Can ANX get added to the list?
We are a Money Services Operator (MSO) in Hong Kong. This is the equivalent of a FINCEN/FINTRAC MSB in the USA. We are under stringent compliance controls where we go above and beyond the standard KYC/AML and SSR requirements set out for the license. Because we are in the crypto currency industry we heave to work much harder to keep abreast on the latest developments in KYC and AML than the typical MSO or banks to mitigate any risk in our business. ANX was one of the first exchanges to implement strong KYC/AML requirements on all our customers since Day 1 of our opening in July 2013. This proved to be painful and troublesome for some of our customers and even cost us some customers as they did not feel they needed to provide this information to us since many of the other exchanges did not have such policies and not an industry standard at the time.
We knew that KYC/AML will be one of the main reasons why the regulators and government will ban or accept crypto currencies. Hence we had been forward thinking and adequately pre-empted these requirements that have been the norm today. ANX is in this for the long term and will do what it takes to ensure we will stay in business to be able to provide our a customers a safe and compliant way to trade crypto currencies.
Topic: AML/KYC Explained - page 26. (Read 473867 times)
To expand a bit on what all this means at local level.
Services design their own AML/KYC policies and risk management processes with the over-arching guidelines and statutory requirements in mind. Conventional financial institutions tend to have extremely conservative risk assessment frameworks because they're at risk of fines in the hundreds of millions if they're found to be non-compliant.
The risk assessment/management procedures individual institutions use are developed by them. They get to decide which customers and what transactions are "high risk" and can and do choose to cease providing services to high risk accounts rather than apply enhanced AML/KYC compliance procedures to those accounts. They are under no legal obligation whatsoever to allow you to operate a high risk account and don't have to justify a refusal to do so (under some circumstances, they may even be prohibited from giving you a specific reason).
Compliance is a huge administrative burden for financial institutions and it's both cheaper and easier for them to dump accounts/customers who add to that burden. They not only don't care if you take your business elsewhere, they actively want you to do so - they want your accounts to be someone else's headache.
When your financial institution refuses to process a transaction or closes your account, they are not telling you what to do with your money. They don't actually give a fuck what you do with your money. What they're doing is refusing to act as the middleman in transactions which expose them to potential liability. Any fees they might have earned from that transaction pale into insignificance compared to the fines which allowing a single transaction which breaches AML/KYC requirements can attract (it's 11 million per breach here in Australia for a corporation and a single transaction can involve multiple breaches). It's not about your right to send funds to potentially flaky Bitcoin services or Nigerian "princes" - it's about their right (and, to a large extent, obligation) to not involve themselves in high risk transactions.
People in general greatly over-estimate their importance as customers to financial institutions. You may believe that you're giving them "a lot of business", but in the overall context of their operations you're not bringing them enough profit to justify the risks involved in servicing your account. They can always find low risk customers to replace you.
Services design their own AML/KYC policies and risk management processes with the over-arching guidelines and statutory requirements in mind. Conventional financial institutions tend to have extremely conservative risk assessment frameworks because they're at risk of fines in the hundreds of millions if they're found to be non-compliant.
The risk assessment/management procedures individual institutions use are developed by them. They get to decide which customers and what transactions are "high risk" and can and do choose to cease providing services to high risk accounts rather than apply enhanced AML/KYC compliance procedures to those accounts. They are under no legal obligation whatsoever to allow you to operate a high risk account and don't have to justify a refusal to do so (under some circumstances, they may even be prohibited from giving you a specific reason).
Compliance is a huge administrative burden for financial institutions and it's both cheaper and easier for them to dump accounts/customers who add to that burden. They not only don't care if you take your business elsewhere, they actively want you to do so - they want your accounts to be someone else's headache.
