Know Your Customer or KYC is the regulation that requires financial institutions to verify the identity of their clients. The intent of this law is to make it harder for the bad guys to use financial services. It is a huge burden for the financial institutions and an inconvenience for the customers. Yet, if this process was cheaper, more iterative, and if the results could be shared by independent un-market participants could use it to create a safer commerce environment. It could work in a way similar to mutual key signing in a Web of Trust.
##Gathering data Banks spend a lot of resources to comply with the KYC/AML (AML - Anti Money Laundering). For KYC the customer provides the data and bank collects and verifies them to be potentially shared with the regulators later. A shared database, such as the blockchain, seems like the best tool for the job.
Let's see how this might work. Suppose a startup is opening a bank account. A Bank is gathering the information and:
- Customer creates a public company identity on the blockchain.
- Customer puts incorporation, state registration and other documents, requested by the bank, on the blockchain.
- Customer gives the bank permission to view the documents (permission recorded on the blockchain).
- Bank verifies company documents and signs them on the blockchain.
- Bank signs the company Identity on the blockchain.
The last 2 steps are variants of an attestation, containing:
- WHO - the company/clerk who is making a statement, and signing it
- ACTION - such as received, verified, approved etc.
- LINK to the object, like Person, Document, etc.
- a digital signature
##Compliance as shared data At this point the startup has the attestations for all provided documents and the company identity.
Could the results of this mandatory process be useful to the customer? It appears, they may be even more useful than they are for the bank, performing the process.
Suppose in the above scenario the startup decides to buy insurance coverage for their employees or may be apply for the loan with another bank or on a loan marketplace, like the Lending Club. Startup will need to fill out most of the same information again. Instead of doing it the traditional way, the startup will just need to give permission to access this information on the blockchain. In fact, much of the sensitive information may not need to be revealed if new service provider trusts the attestations made by other providers that verified it already.
Similar problems exist in the consumer space. For example, when looking for an apartment in a city, we need to fill out dozens of applications, sharing our sensitive information with the parties that may not have a good policy in place for guarding it.
As a side benefit this creates a permanent record of a permissions grant and will serve as a deterrent for the information leaks. This is sharp contrast with how we fill out numerous forms today and later do not have a trace of who we shared our sensitive information with.
Attestations are special links created by a person/company saying something about another person, company, or a resource (document, equipment, process). Signed statements like this are indispensable in a decentralized marketplace. They will create the first layer of reputation, before statistical reputation gets accumulated. Note that Alibaba provides direct and third-party attestations for its vendors. We predict that in a decentralized marketplace attestations will become a market in its own right. Perhaps the banks, insurance companies and other entities will realize that KYC/AML can turn from a cost center into a profit center.
###Software
###Front end