More than half of virtual asset service providers globally have “weak or porous” Know Your Customer processes, according to new research.

A report out this week by cryptocurrencies threat intelligence firm CipherTrace analyses VASPs and uses standardised criteria to score their KYC controls as ‘weak’, ‘porous’ or ‘strong’.

CipherTrace found 56% of VASPs globally have a ‘weak’ or ‘porous’ rating, including at least half of VASPs in every region.

The US, Singapore, and the UK lead as the countries with the highest number of VASPs with weak or porous KYC. The next two closest countries with large numbers of KYC-deficient VASPS are China and Russia, yet these two countries have between 31-44% fewer VASPs with weak or porous KYC than any of the three leading countries.

However, the report notes that the US and UK has a higher number of VASPs overall “The large count of VASPs with such deficient KYC practices in these countries demonstrates the higher number of entry points for potential money launderers”, the report says. While only 44% of US and 40% of UK exchanges were found to have weak KYC practices, these KYC deficiencies characterize 80% of Russian exchanges.

CipherTrace also raises concern about Decentralized Finance (DeFi) and Decentralised Exchanges (DEXs) in particular. DEXs are type of cryptocurrency exchange that operates in a decentralized manner and enables peer-to-peer crypto trading.  

CipherTrace says these “typically lack any KYC process”. It said: “Because they have operated outside of regulatory supervision, it is no surprise that many DEXs have poor KYC scores. CipherTrace researchers found that over 90% of DEXs with a clearly domiciled country had deficient KYC, with 81% having little to no KYC whatsoever.”

Virtual asset providers been coming under more scrutiny and regulation in recent months.

Jurisdictions are also implementing the Financial Action Task Force (FATF) “travel rule” which requires VASPs, including cryptocurrency exchanges and custodial wallet providers, to exchange relevant beneficiary and originator Know Your Customer information.

Last month, FATF outlined “red flag indicators” to help financial institutions detect money laundering and terrorism financing linked to virtual assets.

The European Union’s Fifth European Anti Money Laundering directive brought cryptocurrencies and cryptocurrency exchanges under the same anti money laundering and counter terrorism financing rules as financial institutions.

Hear more about the challenges of cryptocurrency regulation, including a keynote speech from Dr Nicholas Ryder, professor in financial crime, at the FinCrime World Forum global live streaming event on December 1. Click here for more.