If you're one of those paranoid folks like me (id est, you don't trust banksters or governments and don't want to submit personally-identifying details and documents for everything when you do something related to cryptocurrency and/or finances online), then you likely find the Know Your Customer (KYC) requirements of certain institutions/organisations and exchanges just as annoyingly intrusive and invasive as I do. After all, it seems antithetical/anathema to the whole aim/purpose of using cryptocurrency to begin with, that being the independent, secure and private exchange of funds online by individuals, free from centralised regulation by governments and other tradfi institutions.
I've even thought of how a solution might be created and used in order to leverage NFT technology, particularly in Web3-based wallets that support them (such as MetaMask and WalletConnect) as substitutes for such documentation (as detailed in one of my previous posts on this particular blog) and signing in/up. Surely, there is a blockchain-based middle-ground that can be reached through compromise between complete anonymity and personal identification for those that feel the need to authenticate/verify their users/customers. I certainly hope so and I'm not alone in that, based on what I understand of Seon's take:
"Blockchain IDs have also been shown to deliver excellent results in terms of affordability and efficiency. A study by Finextra, for instance, revealed that HSBC experimented with KYC blockchain successfully in the UAE in 2021.
Blockchain KYC is still new, though – which is one of its major drawbacks. Until the technology is adopted by the masses, you may struggle to find one good service that has enough ID data to validate users from around the world.
And, no matter whether this method works, authorities need to explicitly allow this type of KYC in your locale for you to use it to fulfill your legal obligations."
That line about "... you may struggle to find one good service that has enough ID data to validate users from around the world ..." is a pertinent point and why I think my in-wallet NFT-based authentication/validation idea might have legs: If a connected wallet does not contain an appropriate NFT for authentication/validation, redirect the user to the appropriate page on the service's Website, where the user will be prompted to connect a Web3 wallet, upload ID documents, mint an NFT containing an obfuscated SHA2/3-512 digest/hash thereof and have them pay the associated cost, before adding the NFT to the wallet and redirecting back to the referring Website/page. To incentivise users, the organisation requesting authentication should refund the cost of minting the NFT and transferring it to the user's wallet. Thereafter, accessing the NFT should result in the requester paying the service a certain amount (percentage of the minting cost or operating cost). The service should operate as a DAO, to ensure that it is fair/unbiased and trustworthy.
Anyway, a while ago, SatoshiFailed mentioned "KYC? Not Me!" and Bisq in the TipNano chat when I complained about my frustrations with KYC, particularly regarding Theorem Reach wanting me to complete it in order to gain access to high-paying surveys. (Somebody please send that person some XNO to buy a beverage of their preference, yeah? Thanks.) I don't feel that it is necessary to supply that information, particularly since I supplied false details in my profile (for which I don't have valid ID documents, even if I can generate deepfake photo-realistic images with AI) in order to earn more from them, anyway, and am still managing to earn reasonably well from surveys through TipNano. (Who cares about the opinions of a single broke cishet white dude with no dependents or expensive vices, apart from my followers/regular readers here? Certainly not market research organisations!)
I figured that tonight might be as good an opportunity as any to investigate what my options are as far as the availability of non-KYC crypto exchanges goes. With the South African government having recently issued a mandate that crypto exchanges operating within the country must register before the end of November (Luno included) or face "serious consequences" (hefty fines and/or business closure), it is probably high time for me to find something else to use for such exchanges as I have made through it (when not using Atomic, Exodus or SimpleSwap). As much as I like Luno and have had good experiences with it, I'm not sure that I want to take the risk of exposing my dealings in crypto to the government, particularly if it should decide to follow up with legislation to heavily tax, ban and/or make illegal any/all crypto-related activity (something I consider to be a likely next step). No, thank you!
"A major impact of regulation is the Know Your Customer (KYC) requirement, which has created a fierce divide within the industry.
On the one hand, are the centralized exchanges (CEXs) who, given the nature of their business, have pushed & now implemented various procedures to encourage verified account holders.
On the other hand, the decentralized movement continues to feel that accepting regulation is a death sentence to what the industry set out to do."
— Ahmed; KYC Me, KYC Me Not!; Aayush Bhaskar; 2022/07/20; Accessed 2023/07/18 @ 21:00 SAST
KYC is supposed to protect you, as far as money laundering, criminal activity and fraud is concerned. However, it is the banksters (including HSBC, Nordea and Swedbank) that are actually the biggest money launderers (to the tune of billions of dollars, euros and pounds), according to Reuters (and they want your details in order to keep you safe from criminals). Yet, nobody's kicking up a stink about how bad fiat is because it's used for money laundering by the world's criminals. No, crypto and those using it are the real bad guys here, OK?! People did use it to buy drugs and firearms from the Silk Road back when that existed, after all, so it's perfectly obvious that it can't be any good for any other purpose ... Wow, what a surprise that is, right?
"We require the most recent bank verified documentation (KYC documentation) pertaining to our FNB banked businesses. Failure to submit complete and clear copies of ALL the required documents will impact on our ability to maintain our banking relationship and to provide our clients with the service they expect. In circumstances where the documentary requirements are not met, we will be forced to place a transactional hold on the bank accounts and/or terminate our banking relationship with the clients."
