Keytom: How Crypto Companies Can Enhance Security and Navigate the Compliance Maze? | The

From the moment a cryptocurrency firm is formed, it is already facing an uphill battle. There are numerous cases which have given the crypto world a bad reputation, meaning firms must go the extra mile to ensure they can protect consumers’ investments and remain compliant. Nataly Medici, chief financial officer of neobank Keytom explores what firms can do.

As regulatory and law enforcement agencies across the globe are doggedly seeking to assert jurisdiction over the crypto industry, many companies have come under intense scrutiny in recent years due to many cases of compliance violations.

One of the most prominent examples involved Binance, which was fined $4.4million by the Canadian regulator FINTRAC for rule violations. It also faced legal proceedings in the United States, including the arrest of the company’s CEO, Changpeng Zhao. Other notable incidents were the investigations of crypto exchanges such as Coinbase and Kraken by the US SEC, where these companies were forced to settle claims with the regulator.

These cases underscore the importance of strict compliance and the mounting pressure on crypto companies to adhere to regulatory requirements if they want to maintain business integrity and reputation.

To address this issue, the cryptocurrency industry must enhance its compliance frameworks. But what can actually be done to this effect? Well, let’s take a look.

The benefits compliance can bring to the industry

One of the main advantages of rigorous compliance is building trust and enhancing reputation, both in terms of separate companies and the crypto industry as a whole. In a sector often criticised for its links to illegal activities, demonstrating a commitment to regulatory standards can significantly boost a company’s reputation.

Compliance acts as a ‘stamp of legitimacy’, assuring customers, investors, and partners that the company operates within the borders of legal requirements. This trust is vital for attracting institutional investors to the crypto industry, as they need confidence in the security and legality of their investments.

Furthermore, when looking at this issue from the position of companies themselves, non-compliance with regulatory requirements can lead to a variety of problems, including hefty fines, arrests of executives, severe legal repercussions and reputational damage.

A good example of this is the BitMEX case that imposed a $100million fine on the company for violating AML and KYC regulations. Additionally, the company’s founders, including Arthur Hayes, were charged with legal violations and subsequently arrested. This severely damaged the company’s credibility and trust with clients and partners.

Financial and operational risks are just as apparent as reputational ones. Companies found in violation of regulatory requirements stand to not only incur substantial costs to settle prolonged legal battles, but also potentially lose licenses and be forced to cease operations in specific jurisdictions.

Key areas of improvement for crypto companies to focus on 

Taking a proactive approach to meeting regulatory requirements can help companies prevent financial crimes and fraud, safeguard assets and reputation, and avoid legal issues.

So, with this in mind, what should a well-implemented compliance framework look like?

1. Implement robust AML and KYC procedures 

This is essential, as these measures help prevent illicit activities such as money laundering and terrorist financing.

For crypto companies, adopting decentralised identification (DID) systems and decentralised KYC can be highly effective. By utilising blockchain networks like Sovrin or uPort to create and manage digital identities for users, these systems allow individuals to control their personal data and share it only with trusted parties.

Additionally, solutions such as SelfKey or Civic enable users to complete KYC verification once and use the obtained credentials to authenticate across multiple platforms, ensuring a high level of privacy and security.

2. Adapt compliance programs to meet the requirements of different jurisdictions

The operations of cryptocurrency companies often span multiple jurisdictions, each with its own standards and rules. This complicates the task of compliance, as companies must adapt their procedures and exercise flexibility to account for various local demands. For instance, Bitfinex and Tether had to consider the requirement set by the New York Attorney General’s office.

The importance of establishing global minimum standards while also considering local regulatory nuances. Such a balancing act is complex to accomplish. It demands that companies stay informed about regulatory changes worldwide and swiftly adjust their practices accordingly.

But if successful, this approach can ensure that the core principles of compliance are consistently upheld across diverse jurisdictions, while also allowing for adaptations when local laws and expectations need to be met.

3. Leverage a blockchain-based approach

Traditional compliance methods used in the banking sector do not always fit the cryptocurrency industry due to its decentralised and anonymous nature. Therefore, companies in this field must adopt blockchain-specific approaches to effectively manage risks and adhere to regulation.

Leveraging advanced technologies such as automated transaction monitoring systems and blockchain analytics is necessary to enhance the efficiency of compliance programmes.

For example, smart contracts on platforms like Ethereum or Tezos can automatically perform compliance checks before confirming transactions, ensuring adherence to regulatory requirements.

Moreover, smart contracts can be programmed to automatically generate reports and notifications about compliance activities, reducing administrative burden and increasing reporting accuracy.

4. Invest in staff training

Companies must also invest in education initiatives aimed at keeping their people updated on the latest technologies advancements. Using blockchain platforms like Blockgeeks or B9lab is a good way to increase employees’ awareness of current regulatory requirements and best practices.