Blog

Report for the first three months of the current year CipherTrace Cryptocurrency Intelligence (April 2019).

Cryptocurrency Thefts, Scams, and Fraud Could Tally More than $1.2 Billion in First Quarter 2019.

Criminals stole more than US$356 million from exchanges and infrastructure during the first quarter of 2019. Among these losses, exit scams—which CipherTrace is considering the implosion of QuadrigaCX to be one—robbed cryptocurrency users of nearly US$195 million. On top of these numbers, the New York Attorney General’s Office revealed what they allege is a fraud involving the loss of $851 million by a major cryptocurrency exchange, Bitfinex. Cyber criminals also developed ingenious new techniques to drain millions more from user accounts and wallets. These thefts only represent the losses that are visible. CipherTrace estimates the true number of crypto asset losses was much higher.

46% Increase in the Number of Cross-Border Payments from US Cryptocurrency Exchanges Over the Last Two Years.

CipherTrace research conducted in Q1 revealed a major hole in the current cryptocurrency regulatory fabric with respect to cross-border payments. An analysis of 164 million BTC transactions revealed that cross-border payments from US exchanges to offshore exchanges increased from 45% from the twelve months ending Q1 2017 to 66% in the twelve months ending Q1 2019. This is significant because according to the International Consortium of Investigative Journalists, “$8.7 trillion, 11.5 percent of the world’s wealth, is hidden offshore.”

Once these payments reach exchanges and wallets in other parts of the globe they fall off the radar of US authorities. For now, it is uncertain if these cross border inter-exchange payments trigger the FinCEN requirement that “MSBs must keep a five-year record of currency exchanges greater than $1,000 and money transfers greater than $3,000.” But experts recommend MSBs retain tax ID/SSN for these transactions.

A Significant Wave of Regulation Is Coming to the Cryptocurrency Economy.

Ultimately, thieves and scam artists will need to launder the cryptocurrency stolen or scammed in Q1 2019. Furthermore, this will require innovative new ways to cash out, and turn all that tainted virtual money into clean, spendable fiat currencies. And they will also need to get it done under the much more watchful eyes of government regulators and banks as a tsunami of tough new global anti-money laundering (AML) and counter-terror financing (CTF) regulations will roll over the crypto landscape in the coming year. As of April 2019, 17 countries plus the European Union within the jurisdiction of the Financial Stability Board had at least some regulation or standard-setting bodies dealing with cryptocurrencies. These bodies will be responsible for implementing regulations that enforce FATF policy and AMLD5.

In light of the huge losses suffered by users of QuadrigaCX, regulators in Canada and around the world are rethinking controls on the internal business practices and security operations of exchanges. In addition, regulators are beginning to recommend bans on privacy coins, as criminals are coming to prefer these new anonymous altcoins to bitcoin because they are more difficult to trace. Banks also continue to face problems coping with the coming wave of regulations as they increasingly recognize there are undetected cryptocurrency operations that are using their fiat payment networks and customer accounts. Plus, courts in some countries have ruled that banks must do business with licensed cryptocurrency companies.

Crypto Crime Evolves and Expands from the Virtual to the Real World.

The previous year’s crypto crime spree was dominated by major external exchange hacks around the globe—with the biggest occurring in Q1 2018. However, in the first quarter of this year, insiders, extortionists and scammers attempted a more diverse range of crypto crimes. As just one example, kidnappers in Norway demanded nine million euros (approximately US$10.3 million) ransom in Monero, a privacy coin, for a billionaire’s wife, who has not yet been returned. There were also two large insider thefts/misappropriations (QuadrigaCX and Bitfinex). This shift suggests that security against external hackers at exchanges is maturing under the pressure from regulators and customers to take necessary measures to prevent losses.

The geopolitical implications of cryptocurrencies also took center stage in Q1 2019 with countries competing to attract crypto businesses and foster related economic growth. Conversely, overt attempts to evade sanctions by hostile nations show that economic adversaries recognize the money laundering and terrorist financing potential of crypto assets. On March 6, 2019, the UN Security Council reported North Korean state-backed hackers successfully breached at least five cryptocurrency exchanges in Asia between January 2017 and September 2018, causing $571 million in losses.

Q1 2019 Crypto Crime Highlights:

- Thieves and scammers stole more than $356 million from exchanges and users.

- Customers suffered losses of approximately US$195 million when Canada’s major cryptocurrency exchange, QuadrigaCX, imploded after the CEO mysteriously perished in India, allegedly along with the passwords to virtually all of the exchange’s assets. CipherTrace analysis casts severe doubt that this was anything other than a theft, fraud, or foul play.

