How to: Grow a Forex Platform by Sustainable Customer Acquisition, KYC and Compliance

To onboard more customers, increase revenue, comply with regulations, along with preventing fraud try efficient KYC/AML verification solution developed specially for forex platforms by Sumsub. Discover more about the approach here.

Money laundering through unregulated exchanges 

How do stolen virtual currencies move into real wallets? Once the hackers managed to get access to the funds, they need to somehow get the money converted and spend it. To do this, they choose one of the many existing unregulated exchanges, that have a weak “know your customer” (KYC) policy and allow hackers to remain unknown. Such exchanges make it possible to deposit or withdraw up to 2 Bitcoins (approximately US $ 8,000) per day without a serious identity check.

Regulatory requirements of FX jurisdictions 

In short, every financial company has to comply with a certain jurisdiction that actively prevents money laundering action and other criminal activities.

Constantly changing regulations vary significantly from jurisdiction to jurisdiction, it is incredibly difficult to encapsulate each and every existing regulatory regime and slight differences between them.

To make KYC forex solution comply, here are the examples of some of the jurisdictions, laws and regulations:

High requirement jurisdictions

Jurisdictions with high capital requirements ($20 million+), intensive and detailed reporting and significant operating expenses. Customer complaints to regulatory agencies may result in a strong reaction and million dollar fines from the regulators.

USA

Bank Secrecy Act and Regulations; USA PATRIOT Act.

• Individuals: a) name; b) date of birth; c) residential or business address (an army or fleet post office box number or residential address of next of kin may be substituted); and d) identification number (can be determined by the institution, but should typically be a Taxpayer Identification Number for both individuals and entities.
• Entities (non-individual): a) name; b) principal place of business; office location; or other physical location of operations / presence; and c) identification number.

Japan

Act on Prevention of Transfer of Criminal Proceeds; Guidelines.

• Individuals:Customer identification data (name, address, and date of birth); presentation or delivery of customer identification document, supplemental document or its copy, occupation, purpose of transaction, status of asset and revenue (higher risk in case where the transaction value exceeds JPY 2 million), confirmation of personal identification data of the person in charge of the transaction, confirmation of agency power for the person in charge of the transaction.
• Non-face-to-face identification: cryptocurrency exchanges are generally considered as KYC-compliant.

Moderate requirement jurisdictions

Reputable and recognized jurisdictions with high to moderate capital requirements, moderate expenses and reporting.

Malta

AML-legislation; Implementing procedures; Prevention of Money Laundering Act; financial authority – Financial Intelligence Analysis Unit (FIAU)

• Individuals: The following information should be obtained: a) official full name; b) place and date of birth; c) permanent residential address; d) identity reference number, where available; and e) nationality.
• Legal entities: The subject person is required to first identify the private company by gathering the following information: a) the company’s official full name; b) the company’s registration number; c) the company’s date of incorporation or registration; and d) the company’s registered address or principal place of business.

Cyprus

Directive by the Central Bank of Cyprus.

• Individuals: (i) True name and/or names used based on information from the official valid identity card or passport; (ii) Full permanent address, including postal code; (iii) Telephone and fax numbers; (iv) E-mail address; (v) Date and place of birth; (vi) Details on the profession and other occupations of the customer including the name of employer/business; and (vii) Specimen of signature.
• Entities must obtain a license in Cyprus to provide brokerage services.

Australia

Registered AML Rules (Australian Transaction Reports and Analysis Centre), Australian Anti-Money Laundering and Counter Terrorism Financing Act 2006, Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1).

• Financial institutions are required to: register and enroll their business with AUSTRAC; adopt and maintain an AML/CTF program that mitigates and manages their business’s money laundering and terrorism financing risks; report suspicious matters and threshold transactions to AUSTRAC.
• All brokers operating within Australia must hold an ASIC licence to receive client money and provide brokerage services. The Australian regulator sets out a rigorous list of criteria for firms wanting to acquire an AFS licence and operate within the country.

Low requirement jurisdictions

Jurisdictions with low to moderate regulatory environments, low capital requirements, low to moderate operating expenses and minimal reporting.

Belize

Belize Money Laundering (Prevention) Act 1996; Guidelines for FI by Central Bank of Belize.

• Where the customer has not been physically present for identification purposes, a financial institution may complete applications but should take specific and adequate measures to compensate for the higher risk, most notably for forgery and fraud, by applying one or more of the following measures before establishing a business relationship: <…> 5) requiring internet sign-on following verification procedures where the customer uses security codes, tokens, and/or other passwords which have been set up during account opening and provided by mail (or secure delivery) to the named individual at an independently verified address etc.

Bulgaria

Measures Against Money Laundering Act, 2008, adopted by Parliament, drafted by the State Agency for National Security (SANS) and the Ministry of Interior (MOI), amended in 2018.

• The new amendments to the law implement the 4th EU Money Laundering Directive into Bulgarian legislation;
• One of the main new obligations is collecting and filing information on ultimate beneficial owners (UBOs) of companies and other entities and the legal persons and other bodies that directly or indirectly control them;

Least regulated jurisdictions 

Least regulated jurisdictions have weaker institutional control and less detailed legislation than others.

Marshall Islands

Anti-Money Laundering Regulations, 2002, Banking Commission.

• Each financial institution and cash dealer shall identify, obtain the requisite information, retain records and file with the Banking Commissioner reports regarding persons affiliated with or who own or control the financial institution and cash dealer
• To Identify means to ascertain the full name, address, nationality occupation/business or principal activity

Jurisdictions considered ‘reputable’ are: US, UK, EU, Switzerland, Scandinavia, Cyprus, Japan, Singapore, Australia, New Zealand.

5AMLD — new anti-money laundering directive 

EU member states will have to implement 5AMLD regulations into their practices by January 10, 2020, closing multiple loopholes due to the emergence of new technologies and improving transparency while still protecting personal data. The directive will also affect KYC AML forex procedures.

The main points expressed in the regulation are:

• Cryptocurrency platforms will be required to perform client’s legal audit (customer due diligence, CDD) and submit suspicious activity reports (SAR);

• Financial intelligence units may be charged with obtaining addresses and identifying owners of virtual currencies, which will make it impossible to use cryptocurrency anonymously;

• Finally, cryptocurrency exchanges and wallets will now be required to register with their local authorities.