Matthew is the CEO of iComply (iComply Investor Services Inc.) is an award-winning Regtech platform powering the digitization of institutional finance with coverage for over 160 countries.
You have been involved in cryptocurrency for many years now. Can you share with us how you first learned about crypto?
I first heard about cryptocurrency (Bitcoin) in 2011 at a meetup in Vancouver. Before that, I spent over half a decade as a wealth manager. I saw how blockchain technology would transform capital markets. Since then we have seen a ton of innovation. To compare it to digital media – if Bitcoin was the Napster of finance, Ethereum’s smart contracts were BitTorrent.
How did you come across the concept for iComply Investor Services?
The need for iComply arose out of two major events, in 2014, the fintech I worked for was building a platform for broker dealers and asset managers to manage their entire business from an iPad. For KYC, there were a few APIs on the market but even today most of these tools do nothing more than onboarding or identity verification.
Over the past 15 years, I have gone through many regulatory audit cycles and did my first AML training in 2005. I saw a need for a toolkit that would let businesses easily manage the global variations and frequent changes to local regulations – whether for onboarding, identity verification, AML, or even disclosures and legal agreements. Today, iComply offers institutional-grade identification and risk management tools that support AML compliance for the entire customer lifecycle.
You led a 2016 project to use Ethereum smart contracts to automate the matching and fulfillment of CME interest rate swaps trading over LIBOR. How did this work and what was the outcome?
Actually, I only led the technical part of this proof of concept (POC) with a team at MIT. Our goal was to build a business case and technical POC to identify if smart contracts could be used for clearing derivatives effectively. This required that we map out the entire workflows, business and compliance requirements of the second largest clearinghouse in the world. We connected the dots between transaction counterparties, their law firms, and a whole web of proprietary software.
Looking back, our solution was a mess – we had way too much logic and potentially confidential information on-chain, and Ethereum was integrated into a customized Salesforce interface. It was early days. Shortly after the DAO disaster unfolded and the resulting hard fork killed all interest from the major institutions. Still, the results from the POC were exciting – we could take a traditional institutional process that takes 4-6 weeks and costs upwards of $10,000 per transaction and boil it down to under a dollar of gas in under a minute.
We witnessed the ICO boom in 2017 with the follow-up crash in 2019. Why do you personally feel that STOs will be different?
First, ICOs were seeking to do something very different than digitizing a security – in many ways utility tokens are a new asset class, security tokens are new technology applied to, for the most part, very traditional financial instruments. I still believe there are excellent use cases for utility tokens – but many utility tokens still need to comply with all sorts of laws and regulations outside of the securities.
In contrast, STOs are focusing on operating within securities regulation. This means they will be held to a higher standard and their tokens have to observe the securities regulation of any jurisdiction they trade in – even for peer-to-peer transfers between wallets. These regulations vary widely from one country to another, in the world of paper or digitized PDF legal agreements there is little risk of a regulator in EU catching a US issuer raising capital for a private placement in a business, fund, or real estate deal.
Putting these transactions onto a blockchain completely changes this because regulators are already able to monitor the market in a way that is simply impossible to do today. Token issuers today are still buying basic APIs for KYC and AML, and many still think of global regulation as binary – SEC vs no-SEC (i.e. Reg D and Reg S). However, when a tokenized asset is able to easily manage the jurisdictional variations of identity, privacy, data, AML, and securities regulations, including disclosures and legal agreements, etc., the old way of doing things seems insane. That would be like someone using Telex today instead of Telegram, email, or Slack.
What are some of the tokenization use cases that iComply can assist companies with?
Since we launched Prefacto in Feb 2018, we have seen a lot of really cool token projects from Cryptokitties to tokenized funds, real estate, bonds, private shares, futures contracts, and even fractional ownership in casks of luxury Scotch, whiskey, and wine.
The Prefacto toolkit makes it simple, and very cost effective, for token issuers to manage compliance requirements not just for the initial offering – but for every transaction throughout the lifetime of the asset in almost every country in the world. If your lawyer is able to write up a term sheet, purchase agreement, or licensing contract – you can probably tokenize it.
In 2018, we started to see a lot of new blockchain startups launching platforms for issuance, trading, transfer agents, and cap table management such as Polymath, Blockport, Securitize, etc.. We started getting requests from a lot of STO platforms on how to handle the cross-border AML compliance for onboarding corporate investors so we released a second product, iComplyKYC, as a toolkit that easily plugs into these types of platforms. What we were not expecting was the demand from the traditional capital markets where back offices are simply not ready for blockchain. This is a very exciting trend because we are now connecting the dots for many of our clients bridging the gaps between traditional brokers, issuance platforms, and even some exchanges.
One of your exchange clients is Motto Technologies, a UK based cryptocurrency exchange going public on the LSE. Could you walk us through what Motto does, and how iComply was able to assist them?
Motto was early to the “let’s get regulations right” game. Their platform allows users to buy, trade cryptocurrency but they also give their users a Visa card that lets you easily spend your crypto anywhere that takes via. In order to get past audits from their banking partners, Visa, and the Financial Conduct Authority.
