Bitcoin Forum
October 23, 2018, 05:38:02 PM *
News: Make sure you are not using versions of Bitcoin Core other than 0.17.0 [Torrent], 0.16.3, 0.15.2, or 0.14.3. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: [Completed] 0.03 BTC Bounty: Write a general AML/KYC process sticky  (Read 6398 times)
Maged
Legendary
*
Offline Offline

Activity: 1260
Merit: 1004


View Profile
December 04, 2013, 07:56:01 PM
 #1

As I said when I stickied the MtGox AML sticky back in June of 2012, I would really like to see a general AML/KYC sticky for the trading discussion board:
I suggest getting the mods to sticky this at the top of the forum.  The issue comes up repeatedly and this thread will quickly drop off the page if it's not stickied.
I'll sticky it for now, but I'd much rather that there be a more general AML sticky that discusses the issue as well as this one does and then links to company-specific AML information, such as this thread.

Since nobody has written such a sticky, I'm now going to put a bounty on it. I will send BTC0.03 to the address of choice for each person that posts text in this thread that I can use to construct this sticky for which I use at least 5 sentences or lines of text in the sticky's creation.

Rules:
1) You can only post the text in this thread, please don't make a new thread for it. Once the sticky is created you may use your text as you see fit, regardless of whether or not you win.
2) Since I am paying for the sticky, I will be the one to post it. By posting in this thread, you hereby grant to me and this forum a non-exclusive, worldwide, royalty free, perpetual license to exploit, commercially or otherwise, the text that you submit for this bounty for its business purposes in all media, in whole or in part, distorted in character or form, including but not limited to, the right to use the submitted text on this website, as well as for its internal, trade, and advertising purposes.
3) If I end up using at least 5 sentences or lines of text from your submission, I will send BTC0.03 to the address of your choice. If you modify someone else's existing submission and I use it, both you and they will be paid as long as your change was significant (at least 5 new sentences/lines, or at my discretion). If this chain is too long, I'll probably just accept another submission or an earlier point in the chain and edit it myself, so please don't abuse this.
4) I am not obligated to accept any submission.
5) This bounty closes once I feel that we have something sticky-worthy and I post the new sticky.

I look forward to this bounty's results!

UPDATE:
Thanks to everyone for their contribution! The sticky has now been created. I will leave this open for further edits, but they will be paid at my sole discretion, instead of at a set amount.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1540316282
Hero Member
*
Offline Offline

Posts: 1540316282

View Profile Personal Message (Offline)

Ignore
1540316282
Reply with quote  #2

1540316282
Report to moderator
ticoti
Hero Member
*****
Offline Offline

Activity: 840
Merit: 1000


View Profile WWW
December 06, 2013, 01:22:59 PM
 #2

AML/KYC process
I have decided to elaborate this general summary where I am going to tell you the process you have to follow to buy bitcoins from dollars or EUROs.
Have clear that i am from Europe,so the process from other places may be different.
•   Trading in BTC-e
We will use the following way: Okpay verification -> Add money to Okpay -> Transfer money to BTC-e->Buy Bitcoins!!!. I consider that this process is the fastest and the least restrictive.
There are many ways to transfer money to OKpay, however, the most usual and the one I am going to use is the European Bank Transfer (SEPA).
First of all, you have to register in www.okpay.com/ and go to my account and click on proceed with verification.
After filling your data, you have to send a proof of residence, you can see which ones are considered valid, and an ID document, such as an ID card or Passport.
 In this point you can register in BTC-e where you do not need to verificate your account if you add money from OKpay
After 2-3 days (at least in my case) you will have your account verified. In this point you have to go the the Add money section and choose the one you prefer.As a I said in this case I am doing a SEPA.
When your money is arrived I recommend you to make a money Exchange from EUR to USD (if had sent EUR), because they have a more real Exchange rate tan btc-e.
Now, you have to go to btc-e and choose OKpay,this transfer of money has a 2% taxes, and link with your account, then the transfer of money is immediate.
Finally, you can trade and buy bitcoins!
I leave here the links of a guide of activation from OKpay and a FAQ:
https://support.okpay.com/uk/faq/index.html
http://download.okpay.com/info/OKPAY_account_activation.pdf
•   Trading in Bitstamp
Have clear that this process may be really slow; I consider Bitstamp is very restrictive because they usually deny almost all types of documents. You can’t be sure of what document is going to be valid.

In this case the only way of adding money is an European money Transfer (SEPA).
You have to register in www.bitstamp.net and click on account->verify account.
After that, fill your data and upload a proof of residence and a Valid ID.
The problem here is the proof of residence, you will have to wait some days and they will probably deny it, so you will have to upload another one, and after some few days may be valid or denied again.
Many people have to wait weeks to starts to trade in Bitstamp, and after that you will have to wait the SEPA to arrive,so as you can see,this is not fast.
When you have your account verified, you have to click on deposit and there you will have all the necessary data to make the money transfer.

