skip to Main Content

INDUSTRY UPDATES & INSIGHTS

September 25, 2020

FinCEN Leak | XMR’s OFAC Debut | U.S. Stablecoin Regs | Qualms Over Banking Crypto | N. Korea’s Fiat Off-Ramps | Wyoming Releases the Kraken

  • FinCEN Leak Reveals How Dirty Money Flows Around the World
  • New Russian OFAC Designations Include Monero
  • Federal Agencies Clarify Stablecoin Regulations
  • Why Major International Banks Block Cryptocurrency Transactions 
  • How North Korea Turns Stolen Cryptocurrency into Cash 
  • Wyoming Charters the World’s First Crypto Bank

FinCEN Files Bombshell Reveals $2 Trillion in Suspicious Transactions

Over a year ago Buzzfeed news received more than 2,100 leaked suspicious activity reports. In conjunction with ICIJ and 108 other media partners, Buzzfeed News began organizing and analyzing the documents to produce a comprehensive report on more than $2 trillion in suspicious transactions by nearly 90 financial institutions over 18 years.

Analysis showed that banks in the FinCEN Files processed transactions for companies registered in so-called secrecy jurisdictions without knowing the beneficial owner of the accounts. Many of the top banks listed in the leaks “continued to wave through suspect payments, including those they said bore hallmarks of fraud” according to ICIJ.

Aware of the pending publication, FinCEN released a statement regarding the unlawfully disclosed Suspicious Activity Reports at the beginning of September. The statement notes that “the unauthorized disclosure of SARs is a crime that can impact the national security of the United States, compromise law enforcement investigations, and threaten the safety and security of the institutions and individuals who file such reports.”

Why it matters:  The leak did not only expose the banking information of criminals and terrorist organizations. These files also contain private banking information about public figures and senior government officials around the world, demonstrating the risks inherent with financial privacy and centralized financial systems. As the world begins to develop new protocols for transmitting private financial data around travel rule compliance, and expands those regulations to include cryptocurrency payments, it’s imperative that this data is secure both in transit and at rest to prevent compromise.

Read the BuzzFeed News Report:

https://www.buzzfeednews.com/article/jasonleopold/fincen-files-financial-scandal-criminal-networks

Newest OFAC Designations Include Monero

On September 16, 2020, two Russian nationals were added to OFAC’s SDN List for their involvement in a sophisticated phishing campaign that targeted customers of two US-based and one foreign-based VASP in 2017 and 2018 . This attack resulted in combined losses of at least $16.8 million. The designation includes Bitcoin, Bitcoin Gold, Litecoin, Ethereum, Ethereum Classic, DASH and Zcash virtual currency addresses and one Monero payment ID. This is the first time OFAC has listed Monero (XMR) in their designations.

Read more about these designations: https://ciphertrace.com/sanctions-alert-more-russian-crypto-related-designations/

CipherTrace recently delivered the world’s first Monero tracing capabilities: https://ciphertrace.com/ciphertrace-announces-worlds-first-monero-tracing-capabilities/

OCC, SEC Issue New Regulatory Clarifications for Stablecoin Issuers

On September 21, the Office of the Comptroller of the Currency (OCC) published new guidance clarifying national banks’ and federal savings associations’ have the authority to hold “reserves” on behalf of customers who issue certain stablecoins. The letter specifies that its guidance refers to stablecoins backed on a one-to-one basis by fiat currencies and only to stablecoins held in hosted wallets.

The interpretative letter adds that while banks should conduct due diligence and ensure they assess the AML and compliance risks associated with banking any stablecoin issuers, they should also ensure an understanding of the risks of cryptocurrency in general.

The US Securities and Exchange Commission (SEC) responded to the OCC Interpretation, stating that certain stablecoins might not constitute securities under federal law. According to the statement, the SEC is willing to provide a “no-action” position regarding whether or not activities with respect to certain stablecoins invoke the application of the federal securities laws.

Why It Matters: “National banks and federal savings associations currently engage in stablecoin-related activities involving billions of dollars each day,” said Acting Comptroller of the Currency Brian P. Brooks. “This opinion provides greater regulatory certainty for banks within the federal banking system to provide those client services in a safe and sound manner.”

Why Major Banks Still Block Crypto Transactions 10 Years after Bitcoin’s Inception

More than a decade after its creation, Bitcoin has changed the financial landscape and inspired a myriad of novel fintech developments, yet many banks all over the world still won’t allow their customers to hold assets in cryptocurrencies.