When your financial institution refuses to process a transaction or closes your account, they are not telling you what to do with your money. They don't actually give a fuck what you do with your money. What they're doing is refusing to act as the middleman in transactions which expose them to potential liability. Any fees they might have earned from that transaction pale into insignificance compared to the fines which allowing a single transaction which breaches AML/KYC requirements can attract (it's 11 million per breach here in Australia for a corporation and a single transaction can involve multiple breaches). It's not about your right to send funds to potentially flaky Bitcoin services or Nigerian "princes" - it's about their right (and, to a large extent, obligation) to not involve themselves in high risk transactions.
People in general greatly over-estimate their importance as customers to financial institutions. You may believe that you're giving them "a lot of business", but in the overall context of their operations you're not bringing them enough profit to justify the risks involved in servicing your account. They can always find low risk customers to replace you.
Want to improve this sticky? Edits to the sticky may be paid! Please post a quote of this sticky with all of the changes you would like included in the thread linked below:
https://bitcointalksearch.org/topic/completed-003-btc-bounty-write-a-general-amlkyc-process-sticky-357590
Feel free to use this sticky as a general discussion of AML/KYC policies.
https://bitcointalksearch.org/topic/completed-003-btc-bounty-write-a-general-amlkyc-process-sticky-357590
Feel free to use this sticky as a general discussion of AML/KYC policies.
What is KYC ?
Know your customer (KYC) refers to due diligence activities that financial institutions and other regulated companies must perform to ascertain relevant information from their clients for the purpose of doing business with them. The term is also used to refer to the bank regulation which governs these activities. Know Your Customer processes are also employed by companies of all sizes for the purpose of ensuring their proposed agents', consultants' or distributors' anti-bribery compliance. Banks, insurers and export credit agencies are increasingly demanding that customers provide detailed anti-corruption due diligence information, to verify their probity and integrity.
Who has to enforce KYC ?
Know your customer (KYC) falls under the responsability of each financial institution and/or regulated company.
The regulations require these entities to adopt KYC procedures. It assists them in knowing / understanding the customers and their financial dealings better to monitor their transactions for identification and prevention of suspicious transactions.
KYC Recommendations
KYC controls typically include the following:
- Collection and analysis of basic identity information (referred to in US regulations and practice a "Customer Identification Program" or CIP)
- Name matching against lists of known parties (such as "politically exposed person" or PEP)
- Determination of the customer's risk in terms of propensity to commit money laundering, terrorist finance, or identity theft
- Creation of an expectation of a customer's transactional behavior
- Monitoring of a customer's transactions against their expected behaviour and recorded profile as well as that of the customer's peers
KYC Jurisdiction and Locality
KYC regulations are local, and differ from country to country. Jurisdiction is also, on a coutry to country basis.
To know more about your specific country, visit: http://kycmap.com
KYC and Bitcoin Exchanges
Stricter KYC policies:
Bitstamp https://www.bitstamp.net/privacy-policy/
Bitfinex https://www.bitfinex.com/pages/tos or refer inquiries to [email protected]
BTCChina (only since new PBOC guidance, Dec 2013) (link?)
Cavirtex https://www.cavirtex.com/faq
Coinbase https://coinbase.com/legal/privacy
Kraken https://www.kraken.com/legal/verification (their General Counsel, Constance Choi is a well known specialist in the Regulatory and Compliance field)
Cryptonit https://cryptonit.net/regulations
Loose or non-existant KYC policies:
BTC-e (??)
Crypsty (??)
LocalBitcoin (p2p based, limited KYC?)
What is AML?
Standing for "Anti-money Laundering", it is a set of procedures, laws or regulations designed to stop the practice of generating income through illegal actions. In most cases money launderers hide their actions through a series of steps that make it look like money coming from illegal or unethical sources was earned legitimately.
Who has to enforce AML?
In response to mounting concern over money laundering, the Financial Action Task Force on Money Laundering (FATF) was established by the G-7 Summit that was held in Paris in 1989.
