KYC. No, Thanks
blog.kycnot.me> Realistically, KYC might deter a small fraction – let's say about 1% – of these malefactors.
You may as well say, "KYC might deter a large fraction - let's say about 99% of these malefactors"
There's no evidence provided for these numbers. It's one thing to make an assumption which is counter to your argument - "Even if 99% of criminals are deterred, it creates an unconscionable burden upon those whose identities are stolen" or etc.
It's quite another just to assume your own argument. Let's assume cops prevent 99% of crime - it's worth their brutality or whatever. Let's assume cops prevent 1% of crime - we would be better off with 1% more crime and no cops or whatever.
It's absolutely pointless.
The article goes on to immediately compare KYC with widespread facial recognition. Why are these equivalent?
They could at least try to engage with arguments for KYC - that large financial institutions should not be making life easier for criminals. Historically, a bank obviously knew their customers - they had to open the accounts in person, talk with the bank manager, etc.
>The article goes on to immediately compare KYC with widespread facial recognition. Why are these equivalent
They're both violations of people's privacy.
>There's no evidence provided for these numbers
And KYC proponents provide no empirical evidence that KYC has actually led to a measurable reduction in organised crime. The onus should be on them to demonstrate why it's effective enough to justify the violation of citizens' privacy that it entails.
I'm not defending KYC here (tho I think it is necessary personally). I'm just requesting the author actually try to make an argument.
So is a license plate. Privacy is not an absolute right.
> Privacy is not an absolute right.
This is meaningless.
You mean to say "nothing is an absolute right". Yes. If you want me to be more precise, I'll say that privacy is a lesser right, one that is important but that is nonetheless frequently and deliberately compromised in the service of other rights.
You get to weird places if you try to wrap an entire worldview around privacy the way people do expression or self-determination, because privacy does not have that standing.
Sure, but the fact that KYC is not motivated by data is not a license just to pull numbers out of your ass.
Came here to post this.
Having worked in an industry with strict kyc requirements and worked for a well known payment processor, if they were only catching 1% then some truly absurd amount of business is fraudulent.
Curious about numbers. Many people underestimate the scale of business in general, because they're not good at intuiting extremely large numbers. For example, an abuse tech might see 10,000 pending cases for the month and say "Wow, we catch so much fraud with this technology", but if there are a billion transactions per month, then it's very possible that those 10,000 cases represent only 1% of the million fraudulent transactions and only 1 in a thousand transactions is actually fraudulent.
So if, according to the stats plucked out of thin air, KYC isn't doing enough to stop things they presumably think are bad, I assume the article author wants even stricter controls?
Oh wait, they don't. Just ditch it and let anyone move money around with no controls. I'm sure that would work out fine.
> Just ditch it and let anyone move money around with no controls. I'm sure that would work out fine.
It did, for thousands of years. The only thing that's new is the ability to track every penny and person from cradle to grave and the incessant and ever-growing desire for those in power to control those who aren't.
Hmmmm... I think carrying a lot of gold around and limited transport and security put certain limits on who could do that easily...
One of the reasons people use gold is because carrying it around is actually pretty easy. Eg, wandering the streets with a few million in gold bars is no challenge. You can carry it in a bag and the odds of someone checking your bag for millions of dollars in hard assets is low.
Not to mention that if the gold is banked then it probably didn't need transport because it was being transported too and from a bank.
Ultra-infrequent use case. Hawala and European credit networks largely mooted it.
Well, the OP did say thousands of years. But I take your point, money transfer without moving physical gold has been possible for hundreds of years for sure.
We are taxing more complex transactions (eg. VAT, income, profits, etc.). ie. the vector for laundering is much bigger.
no tax, no control (look at The Emirates).
However, as it gets easier and easier to accrue wealth on behalf of others, the taxing schemes are probably needed, and so is the control.
> It did, for thousands of years
and for thousands of years the rich did pretty much what they wanted, and the rest of us lived barely above subsistence level.. fair taxation is one of the building blocks of modern society
> It did, for thousands of years.
