As cryptocurrency money laundering increases, regulators seek response

John McAfee, the former computer anti-virus software tycoon, initially had trouble finding an exchange that would convert proceeds from alleged cryptocurrency fraud into US dollars, his indictment said. But in the end, he was able to move more than $1 million through the US financial system.

A money laundering charge against McAfee was unveiled by the US last week, predicated on the pump-and-dump and illegal touting schemes for which he also has been charged.

McAfee's indictment is the latest of a mounting number of money laundering cases based on cryptocurrency crime. Regulators perceive a growing threat and are looking to blend traditional forms of money laundering regulation with rules to govern the new realities of pseudonymous or enhanced-anonymity cryptocurrencies.

Cryptocurrency users and exchanges, such as US firms Coinbase and Square, say some of the proposed rules are simply inconsistent with the way cryptocurrency works.

Regulators and enforcers, however, feel an increasing urgency to respond to the evolution of cryptocurrencies.

"Despite its relatively brief existence, this technology already plays a role in many of the most significant criminal and national security threats our nation faces," the Department of Justice's Cyber-Digital Task Force said in a report in the fall.

European officials agree. "Crypto-assets pose serious ... risks that criminals, money launderers, terrorists and other illicit actors could exploit," a report to the European Parliament said.

Some European Union member states have implemented their own cryptocurrency rules, which include anti-money laundering regulations, while others lag. In September, the EU Commission outlined a general policy paper called "Markets in Crypto-Assets Regulation" that calls for a more unified approach across the common market.

The Financial Action Task Force, a global body of financial intelligence units, is attempting to integrate the regulation of cryptocurrency into standard anti-money laundering procedures.

— FATF review —

In a guidance document published in late February, FATF included detailed descriptions of the actions by bank supervisors in jurisdictions such as Canada, Saudi Arabia, Singapore and the UK.

FATF said the UK's Financial Conduct Authority considered it unlikely that its supervisors would be experienced in both anti-money-laundering examination and cryptocurrency, and so the FCA stood up multi-disciplinary units that consisted of bank examiners well-versed in traditional AML standards "supplemented by internal and external recruits with expertise in (virtual asset service providers)."

FATF is seeking comments from industry and the public about how it might better guide regulation of virtual assets.

— Professional enablers —

But the OECD this year pointed out that cryptocurrency technology, which can facilitate transactions beyond the view of legal authorities, provides ample opportunity for criminal exploitation. Regulated financial institutions or money service businesses could either collaborate with criminals or be tricked into laundering their money, the OECD said.

"The role of professional enablers in crypto-asset enabled financial criminality is not currently well documented and continues to evolve," an OECD report said.

The New York Department of Financial Services last week warned professionals dealing with cryptocurrency they would be prosecuted if they skirted the state's money laundering or fraud laws.

Also, Singapore last week passed a law expanding its regulation of payment services dealing in cryptocurrency and virtual assets.

— ‘Unhosted wallets’ —

A US proposal to increase recordkeeping and reporting requirements for cryptocurrency exchanges met with strong and unified opposition from the exchanges and cryptocurrency users. But the Financial Crimes Enforcement Network, which made the proposal, called it a necessary measure that will give the exchanges more robust anti-money laundering programs.

The story of the proposed rule's roll-out encapsulates the debate among users and the balance that regulators are struggling with.

In the waning days of the Trump administration, FinCEN issued a proposed rule that would have required cryptocurrency exchanges, which it regards as money service businesses, to collect the names and addresses of the cryptocurrency users who are transmitting more than $3,000 worth of virtual assets to clients of the exchanges. It also proposes that the exchanges report transactions of more than $10,000.

Thousands of brief comments from skeptical cryptocurrency users flooded the Federal Register; longer, more technical comments came later from cryptocurrency exchanges.

The commenters said the proposed rule doesn't truly take into account the nature of the decentralized financial ecosystem of virtual currency. The target of the rule, FinCEN had said, were owners of "unhosted wallets," or cryptocurrency accounts that are not under the custody of any third-party institution, but solely under the care of the owner.

That owner is typically known to the world only by a long hash of numbers forming an address of the wallet. FinCEN said it needs to know who is hiding behind that hash to ensure that they are not criminals trying to cash out the cryptocurrency proceeds of their wrongdoing.

But thousands who objected to the proposal called the record-keeping proposal impracticable. Some say a regulation seeking to collect personally identifying information in conformance with know-your-customer rules runs counter to cryptocurrency users who want to clear transactions quickly.

Securities and Exchange Commissioner Hester Peirce also said the rule could backfire. "The proposal’s effect could be to force activity further away from regulated financial institutions," she told a group of international bankers this month. If this were to happen, financial institutions could be cut off from a lot of important economic activity."

— Prevalence of crypto crime —

Last month she posed an even more existential question about the potential for cryptocurrency regulation.

"The myth about bitcoin and crypto being used primarily for illegal activity was born quite a while ago," Peirce said. “Actually the percentages now of crypto that are used for illegal activity are believed to be quite low."

Recent reports back up Peirce’s assertion. Crypto consultancy Chainalysis recently estimated that 0.34 percent of all cryptocurrency transaction volume in 2020 was due to criminal activity; that criminal financial flow amounted to about $10 billion worth of crypto. Another consultancy, CipherTrace, estimated a much lower volume of criminal activity, $1.9 billion.

But these views are not shared by all, especially when the estimates home in on specific financial crimes.

The Austrian Financial Market Authority last month said that two-thirds of recently reported financial fraud cases have involved cryptocurrency. Luxembourg has said 70 percent of its suspicious transaction reports have involved cryptocurrency.

In a 2019 paper, "Sex, Drugs, and Bitcoin," researchers from the University of Sydney estimated that that about 46 percent of Bitcoin transactions were for illegal activity. They placed the level of criminal activity at $76 billion per year. They also said a quarter of Bitcoin users were engaged in crime, either as buyers or sellers of contraband.

Some hard numbers are memorialized in court documents. In November, the DOJ filed a forfeiture action against about $1 billion in cryptocurrency that had been used in the Silk Road dark Web criminal network.

The IRS earlier in the year seized millions more in cryptocurrency from terrorist groups who were specifically asking for crypto from their supporters.

Regardless of the numbers or type of crimes facilitated by virtual assets, ultimately cryptocurrency gained through illegal activity will be laundered through regulated financial systems as criminals convert digital wealth into dollars or other currency of their choice.