- On March 26, the New York Attorney General’s Office brought suit against the parent company of Bitfinex and Tether.
- The AG claimed Tether had failed to disclose a secret transfer of funds from the fiat pool of funds supposedly backing tether, which converted tether from asset-backed to debt-backed unbeknownst to tether holders.
- Bitfinex allegedly lost $851 million. The source of the loss was a Panamanian payment processor also used by QuadrigaCX.

- Iran announced the imminent launch of its long-rumored Crypto Rial, a state-backed stable coin developed with the express purpose of circumventing political sanctions and overcoming sanctions-related restrictions by SWIFT.

- The Russian Duma approved international use of the domestically developed SPFS as a ‘SWIFT alternative’ for cross-border payments in an effort to avoid political sanctions.

- The French government issued a report recommending a ban on privacy coins.

- The UN published the findings of a private report that concluded North Korean hackers looted $571 million from five cryptocurrency exchanges in Asia.

- Courts in some countries forced financial institutions to bank crypto asset businesses.

- The Bank of Mexico reportedly proposed banning financial institutions from transacting with crypto exchanges, citing money laundering and terror financing risks.

Source: CipherTrace.

Published in INDUSTRY REPORTS

On March 27, 2019, training for students of the 7th stream of the BCL (Blockchain Lawyers) supplementary education program was completed at the Federation Council. 

As part of that, the audience in a round table format along with the first deputy chairman of the Federation Council Committee on Economic Policy, the founders and teachers of the course, as well as invited experts discussed the regulation of the digital economy and modern technologies in Russia.

Natalya Manuilova paid special attention to the following issues: that the Bank of Russia had several new and important documents aimed at fulfilling the requirements of the legislation in the area of countering the legalization (laundering) of proceeds from crime and the financing of terrorism (AML/CFT). Important on the approach to the organization of work in this direction.

Thus, one of these documents is Directive No. 5083-U of 02/27/2019 “On Amendments to the Regulation of the Bank of Russia of March 2, 2012 No. 375-P“ On the Requirements for the Rules of Internal Control of a Credit Organization to Counter Legalization (Money Laundering) criminal proceeds and the financing of terrorism. ” In accordance with the changes that will come into force on 04/05/2019, the ML/TF risk management systems in credit institutions will have to take into account the results of a national risk assessment of transactions (transactions) in order to legalize (launder) proceeds from crime, and the financing of terrorism, posted on the official website of the authorized body on the Internet information and telecommunications network.

The possibility for credit institutions to install in the Risk Management Programs “other factors independently determined by the credit organization” scares many, but these factors must be fixed, fixed in the Rules of the credit organization. And no one has canceled a systematic approach - why are some requirements for some, and others for others? “Documentary fixation” will compel to substantiate certain AML/CFT measures.

In accordance with the Bank of Russia Newsletter No. IN-014-12/27 of 03/27/2019 “On Approaches to the Procedure for the Implementation of Credit Rights by Credit Institutions Provided by Sub-clause 1.1 of Clause 1 of Article 7 of Federal Law No. 115 “On Counteracting Legalization (Laundering) of Revenues criminal proceeds and the financing of terrorism” the Bank of Russia draws the attention of credit institutions to the need to follow the results of their assessment of the extent (level) of the risk of a client’s operations for AML/FT when implementing these powers in accordance with its own rules of internal control in order to counter the legalization (laundering) of proceeds from crime and the financing of terrorism.

Will high-risk transactions (deals) with digital assets be added to the list? Definitely! Companies need to start preparing letter templates - explanations about the sources of funds received to the account, etc.

The Bank of Russia still had to pay attention to the not quite adequate measures of credit institutions regarding blocking accounts under federal law 115, inquiries about the source of clients funds, whose operations in principle do not bear and cannot bear the risks of ML/FT and the risk of involvement credit organization in the scheme of ML/FT.

Let's hope for positive changes, because for a long time, the “struggle” of a number of banks on AML/CFT issues has discredited the AML/CFT system as a whole, and only the one who has not come to the bank does not care about 115-FL.

At the same time, the information letter of Rosfinmonitoring dated March 1, 2019 No. 59 “On Methodological Recommendations for Assessing ML/TF Risks by Organizations that Operate with Monetary Funds or Other Property and individual entrepreneur” was discussed.

