Are you guys ok with your service provider having access to your personal documents?

[manwithtoupe]

I know you should probably use a reputable company with lots of revenue at stake.

But what prevents a single, rogue employee from copying your documents to his/her personal laptop and opening accounts in your name?

Considering that some CSP's don't even use TLS, and that most have never heard about PGP encryption, what are the odds of their customer database having adequate encryption and auditing in place?

Realistically your documents are probably sitting unencrypted in someone's email inbox, protected by an easily crackable password and with no 2FA in place. How is this not a recipe for disaster?

 

[Tax Cow]

No, and you're precisely right.

I responded with similar concerns in this post

Approach the‌ offshore service provider with an ID of a smurf, darks, or a proxy residency/citizenship to‍ obfuscate where you live.

 

[JohnLocke]

That's why you only want to use real agency firms which actually may be a‌ law firm or certified accountants in a reputable country. All these resellers that popped up‍ the last years but thankfully are stopping again had all your documents. You won't know⁠ at this time who else has these docs!

 

[James Turner]

I agree it is a huge risk. Regulators provide lots of guidance/enforcement on what documents‌ should be retained but have absolutely no concern for the way in which those confidential‍ documents are stored. I think the only good point is that if an agent is⁠ operating in accordance with regulations you would hope they had also considered their client security.⁤ At least with regulatory control they are not likely to be fly by night.

 

[BlueMist]

Like Mossack⁤ Fonseca? 🙂

 

[JohnLocke]

They are just one out of many.‌ How many reseller's and Russian so Chinese providers of such services do you think have‍ collected KYC documents and more to sell the information? I have no clue, but I⁠ think we would get a chock if we knew.

 

[BlueMist]

I don't know but what I know is that⁤ Mossack Fonseca was not "just one out of many", they were one of the most⁣ reputable, solid and expensive companies in the industry. They were one of the biggest offshore⁢ provider in the world.

 

[JohnLocke]

I have read the book, and still they are one out of more! It doesn't‌ have to be many but there are more, rest assured.

mossfon was just an intelligent‍ German with roots in the WWII Waffen SS which may have been pulling him through⁠ this dark side of the world, but to assume they are the only one is⁤ careless and naive.

 

[OTR365]

No, I am not OK with that, but what are the alternatives? Governments force KYC‌ on people, but don't care about consequences. I don't see this changing in the foreseeable‍ future.

Since 2013 I've been KYC'd in at least 10 bitcoin exchanges. Name, address, tel#,⁠ high-res passport scan etc. Many, if not most, of these exchanges have been hacked once⁤ or twice. When Mt. Gox was hacked, the hacker(s) got unencrypted documents. These guys can⁣ run a crypto exchange, but don't care to salt + encrypt a document. Even worse,⁢ the exchange BTC-E was already run by Russians with possible links to a hacker/intelligence group︀ Fancy Bear.

Every hotel where you check in, photocopies your passport. Sometimes they want to︁ know your address & phone number as well. They swipe your credit card, too 😵. In some countries the same happens when exchanging money, or buying a SIM card. Some︂ hotels, taxi companies etc. in Ukraine, Poland, Lithuania etc. sell your email to spammers afterward.︃ Etc. etc.

 

[daxbr]

Maybe you should have more "emails". 😉

 

[JohnLocke]

How would a email‌ help you here when they have already a copy of your passport and credit card!??‍

 

[OTR365]

Well, yes. I've given‌ out my primary email only by accident. But travel enough, buy enough tickets/stuff online, and‍ accidents happen.

- For address, I mostly use a P.O. Box.
- for email, a⁠ separate junk email(s)
- for payments, a virtual CC or cash

Even this does not⁤ protect fully against identity theft. That passport scan alone is very bad.

 

[daxbr]

My very point, why provide real scans if one won't give email to possibly link︀ to other business. Just personal opinion, but times has changed and it is reckless to︁ trust professionals with own welfare, and do so despite overwhelming evidence. Reason this forum is︂ so much fun.

 

[Shaoling]

i Think its more about the agent, and his way of doing the things..

In my case i provide Brokerage technology to customers.. and of course i do KYC. i‌ always print the documentation, and i have it in a very safe place. i always‍ delete everything from my office PC.

i think the agents should do something similar, cause⁠ no matter you have the most sophisticated hardware and software, you are never hackingproof.

 

[JohnLocke]

The major‍ issue one may consider is that your documents get sold to a third party!

 

[Shaoling]

Like identities trafficking?

I have created a company in hong kong, with a secretary i‌ meet in person here in my country.. he offered me and insisted on using the‍ nominee director services.. I took it.. the worst decision ever.. I never found a bank⁠ account for that company..

The thing is that I have the passport of that chinese⁤ guy.. in my attempt to get and emi account, the EMI told me "this passport⁣ is just 1 month away from expiration, please send us other".. the secretary only took⁢ 2 hours to send me a new one.. with just 1 day of released.. another︀ chinese guy in the picture, different passport number.. but same name..

I knew that probably︁ this chinese guy never existed.. and probably all this is photoshop documents or, stolen documents︂ from former customer..

 

[daxbr]

EMI took second passport?

 

[Shaoling]

i got rejected by all EMIs‌ but one took it.. i never place a dime on it... cause i knew i‍ will lose my money

 

[JohnLocke]

That's some sort‍ of story, what provider / agent was this? just so no one else is going⁠ to use them?

It is the opposite as discussed here but still interesting to learn⁤ about, thank you for sharing 🙂

 

[Shaoling]

i made the deal with an intermediary guy here in europe. but the secretary is‌ a company named GOLDEN CLASS CORPORATION LIMITED in HK.