New University Research: The Compliance Trilemma

by devicomply | Nov 19, 2018 | Blog, Crypto, iComply Insights, Prefacto, Press Releases, Web3

A research team from the University of British Columbia (UBC) conducted more than 45 interviews and dozens of observations from industry experts to explore the past, present, and expectations for the future of token issuers from diverse perspectives.

iComply Investor Services commissioned a study to better understand the challenges that token issuers face to meet the regulatory standards for issuing and tracking digital assets. Currently, these projects face significant barriers that result in trade-offs that hinder the true potential of blockchain managed assets. The research collaboration was supported by Mitacs’s Accelerate Program.

The Findings:

The use of blockchain technology allows token issuers to efficiently gain access to global customers, partners, and capital.

Key Challenge: The burden of the cost of regulation

Challenges broadly stem from the cost of complying with regulation. In 2017 there was significant ambiguity surrounding whether and how digital assets were regulated, and many issuers neglected this dimension altogether. While a large number of issuers were well-intentioned, others could not resist exploiting the prospect of unlimited access to global investors. Early offerings could often raise more with savvy marketing than a well-reasoned project plan, and a large number of early token offerings were little more than Ponzi schemes. Today, regulatory clarity and enforcement are essential if tokenized securities are to become a safe and legitimate fundraising mechanism.

The study found that issuers currently face a compliance trilemma, whereby they can realize only two of the following three goals in their token offerings:

Cost-effectiveness
Widely distributed investors
Regulatory compliance

While we focus here on ICOs, the compliance trilemma also holds more generally for other decentralized finance practices involving cryptoassets including ICOs, STOs, TGEs, and IEOs.

To date, issuers have adopted various approaches to address the trilemma:

Sacrificing compliance by directly defying regulators and hoping to fly under the radar
sacrificing the scope of investment by restricting token sales to a limited group of investors
Compromising on all three dimensions in a hybrid approach
Forgoing a token offering entirely until this becomes more cost-effective

However, each of these current approaches is sub-optimal, and a solution is needed to the compliance trilemma.

The study also explored how industry experts expected the compliance trilemma to be resolved and found that the majority tended to advocate new regulatory rules and definitions that could relax what they see as the “burden” of compliance on issuers. Such an approach places the onus squarely on regulators, who would need to coordinate within and across jurisdictions to reach a coherent regulatory framework that appeases the challenges and costs of compliance for issuers. However, we argue that holding regulators solely accountable for the compliance trilemma is incomplete and misguided, and that other approaches are needed to reduce the costs and uncertainties of regulatory compliance.

Read the research by downloading the report here

About iComply Investor Services Inc.
iComply Investor Services Inc. (iComply) is an award-winning software company focused on reducing regulatory friction in the capital markets. With powerful data, verification, tokenization solutions, iComply helps companies overcome the cost and complexity of multi-jurisdictional compliance to effectively access new markets. Learn more: iComplyIS.com

The Top Cybersecurity Threats of 2025 and How to Protect Yourself

Jan 20, 2025

Uncover the biggest cybersecurity threats of 2025, from advanced phishing to ransomware and deepfakes. Learn how iComply’s innovative live face match technology revolutionizes security with real-time, on-device biometric authentication, protecting user privacy, ensuring consent, and eliminating vulnerabilities in the digital age.

How a CISO Transformed Their AML Program to Meet BCFSA Requirements

Jan 17, 2025

Discover how a CISO at a credit union transformed KYB, KYC, and AML compliance to meet BCFSA standards. Learn how iComply’s holistic platform streamlined processes, reduced costs, enhanced security with edge computing, and improved member satisfaction.

How to do a KYC Refresh in Financial Services

Jan 16, 2025

Emily, a seasoned compliance officer, remembers the days when performing a KYC (Know Your Customer) refresh meant a mountain of manual work. Tasked with ensuring her financial services firm remained compliant with evolving regulations, Emily had to juggle stacks of...

Eliminating Security Vulnerabilities in Virtual Markets and Decentralized Exchanges

by devicomply | Oct 1, 2018 | Blog, Crypto, Events, iComply Insights, Web3

Following the release of the New York Attorney General’s report on Virtual Markets, iCompy and Hosho will co-present a blockchain security and auditing MasterClass for exchanges, protocols, and ICOs on October 4 as an online teaser leading up to HoshoCon

Las Vegas, Nevada – October 1, 2018 – iComply Investor Services (“iComply”), a leading global RegTech platform for digital finance and cryptocurrencies is announcing that it has partnered with Hosho Group LLC. (“Hosho”). Hosho provides smart contract auditing, penetration testing, and cybersecurity maintenance services focused on the blockchain industry.

