Europe has the largest count of virtual asset service providers (VASPs) with inadequate KYC schemes, succeeded by the well-established Asia-Pacific (APAC) region, and North America, declares CipherTrace, a developer of anti-money laundering, cryptocurrency forensics, and blockchain threat intelligence solutions.
Their 2020 Geographic Risk Report argued that “effective Know-Your-Customer (KYC) contracts are an essential part of any anti-money laundering (AML) regime.” But to see how actively managed these protocols are, and to have geographical areas where KYC could be “abused by money launderers, criminals, and extremists,” the researchers examined KYC processes of over 800 VASPs in over 80 countries. They designated VASPs “Weak,” “Porous,” or “Strong” KYC score, based on how simple it would be to launder money after opening an account.
They uncovered that many countries continue to host VASPs with deficient KYC – 56% of VASPs globally have weak or porous KYC in 2020. Related to last year’s result that said that two-thirds (c. 65%) of the 120 most popular crypto exchanges had weak or porous KYC methods, this year’s work is an enhancement – but CipherTrace warned there is still a long way to go.
“The high percentage of KYC-deficient VASPs make it easy for criminals to abuse these institutions and launder their funds,” they added.
Notwithstanding the 5th Anti-Money Laundering Directive (AMLD5), Europe has the biggest count of VASPs with deficient KYC procedures – 60% of European VASPs have exposed or porous KYC. Yet, per the chart below, it’s in second place when it comes to the count of VASPs with robust KYC as well.
“The number two spot is an outlier,” said the report. APAC is the region with the second-highest count of weak KYC VASPs. Still, at the same time, it leads as the region with the largest count of VASPs with robust KYC, as well as the area with the lowest percentage of weak and penetrable VASPs, according to the researchers.
North America sits in the third spot when it comes to the count of all three types of KYC that VASPs utilize. Per the chart, its weak and robust types are neck to neck.
Moreover, the US, UK, and Russia head as nations with the highest VASPs with weak KYC. Per the report, “while 44% of US and 40% of UK exchanges were found to have weak KYC practices, these KYC deficiencies characterize 80% of Russian exchanges.“
The US and UK, this time with Singapore, retake the lead when looking at the countries with the highest count of combined weak and porous VASPs in the world. Nevertheless, these have equally large count of strong-KYC VASPs, so their KYC averages are still in the penetrable range.
“The next two closest countries with large numbers of KYC-deficient VASPS are China and Russia, yet these two countries have between 31%-44% fewer VASPs with weak or porous KYC than any of the three leading countries,” the report added.
The researchers assumed that 60% of the top 10 worst KYC countries in the world are in Europe, 20% are in Latin American and Caribbean countries, and 20% are in APAC countries.
Finally, some VASPs do not publicly disclose the country they are registered in, many of which hide it, even though it’s clear that they serve clients in a given country. The report found that 85% of VASPs without a clear domiciled country has weak or porous KYC. CipherTrase concluded that “[t]he fact that these VASPs lean heavily on having little to no KYC highlights their intention to circumvent AML regulations. The lack of a clear domicile should be considered an AML red flag, particularly when linked with a weak KYC score.“