KYC and AML Compliance for Crypto Exchanges. Guide 2020

Mar 25, 2020 at 08:13 // News
Guest Author
Cryptocurrency exchanges will be regulated

The beginning of 2020 was quite stressful for most cryptocurrency exchanges. On January 10, 2020, the 5th Anti Money Laundering (AML) Directive took effect. Some platforms announced their closure, while some threw all their strength into the struggle to meet the new requirements. This article will tell you how to win this battle.


If you think we decided to write this article based on this directive alone, you are mistaken. February 2020 began with good news for the EXMO team. EXMO crypto platform has been rated top-tier in the latest CryptoCompare Exchange Benchmark. 

We are going to tell you about our experience, the number of requirements, and how many hours our AML-officer sleeps.



AML-   Anti Money Laundering

CTF-   Counter Terrorism Financing

KYC-   Know Your Customer

FCA-   Financial Conduct Authority

FATF- Financial Action Task Force

JMLSG- Joint Money Laundering Steering Group

HM-   Her Majesty

PEP- Politically Exposed Persons

GDPR-  General Data Protection Regulation

MLRO-  Money Laundering Reporting Officer

Legal name and jurisdiction of operation

We were not looking for a simple solution to enable us to meet the 5th AML Directive and from the very beginning, we approached the issue seriously. EXMO operates within the legal jurisdiction of the UK. It goes without saying that the UK is a strict but transparent legal field with well-developed regulatory tools. Also, the UK was among the first to implement cryptocurrency legislation.

Therefore, if you suddenly decide to open your exchange, be sure to pay attention to the legislative framework of the country where the exchange is launched.

Registration/Licensing where appropriate and applicable

Currently, there are only a few countries that issue licenses for cryptocurrency activities. At the beginning of the year, EXMO received Estonian licenses.

Concerning AML compliance, we are currently in the process of issuing the AML registration from FCA—The Financial Conduct Authority.

Implementing strict KYC and AML procedures

During January 2020, we’ve launched the mandatory verification on the platform. It was the necessary part of KYC and AML compliance, a crucial component for security. Now it’s easier for us to know the client, understand if we can trust them, and prevent possible fraud. 

Another measure we took was implementing the CipherTrace software. It verifies that the user’s wallets are not blacklisted, connected with terrorism, or associated with fraudulent activity, etc. With this software, we trace transactions and monitor potential risks.  

We had found that some withdrawals were being made to blacklisted wallets. Now we can prevent such transactions, track any fraud cases, and guarantee counteraction black market flows by following the anti-money laundering legislation within the framework of the platform.

The results were positive, and on February 4th 2020, we are pleased to say that CipherTrace awarded us a Green rank.

However, just using soft tools is not enough. Our Compliance team works 24/7 and also conducts manual monitoring of any suspicious transactions. We have developed a number of internal tools and guidance to monitor Crypto and Fiat transactions. Together with soft tools, we are confident that no EXMO account will be susceptible to falling victim to hackers.

Regional Representation Compliance based on FATF recommendations

You probably heard about an inter-governmental body FATF—The Financial Action Task Force. It was established in 1989 with 37 countries becoming members. The FATF developed a series of recommendations for regulating cryptocurrencies and the activities of cryptocurrency services operators.

Every three months, FATF updates a list of high-risk countries. This list is determined by the strength of laws against money laundering in a specific country, how much it cooperates in developing tools to counter laundering, and in providing data. So therefore, we do not work with users from blacklisted countries and we thus increase the security and compliance of our platform even more. 

Being part of the Cryptocurrency Regulatory group and fulfilling applicable requirements

Laws are updated continuously, and to comply with them, constant monitoring is necessary. We participate in crypto alliances, track FATF listings, and interact with FCA requirements groups. Of course, we do not forget about the local British law, tracing the requirements of Her Majesty's Treasury (HM Treasury).

Overall, the EXMO AML/CTF procedures are in line with the requirements of:

  • The Proceeds of Crime Act 2002;

  • Terrorism Act 2000 and 2001;

  • Money Laundering Regulations 2017;

  • Counter-Terrorism Act 2008;

  • HM Treasury Sanction Notices;

  • FCA Handbook;

  • JMLSG Guidance.

We guarantee the timely implementation of legislative changes. Any exchange wishing to stay afloat must comply.

Sanctions and PEP compliance statement

PEP refers to Politically Exposed Persons. We monitor PEP lists to ensure our customers are not current or former politicians. We also track sanctions lists to ensure there are no risks of being involved in money laundering and terrorist financing activities. Ever vigilant to keep a finger on the pulse of these activities, we use Namescan.

Constant ongoing transaction monitoring

Let us reiterate CipherTrace and the 24/7 compliance department. 

If we note a suspicious transaction, it is blocked to allow our platform to ensure there is no fraudulent behavior. After a customer has been approved, EXMO performs a comprehensive process of transaction monitoring. This is accomplished with the EXMO system, developed to utilize an internally developed automated fraud prevention and risk management system.

Having an experienced Chief Compliance Officer

Having an experienced AML specialist is crucial. This person has access to all our data and is responsible for the development, implementation, and maintenance of a risk assessment framework for anti-money laundering.

The CEO of the company can perform this function, but for us, it is vital to have an experienced individual with an independent outlook on the situation and a working knowledge of the company. We have just such a person who keeps abreast of innovations in legislation and implements them to the company.

An experienced AML and Antifraud Department

We are very proud of our financial security monitoring department and the antifraud system that has been developed and implemented. It is similar to the scoring systems in banks and enables us to check the quality of all the transactions. These both enabled us to monitor and block immediately the stolen funds from several exchanges including the massive flow from Bithumb (more than 4M USD).

Regular staff training procedures

Our employees continuously undergo specialized training. We focus on preventing risks of money laundering and terrorist financing, keeping abreast of relevant legislation, and our due diligence to the obligations under that legislation. Training is held by an EXMO nominated officer (MLRO) and teaches us how to recognize and deal with potential money laundering or terrorist financing transactions or activity. 

Intruders into financial systems are continually evolving, we are however always alert. Staff training on AML and counter-terrorist financing is carried out annually for all staff and the details recorded.

In addition, every three months the team passes a special qualification exam not only on countering hacking but also on AML knowledge, CTF, rules updates, and responsibilities to prevent money laundering.

Secure record keeping

We always take serious measures to maintain strict confidentiality and the security of any information received during the verification process according to our user agreement, privacy policy, and GDPR requirements. 

All user data is stored on encrypted servers accessible by the AML officer alone. And of course, all stored documents are digitally imprinted with a protective watermark.

To conclude

Being a cryptocurrency exchange, we are not just responsible for the monetary assets of our clients, we are also very focused in the field of combating illegal money circulation. We take this very seriously and utilise a lot of resources, not only to meet the requirements, but also to fulfill this important mission with absolute integrity. 

To take you back to the start, now you can understand why our AML officer does not sleep very much!

Disclaimer. This article is provided by a third-party source and should not be viewed as an endorsement by CoinIdol. Readers should do their own research before investing funds in any company. CoinIdol shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any such content, goods or services mentioned in this article.

Show comments(0 comments)