You are here
Home > Tech > Tech Talk > BLOCKCHAIN FOR AML/KYC


The legal status of virtual currencies or crypto-currencies (widely known as “bitcoin”) varies substantially from country to country and is still undefined or changing in many of them. Whereas the majority of countries do not make the usage of virtual currency itself illegal, its status as money or a commodity varies, with differing regulatory implications. While some countries have explicitly allowed its use and trade, others have banned or restricted it. Likewise, various government agencies, departments, and courts have classified crypto-currency differently. As on 22 March 2018, all countries of the world it has legal status for such crypto-currencies except 8 countries (Algeria, Bolivia, Ecuador, Kyrgyzstan, Bangladesh, Nepal, Cambodia and Macedonia) while Indonesia and Vietnam it is legal to trade and hold but illegal as payment tool. In Bangladesh according to Bangladesh Bank “anybody caught using the virtual currency could be jailed under the country’s strict anti-money laundering laws”.[Ref- The Telegraph-AFP, 15/09/2014]. India does not recognize crypto-currency and other virtual currencies as legal tender but instead encourage “blockchain” technology in payment systems. [Ref-Finance minister in his budget speech on 1 February 2018]. Though virtual currencies are illegal but there is no restriction or prohibition for embracing the use of “blockchain” as a technology in Bangladesh context.

Banks and Financial institutions are racing to invest in technology that allows real-time reporting to adhere to regulatory rules set out by various agencies and the Central Bank. This process includes compiling, tracking, and storing massive amounts of data to be parsed out and reported to regulators in a timely manner. The process in which financial institutions utilizes various technologies to help meet regulatory requirements such as machine learning and artificial intelligence to establish enterprise-wide data governance and compliances. These new technologies replace the current processes for modeling and reporting. In this article, we’ll analyze how “blockchain” technology enhances regulatory reporting for a number of directives including Anti Money Laundering (AML) and Know Your Customer (KYC).


Blockchain technology was announced through the paper titled “Bitcoin: A Peer-to-Peer Electronic Cash System” by Satoshi Nakamoto in 2008. This paper talks about a “purely peer-to-peer version of electronic cash” where “the network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof-of-work”. Recently, blockchain and some implementations of distributed ledger technology have earned the trust of Governments and Banks around the world.

Essentially, blockchain is a distributed database and verification system for financial transactions. The technology uses a publicly-viewed ledger to record and keep track of transactions. Each party in a transaction is assigned a cryptographic key. Each transaction has to be approved and validated by the participants in the network. Once credentials are verified by the network, the transaction can be completed, and an encrypted block is created. The block is added to the public ledger. However, the transaction details within the block remain private due to the cryptographic keys assigned to each party. The blockchain network allows parties to transact directly with each other with no financial oversight or government agency involvement. Currently, there is an urgent need for any organization an accepted security framework that prescribes security controls for secure blockchain implementation.

Since the ledger is distributed to the parties involved, peer-to-peer transactions can often be completed within minutes, versus current settlement times that often take hours to days to complete as in the case of financial payments. The ledger-based technology can be utilized as a public blockchain as in the case of the crypto-currency eg bitcoin. A blockchain can also be created for private use with a predetermined set of users as in the case of financial institutions. Within a private blockchain, participants could initiate transactions or access data within the network. For financial institutions, blockchain technology has enormous potential for internal controls, and also for improving regulatory compliances.


All data recorded on the ledger could be readily available to bank risk teams and regulators. Transactions, financial activity, account openings, lending activity and more could all be monitored and reported in real time. The transparent nature of blockchain allows financial institutions and regulatory agencies to communicate in real time with each other on the same network. Bank risk officers could be notified of compliance violations by regulators in real time allowing action to be taken quickly. As a result, the distributed ledger makes the communication and reporting process far more efficient and saves time versus the current model where violations can often take a long time to be detected, reported, and mitigated. And many times, under the current model, violations go undiscovered. Data on the blockchain ledger cannot be altered easily, and any data that is altered within a block can be tracked and monitored, preventing fraud and misuse. Currently, for most financial institutions, data is stored in silo-based systems. A shared ledger combines all data onto one platform. From there, a software program can be developed to extract specific pieces of data and generate reports with greater efficiency. With improved data governance, institutions can identify fraud at an earlier stage, prevent financial crimes and avoid costly penalties resulting from compliance failures.

