To fully understand the importance of Anti-money Laundering/Know Your Customer (AML/KYC) procedures in crypto — and, by proxy, the importance CEX.IO continuously places on them — we must go back to the early beginnings of our industry.
Therefore, join us below for a CEXy introduction to DeFi, AML/KYC and CEX.IO.
What does “DeFi” mean?
“DeFi” is an abbreviation for “Decentralized Finance,” which refers to financial instruments or services not managed by a central authority or company. Instead, these services and instruments operate on a form of Distributed Ledger Technology (DLT), or blockchain.
The primary benefit of DeFi is that it enables users to eliminate intermediaries and interact with a service or product directly. Therefore, one of DeFi’s goals is to facilitate access to financial services by being permissionless, borderless, and open.
Crypto and a lack of regulation: where the problem started
Although the industry has progressed, countless crypto exchanges did not require a KYC check in the early days. As old habits (and stigmas) die hard, unfortunately, crypto continues to have a somewhat negative connotation with certain members of the public, relative to fraud and money laundering.
Why is this? Because the old paradigm of little to no AML monitoring with a fully digital and anonymized cryptocurrency is exceptionally convenient for nefarious activities. For crypto adoption to grow, there must be foundational trust. Therein lies the need for (and benefits of) KYC procedures.
On the one hand, AML refers to monitoring transactions for suspicious activity and stopping criminals from becoming customers. Generally speaking, it encompasses all efforts involved in preventing money laundering.
On the other hand, the core of KYC procedures are customer screening and identification, which helps businesses understand their risks. This way, KYC compliance helps prevent fraud and money laundering by ensuring you know who is transacting with you.
Does KYC translate to centralization?
Numerous critics of KYC in DeFi claim that any and all forms of KYC inherently change DeFi apps into centralized services.
However, since there is no central entity that needs to perform the KYC check, the previous statement is not necessarily correct. For instance, verifying crypto wallet holders and performing KYC could just as easily be done by identity providers, or other trusted third parties using mechanisms created by DeFi.
Following a successful AML screening and identity verification process, the next step would be to whitelist the wallet address. This approach can tremendously increase security and trust in one sense, while ensuring a DeFi protocol remains decentralized.
The importance of education: the CEX.IO way
Although CEX.IO is an entire ecosystem of crypto services and products, we’re also a globally licensed and regulated cryptocurrency exchange. As such, we maintain custody of our clients’ fiat funds and digital assets, the safeguarding of which is paramount to a user-centric platform.
And we have the experience to understand how vital KYC/AML practices are to the health and safety of the ecosystem. We’ve been around since 2013, and in that time, have weathered countless crypto storms and bear markets. As we believe knowledge should be free, we enjoy drawing from our vast experience to share valuable information with both the crypto curious and crypto serious.
To that end, we’ll be clear and transparent about the processes and systems we have in place to ensure your assets remain ever safe with us. We’ll explain how we protect:
- Digital asset storage
- Trading environment security
- Fiat fund security
- Reporting and accountability
- Regulatory requirements
Digital asset storage
Our exchange maintains hot and cold wallets that hold digital assets. Cold wallets are offline, while hot wallets remain connected to the internet at all times. In other words, there are both cold and hot wallets for each digital currency, with separate private keys. In the unlikely event of a security breach, users’ funds would remain unaffected as they are stored in cold wallets.
The amount of cryptocurrency that can sustain day-to-day trading activity determines the proportion in which the total funds are divided between cold and hot wallets. This is due to factors such as expected deposits and withdrawals, as well as trading volumes.
Since only a small part of the total digital assets remains in active circulation, this is the only portion kept in hot wallets. So for safety reasons, daily cryptocurrency circulation is enabled only by the funds kept in company hot wallets.
Consequently, CEX.IO bears the entire risk exposure of maintaining a hot wallet. 100% of client funds are stored in cold wallets for major cryptos like BTC and ETH, and this ratio is close to 100% for more recently listed altcoins.
Trading environment security
Safeguarding client funds by ensuring the security of digital asset storage is a priority. At the same time, we place an equally vital emphasis on what occurs during trading activity.
