Due Diligence of Digital Asset Transactions – Are You Required to Know Your Transaction?

Share This Post

If you don’t know what “know your transaction” means, don’t feel bad. I didn’t know prior to writing this article.

But one of the things we do at Holland & Marie is share best practices. Our friends at Merkle Science, a Singapore-based leader in the Blockchain analytics space, kept saying know your transaction (“KYT”) customer due diligence (“CDD”) was the future and important development in the fight against criminal activity and financial crime. So, I thought I would try to understand what KYT means and which businesses are required to do it.

KYT FUNDAMENTAL TERMS AND CONTEXT

In order to understand KYT, you should have a basic understanding of cryptocurrencies and how they are transferred.

KYT

For the purpose of this article, we will define KYT as the CDD processes relating to transactions via addresses aka ‘wallets’ that store cryptocurrencies (“Wallets”) such as Bitcoin. In a KYT exercise, you may conduct diligence on your customer’s Wallet, as well as the Wallets to and from which transfers of cryptocurrencies are effected by your customer’s Wallet.

KYT replicates the normal CDD process, except that the Wallet itself is treated as the customer rather than a corporation or a natural person. A person conducting KYT may:

  • “onboard” (for lack of a better word) a Wallet address (explained below), similar to how it could onboard a customer.o Certain Wallet addresses are now included on government sanction lists;
  • effect transaction monitoring by monitoring the transactions conducted by customers’ Wallets; and
  • assess the on-chain risk profile of the third-party Wallet with which the customer’s Wallet

Wallets

“A cryptocurrency wallet stores private and public keys, which are necessary to send and receive cryptocurrencies. There are hardware, software and paper wallets. Hardware and paper wallets are typically considered more secure than software wallets, although there are pros and cons associated with each.”(1)

Addresses and Public Keys

A Wallet’s address and public key are the same thing… or are not the same thing. The answer depends on who you ask. For practical purposes, they are a delivery address for cryptocurrencies – the string of letters and numbers a person uses to send cryptocurrencies to a Customer’s wallet. A single Wallet can have numerous addresses/public keys.

WHO IS REQUIRED TO CONDUCT KYT? (2)

Asking a compliance officer what are the minimum CDD requirements is unproductive(3) for various reasons:

  • Businesses conducting regulated activities (“FIs”)(4) are generally required to conduct their business in conformity with “high ethical standards” and guard against establishing any business relations or undertaking any transaction, that is or may be connected with or may facilitate money laundering or terrorism financing,(5) which generally is inconsistent with merely doing the minimum;
  • there are no minimum requirements. FIs are expected to use CDD measures that are commensurate with the level of risk of the customer/transaction;(6) and
  • the overall CDD required to be conducted will depend on the initial review of the materials received and any matters which require further CDD is not a tick the box exercise

Assessing and Mitigating Risks

An FI is expected to identify, assess and understand its money laundering and terrorism financing risks in relation to:

  • its customers;
  • the countries or jurisdictions its customers are from or in;
  • the countries or jurisdictions the FI has operations in; and
  • its products, services, transactions and delivery (7)

Upon assessing it’s risk, an FI is expected to ensure the performance of measures to effectively manage and mitigate the risks identified and guidance from the Monetary Authority of Singapore (the “MAS”) or other relevant authorities in Singapore.(8)

WHAT RISKS DOES KYT MITIGATE?

The Financial Action Task Force (“FATF”) (of which Singapore is a member) has determined cryptocurrency activities to present higher money-laundering and terrorist financing risks.(9) The MAS has agreed to implement the enhanced FATF standards with respect to cryptocurrencies.(10) As a result, KYT can be considered an additional CDD measure that mitigates the inherently higher risks of cryptocurrency transactions

OTHER REASONS KYT IS IMPORTANT

In the words of Ian Lee, a member of the founding team at Merkle Science:

“Any and every business that exposes itself to cryptocurrency should consider conducting KYT as part of its overall AML/CTF programme. KYT is more than just an obligation for fighting criminal activity and financial crime, it is an important risk management tool (not unlike insurance) to safeguard businesses by making sure one isn’t caught unaware that criminals are taking advantage of their operations for illicit purposes. With increased regulatory scrutiny, the risk of crypto-businesses getting audited by both the public and private sector players grows daily. KYT is thus an important new piece in the compliance chain that strives to build a bridge of trust between the wild-west blockchain industry and the more traditional financial services industry.”

