What is KYC/AML?
KYC (Know Your Customer) and AML (Anti-Money Laundering) are regulatory requirements that financial institutions must follow to verify customer identities and prevent illicit financial activities. Many RWA and institutional DeFi products require KYC/AML compliance.
KYC Components
Identity Verification
- Government-issued ID (passport, driver's license)
- Proof of address (utility bills, bank statements)
- Facial recognition/liveness checks
- Document authenticity verification
Customer Due Diligence (CDD)
- Source of funds verification
- Purpose of account/relationship
- Expected transaction patterns
- Beneficial ownership identification
Enhanced Due Diligence (EDD)
- Required for high-risk customers
- Deeper investigation of source of wealth
- Ongoing monitoring requirements
- PEP (Politically Exposed Person) screening
AML Requirements
- Transaction monitoring for suspicious activity
- Sanctions screening (OFAC, UN, EU lists)
- Suspicious Activity Reports (SARs)
- Record keeping and audit trails
- Staff training and compliance programs
KYC/AML in DeFi
Permissioned Protocols
- Aave Arc, Compound Treasury require KYC
- Tokenized RWA products (Ondo, etc.)
- Institutional lending pools
On-Chain Identity Solutions
- Soulbound tokens for KYC attestation
- Zero-knowledge proofs for privacy-preserving compliance
- On-chain whitelists for verified addresses
DeFi KYC Providers
- Chainalysis, Elliptic (blockchain analytics)
- Jumio, Onfido (identity verification)
- Synaps, Fractal (crypto-native KYC)
Balancing Privacy and Compliance
Some projects explore privacy-preserving KYC using zero-knowledge proofs. Proving you're compliant without revealing personal data.