Out-Law Analysis | 09 Jan 2018 | 3:49 pm | 3 min. read
KYC due diligence checks place enormous time and cost burdens on banks and other financial institutions, and those burdens are only growing as a result of recent updates made to EU anti-money laundering laws.
At the moment, financial institutions have to perform KYC independently, and upload the validated information and documents to their central registry where the digitalised data is stored and tagged to a unique identification number for each client.
An inter-bank KYC blockchain-based registry has the potential to remove the duplication of effort concerning KYC checks. Decentralised, centralised and hybrid blockchains are being investigated as potential solutions by banks, but most projects are largely still at proof of concept stage.
Benefits of a blockchain-based solution
An inter-bank KYC blockchain-based registry could enable encrypted updates to client details to be distributed to all banks in near real-time. This is one of the major benefits that such a system would provide.
The KYC ledger would provide a historical record of all documents shared and compliance activities undertaken for each client. This would form the evidence to be provided to the regulators.
Further important characteristics of KYC are digital identities and digital signatures. Digital identity tokens could be used to store relevant information about the customer such as addresses, account details, or any such identification information which could be used during AML/transaction monitoring, thus increasing accuracy.
However, there are already working non-blockchain-based digital signature and digital identification solutions in the market today which are used for signing contracts. It is therefore arguable whether a blockchain solution would provide any additional benefit in this respect.
There are a number of other perceived benefits of a KYC blockchain solution, however few are tried and tested.
For the consumer, there is the promise of enhanced customer experience through only having to submit documentation once, as well as increased security of their data. For banks, a cross-industry solution offers the potential to reduce operational costs as a result of not having to duplicate KYC processes. The opportunity to share fraudulent transaction details increasing network legitimacy and, for the regulator, a continuous and transparent audit trail of all transactions, are further potential benefits.
Practical questions remain unanswered
There are a number of questions yet to be answered about how an inter-bank KYC blockchain-based registry would work in practice, including, most importantly, what type of blockchain framework would be most appropriate.
One option might be to have a distributed, decentralised central KYC registry accessible and updated by all network participants. Another option might be for a distributed, centralised blockchain to operate where a single or multiple trusted authorities update the KYC data that all the network participants rely upon.
A hybrid blockchain could also be envisaged where a combination of corporate and other stakeholders update and verify KYC data with varied permissions. However, it is not entirely clear how this use case would evolve.
The limitations of third party verifications is a barrier to adoption
There are also clear limitations concerning an inter-bank KYC blockchain proposition. In practice, there would have to be consensus amongst all bank participants with regard to the standard of KYC carried out.
In reality, would Bank A rely solely on Bank B's KYC checks of a particular investor, individual or business, without verifying the results for themselves? Would Bank C rely on Bank D's historical data with complete confidence? It is unlikely in our view.
Blockchains, in their most basic form, are simply databases and the information recorded on them can only be as good as the source that verified the data in the first place, particularly with regard to distributed centralised blockchains which would probably be the most appropriate blockchain format for this KYC proposition. That means total reliance on a third party. It seems doubtful that any bank would take on this risk.
Overall, a blockchain-based KYC registry is an interesting concept still in its infancy. However, because banks are unlikely to take on the risk of relying on third party data it undermines the potential use case for a blockchain-based KYC registry proposition in the banking sector.
Charlie Clarence-Smith is a specialist in blockchain technology and regulation at Pinsent Masons, the law firm behind Out-Law.com.