving clients clear and succinct advice. Additionally, legal counsels must have strong communication and negotiation skills to represent clients effectively in legal proceedings or negotiations.

Compliance analyst

A compliance analyst in the crypto market is responsible for monitoring the company’s compliance with regulatory requirements, conducting risk assessments, and developing and implementing compliance policies and procedures.

Skills required for this role include strong analytical and problem-solving skills, knowledge of relevant laws and regulations, and the ability to work independently and as part of a team.

KYC/AML analyst

A KYC/AML analyst checks consumers to ensure they adhere to AML and KYC standards in the crypto market. KYC/AML analysts in the crypto market require attention to detail, knowledge of regulations, risk assessment, investigative skills, data analysis, and communication skills to ensure compliance with Anti-Money Laundering and Know Your Customer requirements.

Regulatory affairs manager

A regulatory affairs manager in the crypto market is responsible for monitoring regulatory developments, analyzing the impact on the company and developing strategies to ensure compliance.

Regulatory affairs managers in the crypto industry require skills such as adeptness with compliance frameworks, knowledge of regulatory policies, proficiency in navigating legal requirements and the ability to develop strategic solutions to meet regulatory obligations.

Chief compliance officer

The chief compliance officer in the crypto market is responsible for overseeing the company’s compliance function, ensuring that the company complies with all relevant laws and regulations, and developing and implementing compliance policies and procedures.

Related: How are metaverse assets taxed?

Chief compliance officers in the crypto market require skills such as leadership, stakeholder management, strategic planning, risk assessment, and adeptness with compliance frameworks and regulatory policies to ensure effective compliance management and risk mitigation.

Data protection officer

A data protection officer in the crypto market is responsible for ensuring that the company complies with data protection laws and regulations, such as the General Data Protection Regulation (GDPR).

Learning about General Data Protection Regulation.

The GDPR was developed on 7 principles:
1) lawfulness, fairness and transparency
2) purpose limitation
3) data minimization
4) accuracy
5) storage limitation
6) integrity and confidentiality
7) accountability.
— Cherry (@ImaNjokko) March 25, 2023

Data protection officers in the crypto industry require advanced knowledge of privacy regulations, expertise in data governance, proficiency in implementing security protocols, and the ability to ensure data confidentiality, integrity and availability.

Binance launches internal investigation following KYC bypass rumors

March 24, 2023 Coin Telegraph

Binance

Following allegations that Binance employees and volunteers help users bypass KYC protocols, the crypto exchange says it is launching an internal investigation.

A recent article surfaced alleging that Binance employees and volunteers were assisting Chinese users on how to bypass Know Your Customer (KYC) and other security protocols.

However, speaking to Cointelegraph a spokesperson from Binance clarified that employees are “explicitly forbidden” from supporting users in circumventing any laws or policies. The spokesperson also said the company is taking action following the recent allegations.

"We have launched an investigation into employees who may have violated our internal policies including wrongly soliciting or making recommendations that are not allowed or in line with our standards.”

They went on to say that Binance has implemented “advanced detection tools” which allow the exchange to crack down on users in restricted jurisdictions, along with actively blockchain VPNs from said areas.

According to the exchange it is “extraordinarily rare” that workarounds are possible. Binance claims to have “multiple manual and AI-driven processes” which help prevent users from bypassing any critical security procedures.

“Furthermore, users who are found to have used any sort of workaround to avoid local law are restricted immediately.”

Changpeng Zhao, the co-founder of Binance, has made no comment on the situation at the time of writing, despite his regular commentary on social media. Previously, Zhao took to Twitter to address rumors which had spread via the Chinese messaging platform WeChat.

Prior to this incident, Binance had announced in February that it would delist low-trade volume nonfungible tokens (NFTs) that were listed before the implementation of its new KYC rules.

In October 2022, the exchange was hit with allegations that it “swerved scrutiny” from regulators in the United States and the United Kingdom due to incidents in its operating history.

Previously Binance has been open about its employee policies. In January, the exchange confirmed that its employees must adhere to a 90-day period prior to trading any digital assets to prohibit insider trading.

Magazine: US enforcement agencies are turning up the heat on crypto-related crime

Binance employees allegedly help customers in China bypass KYC controls

March 24, 2023 Coin Telegraph

Binance

A new investigation claims that Binance’s billion-dollar security protocols are being manipulated by users around the world through inside help.

Binance, the world’s largest cryptocurrency exchange, has made significant efforts to be a leader in transparency in the industry since the FTX scandal. However, a new report claims that Binance insiders are allegedly helping users bypass security protocols.

