What is AML/KYC & Privacy?

AML/KYC rules were designed to catch criminals. In practice, they've created the most comprehensive financial surveillance system in history — monitoring billions of transactions to catch a fraction of illegal activity.

The Scale of Surveillance

What KYC Collects

• Government-issued ID (passport, driver's license)
• Social Security number or equivalent
• Proof of address
• Source of funds documentation
• Employment information
• Facial photographs (increasingly biometric verification)
• Ongoing transaction monitoring

The Numbers

• Financial institutions globally spend $274+ billion annually on compliance
• Banks file millions of Suspicious Activity Reports (SARs) per year
• The US FinCEN receives 4+ million SARs annually
• Less than 1% of illegal money flows are detected by AML systems
• The UN estimates only 0.2% of money laundering is seized

The Privacy Problem

Massive Data Collection

KYC creates centralized databases of financial identity documents at every institution you use — each one a breach target. When a KYC provider is breached, attackers get the most sensitive identity data possible.

KYC Data Breaches

• Onfido (identity verification provider) — data breach exposed ID documents
• Jumio — verification documents potentially exposed
• Exchange breaches — Stolen KYC data includes passport photos, ID scans, and selfies
• KYC data is sold on dark web markets for $10-$100 per verified identity package

Financial Surveillance

• Every bank account, credit card, and investment tracks your transactions
• Pattern analysis flags "unusual" behavior (which may simply be unusual, not criminal)
• Financial institutions share data with government agencies
• De-banking — accounts closed based on automated risk scoring, with no recourse

Disproportionate Impact

• Unbanked populations — 1.4 billion adults globally cannot meet KYC requirements
• Immigrants and refugees — Often lack the documentation required
• Privacy-conscious individuals — Flagged as suspicious for seeking financial privacy
• Political activists — Financial surveillance used to track and suppress dissent

The Effectiveness Question

Metric	Reality
Global money laundering (annual)	$800 billion–$2 trillion
Amount detected by AML	Less than 1%
AML compliance costs	$274 billion/year
False positive rate on SARs	~95%+
Convictions from SARs	Tiny fraction

Critics argue that AML/KYC is a surveillance system that happens to occasionally catch criminals, not a crime-fighting system that happens to require surveillance.

Alternatives

• Risk-based approaches — Focus surveillance on high-risk transactions rather than monitoring everyone
• Privacy-preserving compliance — Zero-knowledge proofs could verify compliance without exposing personal data
• Higher thresholds — Increase reporting thresholds to focus on serious crime
• Sunset provisions — Require KYC data deletion after a defined period