— First National Bank (South Africa); "Business Accounts on Hold" KYC/FICA notice
Here's a little story that will hopefully both amuse you and highlight just how stupidly flawed the KYC system is:
One day, I went to the post office to renew my vehicle license. In order to do so, one of the documents I had to supply was proof of residence. The other was proof of banking. Since my residential address is printed on my verified bank statements, off to the nearest bank branch I went to obtain print-outs of those. At some point in my traveling between the bank and post office, I dropped my bank card and couldn't find it. I had to go back to the bank and cancel it. In order to get a new one, I had to provide proof of residence. The bank wouldn't accept its own document that it had just issued to me that same morning, but it did accept my vehicle license, the very same document I had obtained with the documents supplied by the bank I use (and which the bank wouldn't accept) ...
Here, then, are a number of exchanges (centralised or not, although I recommend going the decentralised route, since CEX and KYC tend to go hand in hand) that don't use KYC (including some that allow connecting your MetaMask or other wallet to log in), in no particular order:
- Binance (CEX): Allows the use of non-verified accounts, although those are restricted to a maximum withdrawal of 0.6 BTC worth of crypto per twenty-four hour period.
- KuCoin (CEX): Supports unverified accounts, although those are limited to a maximum withdrawal of 1 BTC worth of crypto per day. Somehow, I don't think that will be a problem for me, considering my entire cryto holdings amount to less than 0.1 BTC (which is why I have a KuCoin account).
- AscendEx (CEX): Supports unverified accounts, although those are limited to a maximum withdrawal of 2 BTC worth of crypto per day.
- PancakeSwap (DEX): Allows you to sign in/up with your Web3-based wallet. (IIRC, it uses Binance Wallet, rather than MetaMask, although it's possible to link them.)
- UniSwap (DEX): To get started, connect your MetaMask or other Ethereum-supporting wallet. I know almost nothing about this one, including if I've ever used it (although I suspect I have). Hopefully, one of my readers is more knowledgeable about it and will leave a helpful/informative comment. I wouldn't bank on it, though.
- Bisq (DEX): Perhaps you've got to risk it to get the Bisquette! In brief: Accessible through Tor/Onion Network; p2p; Open Source; Accepts BTC, XMR and fiat cash; requires running s node from your own machine; not for noobs; refund policy/procedure is unknown/non-existent
- Exolix: Accepts BTC and XMR, but not fiat; proprietary/private source code; refunds might require KYC (see ToS for details); Not available through Tor/Onion network; might arbitrarily block funds if transactions are deemed to be "suspicious".
- Changelly: Not to be confused with ChangeBits, which is used by Atomic and does require KYC. Fast, easy and secure; rated 4.9/5 by Guru 99; supports over 400 cryptocurrencies and accepts fiat; no withdrawal limits
- ByBit: withdrawal limit is 2 BTC for accounts with no KYC; not available for customers based in the USA and the UK
- ProBit: Based in the Seychelles; maximum exchange limit of $5 000
The above is not a complete/extensive list (particularly since it doesn't include all sites that support WalletConnect and other Web3 wallet APIs and protocols), but it should help to get you started in moving away from exchanges that require KYC, particularly centralised ones. These are the drones for which you're looking.
Remember: Transactions on the blockchains of non-privacy-coins are publicly visible and permanent. In the past, the IRS has worked with contractors like Chainalysis to analyze blockchain transactions and crack down on tax fraud. To be on the safe side, use a VPN or Tor (not both) when using one or more of these exchanges and only exchange/trade privacy coins (such as XMR and shielded ZEC) through them.
Pro Tip, from Guru 99: Choose a non-KYC crypto exchange with advanced security features, low trading fees, and high or no withdrawal limits.
But I've got Nothing to Hide!
"If these people had done bad things they ought to be ashamed of themselves and he couldn’t pity them, and if they hadn’t done them there was no need of making such a rumpus about other people knowing."
— The Reverberator (1888); Henry James
"Not merely was my own mail opened, but the mail of all my relatives and friends — people residing in places as far apart as California and Florida. I recall the bland smile of a government official to whom I complained about this matter: "If you have nothing to hide you have nothing to fear." My answer was that a study of many labor cases had taught me the methods of the agent provocateur. He is quite willing to take real evidence if he can find it; but if not, he has familiarized himself with the affairs of his victim, and can make evidence which will be convincing when exploited by the yellow press."
— The Profits of Religion (1917); Upton Sinclair
"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say. People who use the 'I have nothing to hide' line don't understand the basic foundation of human rights. Nobody needs to justify why they need a right. The burden of justification falls on the one seeking to infringe upon the right."
— "Ask Me Anything"; Edward Snowden (NSA whistleblower and privacy advocate; contributor to the ZCash code), in a Reddit interview on 2015/05/21
Snowden considers claiming nothing to hide as giving up the right to privacy (or other fundamental human rights), which the government has to protect. I agree with him. On that basis, implementing KYC in crypto exchanges (or creating legislation to demand that they do or register with financial regulatory authorities) is arguably unconstitutional, a violation of fundamental human rights.
As always, this post does not constitute financial advise and any risk lies entirely with you. Given how quickly things change in the cryptosphere, it's possible that some of this information is already outdated. Whatever you do, though, do your own research (DYOR) and don't trust without verifying! If I can give you one definite bit of advise, it is to avoid using p2p networks or direct trades with strangers if you don't have direct line of sight of the wallets involved. No amount of crypto is worth the risk of being conned/scammed out of it (unless it's worth 0.000001 XNO or less)!
Happy hunting for your next exchange, folks!
Thumbnail image: Photo by Cottonbro Studio