According to a CNBC investigation, employees and volunteers at Binance have allegedly been aiding customers in China to subvert the exchange’s Know Your Customer Controls (KYC).

The report points to Binance’s official Chinese-language chat rooms, in which more than 220,000 users were registered. There, users are reportedly able to access shared messages with techniques to bypass the exchange’s KYC, residency and verification protocols.

These messages allegedly stemmed from accounts that were identified as employees of Binance or trained volunteers who go by the title “Angels.”

Techniques shared included forging bank papers, attesting false addresses and other simple system manipulations. A Binance spokesperson is reported saying:

“We have taken action against employees who may have violated our internal policies, including wrongly soliciting or making recommendations that are not allowed or in line with our standards.”

The co-founder of Binance, Changpeng Zhao, who is usually active on social media, has made no comment at the time of writing. Zhao previously took to Twitter to denounce rumors spread on the Chinese WeChat platform.

Binance did not immediately respond to Cointelegraph's request for comment.

This development surfaces while China continues to implement a severe ban on cryptocurrencies which began in 2021, while crypto exchanges have been outlawed since 2017. Chinese users evading KYC rules to access Binance could face repercussions if uncovered.

Some have called on the Chinese government to reconsider the ban on crypto, though regulators have not budged.

Meanwhile, Chinese officials continue apace with plans for a central bank digital currency (CBDC), the digital yuan. Recently, millions were spent on adoption efforts.

Banks with crypto services require new Anti-Money Laundering capabilities

March 9, 2023 Coin Telegraph

AML

Large financial institutions are getting involved in digital assets by investing capital, time and effort into on-chain analytics solutions.

The new year began with the news that notable Web3 entrepreneur Kevin Rose fell victim to a phishing scam in which he lost over $1 million worth of nonfungible tokens (NFTs).

As mainstream financial institutions begin to provide services related to Web3, crypto and NFTs, they would be custodians of client assets. They must protect their clients from bad actors and identify whether client assets have been obtained through illicit activities.

The crypto industry hasn’t made it easy for Anti-Money Laundering (AML) functions within organizations. The sector has innovated constructs like cross-chain bridges, mixers and privacy chains, which hackers and crypto thieves can use to obfuscate stolen assets. Very few technical tools or frameworks can help navigate this rabbit hole.

Regulators have recently come down hard on some crypto platforms, pressuring centralized exchanges to delist privacy tokens. In August 2022, Dutch police arrested Tornado Cash developer Alexey Pertsev, and they have worked on controlling transactions through mixers since then.

While centralized governance is considered antithetical to the Web3 ethos, the pendulum may have to swing in the other direction before reaching a balanced middle ground that protects users and doesn’t curtail innovation.

And while large institutions and banks have to grapple with the technological complexities of Web3 to provide digital assets services to their clients, they will only be able to provide suitable customer protection if they have a robust AML framework.

AML frameworks will need several capabilities that banks must evaluate and build. These capabilities could be built in-house or achieved by collaborating with third-party solutions.

A few vendors in this space are Solidus Labs, Moralis, Cipher Blade, Elliptic, Quantumstamp, TRM Labs, Crystal Chain and Chainalysis. These firms are focused on delivering holistic (full-stack) AML frameworks to banks and financial institutions.

For these vendor platforms to deliver a holistic approach to AML around digital assets, they must have several inputs. The vendor provides several of these, while others are sourced from the bank or institution they work with.

Data sources and inputs

Institutions need a ton of data from varied sources to effectively identify AML risks. The breadth and depth of data an institution can access will decide the effectiveness of its AML function. Some of the key inputs needed for AML and fraud detection are below.

The AML policy is often a broad definition of what a firm should watch for. This is generally broken down into rules and thresholds that will help implement the policy.

An AML policy could state that all digital assets linked to a sanctioned nation-state like North Korea must be flagged and addressed.

The policy could also provide that transactions would be flagged if more than 10% of the transaction value could be traced back to a wallet address that contains the proceeds of a known theft of assets.

For instance, if 1 Bitcoin (BTC) is sent for custody with a tier-one bank, and if 0.2 BTC had its source in a wallet containing the proceeds of the Mt. Gox hack, even if attempts had been made to hide the source by running it through 10 or more hops before reaching the bank, that would raise an AML red flag to alert the bank to this potential risk.

Recent: Death in the metaverse: Web3 aims to offer new answers to old questions

AML platforms use several methods to label wallets and identify the source of transactions. These include consulting third-party intelligence such as government lists (sanctions and other bad actors); web scraping crypto addresses, the darknet, terrorist financing websites or Facebook pages; employing common spend heuristics that can identify crypto addresses controlled by the same person; and machine learning techniques like clustering that can identify cryptocurrency addresses controlled by the same person or group.

