Transaction laundering, also known as undisclosed aggregation, occurs when a merchant processes illegal transactions on behalf of another business. Front merchants may be in collusion with the violating business or unaware that the transactions are fraudulent. Governments throughout the world have recently started passing Anti-Money Laundering (AML) legislation that specifically targets cryptocurrency, especially anonymous money transfers. Know Your Transaction (KYT) technologies are one of the most effective methods of fighting transaction laundering schemes involving cryptocurrency.
What is KYT in Crypto?
Within the context of cryptocurrency, KYT is the process of evaluating financial transactions to determine if they’re suspicious or downright fraudulent. Transaction laundering is the most common cause of this activity, which is becoming more common as the use of cryptocurrency grows. Financial institutions (FIs) must also delve deeply into cryptocurrency transactions for evidence of crimes due to the strong incentive criminals have to avoid detection.
As a result, FIs must develop a strong understanding of the financial transactions they perform, as they’re often difficult to follow. In addition to the transfer of funds, these transactions also include clearances, invoices and other documents required for regulatory compliance. All of these transactions can provide clues about the true truth of a transfer, so they need to be carefully tracked. Audits are particularly useful for this purpose, whether it’s for regulatory compliance or suspicion of criminal activity.
What Exactly is KYT?
KYT procedures for blockchain technology and cryptocurrencies focus on the transaction itself, rather than the customer or entity initiating the transaction. For cryptocurrency, this information includes the transaction’s historical attributes as well as the connections to that transaction. Blockchain KYT monitors the flow of funds to an address instead of the customer, generally for the purpose of assessing the transaction’s legality and legitimacy.
As a result, FIs have become more involved with digital assets like cryptocurrency, either as a direct service provider or as an account manager of digital assets. These institutions must therefore begin increasing their understanding of cryptocurrency transactions and the way they flow through the blockchain.
KYT vs KYC
New technologies like KYT and Know Your Customer (KYC) are particularly useful for streamlining the process of monitoring and analyzing cryptocurrency transactions across national borders, which is where a major portion of transaction laundering occurs. However, distinct differences exist between these two approaches based on the particular challenge an organization is trying to overcome. In general, KYT compliance procedures complement the due diligence that KYC provides.
The challenges of cross-border transactions include the following:
- Money Laundering
- Lack of automation
- Operational inefficiency
- Slow Processing
- Insufficient information
The United Nations Office on Drugs and Crime reports that two to five percent of the world’s Gross Domestic Product (GDP) is laundered each year, with an increasing amount using cryptocurrency. Only a small fraction of this money is ever detected, although enforcement is getting stricter with larger fines. Furthermore, the number of AML regulations is increasing by almost ten percent each year in America, Canada, and the European Union (EU), according to regulatory analyst Neil Katkov.
Banks that fail to properly fulfill their AML obligations are at the greatest risk of penalties. These institutions must effectively share their data when checking their KYC processes to determine payment validity. At the same time, they must also strike the right balance between data privacy and crime prevention when processing cryptocurrency transactions.
Lack of Automation
Most banks still lack any means of automatically sharing payment data for transactions with banks in other countries, which is essential for detecting attempts to launder cryptocurrency across borders. Assume for this example that a US bank wants to send a payment to a bank in France. The French bank often requires additional information about the sender, requiring someone in the US bank to locate the information and receive legal clearance to send it to the French bank. This process almost always requires manual processing, resulting in inefficiency and the possibility of human error.
The messaging infrastructure of most banks creates operational inefficiencies that make it difficult to detect transaction laundering. For example, many cross-border payments are made in MT103 format, which is highly reliable but limited in the type of information it can carry. An MT199 message can usually provide any additional information that’s needed, but it may still be necessary to send an email to process a transaction. The need to send messages in three different formats requires employees to spend time that they would otherwise spend on value-added activities.
FIs can stop payments at any point in the process for a variety of causes, resulting in delays and a poor experience for both the sender and receiver. These reasons include checks for fraud, requests for more information and the issuance of sanctions, which are all necessary actions. However, the lack of digitalization requires multiple communication channels to share this information, increasing the delays. Simple checks may only require a few hours to complete, but complex situations can hold up a transaction for weeks.
The financial sector is tightly regulated, which complicates the process for sharing information across jurisdictions. For example, banks in some countries can’t provide any details about their customers, even to another department of the same bank. In these cases, the best KYC technology in the world won’t help institutions detect transaction laundering. Additionally, the General Data Protection Regulation (GDPR) profoundly affects the way in which every organization that handles the personal data of EU citizens can share that information. The EU adopted the 5th AML Directive (5AMLD) in 2020 to further describe the obligations of FIs in monitoring transactions.
A bank that fails to collect the information required to process a transaction upfront may not be able to locate that information quickly. This situation often occurs when KYC data and invoices are maintained in different systems, which can prevent that bank from finding it without delaying payment, resulting in further challenges.
The challenges of verifying transactions are often deep-seated, requiring comprehensive solutions to solve them. The technology needed to reduce financial crimes while minimizing costs requires a combination of KYT and KYC solutions.