From which it was seen that there are three types of risks:

- risks associated with countries and individual geographic territories (country risks);

- customer related risks (customer risks);

- risks associated with products, services, operations (transactions) or supply chains made by the customer (operational risks), a high level for operations with digital assets.

Washington D.C., Dec. 20, 2018 - The Securities and Exchange Commission's Office of Compliance Inspections and Examinations (OCIE) today announced its 2019 examination priorities. OCIE publishes its exam priorities annually to promote transparency of its examination program and provide insights into the areas it believes present potentially heightened risk to investors or the integrity of the U.S. capital markets. This year, particular emphasis will be on digital assets, cybersecurity, and matters of importance to retail investors, including fees, expenses, and conflicts of interest.

OCIE is steadfast in its commitment to protect investors, ensure market integrity and support responsible capital formation through risk-focused strategies that improve compliance, prevent fraud, monitor risk, and inform policy. They believe our ongoing efforts to improve risk assessment and maintain an open dialogue with market participants advance these goals to the benefit of investors and the U.S. capital markets.

This year, OCIE's examination priorities are broken down into six categories:

1. compliance and risk at registrants responsible for critical market infrastructure;
2. matters of importance to retail investors, including seniors and those saving for retirement;
3. FINRA and MSRB;
4. digital assets;
5. cybersecurity; and
6. anti-money laundering programs.

The published priorities for 2019 are not exhaustive and will not be the only issues OCIE addresses in its examinations, Risk Alerts, and investor and industry outreach. While the priorities drive OCIE’s examinations, the scope of any examination is determined through a risk-based approach that includes analysis of the registrant’s operations, products offered, and other factors.

The collaborative effort to formulate the annual examination priorities starts with feedback from examination staff, who are uniquely positioned to identify the practices, products, and services that may pose significant risk to investors or the financial markets. OCIE staff also seek advice of the Chairman and Commissioners, staff from other SEC divisions and offices, and the SEC's fellow regulators.

OCIE is responsible for conducting examinations of entities registered with the SEC, including more than 13,200 investment advisers, approximately 10,000 mutual funds and exchange traded funds, roughly 3,800 broker-dealers, about 330 transfer agents, seven active clearing agencies, 21 national securities exchanges, nearly 600 municipal advisors, FINRA, the MSRB, the Securities Investor Protection Corporation, and the Public Company Accounting Oversight Board, among others. The results of OCIE’s examinations are used by the SEC to inform rule-making initiatives, identify and monitor risks, improve industry practices, and pursue misconduct...

Source: SEC.gov

Paris, 7 December 2018 - The United Kingdom has a well-developed and robust regime to effectively combat money laundering and terrorist financing. However, it needs to strengthen its supervision, and increase the resources of its financial intelligence unit.

The FATF has conducted an assessment of the United Kingdom’s anti-money laundering and counter terrorist financing (AML/CFT) system. The assessment is a comprehensive review of the effectiveness of the UK’s measures and their level of compliance with the FATF Recommendations.

The UK is the largest financial services provider in the world. As a result of the exceptionally large volume of funds that flows through its financial sector, the country also faces a significant risk that some of these funds have links to crime and terrorism.  This is reflected in the country’s strong understanding of these risks, as well as national AML/CFT policies, strategies and proactive initiatives to address them.

The UK aggressively pursues money laundering and terrorist financing investigations and prosecutions, achieving 1400 convictions each year for money laundering. UK law enforcement authorities have powerful tools to obtain beneficial ownership and other information, including through effective public-private partnerships, and make good use of this information in their investigations. However, the UK financial intelligence unit needs a substantial increase in its resources and the suspicious activity reporting regime needs to be modernised and reformed.

The country is a global leader in promoting corporate transparency and it is using the results of its risk assessment to further strengthen the reporting and registration of corporate structures. Financial institutions as well as all designated non-financial businesses and professions such as lawyers, accountants and real estate agents are subject to comprehensive AML/CFT requirements. Strong features of the system include the outreach activities conducted by supervisors and the measures to prevent criminals or their associates from being professionally accredited or controlling a financial institution. However, the intensity of supervision is not consistent across all of these sectors and UK needs to ensure that supervision of all entities is fully in line with the significant risks the UK faces.

The UK has been highly effective in investigating, prosecuting and convicting a range of terrorist financing activity and has taken a leading role in designating terrorists at the UN and EU level.  The UK is also promoting global implementation of proliferation-related targeted financial sanctions, as well as achieving a high level of effectiveness in implementing targeted financial sanctions domestically.