I leave a FAQ of Bitstamp in case you have any doubts:
https://www.bitstamp.net/faq/

vodanh
Full Member
***
Offline Offline

Activity: 276
Merit: 101



View Profile
December 06, 2013, 02:36:31 PM
 #3

Hi Everyone,

My name is Dylan, and I work in Mt.Gox's Compliance Division. Our division is responsible for handling the Anti-Money Laundering (AML) and Know Your Customer (KYC) activities for Mt.Gox, and we thought some of our users and the wider community might be interested in having an insight into how the whole process works. For those who may not be aware, AML/KYC checks involve us collecting from our users one piece of photographic identification, and one proof of residence document to help us identify you. Once you've read through it all, feel free to post any questions you might have about the process, as I'd be more than willing to answer any you may have.

Why do AML/KYC?

We are often asked both by email and on the forum why Mt.Gox does these checks. To give a very basic explanation of this issue, Mt.Gox handles both Bitcoin and fiat currency (Dollars, Euros, etc.) As a result, we are bound by the laws of Japan and America, along with various international regulations which cover the fiat side of our business. Very similar to how a bank in most countries must be regulated to ensure they are not facilitating money laundering, terrorist financing or the like, we are obliged to follow the same rules.

Whilst we could simply ignore our legal obligations, as a number of smaller, successful exchanges have done in the past, we have found that this invariably causes problems for both us and our customers. By not performing adequate AML/KYC checks, the banks that we must operate through can and have shut down bank accounts, trapping customer funds and causing us a lot of headache. Therefore, we try to follow this process as best as we are able with as little impact to our users as possible.

What does the process involve?

First, we ask you to provide one piece of government issued photographic identification, which is usually either:

  • A driver's license,
  • A passport, or;
  • A military identification card (surprisingly, we have a large number of customers in the armed forces of various countries.)

We then ask you provide some form of proof of residence document, which is an official document issued within the last three months bearing both your name and full street address. For obvious reasons, we cannot accept addresses with PO Boxes. Usually, we receive one of the following:

  • A utility bill,
  • An internet bill,
  • A cell phone or mobile phone bill,
  • A tax return,
  • A residency certificate issued by your local government,
  • A voting registration form, or;
  • A medical insurance bill

Whilst many of our users submit bank statements as their proof of residence, we unfortunately cannot accept bank statements from our customers. This is because it is relatively easy for fraudsters to open an account at a less reputable banking service which does not check the accuracy of a person's stated address. It is then possible to use this bank's statement as a seed to open accounts at increasingly trustworthy establishments without ever having provided proof of residence in the first place.

What does your division do?

The main job of the Compliance Division is to check documents we receive from our customers, and make sure that all of the necessary documents have been submitted, and more importantly, that none of the submitted documents are forgeries. We check submitted documents against our database of received documents, against publicly available sources of information and also put them through advanced image analysis to identify forgeries. This is done to protect both Mt.Gox and our users from fraudulent activity.

What happens if my application is rejected?

If we reject your documents, we will always explain by email what went wrong in the verification process. The top 5 most common causes for rejection are:

  • Not submitting all the documents. Many people only give us a driver's license or passport on their first attempt, without providing any proof of residence. This is the most common reason for rejection, and costs our customers the greatest amount of time in having their accounts verified.
  • Submitting documents which are too dark or low-resolution to read. The second most common cause for rejection, illegible documents cannot be accepted. Usually this is the result of trying to take photos of documents using a webcam or camera phone, where poor low-light performance and grainy / low resolution images are the norm.
  • Providing files in the wrong format. We have a specialised interface for reviewing documents and putting them through image analysis. At the moment, it can only handle files which are either JPEGs, PNGs or PDFs.
  • Submitting a proof of residence document which has a different name on it to the photographic identification. This often happens when a user is still living with their parents, or if a spouse or room mate pays the utility bills. In these cases, a signed, notarised statement that you reside with whoever's name is on the proof of residence will be enough for us to verify you.
  • Submitting documents in non-latin script. Unfortunately, the Compliance Division doesn't have any staff who can read Cyrillic, Korean, Arabic or Hebrew. As a result, when we receive documents in these languages we must ask our customers to provide English translations of them.

Please note that even if you are rejected the first time around, there is nothing wrong with this - we will keep working with you until we are able to get you verified.

Myths and rumours

I'd like to address some myths and rumours that have sprung up surrounding our AML/KYC process, just to allay any fears people might have about our mysterious need to harvest everyone's identity.

Mt.Gox sells personal information to the DEA

If we were going to sell your personal information to a law enforcement agency, it probably wouldn't be to the American Drug Enforcement Administration. We would make much more money selling it to our local Tokyo Metropolitan Police, since we wouldn't be losing any money on the currency conversion. This rumour probably sprung up because of an interview our CEO (MagicalTux for those on the forums) gave some time ago, where he mentioned sending a letter to the DEA explaining what Bitcoin was. This was back when a certain American Senator was investigating Bitcoin over the growing popularity of Silk Road.

