KYC — What it is, why it matters, and how to pass on the first try
Read time: 6–9 min • Category: Custody & Compliance
KYC (Know Your Customer) is the identity verification required by exchanges. Here are the levels, documents, when it’s needed, trade-offs, the account-security impact, and a practical checklist.
1) What is KYC (and why it exists)
KYC (Know Your Customer) is the process of identifying and verifying a customer’s identity before (and during) a relationship with a financial institution — including crypto exchanges. It’s part of AML/CFT standards (Anti-Money Laundering / Countering the Financing of Terrorism) to reduce fraud, laundering, and abuse of the financial system.
2) KYC levels (what changes)
- Basic / Verified — personal data + photo ID; unlocks essential features.
- Intermediate / Verified Plus — add proof of address; higher fiat limits.
- Pro / Institutional — additional documentation (source of funds) and EDD (enhanced due diligence).
Each exchange implements its own tiers and limits, but the logic is similar: more verification → more features/limits.
3) What exchanges may ask for (checklist)
- Personal data (legal name, date of birth, address).
- Official ID (passport, national ID, driver’s license).
- Selfie / video (liveness verification to confirm you’re a real person).
- Proof of address (recent utility bill or bank statement).
- At advanced tiers: source of funds (receipts, salary slips, bank docs).
4) When exchanges require KYC
- Account creation (or first access to fiat).
- Limit increases (higher deposit/withdrawal thresholds).
- Access to “sensitive” products (e.g., margin/OTC, depending on the platform).
- Risk alerts (ongoing compliance/monitoring).
5) Benefits vs. trade-offs
Benefits
- Access to fiat, higher limits, payment rails, and regulated products.
- Less friction in compliance reviews once your dossier is up to date.
Trade-offs
- Privacy/data: you submit sensitive documents — use platforms with robust security & policies.
- Approval time: from instant to days (if manual review is needed).
- Does not eliminate exchange risk (counterparty; PoR ≠ liabilities).
6) KYC & Account Security 🔐
Why it helps your security
- Links the account to a verified identity, reducing abuse by disposable/fake accounts.
- Improves recovery after loss/theft of access: support has a documented basis to validate you.
- Enables anti-fraud controls (risk flags, temporary withdrawal locks, manual reviews).
Limitations (not a magic shield)
- Does not replace MFA/TOTP, strong passwords, and anti-phishing.
- Does not solve platform risk (counterparty); PoR helps, but does not prove liabilities.
Recommended stack (layers)
- KYC + MFA (passkeys/TOTP) + password manager + anti-phishing code + login alerts + device hygiene.
- For self-custody: offline seed, backups in distinct locations, and recovery test.
7) Best practices (to pass on the first try)
- Valid, readable document (no glare/crops; not expired).
- Selfie/video in good lighting; follow liveness instructions.
- Recent proof of address (names/addresses must match).
- If aiming for Pro tier: prepare your source of funds.
8) KYC, CDD, EDD… what’s the difference?
- KYC = collecting and verifying identity of the client.
- CDD (Customer Due Diligence) = due-diligence measures (KYC + monitoring + risk assessment).
- EDD (Enhanced Due Diligence) = reinforced CDD for higher-risk profiles/activities.
TL;DR
KYC is your “boarding pass” to use an exchange properly: it unlocks fiat, higher limits, and products and it helps with operational security (recovery, anti-fraud). But it won’t protect you alone — always combine with MFA/TOTP or passkeys, a password manager, anti-phishing code, and device hygiene.
More on cryptoslug.pt — Gunbot strategies, automation & discipline.