Neal Reiter (Yale SOM 10), Lead for AML and Fraud Prevention at IdentityMind
Neal Reiter is responsible for leading IdentityMind’s Anti-Money Laundering (AML) and Fraud Prevention product offering. IdentityMind provides software that assists financial institutions, money transmitters, and money service businesses, including Bitcoin exchanges, with risk mitigation and regulatory compliance. Prior to joining IdentityMind, Mr. Reiter led the San Francisco operations of Booz Allen Hamilton’s financial crimes team. He received an MBA from the Yale School of Management in 2010 and was awarded a Borg fellowship.
How’d you get involved in Bitcoin and other cryptocurrencies?
The first time I heard about Bitcoin, I was doing consulting and it came up in relation to WikiLeaks. That’s because WikiLeaks had been cut off from the credit card networks (e.g., MasterCard and Visa), and people were wondering whether they would turn to Bitcoin as an alternative means of raising and storing funds. At that point, the price of Bitcoin hovered around $32, and people on the team said it would never work, so I didn’t touch it for a while.
Then, about six years ago, I was actually asked to help with anti-money laundering (AML) at a startup. We ended up being the AML system for the initial players in the space: Coinbase, Circle, and a myriad of other companies. We build AML software specifically for financial institutions introducing virtual currencies.
How’d you choose to join that AML startup?
Coming out of Yale, I worked as a consultant at Booz Allen Hamilton. We worked with large financial institutions, and we helped them with AML, mediating existing issues. The nice thing about rules and regulations, for the most part, is that they don’t change very much, whether you’re a cryptocurrency exchange or a traditional mining platform. Either way, you need KYC (e.g., customer identification, due diligence, and monitoring), transaction monitoring, and transaction screening (e.g., transfers, deposits, and withdrawals). I knew everything that was required of those processes, and I stuck with the space because I found it fascinating.
What’s the backdrop of KYC?
As a regulated financial institution in the United States, either based here or serving U.S. customers, you must follow U.S. law. It depends on what you’re doing, but an exchange is a money service, which means you have to register with the U.S. Treasury, and you need crypto exchange operating licenses.
I downloaded a crypto exchange on my phone the other day. I was notified that the exchange wasn’t licensed in New York State. Why California but not New York, for instance?
Each state has its own rules. California happens to be very lax. They don’t give out licenses, but they also don’t prohibit you from operating. On the other hand, New York has put into place its BitLicense under the guise of protecting citizens from dubious crypto operators. In reality, BitLicense made it extremely difficult to operate an exchange in New York because it’s so hard to get approval. In fact, less than 20 companies received approval in New York, and for some of them which have received approval, it’s taken them multiple years to do so. Only New York has that regulation. You’ll realize that almost every crypto exchange which was headquartered in New York left the state, and some won’t even practice in New York at all.
For those exchanges that did receive approval in New York, are they just killing it since there’s no competition?
You’re not killing it, but your life is easier in certain ways because you can acquire customers. That being said, compliance with BitLicense isn’t a one-time thing. It’s ongoing. We’re not just talking about Bitcoin: there are multiple coins. If you want to add an additional currency to your exchange, you need to let New York know and get their approval. You’re slowed down significantly. You can’t just move fast and break things.
Which exchanges have the most licenses, or carry the most tokens?
Zappo has a BitLicense, but their exchange doesn’t support many tokens. Coinbase also has a BitLicense, and they probably support around 20 tokens. Poloniex has a license. It would be Poloniex that supports the most tokens, But the Binances of the world aren’t listing a bunch because they can’t.
I think there are about 2,275 different coins. Does that mean only 20 of 2,275 tokens are supported on Coinbase? Is that the right mental model?
That sounds right.
Tell me a bit more about IdentityMind.
We’re a full AML platform that provides all of the software to companies who are operating in the virtual currency space related to anti-money laundering.
Can you paint a picture of KYC for those of who aren’t familiar?