The current KYC process can take days and even weeks to satisfy the requirements from regulators. As a result, the costs of being compliant for financial institutions are escalating rapidly as they race to stay ahead of financial fraudsters. With a shared ledger, the KYC process can be monitored and adjusted more efficiently from an enterprise-wide level. Due to the shared nature of the ledger, a database of all client activity and background information would be available to all on the network. Any updates and changes in a client’s status or a potential fraudulent transaction could be communicated and updated in near real-time. Direct access to a shared ledger would save institutions the time-intensive process of identifying fraud and reporting it. With blockchain, end-to-end tracing and tracking of transaction and client activity is possible. And since every department would have access to all client background information and all of their account activity, the KYC process would be more efficient.

Also, automated reports could be generated from the ledger reducing errors as a result of the current manual processes. Ultimately, the risk of noncompliance due to delayed or inaccurate reporting would be greatly diminished. Digital identity is one of many challenges with online and mobile banking applications. Online identity management in financial services requires an increased level of security protocols to prevent fraud and remain compliant with the KYC/AML/BSA. The popularity of mobile devices will increase in the years to come and so will the need for increased security measures. Currently, client background information is stored separately in various institutions including on a bank’s servers, the Registry of NID, ownership of property and motor vehicles to name a few. With the distributed ledger, all background information and identification could be stored on one blockchain network for the institution to tap into during the Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) processes. With cryptographic verification, sensitive client data could be accessed by the financial institution to identify the individual applying for a loan, opening an account, or accessing their mortgage information. Only when the smart contract terms and encryption requirements are met, can access be granted to the network. As mobile technology decentralizes banking, a secure decentralized solution will be needed to address security concerns when users access their financial information remotely. Blockchain technology has the ability to provide that decentralized solution while ensuring security protocols and regulatory requirements are satisfied. Blockchain technology is a trust network whereby consumer data would only be accessed by trusted sources. This is much different than the current model where consumer data is given to corporations with little control over how it used and its security. Once a client is established on the blockchain network, and cryptographic keys are created, it would be extremely challenging for fraudsters to access a client’s financial data, commit identity theft, or engage in an illicit financial activity. As a result, data would be more secure than the current model.


Blockchain technology and its distributed ledger allows for more transparency with regulators improving the reporting process. The shared and immutable ledger allows for unaltered transaction history whereby the ledger can act as a central hub for data storage where transactions are processed, and activity shared with bank risk officers within the financial services companies and regulators. Improved identity management using encryption-based technology on a decentralized network could be established. Digital identity improvements can help financial institutions meet the ever-changing KYC and CDD/EDD requirements while simultaneously reducing the costs associated with implementing a robust KYC and AML programs. Ultimately, financial crimes and compliance violations could be reduced in the long term. Blockchain technology will continue to play a major role in regulatory reporting and identity management for financial institutions in the years to come.

The technology is still in its early days and use cases exploring the potential of blockchain are isolated and limited. However, to truly realize their potential, implementations of blockchain based solutions for AML/KYC need to be integrated into the core IT landscape. If deployed within a bank to connect its various globally dispersed ststems, the decentralized system will complement existing legacy AML/KYC applications and add an extra ring of scrutiny and visibility. Leveraging a blockchain platform for AML/KYC nationwide or across a geographical region will give regulators, auditors and other stakeholders an effective and powerful set of tools to monitor complex transactions and immutably record the audit trail of suspicious transactions across the system. However, this will need cross-industry participation and require buy-in from leaders across regulatory authorities as well as the participating banks and other financial institutions. Either way, it’s only a matter of time before financial institutions and regulators adopt distributed ledger technology to connect, gain visibility and collaboratively prevent money laundering. ■

Leave a Reply