This month, the New York State Office of the Attorney General launched the Virtual Markets Integrity Initiative, which issued a report that analyzed how virtual currencies (cryptocurrencies) are traded.

According to the report: “Few issues are of greater importance to customers of virtual asset trading platforms than the security of the funds … sophisticated criminals attempt to infiltrate these platforms constantly, and have reportedly stolen billions of dollars’ worth of virtual currency. Once an unauthorized third-party gains access to a customer account, those funds can be quickly transferred beyond the reach of law enforcement.”

An average of $23 Million USD of cryptocurrency hacked or stolen each day because of security vulnerabilities.

“Most virtual asset exchanges currently use an inefficient patchwork of products and services in an attempt to enable effective multi-jurisdictional compliance. These disjointed systems create hacker vulnerabilities that risk investor funds, data, and the platform’s reputation,” said Matthew Unger, CEO of iComply. “When we met with the product and engineering teams of these same exchanges we were shocked by the vulnerabilities we saw – specifically from their KYC, facial recognition, and AML providers. Investors’ personal data is being stored on local drives, in email inboxes, and often is neither transmitted nor stored with encryption.”

iComply offers end-to-end compliance solutions for digital finance. Through a single REST API companies – and specifically digital finance platforms – are able to achieve 100% coverage of every issue outlined in the Attorney General’s report in addition to the standards required by FINRA proof of ownership and source of funds reporting.

Hosho reported that on average, 82% of the smart contracts that the team has audited have some sort of vulnerability, 27% of which are critical and contract breaking, which means that funds could have been lost or stolen.

“It is Hosho’s goal to push the blockchain industry towards maturation by improving the overall security awareness and standards across the board. Partnering with iComply is a no-brainer given their ethos and philosophy align perfectly with our own. We are both putting in place the infrastructure, services, and technologies necessary to the long-term development of a strong and secure ecosystem,” said Hartej Sawhney, President of Hosho.

The companies have partnered on a MasterClass taking place virtually on October 4, 2018, that will aim to educate participants on cybersecurity for blockchain and smart contracts.

Both companies will also present at HoshoCon which takes place October 9 -11 in Las Vegas. The conference is dedicated to cybersecurity and technology standards for blockchain and the decentralized financial market.

About Hosho
Hosho is the global leader in blockchain security, specializing in enterprise-grade security services for Fortune 500 and early-stage companies alike. Entirely focused on the blockchain industry, Hosho is setting the standard for blockchain security, providing state-of-the-art smart contract auditing and penetration testing services. With blockchain, the repercussions of a security hack are much greater than in traditional technology, making cybersecurity-related services of the utmost importance. Hosho plays an important role in the nascent blockchain industry by resolving issues that often lead to funds being lost or stolen. For more information on Hosho and our comprehensive suite of services, please visit Hosho.io

The Top Cybersecurity Threats of 2025 and How to Protect Yourself

Jan 20, 2025

How a CISO Transformed Their AML Program to Meet BCFSA Requirements

Jan 17, 2025

How to do a KYC Refresh in Financial Services

Jan 16, 2025

iComply MasterClass: Smart Contract Auditing Expert Panel

by devicomply | Sep 26, 2018 | Blog, Events, iComply Insights, Prefacto, Web3

In this upcoming MasterClass, iComply hosts Hosho’s CTO Alex Blair as he joins iComply’s CTO Matt Masiar, to speak on the importance of smart contract auditing, especially for financial applications of smart contracts.

In 2017, a total of $400 million that was raised through initial coin offerings (ICOs) was lost or stolen. This year $23 million was lost to crypto scams every day, with 10% of all funds invested into ICOs also having been reported lost or stolen. The status quo of token fundraising is not sustainable, nor ready for institutional finance.

A single vulnerability once exploited can destroy an entire project. Code, if not audited may not function as intended but will work fine for a short period of time. Companies soft-launching on a blockchain network have a lot to lose from code vulnerabilities and it could end up being a costly decision to not have an audit prior to launch.