The Task Force was given the responsibility of examining money laundering techniques and trends, reviewing the action which had already been taken at a national or international level, and setting out the measures that still needed to be taken to combat money laundering. In April 1990, less than one year after its creation, the FATF issued a report containing a set of Forty Recommendations, which provide a comprehensive plan of action needed to fight against money laundering.
The FATF calls upon all countries to take the necessary steps to bring their national systems for combating money laundering and terrorism financing into compliance with the new FATF Recommendations, and to effectively implement these measures.
Again, as in the case of KYC, financial institutions and/or regulated companies are responsible for the implementation of internal AML policies.
AML Jurisdiction and Locality
AML regulations are also local, and differ from country to country. Some countries choose a top-down approach, inheriting much of their AML policies from the FATF, while others go for a bottom-up approach and then have to reconcile both policies. Extreme countries where such reconciliation is impossible (generally due to Government unwillingness) are excluded from the FATF membership, with the corollary of increased complications to access the international markets and financing.
For a full list of FATF members, visit: http://en.wikipedia.org/wiki/Financial_Action_Task_Force_on_Money_Laundering
AML and Bitcoin Exchanges
Currently in compliance:
Bitstamp https://www.bitstamp.net/aml-policy/
Bitfinex https://www.bitfinex.com/pages/tos or refer inquiries to [email protected]
Cavirtex https://www.cavirtex.com/why_virtex#proactively_working
Coinbase https://coinbase.com/legal/privacy
Kraken https://www.kraken.com/legal/aml (their General Counsel, Constance Choi is a well known specialist in the Regulatory and Compliance field)
Cryptonit https://cryptonit.net/regulations
Unknown status:
BTCChina (unclear since new PBOC guidance, Dec 2013) (are they financial institutions?)
BTC-e https://btc-e.com/page/1
LocalBitcoin (p2p based, limited or no AML?)
WARNING:
Assume that restrictions for any Bitcoin to National Currency exchange may become more restrictive at any time in the future. Many exchanges in the past have restricted currency deposits or withdrawals proactively as BitStamp has, without any explicit order from a government agency to do so at the time. Others like BTCChina have in response to concerns made even the ability to continue to login to their platform contingent on supplying further identifying information. In the past surprise changes to AML/KYC requirements have lead users of exchanges to have their access to deposited funds substantially delayed while complying with new requirements or even lost access to their deposited funds completely if they could not comply with the new requirements. Changing AML/KYC exchange enacted AML/KYC requirements have affected users of all major exchanges that handle both Bitcoin and National currency. People who continue using such exchanges should prepare for the contingency that their exchange of choice will change their AML/KYC requirements in the future.
Know your customer (KYC) refers to due diligence activities that financial institutions and other regulated companies must perform to ascertain relevant information from their clients for the purpose of doing business with them. The term is also used to refer to the bank regulation which governs these activities. Know Your Customer processes are also employed by companies of all sizes for the purpose of ensuring their proposed agents', consultants' or distributors' anti-bribery compliance. Banks, insurers and export credit agencies are increasingly demanding that customers provide detailed anti-corruption due diligence information, to verify their probity and integrity.
Who has to enforce KYC ?
Know your customer (KYC) falls under the responsability of each financial institution and/or regulated company.
The regulations require these entities to adopt KYC procedures. It assists them in knowing / understanding the customers and their financial dealings better to monitor their transactions for identification and prevention of suspicious transactions.
KYC Recommendations
KYC controls typically include the following:
- Collection and analysis of basic identity information (referred to in US regulations and practice a "Customer Identification Program" or CIP)
- Name matching against lists of known parties (such as "politically exposed person" or PEP)
- Determination of the customer's risk in terms of propensity to commit money laundering, terrorist finance, or identity theft
- Creation of an expectation of a customer's transactional behavior
- Monitoring of a customer's transactions against their expected behaviour and recorded profile as well as that of the customer's peers
KYC Jurisdiction and Locality
KYC regulations are local, and differ from country to country. Jurisdiction is also, on a coutry to country basis.
