Is there a way, with modern technologies, to store, verify, and protect digital information? This question had remained with no answer for quite a long time, but now the key seems to be the Blockchain system. Blockchain KYC policies, for example, can help companies to quicken ID checks and safely transfer sensitive data to other organisations.
Let’s see how Blockchain works, first.
Blockchain is a list of records stored in blocks of information on a distributed ledger. A blockchain is typically managed by a peer-to-peer network in charge of validating transactions, but there are also cases of Blockchain-based systems with a control centre. Because of its nature, Blockchain does not allow any modification or erasure of the records.
Basically, Blockchain is secure by nature. And so are Blockchain KYC policies. Let’s talk about them more in-depth.
How KYC usually works
When required by law and regulations, businesses have to verify their clients’ identities following meticulous processes in order to avoid the perpetration of crimes such as money laundering, illicit financing, fraud, and so on.
When businesses have physical contact with their clients, everything is pretty easy: you carry a proof of ID with you, it gets verified, and you are ready to go.
However, given the fact that digital transactions have been on the rise since the last decade and the numbers do not show signs of stopping, new procedures had to be standardised and regulated. That’s how the concept of Know Your Client as we intend it now was generated.
While KYC policies are different in each sector and jurisdiction, they always have some elements in common, when executed remotely:
- Documents verification: the client submits a proof of ID, usually a paper document, as a photo or a scanned version. The document is then compared with some standard databases in order to verify if they are authentic or forged;
- Blacklist checks: the document is verified on various blacklists, either public or private, with no universal standards, which means this kind of check may fail in some jurisdictions and succeed in others;
- Face or biometric data verification: usually the client submits a video of themselves with a neutral expression. Sometimes they are required to pronounce a short statement or hold a sheet of paper with a given short statement written on it. Other verifications might include biometric data, such as fingerprints.
The absence of a shared database seems to be the main reason why KYC is so time-consuming: if you send an application to different organisations, each of them will conduct their own KYC checks.
Furthermore, there are more security risks than you could possibly imagine: company servers (including banks) could be hacked, your device could be hacked, transactions on the network may be intercepted, diverted, deleted, or manipulated in many ways.
And the risk multiplies with the number of transactions.
How Blockchain KYC systems work
Once you submit information to a blockchain, they can’t be changed, but they can be seen any time by anyone who can access the database. Imagine you send an application for a loan: you don’t have to do the application for every single bank, but because all your data are on the Blockchain, you do not need to apply for every single financial institution you come across, because they will be able to verify your ID thanks to the data you already submitted.
Basically, a client will only have to go through KYC once, and their record will be available on the ledger for everyone who requires that information and has got the key to access it (data on Blockchain is normally encrypted), which is a proof that the client gave their consent.
Blockchain benefits on KYC
The first advantages of Blockchain KYC systems are the money saved in legal fees and the amount of time that can be spent on more remunerative tasks.
Blockchain, however, is not just about optimising productivity, but also security and communication are involved. Let’s find out the main aspects that actually make Blockchain KYC procedures a winning solution.
We think that our data are collected and protected in the safest way possible by companies that are required by laws and regulations to run a KYC procedure for every client they get. Although companies do put a lot of effort into this, and it is inevitable that mistakes are made, because there are a lot of people and management systems involved, thus leading to authorising what should not be authorised.
On the Blockchain, KYC can become part of an automated process that flows into a smart contract, on which may depend more processes, making compliance way quicker and easier than the traditional system. In this case, Blockchain ceases to be just a KYC tool and becomes the base of a whole ecosystem that can set a standard not only for a single company, but for the whole industry.
When the whole process is automated, the benefits are maximised:
- There is no need for double check performed manually;
- Zero data loss;
- Faster procedures overall;
- Standards for a whole sector;
- Extendible with smart contracts.
Secure data processing
As we said above, Blockchain works with a decentralised ledger, and this makes a huge difference in terms of security.
Traditional centralised systems, in fact, rely on a single ledger where all data and transactions are recorded, and such ledger is obviously protected with state-of-the-art encryption systems in order to prevent any breach. However, because of their centralised nature, if the central node is hacked, all the users are endangered, because, at that point, it is very easy to manipulate confidential data of millions of people.
With a decentralised system, even if a criminal succeeds in manipulating data on a node of the network, the attempt will be spotted as soon as all the nodes check all their records and match them with other nodes, and even though the ledger is public, every information is encrypted, so the user does not lose control over their data.
That being said, even if each solution must be assessed on a case-by-case basis, we can agree with the idea that the Blockchain might comply with the current data protection laws.
More transparency on both sides
Let’s talk about user control on data more in-depth, because this is one of the main factors that set a distance between Blockchain KYC procedures and the way many currently conceive KYC.
When an individual gives their consent to process their data in order to apply to a certain service offered by a particular organisation, they lose control over their data, and they no longer know how it will be used and whether there is a breach of the terms and conditions or a misuse of it.
Blockchain, instead, empowers the user with data control in more than one way:
- They decide who, how, and when organisations should access their data, increasing trust in those very organisations and probably in the whole industry;
- They can reduce the risk of being frauded, because they can rest assured the history of their transactions is always accessible and can’t be deleted, allowing competent authorities to trace perpetrators;
- Organisations might be required to give a reason in order to access user’s data, making the whole process more transparent;
- There is no need for complex authentication systems.
Transparency is an essential value for any company with a KYC policy in place, and Blockchain is not only a boost in terms of productivity, but also for their reputation.
Blockchain KYC: a case study
At the end of last year, 26 French companies terminated the trial of an innovative Blockchain KYC procedure which also involved 5 banks, including BNP Paribas.
Interesting fact: the companies covered by the project belong to different sectors, proving Blockchain’s versatility, from insurance to food and automotive.
The Blockchain consortium R3 supplied all the companies taking part in the trial with their KYC system, branded Corda.
The results and feedback were very positive: onboarding processes and ID verifications were very quick, because all the information was stored on a shared database, and the users were very happy to be in control of the whole thing, giving and revoking access to banks and other organisations.
Normally, a KYC procedure would take up to a few days, but with Corda in place, it only took a matter of seconds. Every transaction was successfully recorded on the Blockchain.
The case of HSBC
Another company using Blockchain for KYC purposes is the banking company HSBC, which completed the first Chinese letter of credit transaction on the Blockchain two months ago, on September 2019. HSBC has been using a Blockchain KYC system since 2017, together with MUFG and OCBC Bank, with a platform based on an avant-garde Blockchain technology developed by IBM.
Such distributed ledger technology enables companies and users to record, access, and share information safely, because information is encrypted.IDs are validated by matching references with government databases, tax information, and credit agencies.
Other Blockchain applications
Blockchain possibilities do not end with KYC but extend over a wide range of purposes. There are dozens of Blockchain applications that can potentially change the world, from supply chain, which is happening already in the food and fashion industries, to workers conditions monitoring.
Blockchain is definitely a technology worth watching and studying. Many companies across Europe already implemented it and got considerable advantages in terms of sales, public image, and productivity.
If you think your company could benefit from Blockchain, too, you have the chance to contact us for a free introductory consultation.