Increasingly, our purchases are digital, whether via card or other types of electronic transactions utilizing fiat or cryptocurrencies.
Of course, drug dealers and other criminals are still bundling bills into suitcases or shrink-wrapping them into blocks to move illicit funds into the financial system, but digital assets are a growing component in money laundering schemes and the inspiration for new types of crime.
Ransomware—sadly a growth industry—has been extorting large sums in cryptocurrency from victims, including businesses, local governments, utilities and even hospitals.
Well over $210 million has been paid this year in ransoms through June, and 2021 is likely to close with record payments made, according to Chainalysis’ Gurvais Grigg in a recent “Financial Crime Matters” interview.1
Confirming the spike in ransomware, the Financial Crimes Enforcement Network (FinCEN) received 635 ransomware-related suspicious activity reports representing $590 million in transactions. The total for all of 2020 was $416 million.2
Somewhat encouraging is the fact that law enforcement and the regulatory community—initially unprepared for the illicit use of crypto and other types of digital stored value—are starting to act.
Law enforcement recently recovered part of the $4.4 million ransom paid by Colonial Pipeline to ransomware hackers and separately arrested Ukrainian national Yaroslav Vasinkyi in Poland. Vasinkyi and Yevgeniy Polyanin infected tens of thousands of computers around the world with the Sodinokibi/REvil ransomware over the past two years and helped extort financial institutions, governments and others out of $200 million worth of bitcoin and Monero.3
At ACAMS’ November Canada conference, panelists detailed the new requirements for crypto-enterprises to be overseen by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) as money services businesses. The Ontario Securities Commission is also requiring crypto-businesses to register as brokers/dealers and has shut down those not meeting its standards.
The change is part of a global push to increase and standardize oversight of cryptocurrency exchanges—especially those that ignore borders. “The trading platform surged by operating from nowhere in particular—without offices, licenses or headquarters. Now governments are insisting on taking some control,” The Wall Street Journal writes of Binance, the world’s largest cryptocurrency exchange.4
Binance is not alone: Operating in unregulated or lightly regulated jurisdictions to move digital assets globally is a widespread practice abetted by competition among some governments to become cryptocurrency financial centers.
Crypto-businesses operating from lax jurisdictions demonstrate the need for extra-jurisdictional reach by law enforcement and regulators. “Did [BitMEX] avoid penalties by being just outside the U.S.?” Michele Korver, chief digital currency advisor at FinCEN asked rhetorically during a Q&A session at ACAMS’ 20th Annual AML & Financial Crime Conference in Las Vegas in September.
BitMEX, which is owned by Seychelles-based HDR Global Trading, maintained U.S. offices and served U.S. clients but was never licensed in the U.S. In August, it paid a $100 million penalty to settle with FinCEN and the Commodity Futures Trading Commission.5
Despite these recent successes, a 1993 New Yorker cartoon identifies a huge obstacle for law enforcement: One dog on a chair in front of a computer screen tells another, “On the Internet, no one knows you’re a dog.” Even if the blockchain is public, the entity behind the transaction is not, and criminals use mixers that blend currencies, privacy tokens and offline wallets to cover their transaction trails on the blockchain.
Some jurisdictions also provide a haven for cybercriminals, making asset recovery and apprehending hackers difficult; for example, Vasinkyi’s partner, Russian national Polyanin, remains at large.
The art world has also long operated with a good deal of secrecy around the identities of sellers and buyers as our ACAMS Today cover story points out. Cryptocurrencies and nonfungible tokens (NFTs) will further enable secrecy and offer opportunities for all sorts of criminal malice.
“[The NFT] vision goes well beyond social media or VR [virtual reality]. Many of today’s young crypto entrepreneurs are itching to tear down the entire technological edifice of the modern world and rebuild it, piece by piece, on the blockchain,” according to New York Times writer Kevin Roose, who covered the fall NFT.NYC conference.6
If the global financial edifice deserves a little tearing down, it also needs transparency in financial transactions, particularly around who is behind cross-border transactions.
The Financial Action Task Force (FATF) in its October 28 “Updated Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers” evolves the global standard for transparency and should be a model for all jurisdictions along FATF information sharing and global cooperation.7
The need for a global regulatory structure, transparency and international cooperation on digital assets is practically self-evident. Could it ever be a good idea that countries with turbulent economies, lax regulatory oversight, shaky legal regimes and, in some cases, histories of public corruption, go it alone to become centers for transferring value anonymously throughout the world?
Kieran Beer, CAMS
Chief Analyst, Director of Editorial Content
Follow me on Twitter: @KieranBeer
“Financial Crime Matters with Kieran Beer”
- Kieran Beer, interview with Gurvais Grigg, Financial Crime Matters, podcast audio, September 15, 2021, https://soundcloud.com/financialcrimematters/gurvais-grigg
- Daniel Bethencourt, “US Officials Observe Spike in Ransomware SARs, Warn Cryptocurrency Sector of Sanctions Obligations,” ACAMS moneylaundering.com, October 15, 2021, https://www.moneylaundering.com/news/us-officials-observe-spike-in-ransomware-sars-warn-cryptocurrency-sector-of-sanctions-obligations/
- Valentina Pasquali, “US Officials Target Cybercriminals, Crypto Exchanges in Latest Ransomware Action,” ACAMS moneylaundering.com, https://www.moneylaundering.com/news/us-officials-target-cybercriminals-crypto-exchanges-in-latest-ransomware-action/
- Patricia Kowsmann and Catlin Ostroff, “$76 Billion a Day: How Binance Became the World’s Biggest Crypto Exchange,” The Wall Street Journal, November 11, 2021, https://www.wsj.com/articles/binance-became-the-biggest-cryptocurrency-exchange-without-licenses-or-headquarters-thats-coming-to-an-end-11636640029?mod=hp_lead_pos5
- “FinCEN Announces $100 Million Enforcement Action Against Unregistered Futures Commission Merchant BitMEX for Willful Violations of the Bank Secrecy Act,” Financial Crimes Enforcement Network, https://www.fincen.gov/news/news-releases/fincen-announces-100-million-enforcement-action-against-unregistered-futures
- Kevin Roose, “Crypto Is Cool. Now Get on the Yacht.” The New York Times, https://www.nytimes.com/2021/11/05/technology/nft-nyc-metaverse.html
- “Updated Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers,” Financial Action Task Force, October 28, 2021, https://www.fatf-gafi.org/publications/fatfrecommendations/documents/guidance-rba-virtual-assets-2021.html