That's like saying going without vaccinations, clean water, or adequate medical care "worked out fine" for thousands of years.
Sure, the human race survived. Many individuals even thrived. But I don't think it's really disputable that life with them is massively better than life was before we had them (or, in fact, than life is now for the far too many who still lack them in a reliable way).
I assume you are being sarcastic. But what you are suggesting is exactly what we need. Why did it be a problem for people to move money around willy nilly? Why do we need controls? We do it mainly to help find criminals, but there are other ways to do that.
No, we don't do it to help find criminals. We do it to make profiting from crime more difficult and expensive, and to help stop funding terrorism.
We also do it to help find criminals. And if the only reason we do it is to stop people from legally moving money around, then we need to stop it. Will criminals and terrorists benefit? Sure, but they can also benefit from other legal things as well, like cell phones and the Internet
> Why did it be a problem for people to move money around willy nilly?
because they could avoid paying their taxes?
Ok. And is the a reason to cripple our entire financial system? People can avoid paying taxes already. Most legal forms of income are already tracked, outside of kyc.
Yes, they could have cited some sources, but the number is spot on. It's an overestimate, even.
https://www.unodc.org/documents/data-and-analysis/Studies/Il...
> Globally, it appears that much less than 1% (probably around 0.2%) of the proceeds of crime laundered via the financial system are seized and frozen.
https://www.tandfonline.com/doi/full/10.1080/25741292.2020.1...
> the confiscation rate might be 0.07 percent. In other words, despite ubiquitous money laundering controls, criminals retain up to 99.93 percent of criminal proceeds.
that's like saying that nearly nobody robs banks so there's no point having so much security in banks. the real question is what would the figures be if there were no checks?
and KYC isn't only for money laundering, it's also for tax fraud
Clearly we need more money laundering controls then. (/s)
> To sum up, KYC does not protect individuals
This is true, but it's also not the point. KYC isn't about protecting individuals - it's about protecting the system (financial and geopolitical) as a whole.
Can it be defeated? Of course it can. But it's not the sole line of defense against these sorts of things - it's part of a broader system comprised of internal bank security procedures, government monitoring and after-the-fact investigation of financial crimes.
I don't mean to say that everything written here is wrong, but this is a complex topic that has meaningful tradeoffs of security vs. being free of surveillance and convenience. This sort of blind CRPYTO GUD GUBMINT BAD writing that doesn't even pretend to attempt to understand its topic at any meaningful level of depth doesn't exactly contribute to the discourse.
Your comment is quite naive and doesn't understand the damage KYC and AML laws do to businesses. The GUBMINT BAD because they effectively gave financial institutions the right to decide who can do business and who can't. That means effectively deciding the winners and losers. They can ban and deny any company from accepting payments only behind the ruse of KYC and AML laws. They don't have to tell you why (security thru obscurity). Let's take OnlyFans. OnlyFans can accept payments using Stripe and other payment processors. Now try to make your own OnlyFans. The banks say you can't.
Isn't this what laws are for? Selling porn is legal, yet payment processors decide what you can sell online. And to think they don't decide which company can process payment or not, effectively decides who wins. This is where decentralization and CRPYTO GUD comes from. I don't want a few companies deciding what I can sell online, especially if it's legal, and they hide behind KYC/AML laws afterwards.
Just looking at credit card processing fees where we essentially have a rent-seeking fee that will continually increase and is not even refunded to the merchant when a customer returns something. That's the power the government gave to these financial institutions with these laws.
My comment isn't naive - it acknowledges that KYC is part of a series of safeguards against what is an incredibly complex problem, and those safeguards absolutely come at a cost.
The difference between my comment and yours, as well as my comment and the initial post, is that I acknowledge the complexity. You look only at the bad - you don't seem to understand the reason that KYC exists or the value that it provides (and yes, despite the negatives, there is value to KYC rules).