KYT solutions share data about transactions in a way that is secure, permissioned and auditable. They also allow FIs to include this information with payments as needed to process them or easily request more transaction details from another institution.
In addition, KYT solutions provide banks with the ability to determine the location of relevant transaction data, even when it’s stored across multiple systems. They also allow banks to share this data with other organizations possessing the required permissions. These details include KYC information such as the purpose of the payment, typically in the form of supporting documents like an invoice or contract.
KYC solutions allow FIs to verify the identity of an entity requesting a transaction. Unlike KYT, KYC deals with entity-level information rather than transaction-level information. As a result, two entities can still engage in criminal activity, even when they both have perfectly good KYC information. FIs must therefore monitor transactions instead of just relying on information in the payment message, which often has a limited ability to detect transaction laundering.
Banks usually perform KYC procedures only on their own customers, not the customers of correspondent banks. They may also use these procedures on other banks just to verify they have the right KYC processes in place. As a result, sending banks typically have KYC information only on the transaction originator, while correspondent banks only have this information for the transaction recipient. This practice requires KYC solutions to rely on the data collection processes of other banks.
KYC procedures for cryptocurrency have changed significantly during the last three years. For example, the Financial Action Task Force (FATF) issued guidelines in 2019 that obligate countries to mitigate their risks of digital assets. They also implement enforcement measures for service providers that fail to comply with those obligations.
Why Do Companies Need KYT?
KYT monitoring systems assist national AML authorities and Financial Intelligence Units (FIUs) in taking timely action against money launderers and other types of cryptocurrency criminals. These systems should use international AML standards like payment-reporting thresholds to determine when to flag a cryptocurrency transaction. KYT software monitors financial transactions in real-time by using algorithms to track suspicious patterns.The Money Laundering Reporting Officer (MLRO) of a regulated FI then has the responsibility of reporting suspect transactions to the FIU for that jurisdiction. The FIU will conduct further investigation based on data-driven reports and take the action it deems necessary.
How does KYT work?
The number of cryptocurrency crimes continues to rise, as it becomes a more common medium of exchange. The creativity of those crimes is also increasing in response to the tightening regulations regarding cryptocurrencies. FIs therefore need to implement new measures that include KYT solutions.
The most effective way of implementing KYT procedures for cryptocurrency monitoring is to use a compliance solution like AMLBot that securely assesses the risk of transactions on the blockchain. This analytics solution allows FIs to automatically monitor cryptocurrency transactions, ensuring that digital assets remain aligned with current FATF and 5AMLD monitoring and assessment requirements.
Transaction monitoring (TM) is a key aspect of KYT for fighting cryptocurrency crimes, which consists of the following steps:
- Knowing the customer
- Risk-based calibration
- Resolution and enhancement
Knowing the Customer
FIs must ensure their customer due diligence (CDD) procedures and risk-assessment frameworks closely follow the AML and counter-terrorism financing (AML/CFT) requirements in their jurisdiction. Each country has its own financial regulatory bodies that provide guidance on how FIs should deal with the detection and prevention of AML/CFT. In particular, KYT frameworks must assess the risk each customer poses by providing the FI with sufficient knowledge about its consumers.
The next stage of implementing TM is the system’s risk-based calibration, which involves configuring the system with appropriate parameters such as parameters, thresholds and scenarios. These settings are based on the unique environment, needs and risk of each FI, which requires frequent testing of the system’s ability to analyze historical data for the purpose of predicting results. FIs can then make necessary changes to their KYT system before risking their capital. In addition, FIs must assess the integrity of their data to ensure their systems are accurately capturing and transmitting transaction information.
The implementation of a KYT solution typically occurs in conjunction with the previous phases, rather than waiting for it to be completed. Implementation involves ensuring the accuracy, quality and consistency of the generated alerts and the way in which FI personnel handle them. For example, FIs must provide their employees with the training and guidance to ensure they can perform their duties effectively by minimizing errors during the KYT process. Training should include the procedure for conducting pre-transaction checks and the proper handling of alerts and documentation.
Resolution and Enhancement
Once an FI’s KYT process detects a questionable transaction, it must promptly file suspicious transaction reports (STRs) with that jurisdiction’s STR office. Even in cases where the FI continues its relationship with the customer, it must still implement additional measures known as post-STR practices that mitigate the risk of the account being used for ML/TF purposes. These measures generally include subjecting the suspicious account to greater scrutiny, such as requiring higher levels of approval before executing transactions against that account. FIs should also conduct additional quality assurance checks on suspicious accounts by periodically sampling the handling of alerts, thus ensuring the TM process remains robust.
New techniques for detecting and preventing financial crimes will become necessary as transactions move into the cryptocurrency sector. These measures are still in the early stages of their development, but it’s already clear that traditional approaches like KYC are inadequate in themselves. The sole reliance on KYC for managing the risk of cryptocurrency transactions creates problems like false positives, meaning a customer is incorrectly assessed as a risk.
Critical analysis of these transactions can provide the evidence needed to determine the legitimacy of a suspicious transaction, but this capability requires a robust KYT process. FIs must also work to enhance risk awareness and risk mitigation measures among staff that execute KYT controls.