April 23, 2020 - Ciphertrace

• Privacy and AML Controls Factor Largely into the EU’s Study of Crypto Assets 
• The Bank of England Opens Discussion on Developing a CBDC 
• No Rest for the Wicked, Even Amid Global Economic Slowdown 
• CipherTrace’s Dina Mainville Pens Open Letter to Canadian Prime Minister 

EU Report on Crypto-Assets Emphasizes AML and Privacy 

The European Union’s commissioned report of crypto-assets found extensive holes when it comes to anti-money laundering (AML) regulations. The report recommended expanding the definition of virtual assets to include security tokens as well as monitoring Virtual Asset Service Providers (VASPs) for taking appropriate AML measures. Mining was another area of concern, with the report recognizing the relative ease by which criminals could set up mining operations and acquire “clean money” from their investment of “dirty money.” 

When it came to CBDCs, the report stressed the importance of privacy. The study noted that the adoption of traceable, digital currency could be the end of money laundering, but untempered financial surveillance is unlikely to be accepted by the general public. “The challenge for central banks,” said the report, “is thus to design and implement a CBDC that strikes a balance between this demand for user integrity, and the need to comply with AML/CFT standards.” 

Why it matters: VASPs continue to try and find balance in the AML mandated by regulators and privacy controls that are critical for users as more blockchains develop privacy protocols to meet a growing demand. For mass adoption of CBDCs to take place, it is important that they, too, include both adequate controls to prevent money laundering and preserve privacy for individuals.  

Read the full report here: https://www.europarl.europa.eu/RegData/etudes/STUD/2020/648779/IPOL_STU(2020)648779_EN.pdf 

The Bank of England Explores CBDC Options 

The Bank of England (BofE) conducted a webinar and corresponding survey of participants as a part of its exploration of retail central bank digital currency (CBDC). The model favored by those surveyed was overwhelmingly a CBDC issued by the BofE and supported by the private sector. The dominant reason cited for creating a CBDC was to meet the needs of an increasingly digital economy. BofE’s CBDC discussion paper, released in March, elaborates, “We are in the middle of a revolution in payments. Banknotes — the Bank’s most accessible form of money — are being used less frequently to make payments. At the same time, fintech firms have begun to alter the market by offering new forms of money and new ways to pay with it.” 

Ben Dyson, Lead on Central Bank Digital Currencies & Cryptoassets at the BofE, commented, “We’re thinking a lot about what kind of payment systems are needed in the future and what those future payment needs will be.” 

In the view of Tom Mutton, director of fintech at BofE, “The current generation of crypto-assets do not in our view meet the functions of money. Looking to the future, there is clearly interest in stablecoins.” 

Read the Full BofE discussion paper here: https://www.bankofengland.co.uk/paper/2020/central-bank-digital-currency-opportunities-challenges-and-design-discussion-paper 

 The Coronavirus Economic Slowdown Doesn’t Mean Bad Guys are Taking a Break 

Whether its ransomware or hackers, bad actors aren’t letting up while the world economy slows down. The Wall Street Journal reported on a ransomware attack to Travelex that resulted in the fiat money-exchange kiosk company paying $2.3 million in bitcoin to cybercriminals. Meanwhile, on April 8th, decentralized exchange Bisq revealed a hacker had stolen $250K in cryptocurrency from their platform.  

In the case of the Travelex hack, cybercriminals infiltrated the system with malware known as Sodinokibi (also known as REvil or Sodin), resulting in a shutdown and ransom payment of 285 bitcoin. Travelex was forced to take its internal networks, consumer-facing websites and app offline, which stalled delivery of cash from Travelex’s network of vaults to banks. WSJ personnel were able to reach the hackers by mirroring the actions believed to have been set-off by the virus. These actions opened a line of communication to the hackers with information in the chat room revealing links to the Sodinokibi malware. 

In the Bisq exchange hack, a bad actor was able to exploit a software flaw to steal an estimated $22K worth of bitcoin and $230K worth of Monero. The hacker set the default fallback address for other users as his own address so that when any trade failed, the funds would be transferred to the hacker’s own account. To accumulate the ultimate sum of $250K, the hacker pretended to be a seller starting a trade with a buyer. When the time ran out, the funds would arrive to the hacker, along with the buyer’s security deposit. 

Read the full WSJ story on the Travelex hack here: https://www.wsj.com/articles/travelex-paid-hackers-multimillion-dollar-ransom-before-hitting-new-obstacles-11586440800 

Read the full CoinDesk story on the Bisq hack here: https://www.coindesk.com/hacker-exploits-flaw-in-decentralized-exchange-bisq-to-steal-250k 

Bitcoin Companies Deserve Fair Treatment 

Dina Mainville, CipherTrace’s New Business Development Lead, was dismayed to learn that a Canadian Bitcoin company was recently denied coronavirus-related relief funding on grounds of “potential money laundering,” without opportunity to appeal. She shared her concerns in an open letter to Justin Trudeau. 

She wrote, in part, “As an electronic cash system, Bitcoin is a contactless alternative during a time of new social distancing practices. Its fixed monetary supply makes it an attractive investment during an economic crisis. It is helping us democratize the future of finance. There is a great irony in a stimulus package that asphyxiates businesses that are building technologies for economic empowerment.” 

Read the full letter here: https://www.linkedin.com/pulse/dear-trudeau-bitcoin-bad-your-biased-anti-lending-dina-mainville