We invite our users to read our privacy policy and repeated posts on the forums where we state that we will only provide your personal documents when legally required to do so. This will usually involve law enforcement agencies issuing us a court order compelling us to release an individual's information and is a very rare event even in the fiat banking world.

Mt.Gox makes money from personal identification some other way, like selling it to advertisers

While it would be a great income stream for us, sadly we are not legally allowed to sell your personal information. This is both because of our privacy policy, and because we are based in Japan, a country with some of the strictest privacy laws in the world. In fact, hiring staff to fill our Compliance Division, hosting and securing an extremely large amount of image data and carrying out the AML/KYC process is one of our more significant company expenses.

So while we'd love to be able to offset the costs a little, if we were ever caught doing this as a company, we would face serious fines and even jail time. We hope that knowing that this threat to us exists gives you confidence that we're being kept honest.

Mt.Gox has stricter AML/KYC requirements than other companies

This is actually true, in some cases. For example, before Dwolla changed their terms of service they allowed some users to become verified with only a driver's license, or only a proof of residence document. While we truly regret that we must ask for as much documentation as we do at Mt.Gox, we are providing services to users internationally in Europe, America, Russia, South-East Asia and elsewhere, and as such have to meet the harshest requirements of all of the countries we operate in.

Many of our German and Polish users have probably experienced a great deal of frustration getting verified with Mt.Gox, as Germany and Poland both issue an identity card which includes a person's current address. Unfortunately, because we must also follow American and Japanese rules, we also have to ask for separate proof of residence documents.

Conclusion

I hope you found my post interesting, or at least informative. If you have any questions about our process, please feel free to either PM me or post here and I'll be sure to answer! If you have a question about your specific application to become verified, please email our AML email address so we can maintain the confidentiality of your application.
Maged
Legendary
*
Offline Offline

Activity: 1260
Merit: 1004


View Profile
December 11, 2013, 03:54:56 AM
 #4

Hi Everyone,

My name is Dylan, and I work in Mt.Gox's Compliance Division.

(*snip*)
Obviously, that doesn't count. You have to at least put some of your own effort into it.

Come on, guys! ticoti posted some useful information. Improve the post, and you'll BOTH get 0.03 bitcoins!

Oh, by the way, I'm raising the bounty to BTC0.03  Tongue

Atruk
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500



View Profile
December 11, 2013, 07:58:33 AM
 #5

Hi Everyone,

My name is Dylan, and I work in Mt.Gox's Compliance Division.

(*snip*)
Obviously, that doesn't count. You have to at least put some of your own effort into it.

Come on, guys! ticoti posted some useful information. Improve the post, and you'll BOTH get 0.03 bitcoins!

Oh, by the way, I'm raising the bounty to BTC0.03  Tongue

This is a piece of text that should be included in any AML/KYC sticky near the top. It doesn't address details of the problem, but addresses ongoing risks presented by AML/KYC efforts.

Quote
Assume that restrictions for any Bitcoin to National Currency exchange may become more restrictive at any time in the future. Many exchanges in the past have restricted currency deposits or withdrawals proactively as BitStamp has, without any explicit order from a government agency to do so at the time. Others like BTCChina have in response to concerns made even the ability to continue to login to their platform contingent on supplying further identifying information. In the past surprise changes to AML/KYC requirements have lead users of exchanges to have their access to deposited funds substantially delayed while complying with new requirements or even lost access to their deposited funds completely if they could not comply with the new requirements. Changing AML/KYC exchange enacted AML/KYS requirements have effected users of all major exchanges that handle both Bitcoin and National currency. People who continue using such exchanges should prepare for the contingency that their exchange of choice will change their AML/KYC requirements in the future.

antgrinder
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
December 11, 2013, 12:48:24 PM
 #6

AML and KYC Process by Mt.Gox
Anti-Money Laundering (AML) and Know Your Customer (KYC) involve collecting one piece of government issued photographic identification such as driver license, passport and military identification to help with identification. The reason this is done is due to the laws of Japan and America as well as various international regulations. This is to ensure that the money issued is not being used for criminal acts.

After providing photographic identification, some form of proof of residence document has to be provided in the form of a utility bill, an internet bill, a cell phone or mobile phone bill, a tax return, a residency certificate issued by your local government, a voting registration form, or a medical insurance bill.

Bank statements are not accepted because it is easy for fraudsters to open an account.

Application Rejected?
An email will always be sent together with reason of rejection of an application is rejected.

Myths and rumors

Personal Information Selling
Feel free to read the privacy policy and repeated post on the forums where it is stated your personal documents will only be provided when legally required to do so such as when a law enforcement agency issue a court order requesting for release of an individual information.

Selling information for money or to advertisers
It is not legally allowed to sell your personal information. This is due to the privacy policy and also because Japan, the country which is the base of all operation has some of the strictest privacy laws in the world. If one is caught doing so, they would face serious fine and even jail time.

