It’s not that long ago since I got the opportunity to talk at Crypto Valley ‘19 in Zug, Switzerland. I browsed the participant list of the event, contemplating on the story to tell. Fully aware crypto would soon be regulated (NL, EU/EEA), I decided to share my thoughts on the importance, consequences and uncertainties regulation brings to developers & their endeavours, developing the “internet of value”.

With upcoming crypto regulation, working on projects like (or involving) the XRP TipBot, the xumm, Interledger (streaming payments, Coil, etc.) & XRPL decentralized exchange, turbulent times were ahead, that much was sure.

At that time, besides writing code, I was already investing a lot of time in whatever I needed to learn, take care of, etc. to take my projects to the next (regulated) level by 2020. Talked to the right people in NL, I visited Estonia a few times to start a company & apply for crypto licenses and reflected on my projects and plans from the perspective of the regulated-crypto-future. Baffled by the effort I’d had to put in, I decided to conclude my talk at Crypto Valley with my sincere desire for the existence of what I called: “Crypto Regulatory Compliance as a Service”. Allow software developers & founders in the “internet of value”-ecosystem to thrive. Allow them to invent, create and shape the future of payments and the exchange of value.

Fast forward a few months. The NL regulator, “DNB” organized a seminar for crypto businesses. Next year (like most other EU/EEA countries already require), crypto businesses in NL will have to register, being supervised and audited by the national regulator. KYC customers, transaction AML scanning, detect & report suspicious transactions to the Financial Intelligence Unit. This makes perfect sense to me, and I am sure regulation is a good thing to a growing and maturing ecosystem, making its way to more and more use cases and users. However: think about all those new & innovative use cases. Think about micropayments. Think about streaming payments, the internet of value. Now imagine all small teams of developers, crypto enthusiasts, innovators having to get contracts with KYC providers, AML data providers, defining risk profiles, scanning transactions, AML related interactions with customers… Think about the costs involved in starting even the smallest crypto project.

Let it sink in for a moment, and ask yourself what this will do to those teams of developers, innovators and small businesses reinventing payments, building the internet of value. Ask yourself what this will do to the end users and the security of their personal details: they will have to go through a cumbersome onboarding process for each and every crypto platform/app they want to use!

I visited the seminar by the NL regulator motivated by my own projects on the XRP ledger & Interledger. I realized that it’s almost impossible for me to put up with the efforts, costs and operational requirements coming my way. It wouldn’t make sense to go through all the trouble, just for my projects. This is something all crypto businesses, all apps & platforms, would have to deal with soon. I talked to a few crypto companies from other EU/EEA countries (who are a bit ahead of the crypto regulation curve compared to NL) and unsurprisingly it’s a big challenge over there as well.

After some sleepless nights I realized there may be a solution. Not just for me and my crypto adventures, but for all small crypto companies, crypto developers, crypto startups, crypto innovators, crypto apps & crypto platforms.

Maybe it’s up to me to turn that “Crypto Regulatory Compliance as a Service” idea I mentioned in my Crypto Valley presentation into an actual business?! Why not found a “Crypto Regulatory Compliance Company”: one company (“the company”) taking real good care of KYC, AML, risk profiles, customer service, security, PEP checks, sanction list checks, possible identity theft and everything else required to run a trustworthy, responsible, respectable crypto business?

Now allow crypto platforms/apps to forward their users to this platform. Once onboarded, the customer will be redirected back to the crypto platform/app with a token, granting the crypto platform/app to use our API to pre-authorize transactions, check for customer account status, customer limits, etc. AML / risk profile related questions will even be interaction between “the company” and the customer. The one account with “the company” can be used to access all connected platforms/apps, sending just a minimal amount of personal information to the platform/app.

(You are probably familiar with flows like the one I just mentioning: ever authorized an app to use “Sign in with [ Facebook / Google / Twitter / …]”? Well: it’s like that, but applied to crypto, KYC, AML, etc.)

So: I guess that’s what I’m up to. Not alone of course: I gathered a small team of great innovators and developers & consultants to realize this vision of “the company” that will unburden the internet of value in this new era of crypto regulation and compliance. We’ll allow devs, creators, innovators to build the future of payments, crypto, the internet of value and new generations of monetization. We’ll allow consumers to access connected crypto platforms/apps with their one account with our platform. And last but not least: we believe we can show the regulator that this crypto ecosystem can be more than a wild west or playing field for big boys. It can be a place where rapid innovation and regulation can go hand in hand.

Some to be expected FAQ’s

Will this be NL or EU/EEA only?

We’re aiming to start with EU/EEA wide coverage, meaning we will make sure the services of our envisioned platform is compliant in all EU/EEA countries, acquiring or registering a crypto business / license at the regulator in all EU/EEA countries.

Why do you believe you can offload the regulatory requirements from the individual platforms/apps?

Because we the end user will effectively become a customer of our envisioned platform, our platform & company will be in charge of knowing our customers, managing and monitoring risk profiles, scanning for money laundering, identifying transactions, etc. Our setup gives connected platforms/apps full control over blockchain connectivity, as long as they interact with our API, being authorized by our customer to use their platform/app as an interface. (This may sound familiar if you know about PSD2).

Will you share all that data?

No, we will definitely not be sharing your (not already public) data. Not even with the platforms/apps our users authorize. We are fully aware of the importance of keeping personal data safe. That’s why we believe consumers also benefit, sharing their personal data and identification documents one time, instead of with many different crypto platforms/apps. We will comply with laws and regulations of course, meaning we will comply with data requests by regulators and authorities, when accompanied by the appropriate and adequate documentation for such requests.

How do you intend to make money?

The primary revenue stream come from connected platforms/apps. We do intend to foster innovation, by charging no fees for our services until a platform/app reaches certain limits (# active users per month / transaction volume).

So what’s next?

My two co-founders and I will meet (soon) with a respected, experienced consultancy firm in NL to discuss our plans, vision, technical details and business processes & flows. We’ll discuss viability from a legal and regulatory perspective.

Cover photo by Vinicius Amano on Unsplash