Decentralization and KYC Compliance: Critical Concepts in Sovereign Policy

Missed a session of MetaBeat 2022? Visit the on-demand library for all our recommended sessions here.


The decentralized nature of Web3 projects makes it challenging for traditional regulatory organizations to manage them. For a long time, the community saw this as positive because it meant that these projects were beyond the control of the government.

However, as these projects have grown in popularity, there has been increasing pressure from regulators to find ways to control them. One area where this is most apparent is Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance.

KYC has had a very negative connotation in the Web3 community. People see it as an invasion of their privacy and a way for the government to control them. They also see it as the antithesis of blockchain technology, which should be decentralized and anonymous.

In this article, we will try to answer the question: Does KYC Really Infringe Decentralization? We’ll look at the arguments for and against KYC compliance and try to come to a conclusion as to whether Web3 projects should consider it.

The wild west of web3

Due to the decentralized nature of Web3 projects, there were no rules or regulations for them for a long time. This was seen by many as a good thing, as it meant that these projects were beyond the control of the government.

This dates back to the early days of Bitcoin, when anonymous creator Satoshi Nakamoto said the cryptocurrency was designed as “a peer-to-peer electronic money system” that did not require a “trustworthy third party”. This meant that there was no central authority controlling Bitcoin, and it was up to the users to decide how they wanted to use it.

Of course, this lack of regulation also meant that there were no rules against things like money laundering or terrorist financing. This led to Bitcoin being used for a variety of illegal activities on the dark web, promoting the negative associations of it being used for criminal activities.

The way onboarding used to work for crypto projects: users went to their website, downloaded the software, and then sent them some money. There was no KYC or AML compliance as there was no way of knowing who money was being sent to.

This all changed as crypto ecosystems started to grow and attract more regular users. As more people started buying crypto, the exchanges they used started implementing KYC and AML compliance measures.

Early pushback against big players

This was a necessary evil to keep ecosystems growing and attracting more users. But it also created a lot of friction within the community because many people thought it was a way for governments to control them.

Tension came to a head in 2017 when the Chinese government cracked down on Initial Coin Offerings (ICOs). This led to a mass exodus of crypto projects from China to more friendly jurisdictions such as Hong Kong and Singapore.

But even in these more crypto-friendly jurisdictions, KYC and AML compliance was still necessary to comply with the law. This led to many projects doing KYC-AML compliance in a way that the community found too intrusive.

For example, Binance, one of the largest crypto exchanges in the world, was accused of doing too much KYC on its users — but then the US Securities and Exchange Commission (SEC) urged Binance to actually raise its KYC standards. This suggested that it simply wasn’t enough to let users upload their IDs and selfies. Most users are understandably uncomfortable with that.

This led to much criticism from the community as it was seen as an invasion of privacy; but Binance has not relented and still maintains a thorough KYC policy.

Dissatisfaction with strict policies indicates that a delicate balance must be struck when it comes to KYC and AML compliance. On the one hand, you must do enough to comply with the law and prevent your platform from being used for illegal activities. On the other hand, you don’t want to do too much and risk alienating your user base.

The current state of KYC in the crypto world

In today’s crypto world, most exchanges and wallets have some form of KYC, but there is still a lot of variation in how much information is requested from users.

Some exchanges, such as Coinbase, only require users to provide their name and email address. Other exchanges, such as Binance, allow multiple levels of verification with varying degrees of required information.

There are also a few exchanges that have implemented KYC-less protocols. This means that users do not have to enter any personal information to use the platform.

The main drawback of this approach is that it becomes more difficult to comply with anti-money laundering regulations. This is why most exchanges still require some form of KYC from their users.

Lessons in Sovereign Policy

The push and pull between regulation and decentralization is not unique to the crypto world. All sovereign nations have to deal with it when it comes to their own policy making.

Historically, the laws of the United States have attempted to regulate the Internet — and met a lot of resistance. The best-known example is the Communication Decency Actwhich the Supreme Court overturned in 1997.

