Today we are very pleased to welcome guest blogger Lili Infante, who is the CEO of CAT Labs – a tech company building digital asset recovery and quantum-resistant cryptography tools to fight crypto crime.  Lili previously spent a decade as a DEA Special Agent with the U.S. Department of Justice and pioneered an early federal task force focusing exclusively on crypto and dark web crimes. Lili has led numerous major crypto-related investigations to include the takedown of Hydra – the largest crypto-powered dark web criminal organization and money laundering platform in the world.

We reached out to Lili because her work is fascinating and increasingly important.  Law enforcement agencies, the U.S. Treasury Department and other regulators are focused on vulnerabilities and potential gaps in the United States’ anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”) regulatory, supervisory, and enforcement regimes in regards to the use and misuse of virtual assets and decentralized finance.  Virtual assets can be the vehicle of choice for terrorist financing, fraud schemes, and state-sponsored cyber crime.  Meanwhile, agencies such as the Financial Crimes Enforcement Network (FinCEN) struggle to find proposed regulatory solutions.

This blog post again takes the form of a Q&A session, in which Lili responds to questions posed by Money Laundering Watch about investigating crypto-related illicit activity and recovering digital assets. We hope you enjoy this discussion on this important topic. – Peter Hardy

Continue Reading  Fighting Crypto Crime:  A Guest Blog.

It is challenging for law enforcement to track down and trace illicit activities conducted through digital currencies. The process can be very time- and resource-intensive.  Further, securing charges and arrests, and subsequent convictions, often requires the strong support of traditional sources of evidence, such as fact witness testimony and electronic communications.  Nonetheless, blockchain analytics is a key component of the government’s ability to pursue such cases.

On March 12, a jury in the United States District Court for the District of Columbia found Roman Sterlingov guilty on charges of money laundering conspiracy, so-called “sting” money laundering, operating an unlicensed money transmitting business, and violations of the D.C. Money Transmitters Act.  We blogged about the initial criminal complaint issued against Sterlingov here.  Sterlingov allegedly laundered $400 million through Bitcoin Fog, a bitcoin mixing service which can be used to obscure the origins of cryptocurrency transactions. 

Shortly before the trial and guilty verdicts, the Court issued an order addressing the admissibility of expert testimony related to blockchain analysis software under the factors established by the Supreme Court’s decision in Daubert v. Merrell Dow Pharmaceuticals, Inc. to assess the reliability of expert testimony under Federal Rule of Evidence 702.  This blog post focuses on that order.

Specifically, the Court addressed proprietary software used by the private digital asset forensic firm Chainalysis, Chainalysis Reactor (“Reactor”), and whether expert testimony by witnesses propounded by the government – Luke Scholl (“Scholl”) from the FBI, and Elizabeth Bisbee (“Bisbee”) from Chainalysis – could rely upon Reactor under Daubert.  Reactor is a software used to dissect bitcoin transactions, utilizing techniques like co-spend analysis to connect multiple addresses to a single entity. The defense raised significant concerns about the reliability of Reactor.

The Court found the expert testimony admissible under Daubert.  Importantly, the Court also noted that while Reactor was important to the government’s case, it was not the sole basis for the prosecution’s theories. Other evidence, such as materials found in Sterlingov’s possession, online forum posts, IP analyses, and traditional blockchain tracing, also supported the prosecution.

The Court’s decision has potentially significant implications for future cases involving cryptocurrency transactions and digital currency-related crimes. It establishes a precedent regarding the potential admissibility of evidence derived from such software tools and underscores the evolving challenges and complexities of investigating financial crimes in the digital age.

Continue Reading  Blockchain Analysis and Related Expert Testimony Admissible In Criminal Trial

As we have blogged repeatedly, there is a close nexus between money laundering and tax crimes.  The frequent connection between the two sets of offenses – and the potentially related methods of combatting them – is a topic that is receiving growing attention.  It is important for many reasons, including the increase in international cooperation and information sharing across countries and law enforcement agencies in regard to both sets of offenses.