The risk of being used for money laundering looms over any platform with a lax approach to client vetting, source of funds investigations, and trading activity. Should this risk become a reality, such a platform would likely have to deal with anything from a regulator’s order to suspend all operations, to a full investigation and freezing of the platform’s bank accounts.
The worst part in such a scenario is that law-abiding users become sucked into the scandal by not having access to their funds, likely ending up as collateral damage.
With this in mind, at CEX.IO, we uphold the highest standards of security when it comes to vetting our clients. Every user we serve goes through a mandatory KYC/AML procedure, in addition to continuously monitoring irregularities in all asset transactions.
Our Finance and Compliance teams review suspect activity whenever we identify odd behaviors on our exchange. Thanks to continuously increasing automation and speed, our users benefit from an added layer of security.
Fiat funds security
The fact that our platform and ecosystem support fiat-to-crypto transactions has historically been one of our proudest achievements. It is in the same spirit that we consider it an uncompromising goal to ensure the implementation of security processes focusing on the fiat-based portion of our operations.
Reputable banks worldwide are proud to call themselves our partners, and we feel the same way. The process of forming such partnerships involves the banks performing detailed due diligence regarding our processes, and CEX.IO reviewing each bank carefully before deeming them secure enough to hold clients’ funds.
The custodial accounts of banks we partner with hold our clients’ fiat funds, which are separate from the company’s accounts at all times. Consequently, access to these funds is available only to their rightful owners.
Reporting and accountability
Financial reporting is the cornerstone of every successful, respected company. If there’s anything additional to the user-centric philosophy CEX.IO is based upon, we are equally committed to ensuring safety and security at all times. That’s why all crypto and fiat financial transactions that take place in our ecosystem are included in our financial reports.
Whether it’s the maintenance of licenses and registrations, applications for said licenses, or opening bank accounts — all of these procedures comprise detailed financial statements audited by independent parties. These parties verify that CEX.IO maintains detailed records and handles users’ funds appropriately, and in accordance with the law.
Our platform’s positive regulatory posture derives from the aforementioned extensive reporting, as well as the accountability we so believe in, and fervently uphold. Consequently, any and all types of malicious behavior, including, but not limited to funds mishandling/disappearance/theft, are detectable and can be quickly squashed.
Demonstrating the maintenance of sufficient account capital is an integral part of our license application approvals in Europe. Considering risk estimates, the purpose of such capital is to cover any and all potential losses.
The U.S. market features different requirements, as each state treats money transmitting businesses differently. We must (and have) obtained surety bonds (insurance) for each state where our platform holds an MTL license, together with a minimum net worth requirement.
Additionally, we don’t stop at merely complying with various regulatory requirements. Our daily business operations are conducted within a robust risk management framework. Consequently, we maintain an emergency reserve from a portion of our trading fee revenues, as part of the risk program. Were an adverse event to occur, customers’ losses would be covered using the funds in that emergency reserve.
Remember: crypto safety is a two-way street
CEX.IO has been educating and helping crypto enthusiasts navigate their journeys since 2013. Throughout that time, and due to the prioritization of customer safety and security over more selfish goals like profits, we’ve earned a reputation of being deliberate and thorough with our KYC/AML procedures.
As you can see, crypto safety is challenging to ensure, and even trickier to maintain. Regardless, our platform prides itself on sharing knowledge and taking the time to vet every client and transaction thoroughly. There are no shortcuts in our operations or ethics.
So it is vital to remember that your greatest weapon in staying safe in crypto, is patience. Just as deciding which crypto to buy or sell, and when, takes time and much thought, so too does ensuring ecosystem safety and security. We appreciate that you value this as much as we do.
We welcome everyone into our global community of crypto enthusiasts (which has exceeded six million users to date, but who’s counting?) and invite you to (safely) join in on the fun and learning. See you in the markets, and may they ever trade in your favor!
Disclaimer: For information purposes only. Not investment or financial advice. Seek professional advice. Digital assets involve risk. Do your own research.