Save Your Spot: Registration Limited to the First 100 People Date: Thursday, October 4 Time: 11:00 AM – 11:45 AM (Pacific) Who is this MasterClass for? Developers, Token Issuers, Exchanges, Cyber Security Consultants

Key Learnings:
In this MasterClass, the panel will break down what smart contract audits are, why they are essential and how they can protect you and your investors.

About Alexander Blair
As CTO of Hosho, the global leader in blockchain technology, Alexander leads its technology teams. Every audit bearing the Hosho name or GPG signature is viewed by him. He participates in the audit of ERC-20 contracts, intensive gambling contracts, website penetration testing, and consulting work. With each project, Alexander works to help companies achieve proper security for their funds and the blockchain ecosystem. Alexander Blair possesses a depth of knowledge and experience in low-level system administration, high-level development in multiple languages, cybersecurity, and cryptocurrency mining. Within the healthcare and cybersecurity industries, Alexander has refined his extensive skills in software security protocols. His projects include the sole development of updated mining pool software for cryptocurrencies based on the Cryptonote protocol; co-running SupportXMR.com – a cryptocurrency pool that focused on providing high-quality, high-speed mining pool access worldwide; and the intensive growth of the largest Monero pool in the world to a peak position. Prior to serving as the Chief Technology Officer at Hosho, Alexander enhanced his knowledge of security at Yo Sub Kwon’s LaunchKey. Later acquired by Iovation, Kwon tapped Alexander to join his new venture, Hosho – a cybersecurity company focused on the specific needs of the blockchain industry.

About Matt Masiar
A pioneer of Web technology for almost two decades, Natt’s work has won numerous local and international web development awards. He has acted as a CTO, Tech Team Lead, and technical adviser on a number of projects. He has demonstrated experience with designing and implementing secure, high-performance, scalable applications; large-scale integration projects; native mobile and responsive web applications; and legacy client-server based applications. Skilled in software design patterns, agile methodology, architecture, ASP.net, C#, Mobile Applications, Web Design, Management, and relational database design.

Digital Securities: Benefits & Use Cases – Free Resource

Oct 18, 2019

Blockchain technology is becoming ubiquitous in today's world–including the world of traditional finance. Global personal wealth surpassed US$200 trillion in 2017, and it's expected to grow by 7% (CAGR) every year until 2022. In such a widening pool of available...

iComply to Power Global Compliance for Digital Assets on Hedera Hashgraph Public Distributed Ledger

Feb 26, 2019

Vancouver, B.C. – February 26, 2019 – iComply Investor Services (“iComply”), a regulatory technology firm offering software that automates global compliance requirements for digital assets, is announcing that it will be releasing integrations for Hedera Hashgraph, a...

iComply MasterClass: Understanding and Mitigating Risks in Crypto

Jan 23, 2019

In this upcoming MasterClass hosted by iComply, BitAML’s Founder Joe Ciccolo and Coinstructive’s CEO Chris Groshong join iComply’s Head of Product Strategy Greg Pinn to discuss the importance of understanding and mitigating your company’s risk in crypto compliance and...

iComply MasterClass: Compliance in the Decentralized Financial Markets

by devicomply | Jul 26, 2018 | Blog, Crypto, Events, iComply Insights, Prefacto, Web3

In this upcoming MasterClass, Greg Pinn, Head of Product Strategy for iComply and Former Head of World-Check for Thomson-Reuters, speaks on the role of compliance in the decentralized financial markets. He’ll walk through its best practices and the different approaches related to jurisdiction-based compliance.

Save Your Spot: Registration Limited to the First 500 Registrants
August 7: 10:00 AM – 11:00 AM PDT / 1:00 PM – 2:00 PM EDT
August 9: 2:00 PM – 3:00 PM PDT / 5:00 PM – 6:00 PM EDT

Key Learnings:
In this MasterClass, Greg breaks down why compliance matters and how the global market is in need of jurisdiction-based compliance for cryptocurrencies and tokenized assets in both centralized and decentralized models. Compliance is not a new need but a pressing one – events such as the 1993 World Trade Center bombing and the more recent, Russian Laundromat scheme are prime examples of why the need for compliance and anti-money laundering (AML) procedures exist.

Who is this MasterClass for?

ICO Issuers
Decentralized Exchanges
Compliance Leaders
ICO Consultants

While many argue that regulation stifles innovation, Greg explains that compliance actually enables innovation by protecting individuals that choose to participate in emerging industries. This is not only good from a moral and ethical standpoint but also from a material one. The emerging crypto market has faced an abundance of scrutiny under the public eye due to the emergence of a handful of bad actors; however, this does not paint a complete picture. There must be a balance between the free movement of value and protection of all individuals.

