Part 2: The future of crypto and regulatory requirements

July 7, 2018 by John Devlin

In our last installment, we explored the global discussion around regulating cryptocurrencies and where governments and financial regulatory bodies around the world may position themsleves regarding the issue. You can read that blog post here. Now, we'd like to take a look at where regulatory activity has actually translated into action amongst crypto service providers. 

A picture of reality and a vision of success

68% of crypto exchanges and wallets are not compliant with future KYC regulations

In April and May of 2018, we undertook an assessment of exchanges and custodial wallets based in Europe and North America. (Read the report here.)  We focussed on the on-boarding procedure, including the requirement of each provider for identity verification and the additional security mechanisms in place. However, this also encompasses the opening and activation procedure and it affects and relates to the user experience and perceptions of the service provider, so these were also included as two categories within the assessment.

We wanted to see whether regulatory activity had translated into action amongst crypto service providers. It was an opportunity to see whether leading service providers were planning ahead and thinking strategically. We say this because strong authentication and Know Your Customer (KYC) is a clear opportunity to address market concerns and improve perception of and crypto and broaden its appeal for the mass market.

Sixty-eight percent of the leading exchanges and custodial wallets assessed did not have an adequate KYC process in place. It was clear that the majority of crypto exchanges and wallets are not yet compliant with upcoming regulation. Of those that did have some measures in place, there were discrepancies between the approach and type of implementation. Some exchanges and wallets were quite clear and upfront about their processes and used the validity of their regulatory compliance as an indication of their strong processes, almost to show how professional and reliable they are. Others had some measures, but they were optional or were only introduced if transaction volumes went beyond a certain volume or value. At the bottom end of the assessment were those that had no measures in place and seemed to be actively trying to hide who they were, let alone who their customers were.

Digital Identity Verification Enhances Service Providers

Credit should go to those organisations that we found to have done an excellent job implementing regulatory compliant KYC processes. Top of our assessment ranking were Luno, Coinbase, Gemini and Poloniex. It was notable that they all had adopted digital ID verification implementations. They all appeared to have determined that they wanted to offer a modern, seamless approach with a quick turnaround to allow new customers to start transacting a quickly and securely as possible. In addition, they all seemed quite transparent in wishing to offer a safe, reliable and trusted trading environment to their customers.

It seemed odd that more had not gone down this path, instead leaving themselves open to more strategic thinking competition who have looked into the future, determined where they want to be and where the market is heading. Onboarding and activation is a clear differentiator for service providers. Poor implementations were noted as creating barriers with long activation times and/or placing unnecessary requirements upon users/customers.

Only 8 out of 25 crypto exchanges and custodial wallets had implemented in May 2018. It was notable that digital identity verification is a clear differentiator in determining perception of the service provider and the overall UX. This is an opportunity for companies to stand out although it appears many do not wish to address this, or they have barriers with a legacy mindset around user anonymity or they are uncertain whether digital solutions can meet all regulatory requirements. For the record, the FCA, JMLSG and European Commission all stated that in 2017 they would pursue ways to support remote ID submissions/digital disclosures/digital identity authentication having previously clarified that the regulations do not preclude a digital approach.