Crypto Should Disrupt Current Anti-Money Laundering Practices, Not Adopt Them
Originally published in CoinDesk
Until the early 20th century, highly respected doctors would routinely engage in bloodletting to cure ailments ranging from acne to tuberculosis. While we have left bloodletting behind, we are still engaging in putatively helpful, but veritably destructive practices.
Modern know-your-customer/anti-money laundering (KYC/AML) regulations are equivalent to financial bloodletting today: They do little good and may cause a lot of harm. Yet whether we like it or not, the KYC/AML nightmare is coming to crypto.
A few weeks ago, news broke that a consortium of U.S.-based crypto companies had formed TRUST, a travel rule compliance platform that expands financial surveillance.
Incorporated companies must abide by the law of their local jurisdiction. Yet crypto shouldn’t blindly follow legacy AML rules from the Financial Action Task Force (FATF), the global money-laundering and terrorist funding oversight group; it should disrupt them.
A recent phenomenon
The idea of money laundering is a relatively recent one. In 1970, Richard Nixon passed the euphemistically named Bank Secrecy Act, which required financial institutions to spy on their customers.
Keep in mind, Al Capone and other U.S. mobsters had already been successfully prosecuted for tax evasion 40 years before the Bank Secrecy Act was passed! Since then, the scope of surveillance has grown exponentially. For example, banks in 1970 were required to report transactions in excess of $10,000. Today the limit remains $10,000, but $10,000 in 1970 is equivalent to $73,000 today!
Only after the 1990s did the rest of the world criminalize “money laundering,” mostly because of U.S. pressure after the 2001 terrorist attacks on the World Trade Center and Washington, D.C.
What have the results been of this policy experiment?
According to financial crime specialist Dr. Ron Pol, very little. Current AML rules don’t stop the vast majority of money laundering. The United Nations estimates that less than 1% of all criminal assets are seized globally, meaning that over 99% of criminal assets get laundered with impunity.
Why would criminals use the relatively small cryptocurrency market to launder funds on a public record, when they can easily launder billions through the conventional financial system without a trace?
AML regulations also come at a great financial cost. Worldwide spending on AML and sanctions compliance by financial institutions is estimated to exceed $180 billion a year, about 100 times more than the $1 billion to $2 billion in criminal assets that get seized annually.
Social costs are also high. The bureaucratic rules designed to keep criminals out disenfranchise millions of legitimate customers. More often than not, these are often marginalized groups.
If you live in a small or poor country, you might find it impossible to jump through the arbitrary hoops designed by a San Francisco product manager on the advice of a London lawyer. The author has personally been locked out of accounts because a small EU government issued document was not accepted as valid proof of address. The company’s KYC service couldn’t comprehend that there are places where people do not use utility bills to prove residence.
AML departments in financial service companies are more about complying with AML legislation than actually stopping money laundering. A 2014 study found that identity verification “principles, guidance and practices resulted in processes that are largely bureaucratic and do not ensure that identity fraud is effectively prevented.”
In other words, fraud has been growing at astronomical rates worldwide and KYC laws have greatly contributed to this. People are now accustomed to share their personal identity documents with a wide range of actors ranging from banks to telecom providers to pornography websites. Is it surprising when their information gets compromised?
Crypto is well suited
How can cryptocurrency disrupt AML regulations? Cryptography-based systems are uniquely well suited for proving identity and source of funds. Moreover, they can do so in a privacy preserving and transparent way. For instance, you could open accounts at a centralized entity pseudonymously, using a public key verified by a trusted authority.
That way you have to trust only one entity with your details. A similar privacy-preserving method could be used in decentralized finance (DeFi) using zero-knowledge proofs. Indeed, there is evidence that crypto is starting to disrupt sanctions enforcement.
Coinbase announced it had limited access to its services in 25,000 wallets that may be related to sanctioned Russians. The non-custodial privacy-focused wallet Wasabi has announced it will be blocking sanctioned addresses from its CoinJoin pools, meaning that users can be confident they won’t be mixing funds with sanctioned individuals. These measures, while countering the censorship-resistant ethos of cryptocurrency, generate much less collateral damage than the blanket bans and creeping surveillance of the current regime.
Although medical bloodletting was probably well intentioned, over centuries it caused a lot of unnecessary suffering, came at great societal cost and did nothing to treat disease. The cryptocurrency industry was born from a realization that the modern financial system leaves individuals vulnerable to abuse by trusted third parties.
The current regulatory hodgepodge of FATF-driven KYC and AML regulations have birthed ineffective systems that do little to stop money laundering. Instead, they enable political censorship, financial surveillance, fraud and inequality. The cryptocurrency industry should lead by example through the use of new innovative and effective anti-crime methods, instead of forcing old, ineffective ones.