New guidance from the FATF has been welcomed by the crypto industry, despite the compliance challenges it presents, writes Nathan Smale at Emfarsis.
Members of the cryptocurrency industry have welcomed new guidance from the Financial Action Task Force (FATF) outlining red flag indicators to help reporting entities, including financial institutions and virtual asset service providers (VASPs), better identify criminal activity among cryptocurrency users. However, the new guidelines will also increase compliance pressure on VASPs, as a benchmark has now been set for AML/CTF reporting requirements.
Red flag indicators
In a new report, the FATF highlighted how virtual assets have helped spur financial innovation and efficiency, but also created opportunities for criminal activity by money launderers and terrorist financiers. Using blockchain to rapidly move funds across borders at low cost has benefits for many global industries. However, key features of the technology, such as user pseudonymity, can also be exploited by criminals wanting to operate outside the traditional financial system or obfuscate the origin and destination of illicit funds.
Since the FATF brought VASPs into its purview in October 2018, these entities have had the responsibility to help protect the integrity of the global financial system. The new report, Virtual Asset Red Flag Indicators of Money Laundering and Terrorist Financing, was released to assist VASPs in identifying illicit activities. The document lists a number of examples of suspicious activities and transactional behaviour that should prompt a compliance team to evaluate whether to file a Suspicious Activity Report (SAR) or Suspicious Transaction Report (STR) with the relevant Financial Intelligence Units (FIUs).
For example, the FATF said VASPs should compare the user’s cryptocurrency transaction with that of their historical financial profile. When a customer purchases significant amounts of virtual assets not substantiated by their available wealth, it might indicate money laundering or that the customer might be the victim of a scam. The FATF also said that a customer who appears to not be familiar with virtual assets yet proceeded to make complicated transactions could imply potential account takeover or possible coercion to transact on behalf of criminals.
The FATF also listed a set of red flag indicators associated with users who attempt to increase their anonymity, for example, purchasing bitcoins on a centralised exchange only to trade them for privacy coins, such as Monero or Zcash (which are more difficult to trace). Another indicator is using peer-to-peer platforms and services to withdraw funds, rather than using the direct withdrawal features at a cryptocurrency exchange. Both these activities create hurdles in detecting criminal activity.
While the FATF concedes that some efforts by the user to become more private, such as transferring cryptocurrencies to a hardware wallet, represent a legitimate way to secure one’s cryptocurrencies, these activities must be considered in the context of other indicators, such as the customer’s financial profile and other sets of behaviour.
Beneficial for industry
Vivien Khoo, Chief Operating Officer of 100x Group (formerly BitMEX) said it d,oes not come as a surprise that key stakeholders have welcomed the guidance, as it is specific to VASPs, and was drawn from extensive input by FATF members around the world.
“What is clear is that compliance teams need to be implementing robust transaction monitoring and that means having appropriate levels of dedicated and qualified resources in place,” she said, adding that the increased compliance requirements were inevitable and an important part of the sector’s development and mainstream adoption.
Khoo believes that any actions taken to help stamp out illicit activity should be embraced and the FATF’s approach will still be beneficial for industry, regardless of any short-term impacts on the bottom line. While some reactions to the guidance could lead to the banning of certain categories of users and transactions, it should be viewed positively in the context of the sector’s longer-term health, she said.
Compliance-first agenda
The 26-page FATF guidance document provides several case studies and examples from real-life VASP encounters with illicit activities. In one case study, criminals who sold illegal drugs sought payment through virtual assets. Upon receiving the payment, they transferred the illicit funds to anonymous bitcoin wallets (i.e. wallets that have not gone through formal KYC verification processes usually required at centralised exchanges), before transferring them to bitcoin wallets at different centralised exchanges, and eventually cashing out to a local currency and transferring the funds to bank accounts. This money laundering technique, called layering, further obfuscates the origins of the funds and makes tracking difficult.
Given the incident was included in the FATF’s case study means that the criminal was eventually tracked and convicted, demonstrating that the VASP industry wields the necessary tools to trace illegal activity such as this.
“The cryptoasset industry is well-equipped to respond to many of the red flags outlined by the FATF Report by having mature crypto AML systems in place to detect high-risk wallets and transactions,” said David Carlisle, head of policy and regulatory affairs at Elliptic, a blockchain analytics firm specialising in tracking and tracing illicit cryptocurrency transactions.
Carlisle explained that the FATF Red Flag indicators are high-level and meant as a starting point for VASPs that are driving a compliance-first agenda. “This summer’s Twitter hack was an example of how the industry was able to leverage real-time blockchain analytics to follow the money laundering trail in bitcoin, even where obfuscating techniques such as mixers and privacy wallets were utilised,” said Carlisle.
Pressure on VASPs
While the VASP industry is capable of responding to these threats, individual VASPs are still feeling the pressure as there is now definitive guidance offering clarity on the areas they should be monitoring, said Nathan Catania, a partner at XReg Consulting, a group of former regulators and policymakers now consulting to both public and private sector on cryptoassets and distributed ledger technology.
“The immediate implications are that VASPs should be working to adjust their monitoring capabilities to be able to pick up these activities as they can uncover further instances of money laundering in the long-term,” said Catania.
Despite the FATF incorporating the entire industry within its scope in 2018, the cryptocurrency industry has continued to fight off accusations of illegitimacy which date back to 2009, when the first bitcoin was mined.
At a time when the FinCEN Files have shined a spotlight on the banking system’s failure to stop financial crime and the failings of traditional AML systems, the new FATF guidance presents an opportunity for the cryptocurrency industry to demonstrate its ability and effectiveness in combating illicit activity.
Blockchain, known for its transparency and immutable record-keeping, may yet prove to be one of the most effective AML tools available today.
Nathan Smale is a consultant at Emfarsis, a communications consultancy specialising in cryptocurrency and blockchain projects throughout Southeast Asia. Nathan was a strategic advisor at the June 2019 V20 Summit on discussions regarding the travel rule, and sat on the joint working group for the development of the interVASP Messaging Standards (IVMS101).