Stricter AML/KYC requirement than others
This is because the company is providing services to users to countries from all around the world and has to meet the harsh requirements of all countries. German and Polish users probably experience a great deal of frustration getting verified with Mt.Gox due to their identity cards which includes a person/s current address. Unfortunately, the law has to be followed and separate proof of residence documents have to be provided.

I hope that you find this post informative. Feel free to ask any questions or enquiries that may arises.
Maged
Legendary
*
Offline Offline

Activity: 1260
Merit: 1004


View Profile
December 12, 2013, 11:27:33 PM
 #7

This is a piece of text that should be included in any AML/KYC sticky near the top. It doesn't address details of the problem, but addresses ongoing risks presented by AML/KYC efforts.

Quote
Assume that restrictions for any Bitcoin to National Currency exchange may become more restrictive at any time in the future. Many exchanges in the past have restricted currency deposits or withdrawals proactively as BitStamp has, without any explicit order from a government agency to do so at the time. Others like BTCChina have in response to concerns made even the ability to continue to login to their platform contingent on supplying further identifying information. In the past surprise changes to AML/KYC requirements have lead users of exchanges to have their access to deposited funds substantially delayed while complying with new requirements or even lost access to their deposited funds completely if they could not comply with the new requirements. Changing AML/KYC exchange enacted AML/KYS requirements have effected users of all major exchanges that handle both Bitcoin and National currency. People who continue using such exchanges should prepare for the contingency that their exchange of choice will change their AML/KYC requirements in the future.
Absolutely, for sure! Post an address and I'll send you BTC0.03.

For everyone else, to clarify, I am looking for something to be made that is not specific to MtGox. You can and should link to any existing information (like the MtGox thread, for example), but I want the actual content to be pretty general. Also, since I'll be paying for Atruk's contribution, I would now like that or something like that to be mentioned.

Atruk
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500



View Profile
December 13, 2013, 09:24:20 AM
 #8

This is a piece of text that should be included in any AML/KYC sticky near the top. It doesn't address details of the problem, but addresses ongoing risks presented by AML/KYC efforts.

Quote
Assume that restrictions for any Bitcoin to National Currency exchange may become more restrictive at any time in the future. Many exchanges in the past have restricted currency deposits or withdrawals proactively as BitStamp has, without any explicit order from a government agency to do so at the time. Others like BTCChina have in response to concerns made even the ability to continue to login to their platform contingent on supplying further identifying information. In the past surprise changes to AML/KYC requirements have lead users of exchanges to have their access to deposited funds substantially delayed while complying with new requirements or even lost access to their deposited funds completely if they could not comply with the new requirements. Changing AML/KYC exchange enacted AML/KYS requirements have effected users of all major exchanges that handle both Bitcoin and National currency. People who continue using such exchanges should prepare for the contingency that their exchange of choice will change their AML/KYC requirements in the future.
Absolutely, for sure! Post an address and I'll send you BTC0.03.

For everyone else, to clarify, I am looking for something to be made that is not specific to MtGox. You can and should link to any existing information (like the MtGox thread, for example), but I want the actual content to be pretty general. Also, since I'll be paying for Atruk's contribution, I would now like that or something like that to be mentioned.

Thanks you: 1Magr1FdjAHeST3aVeFQSMZdPKSzWWSfpL

Beyond what I wrote I don't know if there is much to be written which won't be different in the next one to twelve months. Major English language exchanges want generally a Driver's license/ID Card Scan plus a utility bill, BTC China wants and national ID number or passport number, RoboCoin's atm wants a god damned palmprint. Thankfully I was in early enough to take the easy part.

Maged
Legendary
*
Offline Offline

Activity: 1260
Merit: 1004


View Profile
December 13, 2013, 08:49:47 PM
 #9

Beyond what I wrote I don't know if there is much to be written which won't be different in the next one to twelve months. Major English language exchanges want generally a Driver's license/ID Card Scan plus a utility bill, BTC China wants and national ID number or passport number, RoboCoin's atm wants a god damned palmprint. Thankfully I was in early enough to take the easy part.
That's fine if it has to be updated later. I just don't have the time nor the mental energy to write this sticky right now, which is why I'm farming it out to you guys.

BTC0.03 sent.

Voodah
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250



View Profile
December 14, 2013, 12:49:02 PM
 #10

I compiled this from a couple sources for another project. I'm not sure if it's exactly what you're looking for, but it may help. Be warned, the basics of AML/KYC are copypasta, but I didn't see a need to reinvent the wheel at the time. I've added a couple things to get it up to date.

------------

+ What is KYC ?

Know your customer (KYC) refers to due diligence activities that financial institutions and other regulated companies must perform to ascertain relevant information from their clients for the purpose of doing business with them. The term is also used to refer to the bank regulation which governs these activities. Know Your Customer processes are also employed by companies of all sizes for the purpose of ensuring their proposed agents', consultants' or distributors' anti-bribery compliance. Banks, insurers and export credit agencies are increasingly demanding that customers provide detailed anti-corruption due diligence information, to verify their probity and integrity.


