As the debate over non-fungible tokens (NFTs) in cryptocurrency ramps up, some businesses are wondering what their AML compliance obligations are.
The cryptocurrency industry has given rise to innovative (and interesting) new applications of blockchain technology.
One of the most popular of late is the non-fungible token, or NFT, trend.
Even among experienced professionals within the cryptocurrency industry, NFTs can fall into that familiar, “I’ve heard it thrown around a lot but have no idea what it is and am too afraid to ask at this point” camp.
Despite this, the technology seemingly exploded onto the scene. It’s been equal parts incredibly popular, especially among certain celebrities, and controversial, particularly among environmental activists.
Though there is a lot of confusion about what NFTs are, and questions about how enduring they will be, one thing is certain. NFTs mean money.
This leaves a lot of businesses, inside and outside of the crypto space, trying to get up to speed quickly and explore how to add NFTs to their services to exploit new revenue streams.
But you know what blog you ended up at, right? Can you guess what we’re going to ask you to keep top of mind?
We’re not going to let you forget to do your proper due diligence and find out what your AML compliance responsibilities will be as you explore how to work with NFTs.
Just like when you started your crypto business in the first place, you need to make sure AML compliance is part of your business plan.
Don’t worry. You’re in the right place. We’ll break down the NFT trend into the plainest language we can manage, explain what regulators are looking at in the NFT space, and offer some advice on how to navigate complicated AML compliance questions.
Let’s dive in!
NFTs (briefly) explained
You know “NFT” stands for non-fungible token, but what are they really?
Comparing them to something more familiar, like bitcoin, can help explain what we’re talking about.
A bitcoin is what you would consider “fungible.” There are a lot of them out there, and they’re not particularly unique. If you give me one bitcoin, and I give you one bitcoin, we’re both in the exact same place we started.
For something to be non-fungible, it has to be unique.
A print of the Mona Lisa is fungible. You can have one, I can have one, it might be worth something, but there’s nothing especially special about it.
But there’s only one real Mona Lisa. The real Mona Lisa is non-fungible.
A non-fungible token, then, is a part of a blockchain, like a bitcoin, but completely unique, like the Mona Lisa.
So maybe you understand a bit more about the technology of an NFT, but what exactly are they used for?
There’s a reason we picked the Mona Lisa as our comparison.
While an NFT could conceivably be any kind of digital product or content, the NFT trend is mostly centered around arts and entertainment at the moment.
Most NFTs that you hear about in the news are unique pieces of digital art: paintings, photographs, even music.
This doesn’t mean that if you buy an NFT music album that you’re the only person who could listen to it. You could share the music or the digital art with the public, but for as long as you hold the token on the blockchain, you are its owner.
In more real-world terms, the Mona Lisa is an NFT, it hangs in a museum (the blockchain), and there’s an authenticated certificate next to the painting that says you are the owner (unless you sell it).
Here’s where the business opportunities come in.
Just like there are art dealers who sell expensive, rare paintings and sculptures to the super-rich, there are redemption systems and other platforms popping up in the crypto space that facilitate the exchange of NFTs between buyers and sellers.
NFTs also enable unique royalty arrangements that payout to the original NFT’s artist each time the token changes hands. Services assigning those royalties to each transaction are also beginning to pop up.
So where does compliance come in?
You might not know this, but the traditional art industry we described above, the one where super-rich people buy and sell expensive, rare works of art? That industry has long been a haven for money laundering. Furthermore, one might argue that the traditional art industry is generally underregulated and has resisted AML.
Just as traditional art is a haven for money laundering, so could NFTs.
That possibility alone means regulatory actions and compliance protocols are needed to keep systems on the up and up.
What regulators are looking at concerning NFTs
It’s fair to say that given the occasionally intense tone of regulatory scrutiny in cryptocurrency, regulatory skepticism of new technology, and the relative youth of the industry, crypto will not always be able to resist AML compliance obligations with concern to NFTs.
Since we’re still so nascent and controversial, we need to be on our best behavior.
But if regulators haven’t specifically opined yet, what can businesses do now?
What businesses need to do today for AML compliance
Regulators may take some time working out the details, but that’s no reason to rest on our laurels. If you’re exploring NFT-related services, there are some best practices you can put into place right now in order to put your very best compliance foot forward and avoid future scrutiny.
1. Do a risk assessment
If you’re launching a new NFT-related business (not as a creator, but specifically, a facilitator), you will need to undergo a risk assessment to accurately understand your exposure to potential financial crime, given your customer demographics, geographic locations, and products and services offered.
Furthermore, if you currently run a crypto-related business and want to add NFT-related services, you will need to update your risk assessment to reflect the above as well. Basically, anytime you make a change to your business model (new locations, new services, etc.) you need to update your risk assessment.
2. Know Your Customer (KYC)
As with any other first-time customer transaction, KYC rules should be applied to NFTs.
You will need to make sure you have the capacity to collect certain information about your customers or you’re potentially opening the door to bad actors entering your customer base. That’s a huge risk to you and your business.
3. Good recordkeeping
We say it as often as we can: good recordkeeping is foundational to good AML compliance.
Unfortunately, it’s also an area where most businesses we’ve come across could do better.
Even though there might not be anything formal (yet) in terms of recordkeeping requirements, the same general rules should be applied to NFT transactions as well.
You should be on the lookout for suspicious patterns in transactions, asking for more information from customers placing larger purchases, monitoring high-velocity purchasing and selling of NFTs (for potential “layering”), and recording everything in such a way so that it can be recalled as quickly as possible should you find yourself subject to a regulatory examination, court order, or law enforcement inquiry.
Though regulators haven’t specifically sounded off on NFTs yet, it’s only a matter of time before they do. Luckily, you don’t have to wait to get up to speed. Get up to speed sooner and make your life easier.
If you’re brand new to cryptocurrency and compliance, we’d recommend checking out our crypto compliance 101 blog series. Once you’re on the blog page, type “compliance 101” into the orange search box.
You might also have questions about whether your specific NFT project or service will require AML compliance protocols. If that’s your case, we’re here for you. Just contact us anytime for a free consultation.