CONCLUSION

Holland & Marie is the leading expert in assisting FI’s implement a KYT programme that will satisfy their requirements in every jurisdiction where they operate…. Yeah, right!

Instead, it’s fair to say we are learning about KYT just like everyone else. For KYT, we work with firms like Merkle Science. We believe these types of partnerships benefit us and our clients.

There are no bright line tests regarding when KYT is required. PS Notice 02 does not refer to “wallet addresses” or “public keys”. However, the foregoing does not mean that KYT is generally not required. Instead, we believe KYT should be considered to be a best practice that is likely to be expected by FI’s that support cryptocurrency transactions as part of their regulated activities, particularly FI’s that expect to be regulated under the Payment Services Act.

For further information, contact:

Chris Holland: Partner | Holland & Marie | 201802481R

7 Straits View, Marina One East Tower, #05-01 Singapore 018936

www.hmcompliance.com

About Holland & Marie

Holland & Marie is a compliance, C-Suite and legal solutions firm based in Singapore. We have extensive experience resolving typical compliance issues including regulatory inspections, satisfying regulatory requirements and maintaining best practices in corporate governance to navigate the rapidly changing regulatory landscape.

About Merkle Science

Merkle Science is a risk and blockchain monitoring solution to detect and prevent the illegal use of cryptocurrencies. Based in Singapore, they work with blockchain companies, financial institutions and government agencies around the world who use them as a compliance and investigative product.

https://www.merklescience.com/

Disclaimer: The material in this post represents general information only and should not be relied upon as legal advice. Holland & Marie Pte. Ltd. is not a law firm and may not act as an advocate or solicitor for purposes of the Singapore Legal Profession Act.

———————————————————————————————————————————————————-

 

(1) See Ticker Tape Editors, “Bitcoin and Cryptocurrency 101: Understanding the Basics” (December 20, 2017), available at https://tickertape.tdameritrade.com/trading/bitcoin-cryptocurrency-basics-101-16210.

(2) While this article discusses the regulatory environment in Singapore, the analysis is relevant to any country that is implementing FATF standards.

(3) While unproductive, it is a reasonable to ask the question so a business can understand the costs of compliance when it considers whether to pursue a business activity.

(4) Although we generally refer to the Notice to Holders of Payment Service License (Digital Payment Token Service) on Prevention of Money Laundering and Countering the Financing of Terrorism (“PS Notice 02”), the notices published by the MAS to other FIs are substantially similar.

(5) For example, see Section 3.1(b) of PS Notice 02.

(6) For example, see Section 7.3 of PS Notice 02.

(7) For example, see Section 4.1 of PS Notice 02.

(8) For example, see Section 4.3(d) of PS Notice 02.

(9) See Paragraph 2.4(b))(i) of MAS, “Response to Feedback Received: Proposed Payment Services Notices on Prevention of Money Laundering and Countering the Financing of Terrorism” (December 2019), available at https://www.mas.gov.sg/-/media/MAS/News-and-Publications/Consultation- Papers/2019PSAMLCFTNoticesConsultation/Response-to-feedback-received-on-the-proposed- Payment-Services-AMLCFT-Notices_.pdf.

(10) Ibid

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Subscribe to our insights to get updates with latest insights about trends shaping our world.

Actionable Strategy for a Grey Environment | © 2023 HM

*HM is not a law firm and neither it nor its personnel may act as an advocate or solicitor for purposes of the Singapore Legal Profession Act.  HM is a Singapore-headquartered management consulting firm.  

HM operates under three brands: HM Strategy, HM Compliance and HM Counsel.  HM Compliance offers Singapore compliance services, including outsourced compliance, MAS licensing services, ad hoc advisory and consulting services, corporate governance advisory, ESG consulting, training and internal audit.  HM launched as a Singapore compliance consultancy in 2018.  HM Strategy offers regulatory and management strategy advice to Boards of Directors and senior management as well as risk management consulting.  HM Counsel offers in-house counsel services.