Data gathered through these techniques are the building block to the fundamental capabilities AML functions within banks and financial services institutions must create to deal with digital assets.

Wallet monitoring and screening

Banks will need to perform proactive monitoring and screening of customer wallets, wherein they can assess whether a wallet has interacted directly or indirectly with illicit actors like hackers, sanctions, terrorist networks, mixers and so on.

Illustration of assets in a wallet categorized and labeled. Source: Elliptic

Once labels are tagged to wallets, AML rules are applied to ensure the wallet screening is within the risk limits.

Blockchain investigation

Blockchain investigation is critical to ensure transactions happening on the network do not involve any illicit activities.

An investigation is performed on blockchain transactions from ultimate source to ultimate destination. Vendor platforms offer functionalities such as filtering on transaction value, number of hops or even the ability to identify on-off ramp transactions as part of an investigation automatically.

Illustration of Elliptic platform tracing a transaction back to the dark web. Source: Elliptic

Platforms offer a pictorial hop chart showing every single hop a digital asset has taken through the network to get from the first to the most recent wallet. Platforms like Elliptic can identify transactions that even stem from the dark web.

Multiasset monitoring

Monitoring risk where multiple tokens are used to launder money on the same blockchain is another critical capability that AML platforms must have. Most layer 1 protocols have several applications that have their own tokens. Illicit transactions could happen using any of these tokens, and monitoring must be broader than just one base token.

Cross-chain monitoring

Cross-chain transaction monitoring has come to haunt data analysts and AML experts for a while. Apart from mixers and dark web transactions, cross-chain transactions are perhaps the hardest problem to solve. Unlike mixers and dark web transactions, cross-chain asset transfers are commonplace and a genuine use case that drives interoperability.

Also, wallets that hold assets that hopped through mixers and the dark web can be labeled and red-flagged, as these are considered amber flags from an AML perspective straightaway. It wouldn’t be possible just to flag a cross-chain transaction, as it is fundamental to interoperability.

AML initiatives around cross-chain transactions in the past have been a challenge as cross-chain bridges can be opaque in the way they move assets from one blockchain to another. As a result, Elliptic has come up with a multitiered approach to solving this problem.

An illustration of how a cross-chain transaction between Polygon and Ethereum is identified as having its source with a crypto mixer — a sanctioned entity. Source: Elliptic

The simplest scenario is when the bridge provides end-to-end transparency across chains for every transaction, and the AML platform can pick that up from the chains. Where such traceability is not possible due to the nature of the bridge, AML algorithms use time value matching, where assets that left a chain and arrived at another are matched using the time of transfer and the value of the transfer.

The most challenging scenario is where none of those techniques can be used. For instance, asset transfers to the Bitcoin Lightning Network from Ethereum can be opaque. In such cases, cross-bridge transactions can be treated like those into mixers and the dark web, and will generally be flagged by the algorithm due to the lack of transparency.

Smart contract screening

Smart contract screening is another crucial area to protect decentralized finance (DeFi) users. Here, smart contracts are checked to ensure there are no illicit activities with the smart contracts that institutions must be aware of.

This is perhaps most relevant for hedge funds wanting to participate in liquidity pools in a DeFi solution. It is less important for banks at this point, as they generally do not participate directly in DeFi activities. However, as banks get involved with institutional DeFi, smart contract-level screening would become extremely critical.

VASP due diligence

Exchanges are classed as Virtual assets service providers (VASPs). Due diligence will look at the exchange’s overall exposure based on all addresses associated with the exchange.

Some AML vendor platforms provide a view of risk based on the country of incorporation, Know Your Customer requirements and, in some cases, the state of financial crime programs. Unlike previous capabilities, VASP checks involve both on-chain and off-chain data.

Recent: Tel Aviv Stock Exchange’s crypto trading proposal a ‘closed-loop system’

AML and on-chain analytics is a fast-evolving space. Several platforms are working toward solving some of the most complex technology problems that would help institutions safeguard their client assets. Yet, this is a work in progress, and much needs to be done to have robust AML controls for digital assets.

Coinbase CEO hints its new layer-2 network could include AML measures

March 7, 2023 Coin Telegraph

AML

Brian Armstrong said centralized firms have a responsibility to monitor transactions and carry out AML checks.

Coinbase chief executive Brian Armstrong has hinted that the firm’s new Layer-2 blockchain network Base may be subjected to transaction monitoring and anti-money laundering measures at launch.

In an interview with Joe Weisenthal on Bloomberg Radio on Mar. 6, Armstrong acknowledged that Base has some centralized components today, adding “it will be more and more decentralized over time.”

