Banking is a heavily regulated business and part of these are due diligence requirements, knowing your customer(KYC), knowing your account(KYA), and to checks associated to lists of people that are related to criminal behavior around the globe such as the list of the Office of Foreign Asset Control (OFAC). The due diligence requires that if there is suspicious activity a Suspicious Activity Report must be filed. A great deal of the documents and verification points established by Banking institutions are related to these endeavors. Given the large number of touchpoints and given that Banks offer a large variety of products and services, the data typically resides in different locations and using a multitude of databases and systems. In addition to the verification and reporting activity. Bank Secrecy Act also requires an enhanced due diligence for customers deems to have a higher risk given their locations, customer, account, and transaction profile. The enhanced due diligence requires verifications through out the life of the accounts, including dormant accounts, whose need and frequency of verification is based on risk. In addition, and most recently, banks are also required to identify who is the ultimate beneficiary of a transaction. For example, significant ownership of a company, or as simple, who is the beneficiary in a wire transaction.
The above requirement places a heavy burden on financial institutions to perform the verification, process the SAR’s, and to maintain the enhanced due diligence. Furthermore, banks that do not satisfy Regulatory perception or due to weak BSA processes are used for money laundering or through which money was used for criminal activity may face significant penalties, including criminal charges, and even closure.
The blockchain can be a solution to aide in the KYA and KYC process by providing a solution in which the touchpoint information is propagated to all touchpoints, and a system that verifies that the due diligence was properly conducted. This can be done at the single institution level, in a private blockchain, but could potentially be done in a consortium of intuitions, which all perform similar processes, in a hybrid environment. The nodes could be the different touchpoints and the miners could be designated departments at the Bank. The documents could be encrypted as smart contracts. A proof a concept may be the best route to work this with a platform that provides flexibility, scalability, and highest level of security and availability, including disaster recovery and business resumption facilities.