Financial institutions could potentially use blockchain for know your customer purposes and such an application could even be rolled out in the next six months, but support would have to first come from governments before regulations can be put in place.
One of the unique features of the distributed ledger technology is that it creates a single ledger that allows access to only permitted parties, which is why it is dubbed "the single source of truth". It is this ability of the distributed ledger technology to provide a centralised store of data or information that has led the financial services sector to explore the use of blockchain for KYC purposes.
Use of Blockchain for KYC Needs Government Support
Marcelo Garcia Casil, chief executive of DXMarkets, a Singapore-based FinTech start-up that specialises in blockchain, said blockchain's potential applications for KYC purposes has attracted a lot of interest from financial institutions and that the technology is ready to carry out this application in the next six to 12 months. The technology however requires government support for it to be successful, he said.
"The required changes to regulation can take some time. I don't think it [the use of blockchain for KYC] will happen even in five years' time because it's a big change and KYC is a sensitive topic," he said.
Casil said he expects to see initiatives and projects on the application of blockchain for KYC this year, but governments will take a long time to validate the technology.
A number of jurisdictions including Hong Kong and Singapore are studying blockchain but it is unclear which aspects of its applications they are focusing on, he said.
An Attractive Proposition for Customers
Typically, customers are required to prove their identity to financial institutions for transactions by providing information such as an identification number, social security number, and address.
Tim Hogben, group executive, operations at the ASX Group in Sydney, said a centralised store of data which only financial institutions with permission to access and to which customers need to provide their personal data only once, would be a very attractive proposition.
"Instead of informing financial institutions individually when they need to verify their identity or update their personal information, customers can just update the central store of information. The individual needs to be in control of this process and as to who can have access to the information," he said.
The distributed ledger technology has the advantage of allowing the source of information to be stored as a "key" which, Casil said, would validate all the documents provided by a customer as authentic.
"Instead of submitting all the documents, the customer will provide the key, which is a hash or a mathematical function to validate that all documents have been authenticated. This makes the KYC process more efficient. The key will expire and the underlying data will become old and customers will need to update their information," he said.
Personal Data Privacy
According to Hogben, many jurisdictions are exploring the idea of introducing a digital identity framework, which involves presenting personal information in an electronic format that is reliable and trustworthy. Australia, for instance, is exploring the use of digital identifiers to allow easier access to government services. Tax and other regulatory authorities, he said, are particularly keen on having a single source of information that can provide them with details about individuals and taxpayers without having to obtain information from multiple sources.
But Hogben said customers must know who their personal data would be provided to and how their personal information would be stored, shared and deleted. Personal data privacy would be one of the main concerns, and ensuring that data is secure would be a top priority, he said.
Hogben said the existing practice, in which each financial institution maintains its own database, is xpensive, and often there is duplication of data. These problems, he said, could be overcome by having a centralised data source.
Hogben said the entity that provides the centralised store of data would need to be a trusted party that is highly regulated and it would be required to meet high standards, although it needs not necessarily be a government agency.
Security of the entity that runs the centralised data source would also be important, but this could be overcome by ensuring that the entity meets high security standards, Hogben said.
Casil said the entity that runs the centralised data source is likely to be a private company which specialises in carrying out due diligence. It would store the information in a database and produce a key which will be stored in blockchain, he said. Even then, such a company would not replace the onboarding and due diligence processes which banks should still carry out on their own, he said.
"Each bank has its own criteria and policy and banks still need to monitor their customers' activities," he said.
The idea of using distributed ledger technology for KYC purposes remains at an embryonic stage, particularly with respect to how the system will be able to provide information for purposes such as anti-money laundering, tracking foreign taxes, assessing customers' credit-worthiness and knowing which customers are blacklisted.
"There are a lot of regulatory requirements that would need to be complied with as well. It is certainly a focus in getting the model right as to how to comply with the various standards," Hogben said.