However, he then suggested that there will be transaction monitoring and AML requirements for users of the new layer-2 network.

He suggested that Coinbase will have a responsibility in terms of transaction monitoring in the early days, adding:

“I think that the centralized actors are the ones that are probably going to have the most responsibility to avoid money laundering issues and having transaction monitoring programs and things like that.”

Armstrong’s comments were also highlighted up by decentralization advocate Chris Blec in a Twitter post on Mar. 7.

Odd Lots @TheStalwart directly asked @coinbase CEO @brian_armstrong how CB will navigate KYC/AML obligations on @BuildOnBase.

Armstrong tap danced around an answer. In the last 10 seconds he hints there WILL be some sort of KYC at launch.

Wish Joe had pressed for more clarity. pic.twitter.com/Q4TBV5MbS0
— Chris Blec (@ChrisBlec) March 6, 2023

Base is an Ethereum layer-2 network that offers a secure, low-cost, developer-friendly way for users to build decentralized apps, according to Coinbase.

It is being developed with the “OP Stack” used by Optimism which will enable high-speed transactions on Ethereum. Base was unveiled on Feb. 23 and is currently in the testnet phase, Coinbase has yet to provide a mainnet launch date but it is expected in Q2, 2023.

1/ We’re excited to announce @BuildOnBase.

Base is an Ethereum L2 that offers a secure, low-cost, developer-friendly way for anyone, anywhere, to build decentralized apps.

Our goal with Base is to make onchain the next online and onboard 1B+ users into the cryptoeconomy. pic.twitter.com/RmwZFJzGGs
— Coinbase (@coinbase) February 23, 2023

Blec has previously warned about Coinbase’s latest layer-2 offering in a blog post released in late February, five days after the firm announced Base.

He said that layer-2 infrastructure was quite centralized because they use “sequencers” which are “nodes that construct and execute L2 blocks while transmitting users’ actions from L2 to L1.”

Coinbase, a licensed money transmitter, will be operating the sole sequencer for Base. This raised the question of whether Base would also legally require know-your-customer (KYC) requirements making it the first ever L2 to do so.

Coinbase hasn’t confirmed or denied whether Base would be implementing KYC and AML measures. Blec commented:

“Isn’t it ironic that “DeFi” is heading toward being controlled by the entities that it was originally supposed to be battling?”

However, the crypto community and Ethereum advocates have said Base was a “massive confidence vote” for Ethereum.

Cointelegraph reached out to Coinbase for comment but has not received a response by the time of publication.

Pakistan banks agree on blockchain-based KYC system development

March 6, 2023 Coin Telegraph

Banks

The blockchain-based national eKYC banking platform is aimed at strengthening anti-money laundering (AML) capabilities while countering terror financing.

Pakistan Banks’ Association (PBA) — a group of 31 traditional banks operating in Pakistan — signed off on the development of a blockchain-based platform for Know Your Customer (KYC) initiatives.

On March 2, PBA signed the project contract for developing Pakistan’s first blockchain-based national eKYC (electronic Know Your Customer) banking platform, reported Daily Times. The move was aimed at strengthening anti-money laundering (AML) capabilities while countering terror financing — an initiative led by the State Bank of Pakistan (SBP).

The member banks include international establishments such as the Industrial and Commercial Bank of China, Citi bank and Deutsche Bank. Moreover, the blockchain platform will improve operational efficiencies — primarily aimed at improving customer experience during the onboarding process.

A momentous occasion!

Pakistan Banks’ Association (PBA) and Avanza Group signed the Project Contract for Pakistan’s first Blockchain based National Banking Platform in Karachi on 2nd March 2023.#AvanzaGroup #AvanzaInnovations #AvanzaSolutions #demystifyingthefuture #PBAeKYC pic.twitter.com/2XMcxHoanL
— Avanza Group (@avanzagrp) March 3, 2023

Avanza Group has been tasked to develop the blockchain-based eKYC platform named ‘Consonance,’ which will be used by member banks to standardize and exchange customer data via a decentralized and self-regulated network. However, the customer details will be shared based on consent — allowing banks to assess existing and new customers.

Joining other countries in the race for an in-house central bank digital currency (CBDC), Pakistan recently signed new laws to ensure the launch of a CBDC by 2025.

*Global CBDC initiatives overview. Source: Atlantic Council*

The state bank, SBP, will issue licenses to EMIs for CBDC issuance. “These landmark regulations are a testament to the SBP’s commitment toward openness, adoption of technology and digitization of our financial system,” said Deputy Governor of SBP Jameel Ahmad in this regard.

Pakistan Banks to Use Blockchain Technology for KYC

March 6, 2023 Bitcoin.com