March 19, 2021 | New FATF Guidance
Analysis: New FATF Guidance | The Fugitive Financier | South Korea Tightens AML & KYC Rules | Crypto Influencers Noticed by the Law | McAfee Indicted | The CBDC Race | PAID & the Infinite Mint
- Analysis: FATF Updates its Virtual Asset Guidance
- Former Cred Executive Revealed as Wanted UK Fugitive
- South Korean Crypto Exchanges Could Face Fines for AML & KYC Violations
- Social Media Influencers and Crypto Hype Draw Attention from Authorities
- McAfee Indicted for Securities Fraud
- Lawmaker Says the US Should Develop its Own CBDC
- DeFi Platform PAID Network Falls Victim to “Infinite Mint” Attack
FATF Drafts New Guidance for Virtual Assets and Virtual Asset Service Providers
On March 19, 2021, global anti-money laundering watchdog the Financial Action Task Force (FATF) released a draft of its new Guidance on a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers. Key changes include:
- Expanded definitions for Virtual Assets (VAs) and Virtual Asset Service Providers (VASPs)
- Best practices for counterparty VASP due diligence
- Options to mitigate risk for peer-to-peer transactions
- Travel Rule guidance and clarification, and more!
Read more on the blog: https://ciphertrace.com/analysis-proposed-fatf-guidance-for-virtual-assets-and-vasps/
Former CCO of Cred Revealed to be a UK Fugitive
Cryptocurrency lending company Cred, currently under investigation by Delaware bankruptcy court, employed UK fugitive and prison escapee James Alexander as the firm’s Chief Capital Officer (CCO). Court documents shed light on Alexander’s troubled past, including a three-year prison term for possessing illegal money transfers in the UK. He was later transferred to a facility where he participated in a breakout, leading to his fugitive status. Alexander allegedly funneled over $2 million in both bitcoin and US fiat to his personal accounts.
Why it Matters: Though there were a number of factors leading to Cred’s bankruptcy filing, the platform’s decision to employ UK fugitive James Alexander was a major contributor. CipherTrace supported the investigation by tracing the flow of bitcoin to James Alexander’s personal accounts, demonstrating the value of blockchain analytics in investigations involving cryptocurrencies.
New Proposal by Korean Financial Regulators Previews KYC and AML Rules for Crypto Exchanges
South Korea’s Financial Services Commission (FSC) has released a proposal of new KYC and AML rules that VASPs will need to comply with after the comments period has closed. The proposal outlines a set of penalties and fines that VASPs will be subject to if they fail to comply. The penalties will be based on the impact and severity of the violation, “from 30% to 60% of the legally approved maximum amount.” These new proposals come in tandem with South Korea’s Act on Reporting and Using Specified Financial Transaction Information, which will require VASPs to report the real names of cryptocurrency users starting March 25th.
Why it Matters: The FSC’s proposed KYC and AML regulations and impending enforcement of VASPs is part of a global trend. Jurisdictions around the world, including the United States, are indicating through proposals such as this one an intention of cracking down on VASPs failing to demonstrate compliance.
Authorities Investigate Crypto Scams Promoted by Social Media Influencers
According to local Portuguese media, the country’s judicial police are currently looking into a number of crypto influencers for potentially misleading and/or scamming their followers. While a formal investigation remains to be opened, an online petition in favor of an investigation includes more than 14,000 signatures.
Scams involving influencers and celebrities are not new. Sohrab Sharma, co-founder of the massive crypto scam Centra Tech, was handed an eight-year prison term by the Southern District of New York after luring investors into participating in a $25 million scam. Sharma partnered with celebrities like Floyd Mayweather and DJ Khaled to bolster interest from investors. Mayweather and Khaled were ultimately required to pay fines to the SEC for their involvement.
Why It Matters: Celebrities and influencers are often used by scammers to draw attention and bait investors. It is incumbent upon investors to do due diligence in making sure a project has proper licenses before getting involved. Sign-off from a celebrity or Instagram star is not proof of legitimacy.
