We get a lot of questions about Civic Pass and its relationship to KYC/AML from companies looking for a Web3 native solution. If this question describes you, then you’ve come to the right place. Typically, the companies we talk to fall into a few different categories.
Take a look to see which category might suit your needs.
1. Your company is required to meet KYC/AML regulatory requirements.
If your company needs to meet KYC/AML regulatory requirements, then you likely need an in-house compliance program that follows guidance of local laws. DeFi and institutional investors fall into this category.
Civic Pass enables Web3 smart contract access management and offers identity verification services that can be deployed as part of your compliance program. Our tools and services do not replace the need for maintaining an in-house compliance program.
Civic verifies the following credentials, which may serve as inputs to your compliance program:
- Government-issued identity documents (driver’s license, passport)
- Biometrics (video selfie)
- Location (ensures IP address is accurate and whether a VPN is being used)
- Liveness (determines whether user is a human or a bot)
- Perform sanctions screening (OFAC, UN, HMT, EU, DFAT, and more)
Most regulated companies are required to have full control over user access rights. This means your company must keep track of which users have permission to use your services, and your company should also retain a full record of work performed, including all supporting documents, for their compliance program files.
- Civic Pass is a token-based on-chain gatekeeper that your company can use to control user access rights. We offer the ability to fully control the issuance and status of the Civic Pass. For example, a Civic Pass may be active, frozen or revoked.
- Civic can provide the source documents and other evidence required to your company for long term storage to help satisfy your compliance with regulatory requirements.
Contact us here to start an introductory conversation with Civic, if you have an in-house compliance program to meet KYC/AML regulatory requirements. You may also get started now by visiting our Developer Hub.
2. Your company needs to verify certain identity information, such as age, and needs to keep a copy of the documentation.
Some companies do not need the ability to control the status of their users’ Civic Pass to be compliant with their local laws. However, these companies may also need to store a copy of the identity documentation either for compliance reasons or for purposes of best practices. If your company falls into this category, Civic can help by issuing and controlling the status of the Civic Pass, while also providing a data verification input.
One example of a company in this category is an NFT launchpad that needs to verify personal information of their creators and store the documents as a best practice to protect NFT buyers. Another example is a company that services individuals who are verified to be at least 18 years of age.
Contact us here to start an introductory conversation with Civic, if this description fits your company.
3. Your company needs to verify certain identity information, for example that a user is human and not a bot, and does not need to keep a copy of the documentation.
We talk to many companies that need basic information checked, but do not need to store any documentation, nor do they need control over the status of the Civic Pass.
Examples of this include companies that simply want to verify that a user is a human with liveness verification or that an individual is not using more than one account with uniqueness verification. Both NFT marketplaces with live mints and DOAs with voting processes typically fall into this category.
Ready to learn more about Civic Pass? Let’s meet.