We therefore are very pleased to welcome to Money Laundering Watch guest bloggers Emmanuel Mathias and Adrian Wardzynski, who have authored a well-received Working Paper, Leveraging Anti-Money Laundering Measures to Improve Tax Compliance and Help Mobilize Domestic Revenues as part of the International Monetary Fund (“IMF”) publication series (“Working Paper”).

As we will discuss, the Working Paper advocates leveraging anti-money laundering (“AML”) measures to enhance tax compliance, tackle tax crimes, and help mobilize domestic revenues.

Emmanuel Mathias heads the Governance and Anti-Corruption division in the IMF’s Legal Department, where he oversees the IMF’s work on anti-corruption and the rule of law. He also worked extensively on AML issues. Prior to joining the IMF in 2005, Emmanuel served as a researcher in economics, was trained as a customs special agent, and worked for the French Financial Intelligence Unit. Emmanuel holds a Ph.D. in Economics from the University of Paris – Pantheon Sorbonne. He graduated from the Institute of political studies of Strasbourg, and was admitted to the French national school of administration.

Adrian Wardzynski works in the Financial Integrity division in the IMF’s Legal Department. In his role as a Counsel he focuses on financial integrity issues relating to money laundering, tax crimes, and corruption. Before joining the IMF in 2021, Adrian was a Tax Policy Advisor at the Organization for Economic Cooperation and Development. He also worked on taxation of multinational enterprises and financial institutions in the private sector and Switzerland’s State Secretariat for International Finance. Adrian holds an LL.M. in Taxation from the London School of Economics and Political Sciences.

The IMF is a global organization which works to achieve sustainable growth and prosperity for all of its 190 member countries. It does so by supporting economic policies that promote financial stability and monetary cooperation, which are essential to increase productivity, job creation, and economic well-being To fulfill these missions, IMF member countries work collaboratively with each other and with other international bodies.

This blog post again takes the form of a Q & A session, in which Mr. Mathias and Mr. Wardzynski, in their personal capacities, respond to questions posed by Money Laundering Watch about the Report. We hope you enjoy this discussion of this important topic. – Peter Hardy and Siana Danch.

Continue Reading  Leveraging AML Measures to Combat Tax Crimes. A Guest Blog.

We are pleased to offer the latest episode in Ballard Spahr’s Consumer Finance Monitor podcast series, A Look at the Treasury Department’s April 2023 Report on Decentralized Finance or “DeFi.” 

In this episode, we follow up and expand upon our blog post regarding the U.S. Department of the Treasury’s April 6, 2023 report examining vulnerabilities

Enforcement Trends, Crypto, Regulatory Developments — and More

I am very pleased to co-chair again the Practicing Law Institute’s 2023 Anti-Money Laundering Conference on May 16, 2023, starting at 9 a.m. in New York City (the event also will be virtual). 

I am also really fortunate to be working with co-chair Elizabeth (Liz) Boison

On April 13, the State of Wyoming took the extraordinary step of filing a request for permission to intervene in the ongoing dispute between Custodia Bank, Inc. (“Custodia”) and the Board of Governors of the Federal Reserve System (“the Fed”) and the Federal Reserve Bank of Kansas City.  This dispute involves a complaint (now amended) filed by Custodia – a state-chartered special purpose depository institution (“SPDI”) based in Cheyenne, Wyoming – against the Fed and the Federal Reserve Bank of Kansas City, alleging that the defendants improperly denied Custodia’s application for a “master account” with the Fed. Generalizing greatly, having a master account allows financial institutions to operate in the normal course as a custodial bank in the U.S.  Having a Fed master account is therefore critical to any institution looking to operate in the U.S. financial system.

In a nutshell, Wyoming’s request to intervene critiques the defendants because of their “view of perceived inadequacies in Wyoming’s laws and regulations for SPDIs, [which are] partially responsible” for the denial of Custodia’s master account application.  More specifically, Wyoming accuses the defendants of seeking to treat Wyoming SPDIs in an inequitable manner, thereby “treating state-chartered non-federally regulated banks as second-class banks ineligible to compete with federally-regulated ones.”