I do understand the good that comes from KYC/AML laws. The intent is obviously good, but you've given financial institutions the power to decide who can sell online. Just search online the countless sellers that are selling perfectly legal things that got caught in this KYC net and are banned from processing payments.
Let's not even get started on the fact that banks have worked with criminal organizations to help them circumvent KYC/AML laws so the people that are money laundering have the know-how on how to not get caught in the net.
The cost of having KYC/AML laws is having a few institutions decide who can sell and what they can sell. The government gave them that power so it's their prerogative to use or abuse it to help themselves. Crypto is simply providing an alternative for people that have been unjustly stopped from processing payments.
It's just as easy to take the mirror argument, though - crypto has been used to transfer money to terrorist groups, and that money has ultimately been used to kill innocent people. If they had been forced to send money through the traditional financial system, whether electronic or cash, it would have been more costly to them either through some loss of money to government seizure or simply the increases costs of evasion and transfer.
> Crypto is simply providing an alternative for people that have been unjustly stopped from processing payments.
It's also a useful tool for terrorists. This is a point of fact.
To be clear, I'm not saying we should get rid of it, just that this is the overly simplistic argument for doing so without considering the positive. Crypto isn't some outright evil, and neither is KYC. Both are parts of complex solutions to complex problems.
I think our argument can be simplified to centralized vs decentralized systems. Ideally, centralized systems are great. 2 parties can trust and work with each other as a 3rd party is the source of truth. Any of the parties can go to the 3rd when they are wronged and need a resolution. It works great, until it doesn't. In our case, the 3rd party has a conflict of interest and can decide if party 1 or 2 can do business at all.
Decentralized, each user takes on more risk, but the benefit is that no one party is deciding who can do business and who can't. That burden is left on the buyer to decide if the seller is legit and the smart contract can be the source of truth.
The difference is that people who support decentralized systems are not trying to get rid of centralized systems altogether. They understand their necessity, but also realize decentralized systems can add some needed competition. That will improve centralized systems in the future as well.
> The intent is obviously good, but you've given financial institutions the power to decide who can sell online.
No.
Financial institutions are bound by their agreements with the card associations, of whom you may have heard; one of their logos is on every card in your wallet. They, as private entities, have the prerogative under current US law to decide who may and may not use the payment rails they own, and this was the original genesis of rules disfavoring porn and other such relatively 'sketchy' businesses - not for moral reasons, or not overtly so, but for the high rate of expensive and complicated chargebacks those businesses generate. The associations can and do deny payment access to businesses or even institutions which generate too many chargebacks, and are thus forced to implement the associations' desires regardless of their own inclinations.
That's been true since long before the USA PATRIOT Act of 2001 gave rise to KYC/AML regulations in their modern form. If you want to argue against one or the other, you help yourself by ensuring you don't conflate them.
Meanwhile, if the description I gave of Visa and Mastercard sounds a lot like how Ma Bell could've been fairly described before a then much spryer Uncle Sam caught up to them, this is not by accident.
Who is Visa/MC to decide what’s a sketchy business? That’s for the law to decide. That would like if a 3rd party company decided who can use the sidewalk or not.
Before you say payments rails are not a public utility, understand that’s a part of the problem. If they were a public utility, the people would have rights. In the old days, the government would nationalize the payment rails like they did the railroads and private roads. Sadly, that won’t happen in today’s age. I’d be happy with the government having their own payment rails anyone can use. The government can go after people actually doing illegal things instead of blanket banning (and then approving) and handing that power to a 3rd party. Since that won’t happen, crypto will have to do.
You may have missed the part where I called for Visa and Mastercard to be broken up as the trust that they are. We differ on the merit of crypto as an alternative, but we don't differ in finding the status quo unsatisfactory.
Oh my bad. You were simply stating that Visa/MC are following the law as the government has instructed them to do so. You’re not supporting that law and just stating it like it is.