+ Who has to enforce KYC ?

Know your customer (KYC) falls under the responsability of each financial institution and/or regulated company.

The regulations require these entities to adopt KYC procedures.  It assists them in knowing / understanding the customers and their financial dealings better to monitor their transactions for identification and prevention of suspicious transactions.


+ KYC Recommendations

KYC controls typically include the following:

- Collection and analysis of basic identity information (referred to in US regulations and practice a "Customer Identification Program" or CIP)
- Name matching against lists of known parties (such as "politically exposed person" or PEP)
- Determination of the customer's risk in terms of propensity to commit money laundering, terrorist finance, or identity theft
- Creation of an expectation of a customer's transactional behavior
- Monitoring of a customer's transactions against their expected behaviour and recorded profile as well as that of the customer's peers

+ KYC Jurisdiction and Locality

KYC regulations are local, and differ from country to country. Jurisdiction is also, on a coutry to country basis.

To know more about you're specific country, visit: http://kycmap.com


+ KYC and Bitcoin Exchanges

Stricter KYC policies:

MtGox      https://bitcointalk.org/index.php?topic=86224.0
Bitstamp   https://www.bitstamp.net/privacy-policy/
Cavirtex   https://www.cavirtex.com/faq
BTCChina   (only since new PBOC guidance, Dec 2013) (link?)

Loose or non-existant KYC policies:

BTC-e      (??)
Crypsty      (??)


--

+ What is AML ?

A set of procedures, laws or regulations designed to stop the practice of generating income through illegal actions. In most cases money launderers hide their actions through a series of steps that make it look like money coming from illegal or unethical sources was earned legitimately.

+ Who has to enforce AML ?

In response to mounting concern over money laundering, the Financial Action Task Force on Money Laundering (FATF) was established by the G-7 Summit that was held in Paris in 1989.

The Task Force was given the responsibility of examining money laundering techniques and trends, reviewing the action which had already been taken at a national or international level, and setting out the measures that still needed to be taken to combat money laundering. In April 1990, less than one year after its creation, the FATF issued a report containing a set of Forty Recommendations, which provide a comprehensive plan of action needed to fight against money laundering.

The FATF calls upon all countries to take the necessary steps to bring their national systems for combating money laundering and terrorism financing into compliance with the new FATF Recommendations, and to effectively implement these measures.

Again, as in the case of KYC, financial institutions and/or regulated companies are responsible for the implemention of internal AML policies.

+ AML Jurisdiction and Locality

AML regulations are also local, and differ from country to country. Some countries choose a top-down approach, inheriting much of their AML policies from the FATF, while others go for a bottom-up approach and then have to reconcile both policies. Extreme countries where such reconciliation is impossible (generally due to Government unwillingness) are excluded from the FATF membership, with the corollary of increased complications to access the international markets and financing.

For a full list of FATF members, visit:         http://en.wikipedia.org/wiki/Financial_Action_Task_Force_on_Money_Laundering

+ AML and Bitcoin Exchanges

Currently in compliance:

MtGox      https://bitcointalk.org/index.php?topic=86224.0
Bitstamp   https://www.bitstamp.net/aml-policy/
Cavirtex   https://www.cavirtex.com/why_virtex#proactively_working

Unknown status:

BTCChina   (unclear since new PBOC guidance, Dec 2013) (are they financial institutions?)
BTC-e      https://btc-e.com/page/1
infinitybo
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
December 16, 2013, 11:09:31 AM
 #11

Some additional information :

Quote
* FATF requirements in bringing within its scope all persons dealing in goods or providing services for cash payment of €7,500 or more.
* FinCEN They would have new bookkeeping requirements and mandatory reporting for transactions of more than $10,000.
* The Financial Crimes Enforcement Network ( FinCEN ) has released guidelines for cryptocurrencies that basically say you just need to follow their rules therefore exchanges are considered money transmitters and must follow AML and KYC rules.
* BitCoin as a payment system and value storage system is not compliant with Anti-Money Laundering (AML) regulations, Know Your Customer (KYC) regulations.
* About the transfers, The concession is in the fact that both the sender and receiver of funds have a payment card that is issued by a bank.  Thus a bank would have already performed the needed KYC and AML on both parties before issuing the payment card.  The record of the financial event is at both sides of the transaction written to the statements of both payment cards.
* The KYC and AML checks (wire-transfers in/out) for bitcoin exchanges also take too much time.
* There is simple KYC that allows certain credit limits and payment amount before full KYC needs to be carried out, usually by several forms of ID and reference.
* Certain countries, the UK being one of them, are pretty strict about KYC whilst some of the newer entrants to the EU are not so strict, but often, if they are using their own Acquirer then KYC will already have taken place.
Maged
Legendary
*
Offline Offline

Activity: 1260
Merit: 1004


View Profile
December 17, 2013, 09:59:07 PM
 #12

Draft 1:

Quote
What is KYC ?