The UK’s overall AML/CFT regime is effective in many respects. It needs to address certain areas of weakness, such as supervision and the reporting and investigation of suspicious transactions.  However, the country has demonstrated a robust level of understanding of its risks, a range of proactive measures and initiatives to counter the significant risks identified and plays a leading role in promoting global effective implementation of AML/CFT measures.

FATF adopted this report at its Plenary meeting in October 2018...

Source: FATF-GAFI.ORG - Financial Action Task Force (FATF).

Published in INDUSTRY REPORTS

CipherTrace Third Quarter Report proves cryptocurrency anti-money laundering laws are effective, and cites $927 million of cryptocurrency stolen during 2018 that needs to be laundered.

Ninety-Seven Percent (97%) of Criminal Bitcoin Flows into Unregulated Cryptocurrency Exchanges According to New Research...

October 10, 2018 – Efforts to enact and enforce strong cryptocurrency Anti-Money Laundering (AML) regulations are drastically reducing criminal activity on digital currency exchanges, according to new research released today in the CipherTrace 2018 Q3 Cryptocurrency Anti-Money Laundering Report. The study revealed that 97 percent of direct bitcoin payments from criminals went to exchanges in countries with weak anti-money laundering laws.

Nearly five percent of all bitcoin sent to poorly regulated exchanges comes from criminal activity before the money is moved, undetected, into the global financial payments system. In fact, these exchanges have laundered a significant amount of bitcoin, totaling 380,000 BTC or $2.5 billion at today’s prices.

The report covers the latest legislative changes, as governments around the world are ramping up cryptocurrency AML regulation and enforcement, many by the end of this year. For example, US FinCEN recently clarified its stance on regulation, subjecting crypto-to-crypto exchanges to the Bank Secrecy Act (BSA) rules, focusing on mixing services and enlisting the help of the IRS. The European Commission’s 5th Anti-Money Laundering Directive (AMLD 5) was also entered into force in July and will require G20 nations to comply with strict AML regulations. “Different geographies are competing on regulations and trying to become ‘trusted’ digital currency hubs in order to grow their economies,” added Jevans.

During the first three quarters of this year, the report shows $927 million of cryptocurrency reported as stolen from exchanges. The $166 million in reported thefts since the second quarter report was driven by an emerging trend toward more frequent and smaller cyberattacks by sophisticated thieves. CipherTrace estimates that total stolen cryptocurrency reported is expected to hit well over $1 billion by the end of the year – currency that needs to be laundered.

The CipherTrace 2018 Q3 Cryptocurrency Anti-Money Laundering Report provides an in-depth state-of-the-market look at criminal activity and the status of AML regulations by jurisdiction. The report presents an unprecedented quantitative analysis of 45 million transactions at 20 top cryptocurrency exchanges globally between January 2009 until September 20, 2018, and identifies criminal funds from dark markets, extortion, malware, mixer/tumbler/money laundering sites, ransomware, and terrorist financing.

Source: CipherTrace.

Published in INDUSTRY REPORTS

On October 18, Capital Markets and Technology Association (CMTA) published AML Standarts for Digital Assets.

The standards provide guidance for the treatment of digital assets by both businesses and financial intermediaries.

As part of its mission to facilitate the adoption and use of distributed ledger technologies (DLT) in financial markets, the CMTA has developed a set of AML standards. These standards are designed to clarify for both issuers of digital assets and financial intermediaries dealing with such issuers or digital assets measures to be taken in order to comply with the Swiss regulations against money laundering and the financing of terrorism.

The standards aim to create a framework that facilitates the use of DLT – in particular blockchain technology – and the opportunities this brings to financing businesses, while preventing issuers of digital assets from being recipients of illicit funds.

CMTA’s standards have no statutory or regulatory status and are not compulsory. They represent a consensus among significant actors in the financial sector as to how applicable rules and regulations can be complied with and more generally an expression of good practice for the treatment of digital assets.

Source: CMTA - The Capital Markets and Technology Association.

About SICP

Security Intelligence Cryptocurrencies Platform - Cybersecurity infrastructure of the blockchain and antifraud in the cryptocurrency sphere. SICP - antiscam, trust, compliance.

Get In Touch

Address: Russia St. Petersburg Marshal Tukhachevsky 22

Phone: +7 (812) 983-0483

Fax: +7 (812) 983-0483

Email: sicp@ueba.su

Website: www.ueba.su

Join Our Community

Sign up to receive email for the latest information.

Search