No worries; I was oblique in my phrasing, for fear Ptacek might notice what I was saying and weigh in on how I'm full of it. ;)
It's not even so much 'as the government has instructed'. The laws around the associations grew around the associations, with much generous assistance and advice from their own paid lobbyists - much as with the darlings of the modern tech industry, in their day the associations were 'disruptors,' too.
When I say 'under current US law,' what I really mean by it is 'until the Sherman Act is applied as written'. It would be nice to think that might happen in my lifetime, but it has been some years since I could reasonably consider myself young.
Are payment processors hiding behind KYC & AML laws? Do they even need to provide justification?
Yes, you can look up countless stories of small sellers online that have had their payment processing stopped by Stripe or Paypal. In some cases, these are decade old accounts and they keep their funds for weeks after the user is banned. I've even had a friend get banned from Paypal when logged in from another country they didn't operate in. I'm not talking about sending funds, just checking his account. When he asked why, they said their system alerted something and their decision is final.
The government truly made them judge, jury, and executioner. They can stop you from collecting payments at any time, hold your funds, and don't have to provide reasons. Forget appealing their decision since it's final most times.
In the end, the government let this industry "self-regulate" itself and crypto gives users a different option.
That isn't hiding behind these laws though necessarily. I've heard of this from Paypal and I'm sure it happens, on the other hand I'm sure there is lots of abuse and we only ever hear one side of the story.
> KYC isn't about protecting individuals - it's about protecting the system (financial and geopolitical) as a whole.
At the cost of individual privacy.
The purpose of KYC laws is to replace difficult to prove and prosecute crimes like human trafficking, terrorism and drug dealing, with easy to prove and prosecute crimes like "lying on banking forms" and "money laundering" and "tax evasion."
Everyone knows that criminals lie on these forms and _that is the point_. They now have an easy to prosecute charge just waiting for them if they ever attract the attention of the authorities. They just need to look into where their money is coming from and there will be a lot of ways they can prosecute them.
https://www.bitsaboutmoney.com/archive/optimal-amount-of-fra...
This was the strategy used to prosecute Al Capone. IIRC, they couldn’t get enough evidence to directly charge him for his other (violent) crimes, so they built a successful case of tax evasion. With such leverage, they started to dismantle his organization, whereupon they found the evidence to press more charges.
So why not just throw everyone's rights out and just start searching their homes for evidence of crimes, or at least something that can be prosecuted because it might be a crime?
We'll surely get a significant amount of people who are doing or own things they shouldn't. Maybe even as high as 1%!
I never said that I approve of these tactics. Quite the opposite.
I meant it as a warning: the KYC system will be used against you. If you commit a crime (or even rock the boat too much), expect these records to be combed over and leveraged against you. At the very least, authorities will likely obtain a search warrant and systematically attempt to destroy your life.
Al Capone would have passed KYC everywhere as a US citizen
And Al Capone could have used a non-profit as they are tax exempt, where money laundering - the crime - is not possible because there are potentially no taxes to report
that's the system
You're saying being tax exempt means you don't need to report income and outgoings..?
Money laundering is possible regardless of whether an organisation needs to pay tax.
It is possible there is just nobody to investigate it
I would also add that KYC laws basically make ignorance willful and consequently illegal.
precisely
laundering is a crime which relies on identifying an illicit origin. so this victimless invention is actually impossible to prosecute laundering on its own, only unsuccessful laundering not just “why are you moving money how suspicious”, and it can only be a tacked on charge that might stick when the other charges wont
this further bolsters the point that the dragnet is just inconveniencing everyone else
> KYC is being used by many businesses as a convenient gatekeeping tool. A perfect excuse based on a "legal" procedure they are obliged to.
This. Right here. KYC is prone to abuse for censorship, and does anyone believe that it isn't already? Does anyone believe that KYC scores aren't going to eventually be linked to credit scores, ESG scores, perhaps social credit scores someday?
This is definitely an interesting position, but it's an argument that needs to be backed up with solid evidence about the costs and ineffectiveness of KYC. This post contains zero such evidence, and as such, is entirely worthless.