In a recent article, Decrypt corresponded with crypto lawyers and banking experts, who explained that the main reason why a bank won’t touch crypto relates to the laws regarding cryptocurrencies in that bank’s country of operation. For banks in China and Bolivia, for example, processing bitcoin transactions is against the law. However, in Russia, cryptocurrencies occupy more of a “gray area” where the exact legal constraints of the assets are not well defined.

Alexander Anichkin, a partner at law firm Clifford Chance’s Moscow office, explained that “In Russia, it’s not that easy to purchase cryptocurrency legitimately and reliably. Banks must deal with all sorts of unregulated third-party intermediaries including peer-to-peer Bitcoin transactions without any guarantee that you will get the cryptocurrency that you’re paying for.”

Anichkin explained that this legal gray area often makes crypto assets undesirable by large banks and other traditional financial corporations. Put simply, the effort needed to implement compliance measures is a massive deterrent for banks. As Braden Perry of US law firm Kennyhertz Perry said, “Some of the larger banks just frankly found it easier to say ‘no’ than to try and do the underlying research necessary to understand those transactions and how they work.”

Why it Matters: CipherTrace research has shown that most banks do, in fact, have cryptocurrency on their payment rails—whether they acknowledge banking crypto or not. Ignoring crypto as an asset class does not relieve banks of their obligations when it comes to AML, CTF, and more.
Read more in Decrypt here:

https://decrypt.co/39226/banks-still-blocking-crypto-transactions

Explore CipherTrace Armada, our solution to the challenges of banking crypto:

https://ciphertrace.com/armada

How North Korea Launders its Stolen Crypto Billions

The North Korean government has increasingly turned to cybercrime to fund its regime, launching several large-scale heists against banks and cryptocurrency exchanges. However, once the hacks have been carried out, it takes a significant amount of complex crypto laundering to make the stolen funds usable. Christopher Janczewski, a lead case agent at the IRS who specializes in cryptocurrency cases, says that “the laundering is more sophisticated than the hacks themselves.”

Typically, after a hack has occurred, the hackers will attempt to move coins to different wallets and exchange into different currencies, but the North Korean laundering operation has evolved in the last few years, deploying even more sophisticated tactics.

One tactic, known as the “peel chain,” uses rapid and automated transactions to break the funds into smaller amounts and send those pieces to a new address thousands of times in a way that both hides the source of the money and lessens the risk of alerting authorities.

Experts estimate that North Korea relies on criminal activity for up to 15% of its income, with a significant portion of that driven by cyberattacks. The United Nations says these actions bring in vast sums that the regime uses to develop nuclear weapons and fund other state activities.

Why It Matters: Stealing and laundering cryptocurrency is no longer the perfect crime it once was. Police and regulators have become much more skilled in detecting crypto crimes and performing successful crypto investigations.

Read more in Technology Review here:

https://www.technologyreview.com/2020/09/10/1008282/north-korea-hackers-money-laundering-cryptocurrency-bitcoin/

On our blog: read about a case involving peel chains used by North Korea-linked hackers

https://ciphertrace.com/chinese-linked-dprk-laundering-analysis/ 

Kraken, Chartered by the State of Wyoming, Becomes the World’s First Crypto Bank

On September 16, cryptocurrency exchange Kraken announced that the State of Wyoming approved their application to form the world’s first Special Purpose Depository Institution (SPDI), granting the exchange a charter to Wyoming’s newest state-chartered bank—”Kraken Financial.”

Kraken Financial will be the first regulated, U.S. bank to provide comprehensive deposit-taking, custody and fiduciary services for digital assets. As an SPDI, the institution will be regulated similarly to other state-chartered banks in the U.S. As a result, in its first phase of operation, Kraken Financial will only be able to offer accounts to U.S. residents. An SPDI can accept deposits but cannot provide lending services. According to the Wyoming Division of Banking, SPDIs will resemble “Custody Banks” which are “focused on storing assets, fiduciary management, conducting a variety of transactions with assets and providing an ‘on/off’ ramp to securities markets, commodities markets and customer bank accounts.”

Why It Matters: Kraken Financial’s plan to implement a complete online and mobile banking suite of products, as well as a debit card that clients can use to spend their crypto funds, could lead the crypto economy into the next wave of growth and trust.

Back To Top