Transforming the Know Your Customer (KYC)

Process using Blockchain

Piyush Yadav Raj Chandak
College of Engineering, Pune VJTI
Pune, India Mumbai, India
piyush13y@gmail.com rajkc162@gmail.com

Abstract - A major yet trivial problem in the banking industry further cited that while financial firms' average costs to meet
right now is how tedious and costly the traditional Know-Your- their obligations are $60 million, some of them have had to
Customer(KYC) process is. The process is also tiresome for spend up to $500 million on compliance with KYC and
customers as they need to undergo the same process for each bank Customer Due Diligence (CDD). The fines levied on financial
or financial institution with which they intend to work. Personal
institutions for their misconduct in various domains including
experiences of people dictate the cumbersome nature of the
process, thereby demanding an efficacious alternative. Through KYC regulations further aggravate the situation. The fact that
this paper, we intend to do exactly that. We propose a new solution corporations can only grant KYC verification to their
based on Distributed Ledger Technology or Blockchain subsidiaries or customers post laborious background checks,
technology, which will reduce the traditional KYC verification etc, indicates that 89% of customers do not have a good KYC
process cost for Institutions and cut short the general time line of experience.
the completion of the process while making it smoother for the
customers. Major enhancement in our solution over the The aim of this paper is to propose a new approach to the
conventional methods is that the whole verification process is
traditional KYC verification process. In the light of the
conducted only once for each customer, irrespective of number of
institutions he or she wishes to be linked to. Also, since we are problems faced in the banking industry, regarding the lack of
using the DLT, verification results can be securely shared with the customer satisfaction and increased costs of the KYC process,
customers thereby increasing transparency. Following this we propose a Blockchain based. Our solution plans to replace
approach, we developed a Proof of Concept (POC) with the the whole process with a Blockchain based system consisting
Ethereum API, websites as endpoints and an android app as front of a client-based app and a bank/vendor-based website.
office; realising the feasibility and effectiveness of this approach.
All in all, this approach improves customer experience, reduces II. THE CURRENT KYC PROCESS
cost overheads, and increases transparency in the process of
onboarding a customer. KYC, as defined by the Reserve Bank of India (2016) is a
process by which banks obtain information about the identity
Keywords – Banking, Blockchain, KYC, Financial and address of the customers. KYC means “Know Your
Technology, Distributed Ledger Technology Customer”. According to the Regulatory norms, Financial
institutions or Banks are required to onboard their customers
I. INTRODUCTION before involving them or carrying out any activity with them,
A bank or a financial institution typically caters to a large client in order to avoid illicit activities. Personal Identifiable
base in both retail and corporate sectors. The ‘Know Your Information is accumulated from all sources to check for illegal
Customer’ process, better known as KYC, helps these activity. Risk management is another domain regarding
institutions verify the identity of their clients. KYC is a onboarding new customers, which might include surveillance
regulatory and legal requirement that must be fulfilled by the of transactions. This whole process all in all is quite expensive
companies or financial institutions for both new and existing to financial institutions and might even expose them to large
fines if not in accordance with regulations.[1] For Instance, in
clients. One of the prominent challenges banking sector faces
2016, RBI imposed monetary penalty on 13 banks for violation
right now is the increased regulatory cost of the whole KYC
of regulatory directions / instructions / guidelines, among other
process. This is supported by the global surveys conducted by
things, on KYC norms.
Thomson Reuters (2016) which revealed a single clear
message: the costs and complexity of KYC are rising and are
having a negative impact on their businesses. The survey

Authorized licensed use limited to: UNIVERSITY OF BIRMINGHAM. Downloaded on May 10,2020 at 17:18:28 UTC from IEEE Xplore. Restrictions apply.
 to the widespread use of the cryptocurrency Bitcoin. According
to Forbes, around 80% of banks are developing their own
blockchain technology.
One of the major pros and benefits of using DLT is that it can
make use of the “smart contracts” to implement and act as a
framework for decentralized applications. [3] Smart contracts
are essentially algorithms that enforce, facilitate, or verify
predefined premises whenever a set of conditions is given as a
computer program. One of these is ‘‘Ethereum’’, which is a
platform that we used for our research.[4]
Fig. 1. The Current KYC Process

Looking at Fig.1, this example case shows how, for this single
customer, the exchange of documents and the core KYC
validation must be undertaken three times, such that the total
costs that are generated by this customer are three times those
of a single KYC process.

