Streamlining the Know Your Customer procedure with blockchain

[harlan4096]

Last year, I wrote a post about the possible privacy implications of applying blockchain technology to such areas as education, health care, and human resource management. However, a blockchain-based solution to a problem plagued by the shortcomings of traditional approaches can help with dealing with personal data as well. I am talking about KYC (know your customer), and recent advances in using blockchain for KYC procedures.

The term “know your customer” originally came from financial services. Banks needed to identify their customers, make sure they didn’t cheat, and be able to check their credit history. So, banks developed a set of documents and a procedure that pretty much standardized the handling of loan requests.

Later, other areas of business adopted the model. If company A wanted to do business with company B, A would need a set of documents including (but not limited to): company B’s registration number, tax number, and bank routing and account number. Typically, the authenticity of these documents have to be verified by a third party, and that’s where bureaucracy kicks in.

Normally, processing the paperwork — making phone calls and requesting required confirmations — takes a lot of time and effort. That’s a problem. But sometimes clerks simply stamp the papers without thorough checking. Bigger problem.

When bureaucracy checks fail, the bureaucracy does a strange thing: introduces more checks. Take the banking industry, for example. In 2017, according to a Thomson Reuters survey, KYC procedures took an average of 32 days, up from 28 days in 2016.

Using digital signatures, once viewed as a possible solution to these problems, cannot obviate the authenticity checks of documents required by KYC procedures. And digital signatures can be forged or stolen.

Blockchain technology can dramatically reduce the time needed for authenticity checks. Commercial blockchain architects invented the term privileged nodes some time ago. In our example, when company A needs a set of documents about company B verified, it sends a request to a certification node (owned by the state or an authorized agent). The certification node checks that company B has provided the consent for the documents requested, checks the validity of the documents (i.e., that they have not expired) and only then returns them to company A.

All of this logic can be programmed into a smart contract and tweaked to the needs of the businesses involved. For example, the smart contract may be programmed to yield the full set of documents or an incomplete set of documents that haven’t expired and that company B has consented to provide. In the latter case company A can decide whether to take the risk of continuing to do business with company B, or to halt further operations.

The innate flexibility of smart contracts, in this case, gives businesses freedom of choice, which is essential for a market economy to flourish. For example, company B may not consent to providing a specific document to company A, but it can notify A that such a document exists and has been verified by a privileged node.

Continue Reading