Read more here:
John McAfee Indicted for $2 Million Securities Fraud
Although already arrested in December for tax evasion, on March 5 John McAfee, founder of the eponymous antivirus software company, was charged with securities fraud and money laundering for his involvement in a cryptocurrency scheme. Prosecutors found that McAfee and Jimmy Gale Watson Jr., his executive advisor and bodyguard, made $2 million by encouraging their Twitter followers to invest in Reddcoin and Dogecoin as McAfee and Watson sold their own holdings in the tokens as prices rose. The scam ran between December 2017 and October 2018; during this period, McAfee would tweet about the “coin of the day” and “coin of the week.” Aside from already being sued by the SEC for promoting fake ICOs last year and accused of murder in Brazil, McAfee faces potentially up to twenty years in prison.
McAfee is only the highest-profile fraudster to be facing charges; the US Department of Justice recently announced that a Swedish citizen, Roger Nils-Jonas Karlsson, pleaded guilty to running a fraudulent crypto and gold investment scheme that defrauded victims of $16 million. Karlsson was the founder of Eastern Metal Securities, a website used to draw investor interest. The site promised that investors could earn an eventual return of 1.15kgs in gold (equivalent to $45K USD as of Jan 2019) for just $100 per share paid for in bitcoin. Karlsson used a second website to communicate reasons for delayed pay-outs with such justifications used as “releasing so much money all at once could cause a negative effect on financial systems throughout the world.” Karlsson was found and arrested in Thailand, where he had bought a home with the money he stole from investors.
Why it Matters:
Scams play on victims’ desires to “get rich quick,” and the McAfee-Watson cryptocurrency scam had the added advantage of leveraging the McAfee name to motivate people to invest in certain cryptocurrencies. Karlsson’s cryptocurrency and gold securities fraud was promoted through Eastern Metal Securities, an official-sounding name that was not registered with the SEC. Investors must do their due diligence and resist the lure of “easy money” that will never materialize.
Read More in The Verge and ZDnet:
US Senator Sherrod Brown Says US Should Develop a CBDC
US Senator Sherrod Brown (D-OH), the Chairman of the Senate Committee on Banking, Housing, and Urban Affairs, wrote a letter to the Federal Reserve Chair on how the United States should jump-start development on a CBDC or risk falling further behind China, the EU, and others. This is not the first time Senator Brown brought up the idea of token-based digital dollars. Last year, he introduced a bill to create a digital dollar and enable access to “FedAccounts” for every US resident.
Why it Matters:
Senator Brown also emphasized that, should the US move forward with a CBDC, it must protect consumer privacy and provide financial data security. Compliance with AML, CTF, and sanctions will be crucial to the successful deployment of CBDCs.
In other CBDC news:
Australia considers the possibility of a blockchain-based CBDC: https://cryptopotato.com/reserve-bank-of-australia-looks-to-tap-blockchain-for-a-cbdc/
Jamaica’s finance minister will pilot a CBDC in 2021: https://www.coindesk.com/jamaica-to-pilot-cbdc-in-2021
Russia plans to present digital ruble prototype before year’s end: https://ihodl.com/topnews/2021-03-12/russias-central-bank-unveil-prototype-its-digital-ruble-end-2021/
DeFi Platform PAID Network Sees Token Price Decrease 85% in Infinite Mint Attack
PAID Network, a DeFi platform geared towards businesses, fell victim to an “infinite mint” hack that led to an 85% token price drop while the contract code was exploited. Though the attacker netted $180 million in PAID tokens at the time of the attack, only a portion of the tokens were converted to wrapped ether while the rest rapidly lost value.
The PAID Network team released a tweet explaining, “We are investigating the issue. We pulled liquidity, are creating a new smart contract, & will be restoring everyone’s original balances to before the hack.” Some customers have expressed suspicion that PAID Network may be executing a “rug pull” involving smart contracts designed to be exploited.
Nick Chong of Parafi Capital tweeted, “Paid Network’s deployer, an EOA, transferred ownership of a contract to the attacker 30 mins before the mint,” suggesting a member of EOA may have been either directly responsible for the rug pull or allowed the attack to take place through poor security oversight.