The current process suffers from some major shortcomings. The

general inference after observing 800 financial institutions was
the lack of sufficient human resources and the regulatory
change volume. All this was a product of the authoritative
Thomson Reuters survey (2016) on the impact of changes
globally in KYC regulation philosophy. Post this they realised
89 percent have never had a smooth hassle-free KYC process
experience. Out of the total, 13% had changed their association
with a particular institution for this reason.[2]

With this paper, we plan to reduce the cumulative cost of the Fig. 2. The Distributed Ledger Technology
KYC process as a whole by using an additional improvement
of DLT, thereby distributing the costs amongst the financial
institutions participating. Hence, the main contribution we plan IV. THE REDEFINED KYC PROCESS
on making here is by tackling the cost problem of KYC from
the financial institutions’ perspective, by using Blockchain and We started our research as soon as we identified the problem
making it less cumbersome for the customers to be a part of and defined our aim/objective, keeping in mind the feedback of
this. KYC practitioners, KYC experience from the surveys and our
prowess in the Blockchain technology. This will constitute the
first phase of our research. Once we are successful in
III. DISTRIBUTED LEDGER TECHNOLOGY completing this part of research, we will refine, demonstrate
(BLOCKCHAIN) and evaluate the second loop of it in various conferences. This
iteration would be focused on answering the following
Distributed Ledger Technology (DLT), is a consensus of question:
replicated, shared, and synchronized digital data geographically
spread across multiple sites, countries, or institutions. There is ‘‘Is it possible to kill 2 birds with one stone using a Blockchain-
no central administrator or centralised data storage. Consensus based solution, reducing the cost of the KYC process for
Algorithms ensure replication throughout nodes along with the institutions whilst improving their customer’s experience?’’
requirement of a peer-to-peer. In a distributed ledger, each node
processes and verifies every item, post which it generates a
We used Hevner et al. (2004)’s DSR approach and took
record for each item. Such a Ledger can be used to record
inspiration from its three components - environment, IS
dynamic as well as static data like Transaction and registry
research, and knowledge base to answer this question and to
respectively. The most popular implementation of DLT Design
design an effective solution that solves the problem at hand
is the Blockchain technology, either public or private. DLT,
within the corporate and regulatory context. (Fig. 3)
such as blockchain technology, has gained prominence thanks

Authorized licensed use limited to: UNIVERSITY OF BIRMINGHAM. Downloaded on May 10,2020 at 17:18:28 UTC from IEEE Xplore. Restrictions apply.
 Fig. 3. The Redefined KYC Process

The proposed system (Fig. 4) works as follows:

Fig. 5. Android application – Fill KYC
• The user installs the Android application and signs up by
providing his/her name, email, phone, & password. The • Once the user fills the KYC form, this data is temporarily
phone number is verified via OTP. If the user had added into a database on the AWS server and is verified
previously signed in s/he can login by providing the automatically using PAN and Aadhar APIs. We used a
registered email and password at the time of signing up. manual touchpoint, a temporary interface which mimics
This data is stored in a database, which is currently hosted government authorities/APIs verifying the data.
on the AWS server. This is an essential step as it verifies
the user to be legit and prevents random people/bots from • After the details provided by the user are authenticated, all
sending their data. The security could further be enhanced the data provided by the user in the KYC form is then
by using a captcha plugin for signup/login screen to prevent added into the Blockchain. We will use the Ethereum API
bots from entering the ecosystem. for building the Blockchain using solidity language to
create a smart contract. (Fig. 6 and Fig. 7)

• The user is then notified that his/her details have been

verified and he/she can now proceed to apply to banks
where he/she wishes to open an account. The user will be
presented a list of banks wherein which he/she simply has
to tap on the list item of that bank. (Fig. 8)

Fig. 4. The Design Process

• Once the user has logged in, s/he will be asked to fill out
the KYC form.(Fig. 5) This form requires the user to fill
his/her name, phone – both of which are already filled in
by the user and will be retrieved from the database, in
addition to the 10/12-digit pan & Aadhar number.

Fig. 6. Solidity smart contract to connect application with Ethereum

API.

Authorized licensed use limited to: UNIVERSITY OF BIRMINGHAM. Downloaded on May 10,2020 at 17:18:28 UTC from IEEE Xplore. Restrictions apply.
 necessary KYC data provided by the user. Once they
accept the user’s request, the user is notified about the
same.

Fig. 9. JS snippet where Web3 interface is connected to the Ethereum

contract to add data into the blockchain.

