The Metaverse and Money Laundering
In an effort to keep ahead of the game we’re constantly looking for the next big breakthrough, and we’re being told that ‘The metaverse’ is it. But is it really, and what effect will it have on AML professionals and the risk portfolio of the businesses they work for?
Having barely been heard of before 2020, the term started to get mentioned in 2021 and by the beginning of 2022 it was appearing everywhere. Now, it’s the buzzword for all future predictions, even by people who haven’t really got a grasp of what it is!
Earlier this year Citi ICG cited that the total addressable market for the metaverse could be between $8 trillion and $13 trillion by 2030, with total metaverse users hitting around 5bn.
In this NorthRow blog, we’ll dip our toes in the water of the gigantic topic of the metaverse. Is it just a tech buzzword, a real game-changer or yet another headache for AML professionals? We explore the impact it may have on AML professionals over the coming years.
So, what is The Metaverse?
In essence, how most people explain the metaverse, is that it’s a 3-D model of the internet, enabled by the next generation of the Web – Web 3.0 – which is designed to provide greater utility than currently exists. Still not clear? How about describing it as a collective, virtual, open space developed by integrating virtually enhanced digital, as well as physical reality, which provides immersive experiences for its users.
Mark Zuckerberg is so convinced that it represents the future, that he’s renamed Facebook as Meta – but then, MZ is very good at self-promotion and probably doesn’t lose much sleep over the ongoing battle that AML professionals are continually fighting.
It will, by all accounts, totally revolutionise Virtual Reality (VR). To date, apart from industry simulators, VR has been more about leisure than business, with increasing numbers of Gen X, Gen Z and Millennials immersing themselves in gaming and fantasy worlds, where they are represented by their own, personalised avatar.
In the context of the metaverse, avatars will play a similar role to that of Single Sign On credentials. Personal avatars will explore a whole new world from work and collaboration through to health and wellbeing as well as consumer transactions for virtual shopping or banking/finance transactions.
What Web3 and The metaverse now bring to the table, is much more enablement across a whole range of day-to-day applications. The metaverse is the next generation of the internet that will offer a truly immersive experience in a ‘virtual’ world.
KYC and AML in the Metaverse
The metaverse is not just one single entity. There’s a call for there to be one centralised metaverse, owned by all users, but there are already a large number of decentralised metaverses, created by different users – initially gaming companies, but now, increasingly, virtual worlds where you can buy property (as an investment or to build on), attend auctions and buy goods, typically using crypto-assets, referred to as NFTs (Non Fungible Tokens), linked to a blockchain. The market in these virtual items is bigger than you might expect, with some virtual properties selling for millions of pounds and fashion-label wearables for your avatar going for thousands!
The best way to illustrate the metaverse’s growing importance, is that a significant proportion of the global venture capital is being assigned to FinTech companies, and it’s these companies that are looking to expand their development into the metaverse. So, as we move forward, perhaps much wider spread 3D enablement is the key issue to consider, from a regulated entity and AML perspective. The ball is rolling, and the incline is getting steeper, so should we be worried?
The list of uncertainties isn’t short for regulated businesses. They must consider several potential risks and challenges when it comes to KYC and AML regulation:
- Security and privacy: related to digital identity and fraud and how the personal information of each ‘Avatar’ will be protected
- Investment in technology: next generation connectivity, software, and talent to support shifts to virtual reality will require resource in time and budget
- Regulation: with differing regulation across a range of jurisdictions currently in place this new ‘metaverse’ could require global consistency of regulation
- Safety, integrity, and responsibility: particularly for reputational risk
Money Laundering in the Metaverse
Financial Services companies, and indeed regulated entities, rely on being able to accurately identify their customers and clients when going through the onboarding process. So, if someone is so immersed in the metaverse, that they represent themselves as their avatar, rather than their actual physical self, where does that leave the onboarding process? If you add into this mix the current proliferation of cryptocurrencies and the growth of blockchain technology, we can perhaps see where slippage might occur, and alarm bells begin ringing.
Of course, where there is money changing hands, there is interest from bad actors, to take monetary advantage of the situation. Already, there have been numerous examples of crypto-asset theft, as well as the sale of fraudulent virtual goods and real estate, so to see where this will end is currently impossible. One issue already identified, is where bad actors can purchase, or acquire, a valuable or unique item in one metaverse and then sell it on in other metaverses, thus using multiple blockchains to make the flow of funds difficult, if not impossible, to trace.
Does the Metaverse Create AML Challenges?
One of the key issues for AML professionals, is that bad actors could use exchanges, particularly decentralised exchanges, within and between metaverses, to hide the source of funds, as the normal rules of KYC processes and compliance checks very often do not apply.
In this virtual financial services world, where it can be impossible to identify the actual individual involved and the source of the currency being used, the existing rules around KYC, CDD and wider AML practices, are difficult to apply.
In addition, it becomes more difficult to protect innocent users from identity fraud and identity theft, and the methods being used by manipulative criminals. Superficially, the blockchain provides visibility and access to all transactions, but with the identity of the people conducting those transactions being hidden, the metaverse provides the perfect place for money laundering and other criminal financial practices to be conducted.
Minimising Money Laundering Risk in the Metaverse
Some companies will already be encountering some of these crypto-currency-based transactions, whilst others will be more immersed in the virtual world of trading covered by the metaverse. Currently, governments and AML agencies and regulators, as well as those companies at the forefront of the fight against money laundering and other, similar criminal activities (e.g., FinTechs and RegTechs), are all monitoring the situation and determining how to combat the issues posed by virtual transactions and cryptocurrencies.
Investment is being made into ways of tracking, or combatting, money laundering activities across the metaverse and new or amended rules and procedures will be introduced as we move forward. For now, though, regulated entities must ensure they have the most up-to-date and fool-proof practices, processes, and software in place to manage their own situation. The plea of “it happened in the metaverse” will fall on deaf ears if the regulator finds fault with your transactions.
How can Compliance Teams Prepare for the Metaverse?
It’s fair to say that many regulated entities will have little or no dealings, currently, with these issues emanating from the metaverse. For these, traditional transactions will still require the current high level of due diligence, when onboarding or monitoring customers.
And, for those companies, who maybe think that they are currently safe from these issues, because they haven’t encountered virtual currency transactions as yet, your metaverse-enabled problems are only just around the corner, and you need to bring yourselves up to speed as soon as possible.
Regulated businesses that are already adopting a culture of digital transformation and the use of software to automate their existing processes will be one step ahead to implement compliant metaverse processes.
Existing technology, such as software that can be used to confirm authenticity of key documentation, such as proof of ID, are likely to be key in navigating compliance within the metaverse.
The Future for Compliance in the Metaverse
Technology continues to evolve at an alarming rate – particularly in making virtual interactions more immersive, innovative and immediate.
Regardless of the trajectory of the metaverse, the world of compliance must look to RegTech technology to solve some of its existing operational inefficiencies in order to move forward with next-generation internet technology driven by consumer demand.