The “fundamentals” of compliance and how they are impacted by jurisdiction: This portion of the webinar will introduce new investors to compliance. This consists of concepts such as anti-money laundering (AML), Know Your Customer (KYC), Countering the Financing of Terrorism (CFT), Enhanced Due Diligence (EDD), Ultimate Beneficial Ownership (UBO) and Politically Exposed Persons (PEPs). These concepts are of major importance in both the traditional and decentralized financial markets and their implications can vary widely by jurisdiction.

The future of compliance: The final portion of the webinar will touch on the future of compliance, Greg considers the industry to be in a “renaissance” period. Costs associated with compliance for financial institutions are high and run parallel to the cost of employee turnover. Constant training and retraining are costly and inefficient. Thus, Greg predicts that the future of compliance is shifting to focus on decreasing the human costs associated with processes by enhancing these processes with technology such as artificial intelligence, machine learning, and automation.

About Greg Pinn
Greg Pinn has a decade of experience leading global best practices in anti-money laundering (AML) and know-your-customer (KYC) industry. Greg currently serves as head of product strategy for iComply and previously ran strategy for World-Check, the world leader in risk-based intelligence data.

Looking for financial grade KYC and AML in an enterprise ready API?

iComply offers global screening for humans, corporations, and blockchain transactions in a single REST API.

Book a demo with one of our specialists to learn more.

Digital Securities: Benefits & Use Cases – Free Resource

Oct 18, 2019

iComply to Power Global Compliance for Digital Assets on Hedera Hashgraph Public Distributed Ledger

Feb 26, 2019

iComply MasterClass: Understanding and Mitigating Risks in Crypto

Jan 23, 2019

Benzinga – iComply A Top RegTech Solution

by devicomply | May 21, 2018 | Blog, Events, In The News, Prefacto, Press Releases, Web3

Benzinga – iComply A Top RegTech Solution

iComply was named a top RegTech solution by Benzinga Global FinTech Awards. The award was announced on May 16 in New York City during the peak of the “NYC Blockchain Week”.

The Benzinga FinTech Awards celebrates leading innovations in Fintech and RegTech across the world. It recognizes winners in a variety of categories including “Best Alternative Investments Platform,” “Best Customer Engagement Tool,” “Best Insuretech Solution” and more.

“We are excited to receive this recognition from Benzinga as an industry leading RegTech company, beating much more established KYC providers such as Jumio, BigID, and Trulioo. While these companies have been in the market much longer, our iComplyKYC product is focused directly on the specific risks associated with cryptocurrency transactions. In only a few short months since our product release, iComplyKYC is recognized as the industry best practice for cryptocurrency exchanges, token launch platforms, and leading securities law firms and risk advisors around the world.” said Matthew Unger, CEO of iComply Investor Services.

At present, iComplyKYC is available as a private white label solution and is currently being used by a number of FinTech platforms, initial coin offerings, licensed Canadian and U.S.broker-dealer and portfolio management firms, cryptocurrency exchanges, and capital markets advisory firms. The company is continuously enhancing the solution with additional layers of verification being released, including:

Accredited Investor Verification
Global Business Verification
Legal Entity Identification
Anti-Money Laundering
Sanctions & Watchlist Screening
Machine Vision Liveness Detection
Cryptocurrency Wallet Risk Monitoring
Blockchain Forensics
Credit Bureau Verification
Wallet Ownership Verification.

We see the iComplyKYC product as critical infrastructure to enable institutional investment to access digital finance.

“When we entered the market with our first product – a regulatory service for blockchains that uses Prefacto technology to apply real-time compliance and governance procedures for the offering and secondary trading of tokenized assets – we discovered that many of the KYC and digital identity providers were too expensive and most are barely more than a camera phone app with a dashboard on the back end. Right now, if an token issuer or cryptocurrency exchange were to be audited by Fintrac, Fincen, European Commission or OFSE they would have a harsh awakening when they realize that the term “KYC” is not standardized across the industry – many of the largest providers do no OFAC screening, most only call a single national PEP list for the USA, and none offer comprehensive risk reporting on cryptocurrency wallets or source of funds. We saw this gap as an opportunity to apply the best practices of traditional sanction screening, anti money laundering and anti-terrorist financing to the decentralized financial markets,” added Unger.

