Why Cryptocurrency Exchanges Need AML/CTF?
Cryptocurrency exchanges engage in crypto-fiat exchanges or virtual currency custodian wallet services. This is deemed the most high-risk sector as it offers a less regulated channel where virtual currencies are digitally transferred, stored or traded.
As a Cryptocurrency or virtual exchange business, you are a “regulated entity”, if you;
- use/own proprietary networks for crypto-fiat exchange, and/or
- are a virtual currency exchange platform, and
- are a custodian wallet provider.
Cryptocurrency businesses involve transactions between both crypto and fiat currencies as well as between various cryptocurrencies issued privately. The anonymity of virtual currency conceals the source of funds and the ownership, allowing the proceeds of crime to be laundered through cryptocurrencies and custodian wallets. The virtual currency remittance system is exposed to risks of terrorism financing (TF) or funding of illicit activities.
Compliance of crypto exchanges and wallet providers begins with registering your businesses with your national regulators. KYC and verifying beneficial ownership information is mandated at the onboarding stage, as well as screening for Sanctions and PEP checks. Ongoing scrutiny of high-value transactions, high-risk clients, high-risk countries, fiat to crypto transactions, transaction monitoring for unusual behaviour, monitoring high-value wallets, and reporting suspicious transactions are ways that crypto businesses can remain compliant.
The ability to convert cash to virtual currencies and trade between multiple virtual currencies for profits, allows illicit funds to be integrated into the legitimate economy. Other factors like the ease of remitting money for illegal activities or to fund terrorism through the virtual exchanges, make crypto businesses vulnerable to AML/CTF compliance. The lack of transparency in transactions and ownership structures of the virtual currencies are other limiting factors. As virtual currency transactions remain outside of a formal monetary system, it is difficult for crypto businesses to be regulated.
Cryptocurrency exchanges and wallet providers are expected to establish the framework for a risk-based compliance program:
- Conduct a risk-based assessment for exposure by its services and delivery channels, types of clients, a country in which it operates or transacts with, size or pattern of transactions, and business relationships.
- Create risk reduction measures and controls to lessen risk.
- Develop an AML/CTF program: client identification, beneficial ownership, Sanctions/ PEP screening.
- Have policies and procedures in place for ongoing monitoring, as per the requirements from your regulator.
- Implement a risk-based approach to ongoing monitoring of transactions, patterns and business relationships.
Once you have set up your compliance programme, you need to put the systems in place to ensure the programme is being followed. Non-compliance may result in criminal or administrative monetary penalties.
Ongoing compliance involves:
- Training staff, and having an assigned compliance officer.
- Conducting customer due diligence (CDD), update and validate customer information, ongoing CDD and enhanced due diligence (EDD) for suspicious transactions or individuals and high-risk countries.
- Have threshold transaction reporting obligations where physical/fiat currency is accepted or paid out.
- Submission of suspicious transactions and compliance reports, and other obligations, as required by your regulator.
- Reviewing your compliance programme at regular intervals.
Our Solutions
Our PEP and sanctions screening service will help you reach your compliance requirements.
Our details scan reports provide you with an overview of in-depth information on potential risks to your organisation.
We provide access to multiple data sources to meet the varying requirements of users.
We update the information for all of our data sources daily to provide you with up-to-date relevant data.
Save the time manually checking names by using our batch scanning feature to scan bulk files of names simultaneously
Our service is straight-forward and easy use, making compliance easy by simplifying processes.
Perform due diligence by assigning risk, determining true matches and recording decisions in the NameScan dashboard.
Conduct further research into potential matches and risks to your organisation through various sources.
Use our API to integrate with your existing systems to automate the screening process.