The law was passed in an effort to regulate online pornography, but was quickly criticized by the tech industry. The main problem with the act was that it was too broad and would have resulted in the censorship of a lot of non-pornographic content.

The court eventually overturned the law, but the case highlights the tension between regulation and decentralization. The US has since taken a more hands-off approach to regulating the internet, which has allowed the tech industry to thrive, but also enabled the prevalence of harmful content.

Lack of regulation is why big banks still have an edge over DeFi

When interviewed about the potential success of the crypto industry in replacing legacy banking players, hedge fund manager Kenneth C. Griffin said the perennial flaw of crypto is that unlike banks, very little can be done when users call their financial services provider. need to do right by them.

Charlie Munger, legendary investor from Berkshire Hathaway, also said that crypto “rat poisonand cited the prevalence of illegal activity as why he would personally never consider it a viable asset class.

These statements, while inflammatory, get to the heart of one of crypto’s major problems: its lack of regulation. Unlike banks and other financial institutions, there is no government agency that oversees the crypto industry.

This means there is no guaranteed protection for users if something goes wrong. If a user is hacked and loses all of their crypto, there is no government insurance to cover the loss.

The same lack of regulation also makes it difficult for exchanges and other crypto companies to get traditional banking services. This is one of the reasons why the DeFi industry has been so important in the crypto world, as it can perform many of the services of traditional banks, such as lending and borrowing with interest accrual and asset investment, without the same regulatory requirements.

By using decentralized protocols, users can bypass the need for traditional financial institutions. However, the lack of regulation also makes DeFi protocols more vulnerable to hacks and other security vulnerabilities.

KYC, decentralization and digital identity

So that said, does KYC violate Web3’s principles of decentralization and privacy? It does not. To better understand why you should look at it from both sides.

First, let’s look at it from the perspective of exchanges and other companies that need KYC. For these companies, KYC is a way to comply with anti-money laundering regulations. By requiring users to submit personal information, companies can help prevent criminals from using their platforms to launder money.

This is a good thing for businesses and users alike. It’s also worth noting that KYC doesn’t have to be an invasion of privacy. When done right, companies can collect the necessary information without sacrificing the privacy of their users.

Second, it’s worth noting that decentralization goes hand in hand with another key element of Web3: digital identity. For decentralization to work, users must be able to prove their identity. Otherwise there would be no way to prevent bad actors from abusing the system.

Decentralization without digital identity is not the kind of decentralization we strive for. Furthermore, a self-sovereign identity system would give users complete control over their personal information, further alleviating concerns about centralization.

This means that users can choose to share their information only with the companies and organizations they trust. They no longer have to worry about their information being mishandled or stolen by central authorities.

KYC is a way to establish a digital identity. By requiring users to submit personal information, companies can ensure that everyone who uses their platform is who they say they are.

Why KYC Is A Necessary First Step For Crypto Exchanges

With all the above points in mind, it is clear that KYC is the necessary first step for Web3 projects. Without some form of KYC, it would be very difficult for exchanges to operate in a compliance-friendly manner.

Users should not think about centralizing their data, but verifying their legitimacy. Once a user’s KYC information is verified, they can do their job on the platform without worrying about being flagged for suspicious activity.

In conclusion, it is clear that KYC is a necessary first step for exchanges and other Web3 projects. Without any kind of compliance, it would be very difficult for these projects to operate in a legal and secure manner.

In our next segment, we’ll talk about the role DeFi plays in the inclusive economy behind Web3: how it enables the participation of those left out of the traditional financial system, and what advantages it has compared to the current system.

Daniel Saito is CEO and co-founder of StrongNode.

DataDecision makers

Welcome to the VentureBeat Community!

DataDecisionMakers is where experts, including the technical people who do data work, can share data-related insights and innovation.

If you want to read about the very latest ideas and up-to-date information, best practices and the future of data and data technology, join DataDecisionMakers.

You might even consider contributing an article yourself!

Read more from DataDecisionMakers