Yes if most of the bounty are scams, than that KYC is mostly for stealing their data. But my opinion is that KYC should be asked before releasing coins to bounty hunters and after listing on exchanges. Cheaters with multi acc would lose a lot of time for nothing and not even realise that.