This solution offers the following key advantages over the

existing:
Fig. 7. Smart contract methods to connect application with Ethereum
API.
• The entire process is highly cost effective for Banks.
• The process is much smoother for customers as they need
to upload their details only once. Once these details are
verified by the concerned authorities for the first time, the
use of public and private key of the banks can be used by
those financial institutions for verification of that
customer and retrieval of the data of that customer from
the blockchain.
• The scope of popular KYC methods like eKYC is limited
to India, as these methods base their verification process
on the Indian Govt. authorized Aadhar Card. Our
solution, however, can be applied globally without any
restrictions.
• If a customer wants to apply to any other banks, all s/he
Fig. 8. Android application – Choose Banks to send KYC
needs to do is select it from the list of banks provided in
the mobile application. Thus, the entire KYC process can
• Once the user clicks on submit, the details are stored in a be limited to just one tap, giving the ultimate
database along with some user details like name and phone. convenience to customers.
The data once verified by the automated Aadhar and PAN
APIs (manual touchpoint in this POC) is added to the V. SECURITY
blockchain through the JavaScript code as shown in the
figure (Fig. 9). This code is the bridge between the Web3 We through his paper suggest using a publicised distributed
interface to the Ethereum smart contract or the blockchain ledger technology for transparency purposes. This doesn’t imply
so to say. we have to compromise on the security facets of the framework.
In fact, we propose using the conventional blockchain security
• For security purposes, the public key of the banks that a protocol of using a dual key mechanism. Information like user’s
user applies to is used to encrypt the user ID details and Adhaar card number and PAN card number are PII (Personal
sent to these respective banks. The banks can access the Identifiable Information) and hence have to be protected. Thus,
user requests through the web portal designed for them by user information is encrypted using the public key of the bank
decrypting user info using their private key, the banks then that the user chooses. This is then sent to the bank, using its
have access to the block of that user which stores all the

Authorized licensed use limited to: UNIVERSITY OF BIRMINGHAM. Downloaded on May 10,2020 at 17:18:28 UTC from IEEE Xplore. Restrictions apply.
private key, the bank creates its digital signature and accesses • Ecommerce companies: Companies that require customers
the information. The combination of the bank’s public and to share their details like phone number, email ID, etc. can
private keys creates a digital signature, which confirms that it – create a consortium among themselves and utilize such a
and it alone – has access to that data. platform.

VI. OBSERVATION AND RESULTS REFERENCES

With this paper we aimed and accomplished a solution that

reduces the aggregated cost of the process of KYC in an [1] J. Moyano, O. Ross, “KYC Optimization Using Distributed Ledger
Technology,” Springer Fachmedien Wiesbaden, Business & Information
ecosystem by means of Blockchain. We solved the first part of Systems Engineering, vol. 59, Issue 6, pp 411–423 (2017). URL:
the problem by avoiding redundancy of tasks needed to be https://doi.org/10.1007/s12599-017-0512-2
performed by the customer in case of multiple financial
[2] M. Harrop. “Know your Customer (KYC) Independent Survey.” Thomson
institutions. (Fig. 10) Moreover, we suggested following the Reuters.
verification process for one customer only once and https://www.thomsonreuters.com/en/press-releases/2016/may/thomson-
reuters-2016-know-your-customer-surveys.html (accessed Nov. 23,
maintaining it centrally and transparently through the use of 2019).
Blockchain. This not only helps the customer’s in making their
experience less cumbersome but also drastically reduces the [3] “How Do Ethereum Smart Contracts Work?” CoinDesk.
https://www.coindesk.com/information/ethereum-smart-contracts-work/
cost of KYC process undertaken by the financial institutions in (accessed Nov. 23, 2019).
hiring third parties to carry out background checks, etc for their
customers. Hence, the ultimate efficiency gain of our proposed [4] “Learn About Ethereum.” Ethereum.
https://ethereum.org/learn/#ethereum-basics (accessed Oct. 22, 2019).
solution was the dual benefit of reduced cost for the institutions
and better experience for the customers. Lastly, as a testament
to the success and feasibility of this idea, we have received an
award from a hackathon wherein we presented this idea and
went on to create a POC in 24 hours.

Fig. 10. Comparison between the existing and proposed systems

VII. FUTURE SCOPE

With the current rate of growth of the banking and e-commerce
sectors, approach like this truly has the capability of bringing a
significant change and provide mutual benefit for all the
concerned stakeholders. We would further like to introduce this
research to various domains including but not limited to :

• Payment Wallets: As per regulatory norms, these

companies require to conduct KYC process for all their
customers. Hence, a framework similar to this can be used.

Authorized licensed use limited to: UNIVERSITY OF BIRMINGHAM. Downloaded on May 10,2020 at 17:18:28 UTC from IEEE Xplore. Restrictions apply.