You’re on your way to launching your Initial Coin Offering (ICO). You have a great new idea that no one else is doing. And, while you’ve gathered a talented team who can make it happen, you also know that you need some funding to help you reach success. So you’ve decided to launch an ICO or Security Token Offering (STO). You’re locked and loaded. Except… You realize that something called KYC stands in the way.
KYC stands for Know Your Customer and is part of a set of regulations around anti-money laundering, or AML. And, while ICOs did not have regulation specifically for them, governments are taking a close look at virtual currency-affiliated transactions, and ICOs are front and center. This means that you now need to figure out how to handle KYC to ensure that your potential contributors cut mustard and are neither sanctioned individuals nor a risk to your business. But, what should you do, and who should you talk to in order to figure out the best path?
Not conducting KYC is illegal. That could lead to a potential for a freeze on your ICO, requiring you to return the funds raised, fines, and a business that can’t get off the ground. Ultimately, you’ll need…
KYC and Transaction Monitoring
AML regulations are about stopping bad actors from hiding their ill-gotten gains. AML operations can be broken into two pieces: KYC and transaction monitoring.
- KYC is gathering information from contributors. This includes personally identifiable information, digital versions of physical documents, and sometimes biometrics. You’ll want to make sure that the information is valid or real, that it all belongs to the same person (not a stolen or synthetic identity), and that it poses no risk to your business reputationally or financially.
- Transaction monitoring refers to your obligations to monitor whether the funds coming in have been associated with illicit activity. For ICOs, an Ethereum blockchain explorer technology allows you to gauge the risk of the incoming virtual currency by seeing where it’s coming from and the risk each previous wallet presents.
Protecting Yourself Against Bad Actors
- Bad actors are all over the place, what if a sanctioned individual tries to purchase tokens from you? Or, what if someone from a sanctioned country tries to purchase tokens from you? What if they’re using TOR or a VPN service to obfuscate their IP address? These are things we’ve seen and protect against.
- Several regulators around the world have already prohibited ICOs, and your will need to blacklist those geographies. A solution that provides geofencing is critical and helps you demonstrate your adherence to regulations.
- A solution which uses the concept of digital identities allows you to get the best understanding of the risk posed by the entity on the other end of the transaction. Digital identities group together sets of attributes like name, date of birth, device ID, and payment instruments to help distinguish between legitimate and suspicious activity. This approach can raise red flags early, or provide extra reassurance when a good user wants to buy a token.
Auditor Reports (just in case)
If you are audited, having a solid solution is required. You need to both collect all the information that you need, and be able to easily provide it to a regulator in a format that auditors are used to. Not having this information may mean the beginning of the scramble drill to end all scramble drills, and auditors who keep you waiting while they get to the bottom of their investigation.
An Easily Deployable Solution
You’re not a software company. Okay, maybe you are, but you are not a compliance software company. So, you don’t want to be dedicating more time than necessary integrating and deploying your KYC solution rather than developing your idea and core business. Your KYC solution should be deployable in less than a week.
IdentityMind has conducted the KYC on 10% of compliant ICOs across six continents, vetting ~500,000 contributors.
That’s a lot to think about, but KYC for your ICO or token offering is not something to be taken lightly. By getting everything in order before you launch, you are protecting yourself and your customers from being caught up in a money-laundering scheme, and signalling to the market that you are aware of and following regulations, all of which helps build the community’s trust towards your project.
IdentityMind has worked with 175 ICOs, providing KYC services built on Trusted Digital Identity technology. IdentityMind offers a KYC plugin which enables you to quickly deploy the KYC and AML capabilities that you require to check ICO participants. By copy pasting a few lines of code, you can start accepting contributors in a matter of hours, with reporting functionality to satisfy examiners and regulatory auditors.