Tech
Can compliance keep pace with the convergence of cybercrime and cryptocurrencies?
The rise of digital assets has brought new investment and innovation opportunities, but has also introduced new challenges in the fight against financial crime. While it is important to note that most cryptocurrency companies operate legitimately and that most cryptocurrency transactions are legal, the relative anonymity of these assets has also attracted criminal elements.
In the UK, the National Crime Agency’s National Assessment Centre estimates that over £1 billion of illicit money is moved overseas through cryptocurrencies, with hundreds of millions being laundered. As cryptocurrencies gain popularity and become more mainstream, financial institutions continue to grapple with the complexities of developing effective anti-money laundering (AML) and risk management frameworks to prevent bad actors from exploiting their systems.
As the lines between traditional finance and the world of cryptocurrencies become increasingly blurred, criminals are discovering new ways to exploit digital payments. Pseudonymity in cryptocurrencies means that while transactions are recorded on a public ledger using technologies such as blockchain, the identities behind these transactions are represented by a string of characters rather than a real name. This can make it more difficult to trace the source of the funds and identify the people behind such activity.
Compliance departments have their work cut out for them monitoring complex and opaque transactions in the cryptosphere. (Photo by Shutterstock)
On-chain and off-chain
Blockchain technology offers a unique level of relative transparency, with every transaction recorded on an immutable ledger accessible to anyone. This on-chain data offers the opportunity to improve risk management, compliance and anti-money laundering efforts, as transactions can be tracked and analyzed more meticulously than with traditional fiat currencies.
However, off-chain data poses challenges for compliance teams. When digital assets are exchanged for fiat currencies outside of the blockchain, the path becomes less easily accessible, particularly when exchanges or platforms facilitate these conversions. It is worth noting that most cryptocurrency transactions are for legitimate purposes, such as investments, exchanges, and payments. Even so, the challenges posed by off-chain data and the pseudonymous nature of cryptocurrencies cannot be ignored.
As the cryptocurrency industry continues to grow, so does the sophistication of criminal activity. Criminal actors are exploiting the unique characteristics of cryptocurrencies in increasingly complex ways to carry out illegal activities, such as ransomware attacks and money mule schemes. In money mule schemes, individuals are recruited to act as intermediaries for money transfers, often unknowingly. Mules receive the funds in their cryptocurrency wallet and then transfer them to other wallets or convert them into fiat currency, which obscures the trail of illicit proceeds being laundered.
“Chain peeling,” which involves splitting a large amount of cryptocurrency into smaller transactions and spreading them across multiple wallets, is another avenue for money laundering. This technique is often used in conjunction with methods such as mixing services or private coinsmaking it more difficult to trace back to the original source.
Content from our partners
Criminals often seek out non-compliant or unlicensed exchanges that can be exploited with few obstacles when moving between fiat assets and cryptocurrencies. The semi-anonymous nature of most cryptocurrencies, combined with the lack of Know Your Customer (KYC) or Customer Due Diligence (CDD) requirements on these platforms, can enable criminal operations.
The risks of direct and indirect exposure
Financial institutions face risks arising from direct and indirect exposure to cryptocurrencies. Direct exposure involves direct involvement with an entity involved in illicit activities. For example, when a cryptocurrency exchange unknowingly facilitates the laundering of funds resulting from a ransomware attack. Indirect exposure, on the other hand, involves customers being involved in criminal activity elsewhere, even if the financial institution is not directly involved in the illicit activity itself. For example, if a bank provides a loan to an individual who uses the funds to purchase cryptocurrency who is later discovered to be linked to a sanctioned entity, the bank has indirect exposure to the associated risk through its customer’s actions.
The consequences for any organization involved in dealings with criminals or sanctioned entities can be severe. In 2023, The Moody grid The entity screening database reported a 114% increase in sanctions evasion events compared to 2022, which in turn recorded a 71.5% increase compared to the previous year. This increase illustrates how insufficient monitoring of transactions can lead to allowing people in high-risk jurisdictions and those subject to sanctions to engage in virtual currency transactions that put companies at risk of compliance violations and reputational damage.
The power of blockchain analytics
To effectively counter the threat of illicit use of cryptocurrencies, organizations need tools that provide essential visibility into the blockchain and enable the evaluation of crypto transactions and wallets at scale and in real-time. This is where blockchain analytics comes in.
Blockchain analytics involves analyzing, identifying, and grouping data on the blockchain to identify and help prevent illicit activities such as money laundering and fraud. By combining on-chain data with advanced analytics, organizations can identify the risk associated with a particular customer’s funding source or gain insights into the ultimate beneficiary.
Crypto portfolio screening offers real-time risk profiles, while transaction screening allows for the visualization and tracking of crypto fund flows. Cryptographic investigation software allows organizations to visualize the flow of funds and gather meaningful evidence, essential to defend against complex criminal schemes.
The road ahead
The convergence of cybercrime and cryptocurrency presents challenges for financial institutions, but with the right tools these challenges can be addressed. By harnessing the power of blockchain analytics, it is possible to build a more resilient and secure financial system, capable of harnessing the benefits of digital assets while reducing the risks posed by criminal actors.
As governments around the world establish agencies to step up inspections and enforcement of sanctions, organizations must establish or review their risk and compliance frameworks to understand risk exposure and prepare to mitigate it.
The road ahead requires a proactive and adaptive approach. As we navigate the complexities of the crypto nexus, one thing is clear: compliance must keep pace with innovation. Only by leveraging on-chain analytics with robust KYC/AML procedures can the promise of digital assets be realized while safeguarding the financial system.