Today we are very pleased to welcome guest blogger Lili Infante, who is the CEO of CAT Labs – a tech company building digital asset recovery and quantum-resistant cryptography tools to fight crypto crime.  Lili previously spent a decade as a DEA Special Agent with the U.S. Department of Justice and pioneered an early federal task force focusing exclusively on crypto and dark web crimes. Lili has led numerous major crypto-related investigations to include the takedown of Hydra – the largest crypto-powered dark web criminal organization and money laundering platform in the world.

We reached out to Lili because her work is fascinating and increasingly important.  Law enforcement agencies, the U.S. Treasury Department and other regulators are focused on vulnerabilities and potential gaps in the United States’ anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”) regulatory, supervisory, and enforcement regimes in regards to the use and misuse of virtual assets and decentralized finance.  Virtual assets can be the vehicle of choice for terrorist financing, fraud schemes, and state-sponsored cyber crime.  Meanwhile, agencies such as the Financial Crimes Enforcement Network (FinCEN) struggle to find proposed regulatory solutions.

This blog post again takes the form of a Q&A session, in which Lili responds to questions posed by Money Laundering Watch about investigating crypto-related illicit activity and recovering digital assets. We hope you enjoy this discussion on this important topic. – Peter Hardy

First, let’s set the table for everyone.  What do you do?

I’m the CEO and Founder of CAT Labs – a tech startup building crypto asset recovery tools and cyber defense tools to fight crypto-related crime and protect us from national security threats emerging from the illicit use of cryptocurrency. 

In my previous life, I was a DEA Special Agent at the U.S. Department of Justice almost a decade ago and created an early federal task force that focused exclusively on fighting cryptocurrency- and dark web-enabled crime. Shortly before leaving federal public service, I was the lead agent on the case that took down Hydra, which had been the largest dark web market in the world accounting for approximately 80% of cryptocurrency transactions on the dark web. 

You worked for the government for many years, and now you have your own private firm.  Generally, what are the differences in how you approach investigations, then and now?

For starters, in the government, I had subpoena and search warrant powers which gave me a lot of avenues for various investigative techniques and ways to get leads on targets. In addition, as a case agent, I was in charge of the entire case from start to finish: from gathering initial leads, to pitching to and subsequently partnering with prosecutors, to managing confidential informants, and mobilizing different teams and agencies across the globe to join my cases.  Managing a case also involved gathering intelligence, writing search warrants, issuing subpoenas, identifying, tracing and seizing assets and ultimately securing indictments and arrest warrants.  Finally, I had the honor of putting handcuffs on my targets, often after many years of hard work.

In the private sector, my work is a lot more targeted to address very particular pain points and bottlenecks that I and my colleagues identified when we investigated crypto-enabled crime. Specifically, our team is currently focused on helping law enforcement and other investigative agencies find, identify and seize exponentially more digital assets from their targets by automating a lot of manual investigative processes.  These manual investigative processes currently require a great deal of time, technical knowledge and experience on the part of the investigators and ultimately result in countless lost opportunities for seizures.

The increasingly widespread illicit use of cryptocurrency can be seen as a challenge, but also as an opportunity to seize significantly more digital assets than ever before and at CAT Labs, we are making sure investigators can capitalize on these opportunities in a scalable manner. 

Please talk a little bit about the role and impact of state-sponsored activity on the dark web.

Nation-states utilize the dark web quite extensively to further their agendas, such as cyber espionage, coordinated cyber-attacks, malware, spyware and ransomware trade, as well as bypassing financial sanctions.

Nation-states can openly purchase zero-day attacks, ransomware, spyware and malware as a service on the dark web and will often use these cyber warfare weapons to steal cryptocurrency from businesses and DeFi protocols, coordinate cyber-attacks against other states’ critical infrastructure like power grids and water systems.  These attacks can be launched remotely and anonymously and are very difficult to track to their origin. Additionally, many adversarial nation-states will use the dark web to recruit skilled hackers, offering them employment for conducting cyber-attacks on other countries.

They also will gather intelligence by exploiting data breaches and collecting personally identifiable information and usernames and passwords that are often being sold on dark web markets. This allows them to conduct cyber-attacks on the victims of data breaches and target financial accounts of these victims like cryptocurrency exchanges or bank accounts. 

What are some of the main challenges which you and your colleagues currently face in your work?  If you controlled the world, how might some of these challenges be overcome or at least mitigated?

The main challenges we face as we fight cryptocurrency-enabled crime is the scalability of knowledge and investigative technology. As criminals and our adversaries continue to evolve in using new technologies to affect their crimes and evade detection, we shouldn’t be too far behind them in developing investigative techniques and tools to fight them. This is what we do at CAT Labs.