Proponents of KYC also never backed their policies with empirical evidence of their effectiveness; the onus should be on them to prove that KYC is effective enough to justify the inconveniences and privacy violations it entails.
It’s hard to prove a law that has a deterrent effect, since you can see the number of people it “caught” but the people it deterred are invisible.
The best proxy for the deterrent effect is how much criminals need to pay to launder money. I can’t find a good source on this, but some anectdata that put it between 15-50%.
I mean, sure, but if you're demanding detailed statistics from the anti-side (the start of this thread), letting the pro-side gesture vaguely in the direction of hard to measure deterrence seems like an isolated demand for rigor.
It forces bad actor to go for more complicated schemed to avoid regulations.
Author's point is like saying having cops near a bank is useless because robbers will just avoid those banks.
How do you handle customer password resets when an email service provider locks them out?
Do you just keep the money? Or do you send it to the government who keeps it, because they can’t assign it to a person?
KYC is a speed-bump for criminals, yes. But it’s also the only way to support the finance system for regular people.
What happens when you have a financial system where there is no people or traceability tied to funds? You know the answer, it’s a loaded question.
Send $1 from a previously used payment account/card?
At that point you're effectively delegating KYC through Visa/Mastercard who will run KYC processes. It also ignores scenarios where multiple things are stolen at once (eg malware, cons, etc).
I can't think of a type of online business that stores money but doesn't take payments from bands/credit cards/paypal/etc. ?
The purpose of KYC isn't just to combat terrorism and financial crime, but also to protect businesses from the actions of unscrupulous individuals, which is common in low-trust societies. As Western society transitions from high-trust to low-trust, I predict KYC will only become more widespread.
I don’t understand the issue here. It seems like various KYC regulations are the status quo. Is there a specific bill or proposal the article is against? That was left totally unclear.
I don’t think tin foil hat shout into the clouds articles are very useful. Is the author an expert on money laundering or organized crime? Give me some reasons that aren’t just soap box speeches about freedom.
Finally, I think that it’s pretty obvious how basic identity regulations can work. If a bar has an ID scanner that accesses a state database to look up your picture on file that can trivially defeat a fake ID. If a car dealership does the same they can prevent selling a car to someone who isn’t licensed to drive. Seems pretty normal to me.
A lot of the usual misconceptions about KYC in here (that you need ID, or how the government insists KYC is implemented).
I find Patrick McKenzie’s (patio11) deep dive into KYC [1] useful to understand more of why KYC exists and what is and isn’t in the law.
1. https://www.bitsaboutmoney.com/archive/kyc-and-aml-beyond-th...
KYC effectively means that if you don't own property and don't pay rent, then you're not a full legal person. You need an address, and a cheap P.O. box won't cut it. Need to live in your car? Want to live in your RV or boat? Planning on selling everything and backpacking around? Good luck registering for a driver's license or a checking account.
the KYC regime operates under the idea that its working because fraudulent identities work.
nobody here would ever know if a bank account currently exists in their name at a different institution, if it was properly used to simply accept payments for legal services and not leave an account in overdraft.
the entire concept of whitelisting transactions is a fools errand
> Realistically, KYC might deter a small fraction – let's say about 1% – of these malefactors.
I too can pull arbitrary statistics straight out of my backside, and use them to argue my point
Why not 10%? Why not 10000% in fact (if we’re comparing it to the number of current bad actors)?
Do you really think there wouldn’t be more tax cheaters if nobody did KYC checks? Come on…
There are some things that should require KYC. Like accepting DMCA claims. The claimaint should have to be a real verified person before the host should be required to act on a DMCA complaint.
Most of the things that seem like good ideas for KYC, such as DMCA claims, are better to be rendered nonexistent in the first place.
Right. I'm just highlighting from a different angle the point of the main article: KYC "protections" are not implemented to protect human people.