Know your customer (KYC) refers to due diligence activities that financial institutions and other regulated companies must perform to ascertain relevant information from their clients for the purpose of doing business with them. The term is also used to refer to the bank regulation which governs these activities. Know Your Customer processes are also employed by companies of all sizes for the purpose of ensuring their proposed agents', consultants' or distributors' anti-bribery compliance. Banks, insurers and export credit agencies are increasingly demanding that customers provide detailed anti-corruption due diligence information, to verify their probity and integrity.


Who has to enforce KYC ?

Know your customer (KYC) falls under the responsability of each financial institution and/or regulated company.

The regulations require these entities to adopt KYC procedures.  It assists them in knowing / understanding the customers and their financial dealings better to monitor their transactions for identification and prevention of suspicious transactions.


KYC Recommendations

KYC controls typically include the following:

- Collection and analysis of basic identity information (referred to in US regulations and practice a "Customer Identification Program" or CIP)
- Name matching against lists of known parties (such as "politically exposed person" or PEP)
- Determination of the customer's risk in terms of propensity to commit money laundering, terrorist finance, or identity theft
- Creation of an expectation of a customer's transactional behavior
- Monitoring of a customer's transactions against their expected behaviour and recorded profile as well as that of the customer's peers

KYC Jurisdiction and Locality

KYC regulations are local, and differ from country to country. Jurisdiction is also, on a coutry to country basis.

To know more about you're specific country, visit: http://kycmap.com


KYC and Bitcoin Exchanges

Stricter KYC policies:

MtGox      https://bitcointalk.org/index.php?topic=86224.0
Bitstamp   https://www.bitstamp.net/privacy-policy/
Cavirtex   https://www.cavirtex.com/faq
BTCChina   (only since new PBOC guidance, Dec 2013) (link?)

Loose or non-existant KYC policies:

BTC-e      (??)
Crypsty      (??)




What is AML?

Standing for "Anti-money Laundering", it is a set of procedures, laws or regulations designed to stop the practice of generating income through illegal actions. In most cases money launderers hide their actions through a series of steps that make it look like money coming from illegal or unethical sources was earned legitimately.

Who has to enforce AML?

In response to mounting concern over money laundering, the Financial Action Task Force on Money Laundering (FATF) was established by the G-7 Summit that was held in Paris in 1989.

The Task Force was given the responsibility of examining money laundering techniques and trends, reviewing the action which had already been taken at a national or international level, and setting out the measures that still needed to be taken to combat money laundering. In April 1990, less than one year after its creation, the FATF issued a report containing a set of Forty Recommendations, which provide a comprehensive plan of action needed to fight against money laundering.

The FATF calls upon all countries to take the necessary steps to bring their national systems for combating money laundering and terrorism financing into compliance with the new FATF Recommendations, and to effectively implement these measures.

Again, as in the case of KYC, financial institutions and/or regulated companies are responsible for the implemention of internal AML policies.

AML Jurisdiction and Locality

AML regulations are also local, and differ from country to country. Some countries choose a top-down approach, inheriting much of their AML policies from the FATF, while others go for a bottom-up approach and then have to reconcile both policies. Extreme countries where such reconciliation is impossible (generally due to Government unwillingness) are excluded from the FATF membership, with the corollary of increased complications to access the international markets and financing.

For a full list of FATF members, visit:         http://en.wikipedia.org/wiki/Financial_Action_Task_Force_on_Money_Laundering

AML and Bitcoin Exchanges

Currently in compliance:

MtGox      https://bitcointalk.org/index.php?topic=86224.0
Bitstamp   https://www.bitstamp.net/aml-policy/
Cavirtex   https://www.cavirtex.com/why_virtex#proactively_working

Unknown status:

BTCChina   (unclear since new PBOC guidance, Dec 2013) (are they financial institutions?)
BTC-e      https://btc-e.com/page/1



WARNING:
Assume that restrictions for any Bitcoin to National Currency exchange may become more restrictive at any time in the future. Many exchanges in the past have restricted currency deposits or withdrawals proactively as BitStamp has, without any explicit order from a government agency to do so at the time. Others like BTCChina have in response to concerns made even the ability to continue to login to their platform contingent on supplying further identifying information. In the past surprise changes to AML/KYC requirements have lead users of exchanges to have their access to deposited funds substantially delayed while complying with new requirements or even lost access to their deposited funds completely if they could not comply with the new requirements. Changing AML/KYC exchange enacted AML/KYS requirements have effected users of all major exchanges that handle both Bitcoin and National currency. People who continue using such exchanges should prepare for the contingency that their exchange of choice will change their AML/KYC requirements in the future.

Still needs some work to fill in the gaps, but I'm liking this so far. I will also pay people for formatting changes if it isn't something extremely trivial. Feel free to work off of this draft.

Voodah, please post or PM me an address to send you BTC0.03, thanks!

Voodah
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250



View Profile
December 18, 2013, 03:19:24 AM
 #13

Great and thanks, I'm glad it helps out !

