Learn why NFT businesses should move towards AML compliance and get a free guide at the end of the article.
My name is Tony and I’m the Chief Legal Officer at Sumsub. Our legal team has a wide range of duties, ranging from internal compliance to offering consultancy services to our customers. As user verification is ultimately a legal task, Sumsub cannot function without our legal and compliance experts.
The topic of NFT is quite fascinating. The NFT market is huge—it reached $25bn last year—yet it’s hardly regulated, which makes it luring for fraud and money laundering.
In a recent webinar, we talked about the nature of NFTs, their future, and how they’re regulated. Today, I want to get into how NFT marketplaces can achieve AML compliance to prepare for future legislation.
NFT stands for Non-Fungible Token. “Non-Fungible” means that the token cannot be exchanged, since it’s unique. In essence, an NFT is a certificate of ownership recorded on the blockchain. Examples of NFTs include tokens made for digital art, collectibles, event tickets, and even property.
NFTs are not yet expressly mentioned in any laws or regulations. Nevertheless, they can be indirectly regulated as art, virtual assets, or investment tools.
As there are similar AML requirements for these three spheres, marketplaces should not wait for NFT-specific regulations to start building their AML compliance. Let’s go over why they should start preparing now.
Currently, NFT businesses can claim that they don’t bear any AML or data protection responsibilities. However, there are several reasons why they should start introducing AML measures anyway.
AML compliance requires significant effort. Even if a business outsources to a KYC solution, it must still construct a baseline AML infrastructure. This includes implementing an AML compliance program, hiring a money laundering reporting officer, and so on.
If NFT marketplaces don’t start preparing in advance, they won’t have the time and resources to be compliant once AML regulations come into effect, leaving them open to penalties.
NFT regulations might be implemented earlier than everybody expects. In June 2022, for example, EU lawmakers discussed a possibility to introduce regulations on the NFT industry to stop scam artists and money launderers from abusing the unregulated industry.
NFT marketplaces need a bank that will exchange their crypto earnings into fiat. However, it’s likely that banks won’t be interested in these earnings unless clear AML procedures are put into place. This is because financial institutions face sanctions for providing services to companies facilitating money laundering and other crimes.
Being AML-compliant can build trust between a business and its users and investors. For instance, when Nifty Gateway, a well-known NFT marketplace, started to build up their compliance, they landed a partnership with auction houses Christie’s and Sotheby’s.
The art sector has recently become subject to AML legislation in Europe, the UK, and the US. As a result, criminals who previously laundered money through art have moved into NFTs.
The most exploitable vulnerability of NFT marketplaces is that user identities are not checked. Criminals can create an NFT, register two separate accounts (one for selling and one for buying), and purchase the NFT from themselves. This is a classic money laundering method applied to the novel world of NFTs.
The absence of verification procedures lets in fraudsters who sell fake NFTs. When users realize they’ve purchased fraudulent goods, their trust in the platform fades. This cycle negatively impacts artists no less, as nothing is done to prevent their work from being illegally traded and exhibited.
Source: Derek Laufman/Twitter
Here are some recommendations for NFT marketplaces based on more than five years working with ICOs, crypto wallets, and other blockchain businesses.
If a business has enough financial resources, I recommend opening a centralized marketplace—one controlled by a legal entity and not by users. Although operating without a legal entity would allow businesses to avoid compliance with various laws, they won’t be able to attract investment and earn the trust of the users.
I recommend setting up a legal entity either in the US or the UK. I do not advise establishing a marketplace in the EU due to high taxes and strict requirements for remote identification. For instance, in Germany, you have to conduct video KYC to onboard users—a very costly process that significantly decreases conversion rates.
Businesses that operate on the blockchain—including NFT marketplaces—are worried that they may fall under the American Securities Act of 1933.
Under the Act, if you sell any investment tool to American citizens, regardless of where your company is located, you must comply with a whole set of obligations, including preventing money laundering and guaranteeing investor rights. In Europe, there are similar regulations, such as MiFID and MiFIR.
As the majority of NFT sellers and buyers come from the US and Europe, NFT marketplaces can fall under these investment regulations. To avoid this, businesses need to prevent NFTs sold on their platform from being considered investments. Marketplaces can do this by:
If NFT marketplaces do not adopt these measures, they may not be able to comply with the complex regulations that face them.
It’s hard to establish AML practices from scratch. To support you, we’ve gathered a list of measures required by regulators around the globe.
Building such infrastructure requires a lot of time and effort, so I recommend starting to prepare in advance. Our legal team is always happy to lend a helping hand, so don’t hesitate to contact us.
NFT marketplaces only need to identify their users at the onboarding stage. KYC for transactions between sellers and buyers is performed by payment providers.
Businesses can break up the onboarding journey into several steps. For instance, they can perform a simplified verification procedure during the sign-up process, and a more complex one for deposits.
If I were the owner of an NFT marketplace, I would reach out to a KYC provider, since it makes no sense to build the whole process from scratch when it can be set up in a quick and efficient manner.
Also, NFT businesses can have a joint KYC/AML process with payment providers. They can introduce reusable KYC that allows customers not to repeat verification multiple times.
We have compiled a downloadable checklist with all our recommendations so you can track your progress easily. Feel free to save it to your device.
It will be increasingly important for NFT marketplaces to build AML infrastructure with their legal entity at the center, surrounded by necessary counterparties like KYC and payment providers. Here’s what this can look like:
Setting up an AML compliant business takes time and a lot of work. But the reward is avoiding regulatory sanctions and building trust between your platform and its users and investors. So I think it’s worth the effort.
The NFT market is booming. But even the biggest NFT marketplaces don’t always follow AML requirements, which may lead them to financial and reputational losses. Check out this guide to learn why NFT businesses should start building their AML compliance today and how they can do it:
Yes. Volatile prices make NFT attractive for money launderers. Criminals can create an NFT, register two separate accounts (one for selling and one for buying), and purchase the NFT from themselves.
Yes, NFT wash trading is illegal and is a form of NFT scamming. Wash trading is a market manipulation in which an investor simultaneously sells and buys the same financial instruments to create artificial activity in the marketplace. NFT wash trading aims to give market participants a misleading image of an asset’s value. In doing so, an NFT will be sold at a higher price to a new wallet, which is also controlled by the original owner.
It is the process of customer verification in an NFT marketplace.
Currently, KYC is not a regulatory requirement for NFT marketplaces. However, it is advisable to implement it. By using KYC technology, NFT marketplaces could reduce the chance of fraud and intellectual property theft for artists.