The first time you go to an exchange, you need to be validated, and sometimes you need additional validation in order to move up a level, get more money, or do cooler things. There’s been transaction monitoring which determines whether suspicious transactions are occurring. We don’t have anything like a Blockchain Explorer. We don’t build anything that looks at wallets and gives them a risk rating based on transaction history.
Regulators must love you.
They do, and companies love us too because we keep them out of trouble.
What’s an under-discussed innovation in the space that you often think about?
DEX is a decentralized exchange. Currently, you can go to Coinbase or Binance and buy Bitcoin. But those are actual companies. There are real people behind those exchanges that are known, that have addresses, that have phone numbers. DEX is running an exchange without the company– without the people.
How does DEX do that?
At the end of the day, DEX is just software, and you can build it to operate without people running it. You’re not going to have tons of capabilities, and the people behind it might just be volunteering to code. Decentralized exchanges are a very interesting idea with severe ramifications: You could potentially have an unregulated place for anyone to buy and sell crypto.
Is it unregulated or is it actually impossible to regulate?
More of the latter. If you don’t have anything to shut down, if you don’t have people to prosecute, how would you stop it?
How big is the DEX space right now?
It’s small but growing, and every time that regulation ramps up, it grows a bit larger. If you want to know something interesting, have you ever heard of the “travel rule?”
It’s a piece of regulation created by the Financial Action Task Force (FATF), a sort of League of Nations related to financial crime, where people get together and they hammer rules out. Last month, they passed regulation explicitly catered to virtual currency, saying that virtual currency must comply with the “travel rule.” Say I’m sending you three Bitcoin from my Binance account to your Kraken account. With those three Bitcoin, Binance must send information about me and receive information back about you. They have to get my name, my account number, and they have to get information about you in order to know who my Bitcoin is going to.
Here’s the problem. There’s no way to send and receive that information with the existing architecture of Bitcoin or Ethereum– and certainly not with Monero or Zcash. The exchanges are either going to need to change how they operate, or someone’s going to have to do a BIP and make a major change to the Bitcoin core.
Can’t Bitcoin and Ethereum just… lobby?
Treasury Secretary Mnuchin and President Trump have come out strongly against Bitcoin. It’s awkward in terms of them trying to place archaic rules onto Bitcoin, and it’s going to be a challenge to comply.
Is the “travel rule” a good-faith effort to regulate cryptocurrency fraud, or is it a case of central planners trying to save face?
I think it’s more that people are very afraid of Bitcoin. They think of it as a haven for illicit activity, so they want it to comply with existing regulations– unaware of the fact that the technology wasn’t built to comply with those regulations, and that it’s extremely hard to comply in any case.
Bernie Madoff just asked for clemency. He stole upwards of $20 billion. Do people disproportionately scrutinize crypto fraud?
The relative amounts of fraud aren’t nearly the same size, but because people don’t understand cryptocurrencies, they magnify the issue.
If you scaled investments in crypto to the same level as traditional investments, would there be a more comparable amount of fraud?
Yeah. Right now, there are a lot of bad actors, and there aren’t a lot of retail investors. Per capita, there’s a lot of illicit activity for the buyers and sellers, especially with the ICO craze for example. It hasn’t hit the mainstream yet.
So, what’s the path forward for Coinbase and similar exchanges? Are they going to change their architecture?
I have no idea. I’ve got nothing.
Switch up– any thoughts on crypto at Yale?
I haven’t been back in years, so I don’t really know.
You’re in California. Is Stanford a trailblazer?
Stanford is and has always been more focused on technical acumen than Yale. I want to say that six percent of Stanford kids take a CS course, and yes, there’s more going on here, but it’s not like Stanford is cranking out companies in the virtual currency space.
Why’d you go to Yale’s School of Management?
I liked that the mission wasn’t to make the most money in the world: It was to do good. That’s extremely rare in the MBA space.