1PGg4JmnQamYY723VjfqWSMuz8Riwin7Jp

I'll keep an eye on the thread and try to expand the specifics on exchanges.
Maged
Legendary
*
Offline Offline

Activity: 1260
Merit: 1004


View Profile
December 18, 2013, 03:20:35 AM
 #14

Sent!

hoian0809
Legendary
*
Offline Offline

Activity: 1021
Merit: 1000



View Profile
December 18, 2013, 03:27:46 AM
 #15

The real problem here is, as has already been at least partially mentioned:

1. The lack of transparency in the process.
2. The lack of communication.
3. The lies and false promises made by MTGox Support Staff with regards to AML/KYC.
4. Delay after delay, ostensibly under the guise of AML.
5. The just plain ludicrous decisions (Goat as an example).  Perhaps transparency would clear these up.
6. The fact that most decisions made by MTGox seem completely arbitrary, and nothing... NOTHING pisses off customers more than arbitrary decision making.  When your actions are not predictable in a given situation, you are wrong.  Period.

So while this post is nice and all, I'm not sure what you're hoping to accomplish other than to distract from the real issues surrounding MTGox.  My situation, that has been on going since April, is still unresolved.  I am not the only one in this situation and there are plenty of others in similar situations. 

Again, this does not seem to be an AML issue, it seems to be an insolvency issue.  MTGox is unable to fund even moderate sized fiat conversions, which leads many of us to believe you guys are basically bankrupt and a disaster waiting to happen.  The fact that no one has publicly denied this (not that we'd believe you at this point anyway, given MTGox track record of lies and falsehoods) certainly does not bolster confidence in MTGox at all.

Maybe this is the wrong thread to bring any of this up, but I don't want people to be distracted by this kind of thread from the real issue of MTGox being unable to meet their obligations to even moderate sized customers, especially when you are trying to gain new customers who will end up completely screwed when the Gox house of cards comes crashing down. 
Maged
Legendary
*
Offline Offline

Activity: 1260
Merit: 1004


View Profile
December 18, 2013, 03:36:30 AM
 #16

Maybe this is the wrong thread to bring any of this up, but I don't want people to be distracted by this kind of thread from the real issue of MTGox being unable to meet their obligations to even moderate sized customers, especially when you are trying to gain new customers who will end up completely screwed when the Gox house of cards comes crashing down. 
This is exactly why I want a general AML sticky. I don't want to continue implicitly endorsing an organization by keeping their AML sticky up that is known to screw people over.

Maged
Legendary
*
Offline Offline

Activity: 1260
Merit: 1004


View Profile
December 18, 2013, 03:48:08 AM
 #17

Umm... This isn't going to be a sticky about how to launder money/the money laundering process.

thuyvy2207
Full Member
***
Offline Offline

Activity: 204
Merit: 100


Decentralized Transportation Solution


View Profile
December 18, 2013, 04:50:57 AM
 #18

In a lot of places it's standard in order to be able to even register or acquire shareholdings in a private company (and it definitely applies for shareholdings over a certain % in public companies).  Many financial institutions also require that any signatories on a business account fully verify their identities in addition to the business itself verifying.

There are many things which can trigger enhanced KYC requirements and ongoing customer due diligence is an actual requirement of AML compliance.  Each organisation has to develop its own framework for these processes, but the penalties for non-compliance are so huge that entities tend to err on the side of caution and try to exceed the required standards (which are often only laid down as broad principles) rather than risk falling short of compliance. 

Voodah
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250



View Profile
December 19, 2013, 06:14:50 PM
 #19

Added data for Coinbase, Bitfinex, Kraken and LocalBitcoin.


Quote
What is KYC ?

Know your customer (KYC) refers to due diligence activities that financial institutions and other regulated companies must perform to ascertain relevant information from their clients for the purpose of doing business with them. The term is also used to refer to the bank regulation which governs these activities. Know Your Customer processes are also employed by companies of all sizes for the purpose of ensuring their proposed agents', consultants' or distributors' anti-bribery compliance. Banks, insurers and export credit agencies are increasingly demanding that customers provide detailed anti-corruption due diligence information, to verify their probity and integrity.


Who has to enforce KYC ?

Know your customer (KYC) falls under the responsability of each financial institution and/or regulated company.

The regulations require these entities to adopt KYC procedures.  It assists them in knowing / understanding the customers and their financial dealings better to monitor their transactions for identification and prevention of suspicious transactions.


KYC Recommendations

KYC controls typically include the following:

- Collection and analysis of basic identity information (referred to in US regulations and practice a "Customer Identification Program" or CIP)
- Name matching against lists of known parties (such as "politically exposed person" or PEP)
- Determination of the customer's risk in terms of propensity to commit money laundering, terrorist finance, or identity theft
- Creation of an expectation of a customer's transactional behavior
- Monitoring of a customer's transactions against their expected behaviour and recorded profile as well as that of the customer's peers

KYC Jurisdiction and Locality

KYC regulations are local, and differ from country to country. Jurisdiction is also, on a coutry to country basis.

