Onboarding and CLM in Web3

Our Innovation Ambassador Matthew Mellor takes a deep dive into Web3- aka the new age of the internet- to look at how CLM and onboarding will fit into this new technology and if it will even need to at all.

The advent of Web3 poses questions about how CLM and Onboarding will fit into this new technology, and indeed, if it will need to at all. When Aldus Huxley wrote Brave New World, he imagined a dystopian future brought about by huge scientific and technological advances. However, I doubt he could have imagined the next technological epoch that we are about to advance into, the age of Web3.

Web3 Explained

The Internet has gone through three generations of development. Web1 was made for content consumers, showing only individual, static web pages on decentralised platforms. These pages were read-only and non-interactable.

In 2004, Web2 was developed, providing a more interactive version of the internet allowing anyone to publish anything online. However, this interactivity came at the expense of decentralisation and privacy. New websites were created by large corporations, in which content provided by individuals is exchanged for data.

Web3 is the third generation of the internet, a decentralised online ecosystem built on a distributed ledger (the blockchain). Web3 provides more autonomy for users, allowing them to have more control over their data - cutting out the need for middlemen.

Web3 is based on four principles: Decentralised data storage, Artificial Intelligence and Machine Learning, Connectivity and Ubiquity, and a promise to ensure Web3 remains trustful and permissionless.

Will there be a need for Trusted Third Parties in Web3?

With the advent of Web3, there is a small, but loud coalition of people who believe that with the use of distributed ledgers and smart contracts there is no longer a need for trusted third parties, such as banks, in the new financial system. Currently, banks act as intermediaries between individuals and organisations to facilitate and referee financial transactions. With Web3 these transactions would be facilitated using immutable, decentralised ledgers that would ensure trust between the two parties. With a decentralised ledger, is there even a need for third parties?

As with most things in Web3, nobody really knows, but the answer usually depends on how libertarian you’re feeling. Some parties believe banks and FIs will be entirely replaced by Decentralised Autonomous Organisations (DAOs). Networks of individuals with aligned incentives, common interests, and democratised governance - DAOs will be almost entirely run-on code. DAOs could allow groups of people to invest together in almost anything and receive a share of the yield in return. Democratised governance will allow all members to influence collective asset ownership, risk management and asset curation without the need for a trusted third party.

Although a possibility, it is more likely that DAOs will evolve alongside the traditional banking system, FIs will likely adapt, amalgamating Web3 with their current operations.

KYC vs decentralised anonymity?

With Web3, traditional KYC may be a thing of the past, giving rise to the use of verified nodes with an additional layer of anonymity built on the blockchain. However, the need for truly understanding your customer is a requirement that is highly unlikely to cease.

Decentralised anonymity, one of the pillars of Web3, directly contradicts the principles of KYC - a cornerstone of CLM process. How can you “Know Your Customer” when they’re an anonymous node in a decentralised ledger? There are several proposed solutions:

On Chain Identity Tokens (OCITs) can be leveraged in a financial transaction or smart contract to confirm a wallet owner’s identity. Third parties could be used to conduct KYC checks on an entity (potentially providing identifying documentation), validating and verifying their identity. In turn, this third party could provide a non-transferable token to the entity, allowing them to perform verified decentralised exchange or DAOs using Web3. These identifying tokens would not contain any personal identifiable information (PII), ensuring anonymity on the blockchain whilst providing seamless, instantaneous KYC within transactions.

Alternatively, Decentralised Identifiers (DIDs) are a unique way of provably owning an identity independent of centralised registries or government authorities, similar to an email address. DIDs will allow users to share cryptographic certificates - Verifiable Credentials (VCs) that convey information about the identity holder. The VC issuer would verify documentation and KYC information (which may be contained in the VC) allowing the DID to provide a VC during a transaction, giving evidence of their identity. These VCs could be used to allow an individual to join a DAO (such as a fund or asset manager). However, the interaction required between the individual and the VC issuer means that the KYC process is less than instantaneous.

What problems in Onboarding and CLM will be solved by Web3?

CLM has been battling the same problems for decades – slow client outreach, bad data management, high risk, low compliance, and poor operational efficiencies - which all lead to poor customer satisfaction. The evolution of highly integrated digital CLM platforms was supposed to be the silver bullet for all these problems. Although we have seen an improvement in CLM, the promised land of instant, perpetual KYC, “1 click” onboarding and constant review is still far away – Web3 may be the answer.

As Web3 will be built on the blockchain, an organisation will be able to see all transactions ever conducted by a potential client. Studying this wealth of data with machine learning and AI and coupling it with instantaneous KYC performed using OCITs or VCs, onboarding times could be drastically reduced. AI assisted risk scoring, tailored to an organisation’s appetite could calculate risk instantaneously. By using machine learning algorithms and the data stored within the blockchain, these risk calculations would be constantly evolving and improving, ensuring only suitable clients are onboarded and reducing false positives.

Furthermore, regulators and governments could issue NFTs to organisations that are compliant to their regulations. Coupling these NFTs with OCITs or VCs could allow verifiable entities with verifiable compliance credentials to be instantly onboarded. However, there is a paradox with this system, as NFTs are innately transferable, what’s stopping a non-compliant individual or company from purchasing these NFTs from a reputable source? Thus, ruining the ability of the NFT to act as a source of reputation. In a recent blog post, Ethereum founder – Vitalik Buterin discusses the need for “soulbound” NFTs that cannot be transferred from the original owner, if this was to materialise then these compliance credentials would stay with the owner (until being superseded once expired)