The blockchain has revolutionized a number of industries, but none so much as the financial sector. From equity crowdfunding platforms which allow users to buy shares in projects with tokens, to startups raising funds through initial coin offerings (ICOs), to token exchanges where users can buy and exchange cryptocurrencies, the blockchain is changing the way that millions of people around the world save, transfer and invest funds.
However, over the last decade financial institutions of all shapes and sizes have began to receive increased attention from regulatory bodies around the world. From GDPR to KYC to AML, regulations are forcing financial institutions to put systems in place to screen and monitor users or risk huge fines penalties.
But while adhering to regulations is part and parcel of running a modern business, these issues pose a cultural dilemma for institutions using the blockchain. One of the founding principles of the technology is to democratize the investment landscape, to ‘cut out the middleman’ with decentralized transactions, and also to send, save, and invest funds anonymously. Many regulations are demanding exactly the opposite.
Is it possible to comply with these regulations while still sticking to the original principles of the blockchain? Or do these new regulations run the risk of killing the blockchain before it really has the chance to take off? Three new regulations are driving change within blockchain, with each raising questions marks over how they will impact the technology – and its original intent of anonymity and decentralized power structures:
Who’s buying what: KYC
The first regulation driving change, and one pushed hard by regulators in the United States, is the adoption of Know Your Customer legislation. Generally, KYC compliance requires financial institutions to undertake due diligence by having a Customer Identification Program (CIP) in place, which requires a user to present a passport or identity card that matches official registers.
While most respectable ICOs, crowdfunding platforms and crypto exchanges conduct rigorous KYC procedures, the challenge is not so much gathering initial information, but instead making sure that information is kept up to date and is shareable between trusted organizations.
This may not sound like a big deal to the average joe, but the requirement to provide identification as legislated by government goes directly against one of the founding principles of blockchain. Remember, this is the tech heralded by many for its ability to decentralize and democratize power. So, how can blockchain appease lawmakers with KYC implementation while sticking to its origins? Well, through the blockchain itself. Storing the identifying information on the blockchain to be managed by a secure third-party organization (such as a government body) would potentially solve this problem. All financial institutions would be able to submit and update user information on the blockchain. Users’ information would be tied to their e-identity numbers, rather than their names. This would mean that if a user was flagged or barred by one institution, this information would be updated on the blockchain, offering transparency to other institutions too.
Follow the money: AML
A second regulation pushed by the US is aimed at money laundering and raises similar concerns. The Anti-Money Laundering (AML) legislation requires financial institutions to prevent, detect, and report potential money laundering activities. Financial institutions that ‘red flag’ any suspicious behaviour are required to notify the relevant authorities within their jurisdiction, and also freeze any further transactions until the client in suspicion has been cleared. Failure to do so can result in high penalties, or the closure of institutions or platforms.
This poses challenges on the blockchain due to the sheer frequency of transactions being made. Unlike KYC processes, which would need to be done mostly only once, AML requires that all transactions made by an individual be monitored consistently, and that a system is in place by which financial institutions have a means of monitoring if any of their users, have been flagged or barred from other entities too.
The advantage of this system is that once this user information is stored on the blockchain, it would also improve accessibility to other financial institutions around the world who are granted access by the third-party blockchain controller. This would also streamline verification for users. Once registered by one institution, the user would effectively be verified for all different services using their e-identification number. However, it would also mean that if flagged or barred from one service, they would effectively be barred from all services with access to the blockchain information.
Declare the data: GDPR
Last but not least are the European regulations introduced under EU General Data Protection.
The GDPR, introduced in May, regulates how financial institutions store, and declare client data. While most financial institutions have a legal reason to collect basic user data and store transactional data for as long as ten years, they need to be careful about storing personal user information on the blockchain.
Once information is stored on the blockchain, it cannot be edited or deleted, which could cause problems further down the line if institutions store personal data such as names, email addresses and more.
The way around this would be to store user data on the blockchain only using numerical digits, such as an e-identification number. This would mean that companies do not have to worry about deleting personal information, should they receive a ‘request to be forgotten’ from a client. However, for this to work, more governments need to follow the example of forward-thinking countries like Switzerland and Estonia who offer this e-citizenship option.
For the betterment of blockchain
These are evidently testing times for the blockchain. As the technology has garnered public interest and international investment, it has also attracted tougher stances from governmental bodies. Solutions to these challenges continue to develop and it will be interesting to see how the blockchain community responds to stricter operation guidelines – especially as regulations pit competing ideas against each other: third party verification versus decentralization, stored personal information versus anonymity.
When cryptocurrency exchange ShapeShift, which previously had relaxed registration processes requiring minimal personal data, announced it would be rolling out KYC processes, the backlash from the online crypto community was ferocious. However, while many were quick to criticize, others recognized that the ShapeShift founders were simply reacting to extreme pressure from regulators.
Financial institutions using the blockchain are between a rock and a hard place. On one side, they need to comply with regulations or risk huge fines or closure, but in doing so, risk breaking blockchain’s founding principles of decentralization and anonymity, not to mention alienating the users which were attracted by these principles. That said, for blockchain enthusiasts wanting to break free of centralized, controlled systems, putting the power in the hands of governments — who have their own trust issues to deal with — might be viewed as going from bad to worse.
But is it possible for these institutions to adhere to regulations, without entirely breaking their founding principles? Time will tell.
Max Lyadvinsky is co-founder and CEO of Bloomio a seed stage crowdfunding platform based on blockchain technology. He is an entrepreneur and angel investor with expertise in fundraising and scaling startup teams, envisioning future technology trends, developing product strategies and innovating disruptive technologies.