To know more about you're specific country, visit: http://kycmap.com


KYC and Bitcoin Exchanges

Stricter KYC policies:

Bitstamp   https://www.bitstamp.net/privacy-policy/
Bitfinex       https://www.bitfinex.com/pages/tos  or refer inquiries to compliance@bitfinex.com
BTCChina   (only since new PBOC guidance, Dec 2013) (link?)
Cavirtex   https://www.cavirtex.com/faq
Coinbase    https://coinbase.com/legal/privacy
Kraken       https://www.kraken.com/legal/verification (their General Counsel, Constance Choi is a well known specialist in the Regulatory and Compliance field)
MtGox   https://bitcointalk.org/index.php?topic=86224.0

Loose or non-existant KYC policies:

BTC-e   (??)
Crypsty   (??)
LocalBitcoin (p2p based, limited KYC?)




What is AML?

Standing for "Anti-money Laundering", it is a set of procedures, laws or regulations designed to stop the practice of generating income through illegal actions. In most cases money launderers hide their actions through a series of steps that make it look like money coming from illegal or unethical sources was earned legitimately.

Who has to enforce AML?

In response to mounting concern over money laundering, the Financial Action Task Force on Money Laundering (FATF) was established by the G-7 Summit that was held in Paris in 1989.

The Task Force was given the responsibility of examining money laundering techniques and trends, reviewing the action which had already been taken at a national or international level, and setting out the measures that still needed to be taken to combat money laundering. In April 1990, less than one year after its creation, the FATF issued a report containing a set of Forty Recommendations, which provide a comprehensive plan of action needed to fight against money laundering.

The FATF calls upon all countries to take the necessary steps to bring their national systems for combating money laundering and terrorism financing into compliance with the new FATF Recommendations, and to effectively implement these measures.

Again, as in the case of KYC, financial institutions and/or regulated companies are responsible for the implemention of internal AML policies.

AML Jurisdiction and Locality

AML regulations are also local, and differ from country to country. Some countries choose a top-down approach, inheriting much of their AML policies from the FATF, while others go for a bottom-up approach and then have to reconcile both policies. Extreme countries where such reconciliation is impossible (generally due to Government unwillingness) are excluded from the FATF membership, with the corollary of increased complications to access the international markets and financing.

For a full list of FATF members, visit:         http://en.wikipedia.org/wiki/Financial_Action_Task_Force_on_Money_Laundering

AML and Bitcoin Exchanges

Currently in compliance:

Bitstamp   https://www.bitstamp.net/aml-policy/
Bitfinex      https://www.bitfinex.com/pages/tos or refer inquiries to compliance@bitfinex.com
Cavirtex   https://www.cavirtex.com/why_virtex#proactively_working
Coinbase    https://coinbase.com/legal/privacy
Kraken       https://www.kraken.com/legal/aml (their General Counsel, Constance Choi is a well known specialist in the Regulatory and Compliance field)
MtGox   https://bitcointalk.org/index.php?topic=86224.0

Unknown status:

BTCChina   (unclear since new PBOC guidance, Dec 2013) (are they financial institutions?)
BTC-e   https://btc-e.com/page/1
LocalBitcoin (p2p based, limited or no AML?)



WARNING:
Assume that restrictions for any Bitcoin to National Currency exchange may become more restrictive at any time in the future. Many exchanges in the past have restricted currency deposits or withdrawals proactively as BitStamp has, without any explicit order from a government agency to do so at the time. Others like BTCChina have in response to concerns made even the ability to continue to login to their platform contingent on supplying further identifying information. In the past surprise changes to AML/KYC requirements have lead users of exchanges to have their access to deposited funds substantially delayed while complying with new requirements or even lost access to their deposited funds completely if they could not comply with the new requirements. Changing AML/KYC exchange enacted AML/KYS requirements have effected users of all major exchanges that handle both Bitcoin and National currency. People who continue using such exchanges should prepare for the contingency that their exchange of choice will change their AML/KYC requirements in the future.
Maged
Legendary
*
Offline Offline

Activity: 1260
Merit: 1004


View Profile
February 08, 2014, 03:11:49 AM
 #20

In a lot of places it's standard in order to be able to even register or acquire shareholdings in a private company (and it definitely applies for shareholdings over a certain % in public companies).  Many financial institutions also require that any signatories on a business account fully verify their identities in addition to the business itself verifying.

There are many things which can trigger enhanced KYC requirements and ongoing customer due diligence is an actual requirement of AML compliance.  Each organisation has to develop its own framework for these processes, but the penalties for non-compliance are so huge that entities tend to err on the side of caution and try to exceed the required standards (which are often only laid down as broad principles) rather than risk falling short of compliance. 
If you could work this into the sticky, I'll probably pay you for the contribution.

Added data for Coinbase, Bitfinex, Kraken and LocalBitcoin.
Thanks! Sent PM requesting address for payment.

Sticky is now created. Additional edits will be paid at my discretion.
https://bitcointalk.org/index.php?topic=454795.0

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!