28 Feb 2022

AML / KYC Compliance for ICOs

Are you considering a token sale/ICO? This monthly update takes a look into best practices for KYC AML compliance

In recent years, ICOs - also known as ‘token sales’ - have gained in popularity as a way for companies to raise capital to fuel expansion and future growth. Sometimes compared to a “Kickstarter” or crowdfunding campaign, ICOs involve companies offering tokens or “coins” that can confer different types of value and benefits to their owners.

Unfortunately, as with most new opportunities, there is also a new underside of risk and the potential for fraud, which means that the need for effective KYC and AML measures is critical - even if regulations have yet to fully catch up with the space.

In order to participate in an ICO, investors usually transfer digital currency such as Bitcoin or Ethereum to the listing company’s website. Some projects also make investing possible with fiat currency or credit cards. In return, investors receive digital tokens issued by the listing company. Tokens offered for sale in ICOs are typically divided into two categories:

  • Utility tokens, which allow whoever holds them to access and use the company’s features and services, or to exercise voting rights on a company or project’s decisions, and
  • Security tokens, which confer equity ownership of a company or project.

ICOs: Risks


For ICO providers, having a clear and verifiable understanding of who their investors are is a critical step to reducing the risk of being defrauded - and of falling foul of global regulators.

For investors, knowing that the project they are considering investing in has implemented robust AML / KYC measures can reduce the risk that the project is sanctioned by authorities for AML violations, which can potentially result in the loss of the invested capital. 

Similarly, knowing that the ICO provider you are considering investing in takes KYC and regulation seriously is a good first step to ensuring they are serious about their project – and not out to just make some fast cash.

How to reach KYC/AML Compliance with your ICO

Integrating an automated KYC onboarding process with your ICO allows you to screen investors’ identities and credentials prior to them gaining permission to invest in the token sale.

A KYC onboarding process will include the following steps:

1) ID document verification – scanning uploaded identity documents for visual authenticity, image integrity, and document data validation. This can use advanced technologies such as algorithmic and digital tampering detection.

2) Optical  Character Recognition (OCR) Extraction – can automatically extract data from identity documents from the document images uploaded by users, and then cross-reference this information with verified data stored on government registries and other public databases.

3) Passive Liveness checks – a relatively new process that is able to verify whether an individual taking part in an onboarding process is in fact the individual being presented in an uploaded selfie image – and not an imposter or fabrication.

4) AML Screening – checking an onboarded individual or entity name against a comprehensive selection of global watchlists that include sanctioned entities, Politically Exposed Persons (PEPs), and references in adverse media.

5) Crypto Wallet screening – For ICOs that are accepting investment from crypto wallets, understanding the history of a wallet as well as other key credentials is a critical step for mitigating the risk that it is a conduit for money laundering and other financial crimes.

6) Jurisdiction assessment – Many ICOs need to restrict access to investors from certain countries and jurisdictions for different reasons – from complying with global sanctions regimes to tax purposes and avoiding certain regulatory regimes. A robust automated KYC process will be able to filter eligible investors according to where they are based, or where their main place of business is.

7) Risk Scoring – Once an individual or corporate customer’s identity and credentials have been established, an automated KYC tool will assign a risk score to that investor. This score will then inform a decision on whether to automatically grant that customer access to the ICO, apply further checks and scrutiny, or reject them.

8) Enhanced Due Diligence (EDD) – For potential investors that have been flagged as a potential risk, EDD processes can be applied that do not necessarily require human intervention from compliance teams. However, many KYC automation tools do also provide customizable options for high-risk subjects to be forwarded to a compliance team, ensuring that restrictions on investment are checked and justified.

If you’d like to learn more about how our end-to-end workflow solution can be integrated with your platform, let us know and we’ll be happy to discuss it.

Any Questions?

Our team is always ready to help you and your business.
Get in touch

Latest Articles

We should have some subheading here, it’s good for SEO as well
Streamline Identity Verification Processes for Fintech Companies Using KYC-Chain
Efficient and reliable identity verification is essential for fintech companies to comply with regulations and build trust with their customers.…
21 Jun 2023
Demystifying CDD and EDD: When and Why Are They Essential?
Understanding the significance of Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) is crucial for businesses and organizations that…
16 Jun 2023
Safeguarding Against Crypto Identity Fraud: Exploring Risks and Effective Solutions
Introduction In today's digital landscape, the rise of cryptocurrency has revolutionized financial transactions. However, with this increased adoption comes the…
15 Jun 2023