Being in a position to demonstrate to regulators that compliance duties are being performed appropriately and in a timely manner is paramount to regulated companies. At Knabu, we believe distributed ledger technology (DLT) can enhance compliance activities with immutable time-stamped proof-of-processes.
PROOF OF CONCEPT
The objective of this proof-of-concept was to test the feasibility of using DLT technology to enhance KYC/KYB and AML compliance processes.
- Obtain KYC/KYB data from participating companies,
- Run the data through a series of KYC/KYB and AML checks using partner service providers.
- Hash and encrypt input data and compliance process outputs
- Post encrypted data to a public DLT to provide time-stamped immutable records
- Access blockchain records to demonstrate that KYC/KYB and AML processes were done appropriately and in a timely manner.
Partner Service Providers
- Factom - Public DLT platform and enterprise services
- IdentityMind - KYC/KYB service provider
- DMG Group (WalletScore + BlockSeer) - AML service provider
What We Did
1) Collected KYC / KYB documentation from participating companies including wallet addresses
2) Ran KYC / KYB checks through IDentityMind
3) Ran wallet address AML checks through Blockseer and WalletScore
4) Performed hashing on all inputs (1) and outputs (2 & 3) - including privacy-preserving encryption to prevent any possibility of personal data being identifiable
5) Created individual Factom chains for all participating companies
6) Posted structured encrypted data (4) to their relevant Factom chain
7) Reverse tested the process to see how to demonstrate that all compliance processes were done appropriately and in a timely manner.
We were successful in anchoring and retrieving proof of compliance processes on the Factom DLT.
The proof of concept used a structured approach to obtaining relevant KYC/KYB and AML information, hashing & encrypting data, converting to Base64 and sending the data to the Factom DLT.
Ultimately, this process was capable of demonstrating that specific KYC / KYB and AML checks were performed at a specific date and time. This should provide stakeholders and regulators with comfort that teams are not gathering relevant data at a later date and potentially serving active customers who have not been through the appropriate compliance process.