I agree with @Lorimer’s this is really about the mismatch between Web3 governance values (openness, verifiability, decentralized trust) and the current audit process (opaque, centralized, trust-based).
Most of us are here because blockchains give us verifiable records and provable trust. DFINITY has made huge progress by putting governance into the hands of the NNS, but the journey isn’t complete if KYC and node provider onboarding remain centralized black boxes.
From a short-term standpoint, I understand why DFINITY may rely on a single auditor or centralized entity to keep things moving. That might be acceptable if and only if there is verifiable assurance from the auditor. Big firms like KPMG, PwC, or Deloitte already provide this in the traditional business world. Even then, the NNS (not DFINITY alone) should ultimately decide which auditor(s) to recognize.
From a community and long-term perspective, though, the goal has to be truly decentralized and verifiable KYC / onboarding. That will require more groundwork technical, procedural, and incentive-based.