By Frank Marques, ICO Expert at Jumio
Investors and startups aren’t the only ones paying attention to initial coin offerings (ICOs). Although the hottest trend in cryptocurrency provides much-needed funding for struggling startups, it also attracts attention from fraudsters trying to make a buck off of unwary investors.
ICO, also known as token sale, is a decentralized fundraising mechanism in which a party issues cryptotokens on the blockchain and sells them to potential investors and enthusiasts who want to have a stake in the project. Blockchain startups have raised billions of dollars in ICOs in 2017 alone. And as we all know, where money goes, trouble follows.
Like the broader cryptocurrency space, ICOs have faced growing pains and a troubled reputation. Federal authorities have warned investors to be on the alert for potential fraud from companies who take investors’ money and run. Even the infamous penny-stock broker formerly known as the “Wolf of Wall Street” recently urged investors to steer clear of ICOs, declaring them the “biggest scam ever.”
Despite these hurdles, ICOs are a win-win for blockchain startups. ICOs are becoming the new alternative to venture capital, as some startups have been shut out of traditional VC channels or risk losing hold of their company’s equity in successive financing rounds. ICO issuers still own 100 percent of their company after the token sale, and it allows them to fund their project while it’s being conceptualized. Richard Kastelein recently wrote in the Harvard Business Review that ICOs “allow startups to raise funds without having equity stakeholders breathing down their necks on spending or prioritizing financial returns over the general good of the product or service itself.”
One of the most cited advantages and disadvantages of ICOs is a lack of regulation, at least for the time being. The lack of regulatory oversight differs depending on the jurisdiction. Countries like Singapore and Switzerland are working toward creating safe havens for cryptocurrency companies by agreeing to cooperate on fintech rules, treating ICOs as assets rather than securities.
While this benefits ICO issuers, it remains critical for the issuers themselves to take steps to protect themselves from fraudulent investors and future regulatory action that may impact their business. With no standard in place to address cybersecurity or fraud issues, it is essential for organizations considering ICOs to comply with KYC (Know Your Customer) and AML (Anti-Money Laundering) regulations. By voluntarily complying with these standards in a token sale, the company can vet that potential investors are who they say they are. In addition, by requiring investors to verify their identities, the project will likely be viewed as more legitimate than those that only require a credit card to sign up. Also, several potential regulators in the U.S. have said that they’re open to token sales as long as KYC standards are met.
Pursuing KYC and AML compliance will improve the public perception of ICO issuers, helping organizations collect and improve credibility with customers in the future. Additionally, voluntary KYC/AML compliance can help ICO issuers reach a greater audience and expand the number of jurisdictions that they can market to, rather than limiting them to a small group of countries with lax or conflicting guidelines. If businesses voluntarily comply with KYC and AML directives, they have more opportunities to engage with global institutions and investors as the company grows.
While the regulatory guidance on the cryptocurrency space in several countries is unclear, there are high stakes for ignoring compliance issues in others. For example, the recent 21-count indictment and $110 million fine against Bitcoin exchange BTC-e for money laundering illicit funds sourced from ransomware scams, hacking incidents, identity theft, narcotics distribution rings, and corrupt public officials. Jamal El-Hindi, acting Financial Crimes Enforcement Network (FinCEN) director for the U.S. Department of Treasury, states: “We will hold accountable foreign-located money transmitters, including virtual currency exchangers that do business in the United States when they willfully violate U.S. AML laws.”
The potential for fraud will inevitably increase as ICOs become more mainstream. It’s essential for companies to satisfy AML and KYC regulations to ensure that the identity of investors buying their tokens is properly verified. More organizations are leveraging online verification solutions for the following reasons::
- To verify and validate the investor’s identity
- To understand and test the customer’s profile, business and account activity
- To identify relevant adverse risk and information
- To access the potential for money laundering and/or terrorist financing
ICO-issuing organizations should incorporate identity verification workflows into the token distribution process. This means accurately verifying an investor’s identity and managing records of the information used to verify their identity, including name, address, and so on. This requires a three-pronged approach that involves ID verification, identity verification, and document verification.
ID verification uses a proprietary mix of artificial intelligence, computer vision and ID experts to determine if an identity document, such as a passport or driver’s license, is authentic and belongs to the user. Identity verification uses biometric facial recognition, liveness detection and live verification experts to make sure the user of the application is the same person featured on the ID document. Document verification acquires, extracts and verifies data from supporting documents, such as bank and utility statements, to add another layer of identity proofing needed to verify an investor’s identity.
Although there are ways for ICO issuers to comply with industry-standard regulations, buyers should still be cautious. A lack of regulation makes ICOs a potential haven for fraudsters and others who fail to register their offering or provide necessary safeguards for the public. While financial backers have a stake in the process, an ICO today is not regulated or registered in most cases. This puts investors at risk of not being able to recoup their losses if something were to go wrong.
As the market shapes up, there will be a greater risk on the ICO issuer side unless measures are put in place to protect both the issuers and investors. By utilizing identity verification methods, companies can take the extra step toward reducing risk and legitimizing their business on a greater scale, while also defending themselves against fraudsters.
Frank Marques is an ICO Expert at Jumio