Comment by MmmKayWhySee

I work on KYC systems at a medium/large sized financial institution. The trend of adding KYC requirements to more and more online services is troubling.

KYC adds a huge burden to anyone trying to offer a service. Implementing KYC imposes significant burdens on service providers due to the complexity of identifying users across different countries and understanding varied regional regulations. You end up outsourcing your KYC to another company. But most KYC vendors don't support all the countries you want to support, so you either end up limiting your service to the service area of your KYC vendor. Or you end up integrating multiple vendors together, which is challenging since vendors generally prefer exclusivity.

If you didn't have an engineering team working on KYC before, you will now. You will likely need to add to or expand your compliance team. Your company will shift either slightly or significantly from being an engineering or product driven company to being a compliance driven company.

KYC raises barriers and entrenches incumbents. Look at financial institutions and porn.

KYC is generally not evidence based policy either [1, 2]. Bad actors get around your KYC requirements, and your KYC system ends up being a hurdle for innocent users. A lot of KYC systems rely on data aggregators (aka the people who buy your personal data), and if you aren't "in the system" either because you are young, poor, or privacy conscious, you are faced with suspicion.

My experience is that anti-fraud systems tend to weed out bad actors better than KYC systems that are mandated in a governmental top down manner.

1) https://www.economist.com/finance-and-economics/2021/04/12/t...

2) https://www.tandfonline.com/doi/full/10.1080/25741292.2020.1...