AML | November 24, 2021
Cryptocurrency – A Regulatory Nightmare
BY Andrea Vucetich
A cryptocurrency is a digital currency that can be used to buy goods online. Cryptocurrencies work using blockchain, a decentralized technology spread across many computers that manage and record transactions. Part of the appeal of this technology and it’s growing usage is its security.
There are more than 14,500 cryptocurrencies according to coinmarketcap.com and nearly impossible to regulate because of the decentralized infrastructure of Blockchain. Cryptocurrency eliminates centralized control of money by governments and offers a secure and fast payment method. Bitcoin, being the most popular cryptocurrency, offers multiple benefits to its users:
- Independence from devaluation policies: unlike fiat currencies which are susceptible to changes in the monetary policies set by central banks, Bitcoin’s price is not influenced by any governmental authority, so the owner can successfully eliminate the risk of its money losing purchasing power due to inflation while still holding an extremely liquid asset like a currency.
- Transactions are pseudonymous: Bitcoin transactions can be identified only by using a blockchain address. An individual can have multiple addresses, just as they can have multiple usernames and passwords for a single account. Internet Protocol (IP) addresses or other identifying information are not required to conduct a transaction.
- Transactions at a peer-to-peer level: all bitcoin transactions occur between two peers located anywhere around the world, as long as they have access to the internet. A third party does not need to authorize or validate the transactions, making it hassle-free and impossible to regulate for a central authority.
- Irreversible transactions: a prominent feature of Bitcoin transactions is that it is irreversible. Once the funds have been sent over, there is no way of a charge-back process. The only way is if the recipient sends the funds back themselves.
- Security: despite its decentralized nature, Bitcoin is designed in such a way that it cannot be hacked or tampered with by any participant in the network. Broadly speaking, a transfer of Bitcoins from one peer to another cannot be initiated forcefully by hacking the decentralized ledger because no individual participant has the computational power to outweigh all the other ones in the network.
- Accessibility: since bitcoin is a virtual currency, users can access it with just a phone or computer. There is no need to access any physical branch or location, and this makes it available to its users at all times.
With all this security and anonymity comes the opportunity for malicious actors to leverage this instrument for nefarious purposes. An array of illicit activities like fraud, money laundering, and illegally moving money across borders has benefited from the usage of virtual currencies. The following scenarios are typical:
- Fraud / Cyber-crime payments: cyber attackers can hack your website and shut it down for ransom. The ransom demand can come in the form of a Bitcoin address and a deadline to make the payment. It is anonymous and cannot be recovered, leaving criminals safe from detection. Since cryptocurrency became popular, cyber-crime has become more profitable than ever. Blockchain analysis firm Chainanalysis reported victims paid more than $406 million in cryptocurrency to attackers in 2020. The actual amount is likely even greater due to the number of unreported cases.
- Money Laundering: the process that criminals go through in order to clean illicit earnings has been generally broken down into the three fundamental phases of Placement, Layering and Integration/Extraction. Because of its guarantee of anonymity and ease of use, cryptocurrency has unintentionally become the holy grail of Layering, the phase in which the funds are moved around through multiple accounts and financial assets, in order to make it difficult for the authorities to trace funds back to their origin. Finding out to whom a Bitcoin wallet belongs is almost impossible. By using Bitcoin or a crypto exchange, criminals can effectively move money anonymously.
- Moving money across borders: the peer-to-peer transactions that are enabled by cryptocurrencies can result in large capital funds being moved across borders without the possibility for central governments to stop or intercept them since no participant in the network can establish a gate between two other wallets to approve or decline a transfer. This has been particularly problematic for governments like China who have policies in place to retain capitals within their borders enforced through the traditional financial system (e.g., through banks and fiat currency exchanges).
Governments have traditionally always struggled to keep up with the rapid pace of development of new technologies, but for all the reasons listed above, cryptocurrencies have become an area of focus for legislators in many countries that are trying to establish some regulatory boundaries to the ways cryptocurrencies can be used by their citizens. FinCEN for example, the United States’ FIU, has declared virtual currencies to be one of their main areas of concern in the National List of Priorities for AML/CTF originally published last summer.
It seems likely that a portion of those new regulations will propagate also to some of the well-known, large players of the traditional financial system, like retail and investment banks, as soon as they start to provide services related to these new technologies.
While the use of cryptocurrency is going to present some further challenges to FIUs and the institutions reporting to them, it might also provide a critical signal to those anti-fraud and anti-money-laundering systems that have the capability to model complex behavioral patterns. For example, the ability to model the usage of unorthodox financial instruments like virtual currencies alongside more ordinary financial operations could be critical in distinguishing between a regular customer whose activity resembles that of a large population of their peers, and a malicious actor whose behavior results in an anomalous pattern worth further investigation.
Only time will tell how such usage will impact the financial services industry.