If that was the intention they'd be applied equally in all legal contexts like re: DMCA claims, but the fact that they aren't shows the intentions of regulators for KYC in practice.
kyc is a lot more than just "muh privacy," it is effectively the lynchpin of how the United States weaponizes its monetary standard against other nations and individuals. KYC allows the state to maintain the illusion of a free and fair trial by jury whilst at the same time freezing all monetary assets you could use to ever defend yourself under the guise of 'crime', effectively guaranteeing themselves a win.
and to clarify the article, not all cryptocurrencies are set in stone traceable. Monero enjoys ephemeral transactions that are so untraceable, no ones claimed the US government bounty for a proof-of-concept yet. In turn, youll likely see most KYC exchanges get strong-armed into dropping support for mondero-like currencies altogether.
your entire monetary life is effectively for review. visa/amex/mc all tag your transactions with a vendor code as part of KYC to build a profile of your spending and sell analytics to economists about what you buy (food, guns, clothing, cars, etc..) move too much money in cash? KYC kicks in and youll need to explain to the teller why you want that money. Dont want to explain? they will inform the FBI under the bank secrecy act. want to know if they reported you? you cant (its literally illegal.)
The problem is policies like KYC are often just corporate CYA (cover your ass) policies. Making the security measures as overt as possible gives corporations plausible deniability.
Laws can be circumvented --- therefore, laws are useless???
This line of reasoning is highly suspect --- particularly when based on assumptions without concrete supporting evidence.
Anonymous terrorist and organised crime funding scam technology? No thanks ;)
Because anonymous banking facilities have never been used to launder vast amounts of cash...
There's zero evidence that AML laws have actually led to any reduction in crime, while there's countless evidence of them causing unnecessary difficulty to law-abiding citizens. AML proponents should be required to demonstrate that the measures they propose actually lead to an empirically measurable reduction in crime, otherwise it's just a massive violation of citizens' financial privacy rights for no gain.
How about we set up a parallel banking system with none of the rules and regulations, and see what happens?
Oh yeah we did that a few years ago and it was scams all the way down :)
There are also an abundance of people getting scammed the old fashioned way, KYC's done nothing to reduce that as the amount of people losing money to online scams has increased in recent years.
The crypto ecosystem has scams but it also has genuine financial privacy with Monero, while the average person in a western country has zero options for financial privacy in the traditional banking system.
What do you mean by “financial privacy”? Hiding stuff from the taxman?
Yes, that too, but also just fucking privacy. A basic notion that your financial movements shouldn't be an open book to any bureaucrat, functionary, corporate drone or algorithm under the sun. We rightfully take personal privacy seriously in many other things, but suddenly you try to apply the logic to something as deeply sensitive as one's economic life and many would-be nannies lose their shit. Many of you on this very comment thread sound like government agents ranting about "protecting children" with their attempts at encryption backdoors.
The only difference is that you apply it to preventing people from controlling the keys to how and where they keep or send their money. Why? Because "terrorists!" "Money Laundering!", Tax evasion!" Oh my! How many of these justifications wouldn't even exist if government wasn't so heavy handed in slathering on endless regulations to criminalize whole areas of human activity that never needed to be harmful or criminal in the first place?
I'll also note here that in many countries, employees at major banks and at major government offices collude with organized crime to a pervasive degree, and actively look at the accounts of people with signs of having come into large amounts of money (but without corresponding protective power of their own) for the sake of extorting or even kidnapping them. I live in one such country. It's easy to bleat about the need for KYC and making sure everyone "pays their fair share" (a thing that anyhow barely functions as claimed even in the most KYC-obsessed countries, since the wealthy use all kinds of legal loopholes and special connections to keep their funds safe) if you live in a place where the powers that be aren't overtly parasitical and criminal. It's a little more difficult to apply the same in other parts of the world.
Between 2016 and 2021 the number of money laundering cases doubled [1].
So clearly AML laws are making a difference at detection at least.
[1] https://www.eurojust.europa.eu/news/money-laundering-cases-r...