This blog post focuses on an important issue referenced seemingly in passing in Wyoming’s request for permission to intervene, which is clearly motivating in part the filing by Wyoming:  on March 24, 2023, the Fed made public its January 27, 2023  Order Denying Application for Membership (the “Order”) by Custodia, which had requested the Fed’s approval under Section 9 of the Federal Reserve Act to become a member of the Federal Reserve System.  According to Wyoming, the Fed’s decision to deny Custodia’s application has the effect of preventing Custodia and other Wyoming SPDIs from ever being able to attain the status of federal regulation.  We focus here on the Order because of its much broader anti-money laundering (“AML”) and sanctions implications for any banks which are contemplating targeted services for the digital asset industry.  The 86-page Order is very detailed, and often also discusses safety and soundness concerns, as well as other issues.

As we discuss, the Order suggests that any bank will have a hard time convincing the Fed that crypto-heavy banking services can comply with the requirements of the Bank Secrecy Act (“BSA”) and U.S. sanctions law.  Likewise, the Fed has expressed its skepticism in the Order that blockchain analytics services, even when applied skillfully and with the best of intentions, actually can satisfy the BSA and U.S. sanctions law due to limitations inherent in crypto transactions relating to knowing with confidence who is actually conducting the transactions.  This same issue was also noted by the recent report by the U.S. Treasury regarding perceived AML and sanctions vulnerabilities in decentralized finance providers.

Continue Reading  State of Wyoming Wades Into Custodia Bank Dispute with Federal Reserve — In Wake of Fed’s Rejection of Bank Due to Crypto-Related AML and OFAC Concerns

On April 6, 2023, the U.S. Department of the Treasury released a report examining vulnerabilities in decentralized finance (“DeFi”), including potential gaps in the United States’ anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”) regulatory, supervisory, and enforcement regimes for DeFi.  The report concludes by making a series of recommendations, including the closing of “gaps” in the application of the Bank Secrecy Act (“BSA”) to the extent that certain DeFi services currently fall outside the scope of the BSA’s definition of a “financial institution” covered by the BSA.  The report cautions that it does not alter any existing legal obligations, issue any new regulatory interpretations, or establish any new supervisory expectations.

Continue Reading  U.S. Treasury Releases Report and Recommendations Regarding Vulnerabilities in Decentralized Finance

The U.S. Department of Justice (“DOJ”) announced on March 15, 2023 that in a coordinated effort between U.S. Federal Bureau of Investigations, Europol, and German police, the darknet cryptocurrency mixing service ChipMixer has been shut down.  The operation involved the U.S. government’s court-authorized seizure of two domains that directed users to the ChipMixer service and one Github account.  In addition, German authorities seized $46 million in cryptocurrency, as well as ChipMixer’s back-end servers used to run the site. 

Further, the U.S. Attorney’s Office for the Eastern District of Pennsylvania filed a criminal complaint against ChipMixer’s suspected founder, Vietnamese national, Minh Quoc Nguyen (“Nguyen”), alleging that Nguyen openly flouted financial regulations and instructed users how to use ChipMixer to evade reporting requirements while obscuring his true name under a series of stolen and fictitious identities. The complaint also alleges that ChipMixer, described as a popular platform for laundering illicit funds gained from unlawful activities like drug trafficking, ransomware attacks (according to Europol, ransomware actors Zeppelin, SunCrypt, Mamba, Dharma, Lockbit have used ChipMixer), and payment card fraud, was used to launder more than $3 billion in cryptocurrency since 2017.  Nguyen has been charged with money laundering, operating an unlicensed money transmitting business, and identity theft in connection with the operation of ChipMixer. 

