Financial Action Task Force addresses money-laundering in the cryptocurrency space
'A Patchwork Quilt'
02 November 2018
At its Autumn Plenary session in Paris in October, the Financial Action Task Force (FATF) addressed the growing threat of money laundering and terrorist financing in the virtual asset/cryptocurrency space. At the request of the G20, the Plenary discussed and adopted amendments to the FATF Standards, clarifying which businesses and activities the FATF requirements on virtual assets will apply to.
An update to the FATF Recommendations
The FATF has responded to risks in the fast-moving cryptocurrency space by calling on regulators to tackle crypto-based money-laundering and terrorist financing head on. Their recommendation is that virtual asset service providers should be subject to broader AML/CFT requirements, for example Know-Your-Customer (KYC) checks, ongoing monitoring, record-keeping and suspicious transaction reporting.
However, the Recommendations do provide flexibility to jurisdictions to decide under which AML/CFT category to regulate virtual asset service providers: as financial institutions, Designated Non-Financial Businesses and Professions (DNFBPs), or otherwise. At present, virtual asset service providers in most jurisdictions are not regulated for the purposes of financial stability or for investor and consumer protection.
New glossary definitions of Virtual Assets and Virtual Asset Service Providers in FATF's Recommendations envisage the regulation of a wide range of activities, including exchange (both fiat-currency-to-cryptocurrency and crypto-to-crypto), transfer, administration and sale/purchase of crypto-assets.
Looking ahead, the FATF has stated that it will "prepare updated guidance on a risk-based approach to regulating virtual asset service providers, including their supervision and monitoring; and guidance for operational and law enforcement authorities on identifying and investigating illicit activity involving virtual assets." At present, there is no timescale on this guidance.
Challenges for the crypto-asset space
The threat of money-laundering in the crypto space has been growing. The US Drug Enforcement Agency has taken the view that "emerging as a money laundering threat, virtual currencies, such as Bitcoin, enable transnational criminal organizations (TCOs) to easily transfer illicit proceeds internationally." Currencies such as Monero and Zcash, which are entirely anonymous and cannot be linked to an individual or entity, have come under particular scrutiny.
Money laundering through crypto-assets: an illustrative example
By way of illustration, laundering illicit funds through crypto-assets might take a form similar to the following:
- A criminal might use a 'strawman' to purchase a 'primary' cryptocurrency (e.g. Bitcoin) at a digital exchange before exchanging the cryptocurrency for alt-coins (e.g. Monero) at an advanced exchange, where elevated levels of anonymity may be available.
- The criminal might then obfuscate and sever the audit trail by using 'mixing' services (such as Bitmixer) which swap primary coin addresses for temporary digital wallet addresses, as well as classic 'layering' techniques to layer multiple coins, exchanges and digital addresses.
- Finally, cleansed funds can be withdrawn, either by 'burst-out integration' (exchanging in turn for primary coins and then for basic fiat currency), or by transferring the digital holdings to a hardware crypto wallet or QR code printout, which can be physically transported worldwide.
However, addressing money-laundering risks in the crypto space should not be seen as an impossible task, since most users acquire cryptocurrency by exchanging it for fiat currency and financial intermediaries are typically involved when funds enter or leave the crypto space. It is at this bottleneck that financial institutions could apply due diligence when performing AML checks.
The European Union has recently taken steps to bring cryptocurrency exchanges and wallet providers within the EU’s anti-money laundering framework from January 2020, under the fifth Anti-Money Laundering Directive (AMLD 5).
However, these requirements are only applicable to such exchanges that allow for exchange between cryptocurrency and fiat currency, which excludes the advanced crypto-to-crypto exchanges which are a key element of the laundering process. Insofar as these exchanges do not also qualify as custodian wallet providers, they remain out of AMLD5's scope because they have no dealings with fiat currency.
This is an issue the EU are continuing to grapple with (for example, this point was discussed in a July 2018 European Parliament study on cryptocurrencies and blockchain), but the FATF's comments should indicate a signal that expansion of the regulatory net is coming.
Written by: Edward Millett,Trainee Solicitor