To know more about your specific country, visit: http://kycmap.com
KYC and Bitcoin Exchanges
Stricter KYC policies:
Bitstamp https://www.bitstamp.net/privacy-policy/
Bitfinex https://www.bitfinex.com/pages/tos or refer inquiries to [email protected]
BTCChina (only since new PBOC guidance, Dec 2013) (link?)
Cavirtex https://www.cavirtex.com/faq
Coinbase https://coinbase.com/legal/privacy
Kraken https://www.kraken.com/legal/verification (their General Counsel, Constance Choi is a well known specialist in the Regulatory and Compliance field)
Cryptonit https://cryptonit.net/regulations
Loose or non-existant KYC policies:
BTC-e (??)
Crypsty (??)
LocalBitcoin (p2p based, limited KYC?)
What is AML?
Standing for "Anti-money Laundering", it is a set of procedures, laws or regulations designed to stop the practice of generating income through illegal actions. In most cases money launderers hide their actions through a series of steps that make it look like money coming from illegal or unethical sources was earned legitimately.
Who has to enforce AML?
In response to mounting concern over money laundering, the Financial Action Task Force on Money Laundering (FATF) was established by the G-7 Summit that was held in Paris in 1989.
The Task Force was given the responsibility of examining money laundering techniques and trends, reviewing the action which had already been taken at a national or international level, and setting out the measures that still needed to be taken to combat money laundering. In April 1990, less than one year after its creation, the FATF issued a report containing a set of Forty Recommendations, which provide a comprehensive plan of action needed to fight against money laundering.
The FATF calls upon all countries to take the necessary steps to bring their national systems for combating money laundering and terrorism financing into compliance with the new FATF Recommendations, and to effectively implement these measures.
Again, as in the case of KYC, financial institutions and/or regulated companies are responsible for the implementation of internal AML policies.
AML Jurisdiction and Locality
AML regulations are also local, and differ from country to country. Some countries choose a top-down approach, inheriting much of their AML policies from the FATF, while others go for a bottom-up approach and then have to reconcile both policies. Extreme countries where such reconciliation is impossible (generally due to Government unwillingness) are excluded from the FATF membership, with the corollary of increased complications to access the international markets and financing.
For a full list of FATF members, visit: http://en.wikipedia.org/wiki/Financial_Action_Task_Force_on_Money_Laundering
AML and Bitcoin Exchanges
Currently in compliance:
Bitstamp https://www.bitstamp.net/aml-policy/
Bitfinex https://www.bitfinex.com/pages/tos or refer inquiries to [email protected]
Cavirtex https://www.cavirtex.com/why_virtex#proactively_working
Coinbase https://coinbase.com/legal/privacy
Kraken https://www.kraken.com/legal/aml (their General Counsel, Constance Choi is a well known specialist in the Regulatory and Compliance field)
Cryptonit https://cryptonit.net/regulations
Unknown status:
BTCChina (unclear since new PBOC guidance, Dec 2013) (are they financial institutions?)
BTC-e https://btc-e.com/page/1
LocalBitcoin (p2p based, limited or no AML?)
WARNING:
Assume that restrictions for any Bitcoin to National Currency exchange may become more restrictive at any time in the future. Many exchanges in the past have restricted currency deposits or withdrawals proactively as BitStamp has, without any explicit order from a government agency to do so at the time. Others like BTCChina have in response to concerns made even the ability to continue to login to their platform contingent on supplying further identifying information. In the past surprise changes to AML/KYC requirements have lead users of exchanges to have their access to deposited funds substantially delayed while complying with new requirements or even lost access to their deposited funds completely if they could not comply with the new requirements. Changing AML/KYC exchange enacted AML/KYC requirements have affected users of all major exchanges that handle both Bitcoin and National currency. People who continue using such exchanges should prepare for the contingency that their exchange of choice will change their AML/KYC requirements in the future.
Jump to: