Not quite traditionally, today we are bringing you an interview with the CEO of traceto.io, a platform that promises KYC system for the blockchain industry that is on a par with the regulatory standard of the legacy finance sector.
We reached out to traceto.io because we know the developments in regulatory policies are an interesting topic for cryptocurrency traders but at the same time reading walls of dry text about policies will inevitably make a trader’s eyes glaze over, and the CEO of the platform Chionh Chye Kit kindly made the time for an interview.
Chionh Chye Kit and traceto.io
Chionh Chye Kit is the Founder and CEO of traceto.io, a decentralized KYC platform, and also the Co-founder & Managing Director of Cynopsis Solutions, an AML software provider. He started his career at Pricewaterhouse and in total has gained nearly 20 years of financial and capital markets experience, largely from working in Macquarie Group and ING Bank.
In case this is the first time you read about Traceto:
- A platform on the Ethereum blockchain for reusable KYC.
- Users store their identity information in an encrypted, multisig-based way and get privately verified through the combination of AI technology and a community of carefully selected humans who work as verifiers.
- Human verifiers must stake the network utility token (T2T) in order to be able to participate in the verification process, which creates the incentive for them to behave honestly - either they earn T2T or they lose their stake.
- Companies that provide services for the end users, such as cryptocurrency trading platforms, may request access to KYC information about their customers. The customer has prerogative whether or not to grant his KYC information to the requesting platform.
The main competitors of traceto.io are Civic, uPort and Selfkey. If you care to make an informed opinion, the traceto.io whitepaper is well constructed, understandable and does cover the differences between traceto.io and its competitors.
Chionh Chye Kit:
“The regulatory standards in the crypto-world will only become more stringent.”
The legal standards are often very unclear in an international industry that is as young as the blockchain sector, so let’s first consider the basics: With traceto.io, the personal data of the customer is stored within a dapp and available to crypto businesses only per qualified request. Is this a legally acceptable model for instance for cryptocurrency exchanges - something, that businesses could readily implement and use even these days?
It is true that the details of the particular law might differ from country to country but in general, cryptocurrency exchanges always have the obligation to perform due diligence so that they can combat money laundering and financing of terrorism.
Typically, the rules in most countries allow for performance of due diligence by a third party intermediary and the requirement on record keeping does not dictate that the exchange must store customer data themselves.
The whitepaper mentions as one part of your competitive edge a client base of two hundred organizations through your parent organization, Cynopsis Solutions. Do some aspects of traceto.io come from your clients’ suggestions and direct feedback? What are the most pressing regulatory issues for businesses in the blockchain industry?
Our typical business clients from the cryptocurrency space are entrepreneurial people who focus strongly on the technology side and are not familiar with AML and KYC regulations at all. They realize it is an important aspect of their business but at the same time it is a challenge for most of them.
But we actually have about six hundred clients through Cynopsis in total, it is about two hundred out of them that currently operate in the crypto and blockchain business. So in our full client base we also have many strategic clients. The need for a decentralized KYC platform drove us to form traceto.io after discussing the idea with some of them.
What makes a KYC system on the blockchain necessary then? Would it not be enough to use a database, to encrypt all data before storing and to only have trusted employees deal with the critical business?
A blockchain-based KYC network can achieve higher efficiency than any traditional KYC system. Mainly the role of the network nodes is essential because it is the nodes that validate the compliance tasks, not humans.
Token staking, slashing and other reward mechanisms are performed by contracts instead of an arbitrary authority, which is what makes the platform so efficient. Humans will be present too as support agents during dispute resolutions, to monitor and report suspicious transaction or to complete other minor tasks. But primarily there are crypto-economic incentive mechanisms in place to facilitate node operators to drive these processes.
Other than that, traceto.io also has the advantage of sovereignty over the data and censorship resistance.
Censorship resistance is I’m afraid quite an abused buzzword in the cryptocurrency space. Does it really matter for today’s blockchain businesses?
What I meant is that no business or individual should be denied access to a KYC solution.
