CertiK investigates KYC actors hired to scam the web3 community
Blockchain and DeFi-focused security firm Certik discovered a global network of professional KYC actors who bypass KYC processes to spoof crypto communities before an insider hack or exit scam.
Blockchain and decentralized finance (DeFi) focused security platform Certik’s investigation led to the discovery of the professional “KYC actors” who bypass KYC processes to scam crypto communities, according to a Nov. 17 Certik blog post.
A KYC actor is defined as an individual who rogue developers hire to spoof the KYC process on crypto projects or exchanges to lurk and gain trust among the crypto community before an insider hack or exit scam.
Certik uncovered tactics used to carry out hacks and exit scams from an interview with a KYC actor and through probing into activities taking place in over 20 over-the-counter (OTC) underground markets, mainly concentrated on Telegram, Discord, low-requirement phone-based applications, and job advertisements.
The interview with the anonymous KYC actor revealed that such actors are cheap to hire; some would work for as low as $8 to bypass a KYC process to open a bank or exchange accounts, or exchange accounts on behalf of the bad actors. Meanwhile, in extreme cases, the pay can fetch up to $500 per week if the KYC actor has to undergo more complex verification processes or act as the CEO of a crypto project.
Certik found that of 4,000 to 300,000 KYC actors based in South-East Asia represent the majority who help operate a global underground network of fake crypto exchanges and fake KYC services, with 500,000 members who are buyers and sellers.
The security firm also found that KYC badges that supposedly indicate the reliability of the crypto project’s KYC verification process are misleading to crypto investors because they are enabling the activities of KYC actors with their superficial technology and inability to detect fraud and insider threats.
Certik concluded by proposing that the solution to combating KYC actors and fake KYC services lies in the highest level of due diligence and running thorough background investigations into each key member of any crypto project.
KYC mandate
KYC is enforced by the Financial Action Task Force (FATF) in tandem with anti-money laundering (AML) policies to combat Ponzi schemes and financial crimes. FATF began setting standards on cryptocurrency AML in 2014 and made applying KYC procedures a mandate for virtual asset service providers (VASPs), including crypto exchanges, stablecoin issuers, DeFi protocols, and NFT marketplaces to provide KYC programs.
The KYC process has three components. The first is a Customer Identification Program, which sees the VASP request identification verification to authenticate the customers’ identity. The second, Customer Due Diligence (CDD), considers the VASPs to assess the risks their customers may impose on the crypto project. This process may involve running background checks and reviewing transactions.
Finally, continuous monitoring and the ongoing review of transactions to identify any suspicious customer activities of customer accounts is also a requirement KYC has to adhere to when providing crypto services.