Modern anti‑money‑laundering (AML) and know‑your‑customer (KYC) regulations were born long before Bitcoin existed. The U.S. Bank Secrecy Act of 1970 required financial institutions to report large cash transactions and suspicious activity. After the September 11 attacks, the USA PATRIOT Act amended the BSA and mandated strict Customer Identification Programs (CIP), requiring banks to verify identities before account opening. These frameworks eventually expanded to cover cryptocurrency exchanges.

Custodial risks vs. the KYC trap

When buying Bitcoin or Monero through a centralized exchange, the first risk is custodial: the exchange controls your coins until you withdraw. Hacks, insolvency, and government seizures have repeatedly proven this danger. But even if you move funds immediately into self‑custody, the KYC trap remains. The exchange has already logged:

• Your verified identity (government ID, selfie, proof of address)
• The amount of cryptocurrency purchased
• For Bitcoin: the withdrawal address

That record forms the anchor point for full‑spectrum financial surveillance. Because Bitcoin’s blockchain is transparent, any withdrawal address linked to you can be monitored indefinitely. Companies like Chainalysis specialize in connecting KYC data to blockchain activity. This surveillance is not just technical—it is a weapon used against you in the war for territorial control. If your Bitcoin can be traced from the moment of purchase, you are exposed to thieves, governments, and rival actors who might use that information to dispossess you. In effect, the record becomes a tool of control, eroding sovereignty and making your financial territory vulnerable to capture by others. While the cryptography of bitcoin will prevent your enemies from stealing it without your help, it will not prevent them from using force to compel your help. The $5 wrench attack is a significant threat.

Even more significant is the 6102 attack. In 1933, Executive Order 6102 forced American citizens to surrender their gold to the government under threat of imprisonment. With KYC records linking your identity to specific bitcoin purchases, a modern government could attempt a similar mass‑confiscation: demanding you hand over your keys or face legal and physical consequences. The precedent exists, and the surveillance infrastructure makes repeating it easier than ever. If you think they're going to be dissuaded by a "boating accident", you're going to enjoy prison - or more likely, you'll just fold. If you've bought your gold from the local pawnshop and there is no record of purchase tied to your identity, then adversaries should have no knowledge of your gold ownership. However, if you bought your gold from the regulated gold broker advertising on Fox News or CNN, guess who's on the list of registered gold buyers. Likewise, if you purchase bitcoin or monero on a centralized exchange like Coinbase, where your purchase is tied to your KYC information, you're toast. Instead, purchase your bitcoin and monero from non-KYC sources just like you would with gold.

The permanence of surveillance

Some attempt to break the link to their KYC'd purchase using coinjoins, atomic swaps, or other mixing techniques for Bitcoin. Others turn to Monero, which by default conceals sender, receiver, and transaction amounts. Yet even here, the KYC purchase record never disappears. Years later, a data leak can expose the simple fact: you bought $X of Bitcoin or Monero on date Y.

This is not hypothetical. KYC data leaks are routine:

• In 2020, Ledger leaked the personal details of over 270,000 customers.
• In 2024–25, Coinbase admitted that a rogue contractor exposed KYC data for 69,461 users, including Social Security numbers and bank details.
• African exchange Bitnob leaked 250,000 KYC documents in 2023.
• All KYC records are designed to be handed over to governments.

These breaches prove the danger: once centralized entities collect your private data, it will eventually leak, get handed over to, or be stolen by your adversaries. Beyond leaks, relying on these centralized entities defeats the very purpose of Bitcoin and Monero. They were built to be peer-to-peer cash—no intermediary required. Why include a middleman like a centralized exchange, especially one that cannot or will not respect your financial privacy? Sovereignty means control, yet how sovereign can you be if you cannot even decide who is allowed to know the extent of your holdings? 

KYC is the illicit activity

KYC is not simply a bureaucratic formality; it is an explicit attempt to seize control of the financial territory itself. By forcing identity checks, states and corporations aim to dominate the very space of exchange between two individuals. Control over the channel of trade means control over the traders. There can only be one reason for this: to assert power over the parties themselves, to reduce sovereignty, and to make every transaction subordinate to the regime’s surveillance and enforcement apparatus.

We have to start thinking like sovereigns. That means we control the territory—and KYC is the enemy of that control. By demanding your identity at the gateway of exchange, KYC places the financial frontier under the command of outside powers. Sovereignty over money means deciding who you trade with and on what terms, without permission. KYC inverts this: it hands the keys of your territory to regulators and surveillance firms, leaving you a tenant rather than an owner. 

Avoid KYC entirely

The only way to truly protect your financial territory is to avoid KYC completely. Bitcoin and Monero were designed as peer‑to‑peer electronic cash systems. You don’t need a regulated middleman to use them. That's the whole point. For a comprehensive list of ways to purchase bitcoin and monero without KYC, see kycnot.me. A couple of my personal favorites are Bisq, Robosats, and home mining. Yes, these will require a small bit of research on your part to learn and use properly, but are you going to take your sovereignty or cede it to those will?