The main challenges we face as a tech startup building tools for government agencies to help them scale investigations are (i) long procurement cycles; (ii) bureaucracy in government contracting; and (iii) significant and many times unsurmountable costs that must be incurred to get the required certifications to do work with the government. This makes the barrier to entry too high for small businesses to enter the market and compete with the behemoths wielding massive budgets and dedicated lobbying teams.

Many businesses abandon their public sector business models and focus on commercial private sector applications of their technology, which ultimately is a big loss for the government. When it comes to innovation and the development of cutting-edge technology, nothing beats a small team of dedicated, passionate engineers and scientists with a mission to solve a known pain point. Some of the most life-changing innovations have at some point originated in someone’s garage or the equivalent with just a handful of motivated geniuses with an idea and a dream.

If we could bring U.S. startup culture to the government by removing a lot of the red tape associated with government contracts, it would encourage more of the young geniuses to create innovative technology that serves our country, as opposed to yet another way to pay someone (fintech) or another way to interact with others online (social media).     

We’ve talked a lot about tech.  What about the role of traditional human intelligence in investigations?  What are the advantages and limits?

Human intelligence will always have a place no matter where the technology is going. Many criminal organizations are very difficult to infiltrate without someone on the inside providing us insights into how they operate. However, the unique characteristics of dark web criminal enterprises like dark web drug markets made us re-think our investigative techniques when it comes to using human sources to gather intelligence.

A traditional drug cartel investigation usually has a hierarchical structure, where a low-level drug dealer can lead investigators all the way back to the kingpin if we continually flip them to Team America to help us get to the next boss in the organization. On the dark web, most of the time, the low-level players in the criminal game don’t know who their boss is in real life because everyone uses pseudonyms on the dark web, and they rarely use trackable communication devices that could lead to their identification by law enforcement. They almost never meet in person and often don’t even know where their co-conspirators are in the world. 

On the dark web, most of the time, the low-level players in the criminal game don’t know who their boss is in real life because everyone uses pseudonyms on the dark web, and they rarely use trackable communication devices that could lead to their identification by law enforcement. They almost never meet in person and often don’t even know where their co-conspirators are in the world. 

You have commented publically before on the intersection – and tension – between policy regarding digital assets and day-to-day realities.  What do you mean by that, and what strikes you as important?

Like fitting a square peg in a round hole, the old school approach to regulating traditional finance to prevent illicit activity has proven difficult to apply to the digital asset space. Imagine trying to enforce rules in a place where everyone is anonymous and there is no head honcho in charge. That’s the decentralized world of digital assets. Unlike in traditional finance, digital currencies zip across the globe instantaneously without the need for intermediaries or limits on where and how much you can send and for what purpose. This makes it extremely challenging for any one country to put controls in place like KYC/AML requirements to regulate illicit finance in crypto. 

Some of the prominent bills proposed for regulating this space are written in a way that would make it impossible as a practical matter for the crypto industry to exist in the U.S.  Either that, or they were drafted without proper understanding of the underlying distributed ledger technology and its technical limitations. For example, designating crypto miners, node validators and wallet providers as money service businesses (MSBs) and requiring them to comply with know-your-customer (KYC) regulations and maintain an AML program with its corresponding reporting requirements is not technically feasible for these contributors to the digital asset ecosystem. Node validators and miners, for instance, can’t possibly know their customer because they are simply running code that validates transactions on a distributed ledger and have little control over the who, why, when and where of crypto transactions running through their nodes to comply with AML/KYC requirements associated with an MSB.

I believe that focus should be placed on regulating Virtual Asset Service Providers (VASPs), making them adhere to the same requirements as other financial institutions. Most importantly, our law enforcement and intelligence agencies should be equipped with the tools and training to properly and at scale investigate and detect when and how digital assets are being used in illicit finance. We have to take advantage of the unique opportunities for asset seizures that crypto use in illicit finance presents to us, as long as we know where to look, what to look for and what to do with it when we find it. 

Finally, an unfair question:  Any predictions about the future of digital asset investigations?  Where might be the advances and lingering obstacles?

Privacy pools, account abstraction, multi-party computation and fully homomorphic encryption are some of the technologies being developed now that could make crypto more private and secure, but also more difficult to track and seize for law enforcement. We are always a step behind the bad actors that choose to exploit crypto for illicit purposes. 

That said, it’s very important that we allow these emerging cryptographic technologies to be developed here in the United States because they will ultimately help us build quantum resistant encryption and more resilient ecosystems capable of withstanding post quantum cyber attacks. Our job is not to kill the tech, but to catch the bad guys exploiting it with criminal intent.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.