Currently the market for KYC services is dominated by several big players. They are established but they use centralized solutions that are more expensive and less efficient, because they cannot be scaled as easily. So for cost reasons it can happen that certain companies or individuals are arbitrarily denied the possibility to set up a KYC system or to complete a KYC procedure, which is obviously a problem.
If businesses are denied access to KYC and AML systems, they are exposed to the risk of being non-compliant with the relevant regulations which can have very severe and expensive consequences.
That makes a good case perhaps for smaller businesses or for blockchain projects that are just starting up. How about blockchain companies that are already using a traditional KYC solution? How difficult and costly would it be to make the transition from traditional KYC methods to traceto.io?
This is rather a question of compliance. My experience in the banking sector shows very clearly that the remediation costs incurred by businesses that try to cut their expenses by sidestepping regulatory requirements can be extremely significant. Having the most complete compliance solution in place is simply always the better option. In this regard the blockchain industry is really no different from the banking sector.
This need for the most complete solution is what we are targeting. Traceto.io offers a KYC and AML utility platform, not just a data storage solution. On the surface level, what we develop is a four-part framework that involves the initial verification of identity and screening for criminal activity combined with continuous due diligence procedures that have to be carried out over time - such as transaction monitoring and verifying whether the monitored address stays in the ownership of the same person over time. Considering the likely future development of the blockchain sector this completeness is an important advantage.
Is is expected that as the blockchain industry develops, even more complex KYC processes will be required?
Currently, the KYC standard in the cryptocurrency space is relatively quite low. For ICOs and exchanges the KYC processes usually only consist of matching a selfie to a passport. Some more compliant businesses may purchase an Anti Money Laundering screening solution - Cynopsis provides the Artemis software for AML - but it is not a requirement for all businesses.
The crypto-space KYC standard is generally missing many elements that are common in traditional industries.
Transaction monitoring is one of them - the analysis and risk assessment of transactions by a business’s end user. With the exception of the largest businesses transaction monitoring is unheard of amongst crypto companies, even though it is not problematic to do on public blockchains. However, it is the regulatory standard in most developed industries, not just in financial services.
We expect that in the future the blockchain industry KYC standard will increase. It will only become more stringent and eventually converge with the current standard of mature industries.
Are there also any practical examples of advantages for the individual customer of a business that uses a decentralized KYC network?
In our model, we actually entrust the storage of private keys to Personal Identifiable Information, or PII, to the users themselves via a multi-signature approach. To get particular data about a user, the business first has to request the information from the network and prove it is a request for legitimate purposes, such as regulatory enquiries. The request then needs to be granted by a quorum of community verifiers that have incentive to behave honestly.
Generally, reusable KYC minimizes the risks the customer needs to take with centralized solutions. These days users verify with their passport scans and selfies on each platform separately, some companies may also outsource KYC to third parties. Each of these companies has full access to the confidential data, which means there is a substantial exposure of the customer to the risk of data breach or abuse from rogue employees. Users really should not need to submit their documents to different exchanges or ICOs over and over again.
Under the traceto.io model users only submit their documents to one place, they never lose control over their data and because the platform is decentralized, there is no need to trust any company or their employees. The security aspect is also improved - the centralized nature of existing KYC solutions obviously presents a single point of failure which makes them more vulnerable to hacking.
But with your solution, while the platform protects the data of their users, it also can pair the identity of the person with their cryptocurrency address. This means the platform has information about the user’s ICO investments as well as general transaction activity. The whitepaper even names this kind of transaction monitoring as the basis to establish the user’s credit score. That is a lot of sensitive information - what are your policies for handling user privacy?
User transaction monitoring and analysis already is a key component of KYC and an important standard practice in traditional industries. We simply intend to provide this crucial aspect of KYC service to exchanges, wallets and other platform providers in the blockchain industry.
The credit assessment is a feature planned for a more distant phase in our roadmap as we get closer to the nexus between KYC and credit risk in the blockchain industry.
We will not share this information without first obtaining explicit permission from the user and the relevant business we work with.
This article was NOT sponsored.