The team at iComply is pleased to receive this recognition and looks forward to continued success as we continue to grow our team, product and customer base.

Looking for an end-to-end token management studio?

iComply’s token compliance platform, Prefacto enables issuers to capture the value of blockchain asset management with multi-jurisdictional compliance automation for over 150 countries.

Book a demo with one of our specialists to learn more.

Digital Securities: Benefits & Use Cases – Free Resource

Oct 18, 2019

iComply to Power Global Compliance for Digital Assets on Hedera Hashgraph Public Distributed Ledger

Feb 26, 2019

iComply MasterClass: Understanding and Mitigating Risks in Crypto

Jan 23, 2019

iComply Launches iComplyID, Blockchain Powered Portable Identity and KYC

by devicomply | Mar 15, 2018 | Blog, Press Releases, Product Updates, Web3

iComply Launches iComplyID, Blockchain Powered Portable Identity and KYC

iComplyID is a zero-knowledge proof, legal-entity identifier.

Vancouver, B.C. – iComply (iComply Investor Services Inc.) is announcing the launch of iComplyID, which acts as a portable KYC (“know your customer”) solution for digital identity management in financial services and government applications. iComplyID significantly enhances cybersecurity and privacy for individuals while reducing the costs of compliance with anti-money laundering (AML), anti-terrorist financing (ATF) regulations, and national identity programs.

iComply is a RegTech software company focused on creating enterprise solutions that reduce the burden of financial, regulatory, and compliance requirements by synchronizing country by country legislation. Last month, the company released the world’s first automated compliance protocol, “Prefacto,” for securities regulation to enable token issuers, security token platforms, licensed stock exchanges and investors to launch and trade blockchain coins or smart contract tokens in compliance with global securities, identity, and privacy regulations.

“Our focus is to demonstrate how, when used appropriately, tools like blockchain, machine learning, and biometrics can serve to enhance integrity, transparency and security in capital markets. We are empowering organizations and individuals by enabling them to utilize the internet of value safely,” said Matthew Unger, CEO and Founder of iComply.

Recently, the banking industry has seen the trend of ‘platformization,’ where financial institutions move away from proprietary legacy solutions and have started to embrace shared resources.

ATMs for example, are owned by individual banks, but rely on administrative entities like VISA to manage inter-bank processes. Conversely, blockchain enables the decentralization of data for frictionless cooperation between entities in a network without intermediaries.

Recently, the Bank of Canada and the Monetary Authority of Singapore announced a program to leverage blockchain for interbank settlement and reconciliation. This reduces the time and cost of these processes, which is one of the features driving the increasing popularity of platforms and decentralized infrastructure.

Trust in intermediary organizations has faltered in recent years, with the Equifax security breach leaving the personal data of 143 million customers vulnerable.

“2017 was the year of the ICO with over 1,200 issued from Canada and the USA alone, and nearly 260 out of Singapore. Issuers in 2018 are taking a new approach, abandoning the fast and loose SAFT offerings to set up compliant securities offerings that simply happen to use blockchain to manage their holders of record. and even working with regulators preemptively. To scale globally, financial institutions need a secure, scalable, and compliant solution to manage investor identity verification, know your client, anti-money laundering, and real time source of funds monitoring. iComplyID is the only turnkey ID/KYC solution in the world that meets these requirements while protecting the privacy and consent of the user.” added Unger.

Looking for financial grade KYC and AML in an enterprise ready API?

iComply offers global screening for humans, corporations, and blockchain transactions in a single REST API.

Book a demo with one of our specialists to learn more.

Next Entries »

Looking for financial grade KYC and AML in an enterprise ready API?

iComply offers global screening for humans, corporations, and blockchain transactions in a single REST API.

Book a demo with one of our specialists to learn more.

Benzinga – iComply A Top RegTech Solution

Looking for an end-to-end token management studio?

iComply’s token compliance platform, Prefacto enables issuers to capture the value of blockchain asset management with multi-jurisdictional compliance automation for over 150 countries.

Book a demo with one of our specialists to learn more.

iComply Launches iComplyID, Blockchain Powered Portable Identity and KYC

Looking for financial grade KYC and AML in an enterprise ready API?

iComply offers global screening for humans, corporations, and blockchain transactions in a single REST API.

Book a demo with one of our specialists to learn more.

Recent Posts

Recent Comments