Continue Reading  Darkweb Cryptocurrency Mixer ChipMixer Shut Down for Allegedly Laundering $3 Billion Worth of Crypto

On August 8, the Office of Foreign Assets Control (“OFAC”) sanctioned “notorious” virtual currency “mixer” Tornado Cash, which allegedly has been used to launder more than $7 billion worth of virtual currency since its creation in 2019.  Tornado Cash is a virtual currency mixer that operates on the Ethereum blockchain.  Tornado Cash receives a variety of transactions and mixes them together before transmitting them to their individual recipients.  The stated purpose of such mixing is to increase privacy, but mixers are often used by illicit actors to launder funds because the process enhances anonymity and makes it very hard to track the flow of funds.  According to the Treasury Department press release, “[d]espite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risk.”  This statement seems to imply that Tornado Cash is run by actual people – an implication that is at the heart of the controversy over these sanctions, as we will discuss.

The sanctions against Tornado Cash have elicited enormous controversy in the crypto world because, some argue, (1) Tornado Cash is not an entity run by actual people, but is merely code; and (2) although OFAC has the legal authority to sanction people and entities, it lacks such authority to sanction code or a technology – or at the very least, such sanctions create many practical problems for innocent actors, including in ways which no one has foreseen fully.  As we discuss,  even a member of the U.S. House of Representatives has waded into the controversy this week, questioning the ability of OFAC to issue the sanctions and demanding answers.  The controversy also reflects that, once again, whether one chooses to focus on the word “privacy” or on the word “anonymity” typically reflects an a priori value judgment predicting one’s conclusion as to whether something in the crypto world is good or bad. 

Indisputably, the Tornado Cash sanctions are, to date, unique and unprecedented.  Although they may turn out to be an outlier experiment by OFAC, public pronouncements by the U.S. Treasury Department strongly suggest that, to the contrary, they represent part of the future of crypto regulation, in which the enormous power of the U.S. government to issue broad sanctions obliterates legal and practical hurdles which could stymie other agencies, such as the Financial Crimes Enforcement Network (FinCEN).  This may be because, ultimately, the government actually agrees that no person is in control of a powerful technology that has easy application for malicious uses, and that is precisely the problem.

Continue Reading  OFAC Sanctions Virtual Currency “Mixer” Tornado Cash and Faces Crypto Backlash

On April 28, 2022 the New York Department of Financial Services (“NYDFS”) issued its Guidance on Use of Blockchain Analytics, a document directed to all virtual currency business entities that either have a NYDFS Bitlicense or are chartered as a limited purpose trust company under the New York Banking Law.  The Guidance emphasizes “the importance of blockchain analytics to effective policies, processes, and procedures, including, for example, those relating to customer due diligence, transaction monitoring, and sanctions screening.”

The NYDFS is stressing the role of blockchain analytics in anti-money laundering (“AML”) compliance because “virtual currencies such as Bitcoin and Ether can be transferred peer-to-peer directly from one individual or entity to another pseudonymously, absent the use of a regulated third party (e.g., between non-custodial wallets, or self-hosted wallets that allow users to maintain control of their private keys). . . . [T]hese wallet addresses are typically pseudonymous, with nothing on the face of the transfer tying back to the originator, beneficiary, or underlying beneficial owners.”

Given the potential compliance challenges presented by such characteristics, the NYDFS wants virtual currency entities to leverage the fact that virtual currencies also enable provenance tracing because “the blockchain ledger’s immutability typically allows a historical view of a virtual currency transmission between wallet addresses, providing the opportunity for greater visibility into transaction lineage than is typically found with traditional, fiat funds transfers.”

The Guidance provides that, ultimately, all risk mitigation strategies must account for an entity’s business profile to assess risk across types of virtual currencies and effectively address the specific characteristics of any particular virtual currency involved.  If a virtual currency entity chooses to outsource its control functions to third-party service providers rather than use only internally developed blockchain analytics, it must have “clearly documented policies, processes, and procedures with regard to how the [third-party] blockchain analytics activity integrates into the [entity’s] overall control framework consistent with the [entity’s] risk profile.”
Continue Reading  NYDFS Stresses Use of Blockchain Analytics for AML Compliance by Virtual Currency Businesses