Cryptocurrency Exchanges: Does Your KYC Keep Bad Actors Out – Or Invite Them In? Skip to content
Entering the Brazilian iGaming market? Discover GeoComply Brazil's tailored solutions!
Learn More

Cryptocurrency Exchanges: Does Your KYC Keep Bad Actors Out – Or Invite Them In?

cryptocurrency exchanges
Read time:
3 minutes

Bad actors rely on secrecy to launder money, evade sanctions, collect ransomware payments, and commit other types of financial crime. Their ability to exploit loopholes in Know Your Customer (KYC) processes leave virtual asset service providers (VASPs) such as cryptocurrency exchanges susceptible to these bad actors. In fact, digital assets have become “the currency of choice” for criminals who rely on crytpocurrency’s pseudo-anonymous nature to fund their nefarious activities.

Financial KYC loopholes also attract the attention of regulators. The latest anti-money laundering (AML) fines statistics from Duff & Phelps (August 2020) show that the first half of 2020 saw a major uptick in fines, with the global value totaling $706 million, compared to 2019’s full-year total of $444 million.

According to a report by CipherTrace that analyzed virtual asset service providers’ KYC by jurisdiction:

  • 56% of VASPs globally have “weak or porous” KYC procedures, “meaning money launderers can use these VASPs to deposit or [withdraw] their ill-gotten funds with very minimal to no KYC.”
  • Europe has the highest number of VASPs with deficient KYC processes – 60% have weak or porous KYC procedures.
  • The US, UK and Russia are home to the highest number of VASPs with weak KYC procedures.

To Deter Bad Actors and Satisfy Regulators, Add Geolocation to Your KYC Toolkit

Strong KYC procedures help establish a customer’s true identity, essential to AML and other compliance requirements. Typically, KYC involves verifying an individual’s personally identifiable information (PII) such as a government-issued ID, phone number, birth date and physical address. Now regulators want to know more.

For the first time, the Financial Action Task Force (FATF) has specifically identified geolocation data as a necessary part of digital identity and KYC verification. The FATF Guidance clearly illustrates that no single authentication factor is considered sufficiently trustworthy in KYC and Customer Due Diligence (CDD).

Similarly, in terms of accuracy and integrity, multi-layer authentication of geolocation data is critical. Multiple geolocation data points – including WiFi Triangulation, GPS and GSM, as well as unaltered or un-spoofed IP data – should be aggregated to ensure the highest levels of location accuracy as part of digital identity verification.

With GeoComply, Fraud Has No Place to Hide

At GeoComply, we focus solely on geolocation-based security, fraud detection and the protection of digital content and assets. We provide a suite of geolocation-based solutions that are combined with human intelligence in order to provide accurate, authenticated and unaltered location data and to stop internet users from spoofing their location.

To learn more, contact us at, or check out our recent white paper, “FATF Puts Digital Fraud on the Map – Understanding the Role of Advanced Geolocation Technology to Combat Cybercrime”.

Related Posts

How Geolocation Optimizes Fintech Compliance

Why the Key to Modernizing Fintech Compliance is Geolocation

Geolocation Tools Are “Invaluable Assets” for Sanctions Controls