Mcap -- BTC -- ETH -- SOL -- BNB -- XRP -- F&G -- View Market
Loading prices…

KYC

Know Your Customer — the regulatory process where a financial service verifies who its users are. The compliance layer that sits between crypto and the traditional financial system.

Regulation 4 min read

KYC — “Know Your Customer” — is the set of procedures a regulated financial business has to follow to verify the identity of its users. For a crypto exchange, this usually means collecting your legal name, date of birth, address, and a government-issued ID, often accompanied by a selfie or a live video verification. The purpose, as stated in the relevant regulations, is to prevent money laundering, terrorist financing, tax evasion, and sanctions evasion, and the regulations themselves come from a combination of national laws (the Bank Secrecy Act in the US, the Money Laundering Regulations in the UK, AMLD5 and AMLD6 in the EU) and international standards set by the Financial Action Task Force (FATF).

Any crypto exchange that wants to offer fiat on- and off-ramps has to do KYC, because the banks they interact with require it as a condition of providing banking services. Coinbase, Kraken, Binance, Gemini, and every other centralised exchange operating legally in major jurisdictions will ask for your documents before they let you deposit or withdraw fiat currency. Failing to complete KYC means failing to access those rails, which for most users means failing to turn crypto into money they can spend.

Tiers and Thresholds

Most exchanges implement KYC in tiers. A minimal verification — usually just email and phone — might let you view prices and create an account but do nothing else. A basic tier with name, address, and ID might let you trade up to some monthly limit and make small fiat deposits. A full tier with ID verification plus proof of address (a utility bill, a bank statement) unlocks higher limits and sometimes additional products like margin trading. Institutional accounts have an entirely separate and heavier process involving corporate documents, beneficial ownership disclosures, and source-of-funds documentation.

The specific thresholds vary by jurisdiction and by exchange’s own risk appetite. The FATF’s “Travel Rule” — which requires exchanges to share identifying information about senders and recipients for transfers above a certain size — kicked in across most major jurisdictions between 2020 and 2024 and has meaningfully reduced the anonymity of crypto moving between regulated venues. Transfers to and from self-custodied wallets are a gray area that different regulators handle differently, with some treating them like any other deposit and others imposing extra verification requirements.

The Tension with Crypto’s Ethos

Bitcoin was explicitly designed to allow permissionless transfers without intermediaries. KYC is the exact opposite principle: every transaction through a regulated venue is tagged with an identity, and that identity is recorded in a database the authorities can subpoena. The two ideas sit uncomfortably together and the tension has been there from the beginning. The compromise most users make in practice is to KYC at exchanges for fiat access but use self-custodied wallets for actual on-chain activity, which preserves some degree of financial privacy at the cost of inconvenience.

The more hardcore response is to avoid KYC venues entirely and use peer-to-peer trading, DEXs, or atomic swaps — paths that do not require identity verification because there is no centralised operator to verify you. These paths have always existed but are limited by liquidity, usability, and the fact that eventually you usually want fiat, at which point you have to interact with the regulated system somewhere.

What Gets Done With Your Data

When you hand over your KYC documents to an exchange, the exchange retains them for the period required by local law — often five to seven years after account closure — and makes them available on request to law enforcement, tax authorities, and regulators under the appropriate legal process. Exchanges have been subpoenaed by the IRS, HMRC, and other tax authorities and have handed over user records. If you report your crypto trades on your tax return, this is not a problem. If you do not, the fact that your trades are linked to your identity in a database the tax authority can access means you should probably rethink that position.

Data breaches are a separate concern. Coinbase had a KYC-data leak in 2025 (via a bribed overseas support contractor) that exposed customer data including names, addresses, and partial ID information. Once your KYC data is in the hands of a breacher, it does not come back. This is one of the strongest arguments against centralising identity in exchange databases, but so far the regulatory requirements have outweighed the data-security concerns in every major jurisdiction.

Exchange A platform where you can trade crypto for fiat or for other crypto. The connective tissue between crypto markets and the rest of the world. Read definition Custodial Wallet A wallet where a third party holds your private keys. Convenient, common, and the opposite of the original crypto pitch. Read definition Fiat Traditional government-issued currency. The word crypto people use to refer to dollars, euros, pounds and everything else issued by a central bank. Read definition