We helped Motto find local regulatory experts, get their policies and procedures ready for audits, approvals, and go-public due diligence. Before using iComply, their bank had required them to use an API based “e-KYC” tool which might have worked if they were just doing a traditional crypto-exchange. Our iComplyKYC toolkit enabled them to build and maintain a robust compliance program that could stand up to regulatory scrutiny. Most of the other platforms are still mucking around with 10 different APIs and manual systems to try to appease regulators. We helped Motto get ahead of this curve, and as a soon to be publicly traded company their shares will be available to accredited and non-accredited investors alike – I’m not aware of another exchange in the market that can say that.
One of your software products is Prefacto, a regtech solution for tokenized assets. What problems does Prefacto solve?
Prefacto enables businesses to manage end-to-end compliance on their tokenized assets. This includes planning and structuring, launching smart contracts, developing and implementing a compliance program, issuance and distribution, and finally ongoing token management. Compared to what many issuers are doing today, our clients can save time, money, and a whole lot of pain if they talk to our team early on.
iComply also offers KYC services. What are some of these services?
In late 2018, we started reaching out to other token issuance platforms, transfer agents, etc in the security token market to offer them demos and the opportunity to share knowledge and collaborate rather than compete. Several players took us up on the offer and we all learnt a lot. One of the key takeaways for iComply was that, while we thought Prefacto was cool, our compliance tech was a key missing piece to these other platforms.
At the time, none of the other platforms could manage compliance for corporate investors, distributed broker networks, or multi-jurisdictional variations in regulation. This led us to refocus our business on what we are known to be best at – intelligent compliance automation. It took about a year to refactor our platform and launch the current version of iComplyKYC, a suite of tools that makes it easy to build and maintain a robust global AML compliance program.
We built our own KYC tech because we knew the APIs on the market would not meet regulatory requirements – there is a reason you do not see these tools being used today by firms such as HSBC, Santander, Vistra, etc. After launching iComplyKYC, we discovered that the institutional players were very interested in using these tools because they were built to the current standards and frameworks of traditional compliance – we just do it for 95-98% lower cost per transaction than current mid and back office systems.
Where do you see the industry five years from now?
In 5 years from now – if you’re familiar with the concept of Gartner’s hype cycle – we’ll see security tokens start to take off in mainstream adoption. Right now, if you look at the digital media as an example, right now security tokens are for the people that would have used Napster or Kazaa. In five years we will have an iTunes, maybe even a Netflix.
Traditional firms will be past POCs and MOU press releases. Like the Netflix pivot from mail order DVDs to digital delivery, some of the big guys will have made public blockchains a core to their business strategy like EY has already done with Ethereum. Others will go the way of Blockbuster.
Simultaneously, the security token startups will be more collaborative and more interoperable. The cost of launching a token will be at least 90% less than it is today. The platforms who chose public blockchains, rather than proprietary private or purpose-built chains will start to see the benefits of this long term thinking.
Finally, over the next 1-3 years I believe we will see and hear a lot about private chains with the rational of scalability, security, etc. This is a last-ditch effort to protect their business model from being cannibalized by decentralization and democratization in finance. The early members of the R3 Consortium spent millions to learn this, Salesforce and S&P scrapped their Hyperledger project, JP Morgan recently gave up on Quorum – the truth is we have had DLT in finance for over 30 years, systems such as CDS are incredibly efficient and secure.
There is nothing innovative about a private blockchain or mesh network in finance. Look at Java and C#, they won the race to build the internet. Public cloud solutions such as Google, AWS, and Azure won the race for shared public server architecture. For digital finance, public blockchains enable full transparency which builds trust and reputation in a way that a private chain cannot. Within 5 years you will see SIX, ASX, GBX, and similar players will have scrapped their current infrastructure in favour of lower costs per transaction and lower cost of technology ownership, to adopt public blockchain infrastructure.
Is there anything else that you would like to share about iComply?
Our focus at iComply is to ensure companies can easily build and maintain a robust, global, and institutional grade compliance program. The problem we see in the market is that the institutional grade tools are too manual and expensive to enable digital transformation. Meanwhile, in the fintech, startup, and security token markets we see a lot of players that have a lot of deep experience in securities or finance – usually only in one market – but no real world experience in what happens in the mid and back office, much less compliance on an international level. They simply don’t understand that when you sell a Reg S to someone in Germany there are compliance requirements from BaFin, the European Commision, etc.. For the sake of this whole industry, I would urge token issuers to look at compliance holistically, and as early as possible.
Our clients realize very quickly that we’re offering a holistic approach. We support our clients through audits from regulators, banks, and financial partners – they need this in order to become successful. The eKYC API built for Uber and AirBnb don’t do this because they know their tech will not pass an audit – once they close the sale that’s it. This is what is unique about our focus at iComply, we are here to help our clients do business – we have aligned our business model with our client’s success.