On August 8, the U.S. Department of the Office of Foreign Assets Control (“OFAC”) sanctioned “notorious” virtual currency “mixer” Tornado Cash, which allegedly has been used to launder more than $7 billion worth of virtual currency since its creation in 2019.  Tornado Cash is a virtual currency mixer that operates on the Ethereum blockchain.  Tornado Cash receives a variety of transactions and mixes them together before transmitting them to their individual recipients.  The stated purpose of such mixing is to increase privacy, but mixers are often used by illicit actors to launder funds because the process enhances anonymity and makes it very hard to track the flow of funds.  According to the Treasury Department press release, “[d]espite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risk.”  This statement seems to imply that Tornado Cash is run by actual people – an implication that is at the heart of the controversy over these sanctions, as we will discuss.

The sanctions against Tornado Cash have elicited enormous controversy in the crypto world because, some argue, (1) Tornado Cash is not an entity run by actual people, but is merely code; and (2) although OFAC has the legal authority to sanction people and entities, it lacks such authority to sanction code or a technology – or at the very least, such sanctions create many practical problems for innocent actors, including in ways which no one has foreseen fully.  As we discuss,  even a member of the U.S. House of Representatives has waded into the controversy this week, questioning the ability of OFAC to issue the sanctions and demanding answers.  The controversy also reflects that, once again, whether one chooses to focus on the word “privacy” or on the word “anonymity” typically reflects an a priori value judgment predicting one’s conclusion as to whether something in the crypto world is good or bad. 

Indisputably, the Tornado Cash sanctions are, to date, unique and unprecedented.  Although they may turn out to be an outlier experiment by OFAC, public pronouncements by the U.S. Treasury Department strongly suggest that, to the contrary, they represent part of the future of crypto regulation, in which the enormous power of the U.S. government to issue broad sanctions obliterates legal and practical hurdles which could stymie other agencies, such as the Financial Crimes Enforcement Network (FinCEN).  This may be because, ultimately, the government actually agrees that no person is in control of a powerful technology that has easy application for malicious uses, and that is precisely the problem.

Continue Reading  OFAC Sanctions Virtual Currency “Mixer” Tornado Cash and Faces Crypto Backlash

On April 28, 2022 the New York Department of Financial Services (“NYDFS”) issued its Guidance on Use of Blockchain Analytics, a document directed to all virtual currency business entities that either have a NYDFS Bitlicense or are chartered as a limited purpose trust company under the New York Banking Law.  The Guidance emphasizes “the importance of blockchain analytics to effective policies, processes, and procedures, including, for example, those relating to customer due diligence, transaction monitoring, and sanctions screening.”

The NYDFS is stressing the role of blockchain analytics in anti-money laundering (“AML”) compliance because “virtual currencies such as Bitcoin and Ether can be transferred peer-to-peer directly from one individual or entity to another pseudonymously, absent the use of a regulated third party (e.g., between non-custodial wallets, or self-hosted wallets that allow users to maintain control of their private keys). . . . [T]hese wallet addresses are typically pseudonymous, with nothing on the face of the transfer tying back to the originator, beneficiary, or underlying beneficial owners.”

Given the potential compliance challenges presented by such characteristics, the NYDFS wants virtual currency entities to leverage the fact that virtual currencies also enable provenance tracing because “the blockchain ledger’s immutability typically allows a historical view of a virtual currency transmission between wallet addresses, providing the opportunity for greater visibility into transaction lineage than is typically found with traditional, fiat funds transfers.”

The Guidance provides that, ultimately, all risk mitigation strategies must account for an entity’s business profile to assess risk across types of virtual currencies and effectively address the specific characteristics of any particular virtual currency involved.  If a virtual currency entity chooses to outsource its control functions to third-party service providers rather than use only internally developed blockchain analytics, it must have “clearly documented policies, processes, and procedures with regard to how the [third-party] blockchain analytics activity integrates into the [entity’s] overall control framework consistent with the [entity’s] risk profile.”
Continue Reading  NYDFS Stresses Use of Blockchain Analytics for AML Compliance by Virtual Currency Businesses

Sanctions involving Russia is a front-burner issue for all businesses, but particularly for financial institutions. As we previously blogged, the Financial Crimes Enforcement Network (“FinCEN”) issued on March 7 an alert calling for increased vigilance in the face of potential evasion of Russian sanctions. On March 16, FinCEN issued its second alert on the topic (the “Alert”), reiterating the need for increased vigilance and assisting financial institutions in detecting suspicious transactions involving high-value assets to evade sanctions.

We discuss here the Alert, which provides guidance to financial institutions on how to identify suspicious transactions relating to the use of certain high-value assets by Russian elites, their family members and their “proxies.” The Alert reminds financial institutions of the importance of quickly identifying suspicious activity related to the disposition of sanctioned Russian assets. The Alert also highlights the international and domestic task forces that were formed to effectuate the sanctions laws we describe below, emphasizing the need for cross-agency collaboration and information sharing to achieve the common goal of sanctioning Russia’s power players.  However, and as we discuss, the Alert unfortunately offers no guidance on how “proxies” should be identified or defined.
Continue Reading  Russian Sanctions Redux: FinCEN Issues Guidance on Suspicious Transactions and Evasion Using High-Value Assets

Federal law enforcement and regulators continue to focus on technology-driven financial crime — specifically, cyber-enabled fraud and the laundering of illicit funds through cryptocurrency.  Last week, the Department of Justice (“DOJ”) announced that Eun Young Choi will serve as the first Director of the National Cryptocurrency Enforcement Team (“NCET”).  As we have blogged, the DOJ created in 2021 the NCET in order to address issues on which we repeatedly have blogged:  crypto exchangers and their AML obligations; the process of tracing digital asset transactions; ransomware; so-called “professional” money launderers; and the use of crypto to launder serious crimes such as drug trafficking and human trafficking.  This attempt at a coordinated government approach to crypto enforcement followed the announcement earlier in 2021 by the Financial Crimes Enforcement Network (“FinCEN”) of appointing its first-ever Chief Digital Currency Advisor.

Meanwhile, FinCEN has stressed the need for, and utility of, specific information to be submitted by the victims of cyber-enabled financial crime schemes, or the financial institutions of those victims, to FinCEN’s Rapid Response Program, or RRP.  The RRP seeks to share financial intelligence and recover the proceeds of crime.
Continue Reading  DOJ, FBI and FinCEN Continue to Focus on Crypto and Cyber Financial Crime

On February 8, 2022, the Department of Justice announced the seizure of a record $3.6 billion in stolen BTC it alleges was tied to the 2016 hack of Bitfinex, a virtual currency exchange.  A husband-wife duo, Ilya “Dutch” Lichtenstein and Heather Morgan of New York, New York were arrested the same day and charged via a criminal complaint with conspiracy to commit money laundering and conspiracy to defraud the United States.  Lichtenstein and Morgan are being held on $5 million and $3 million in bail, respectively, and will be on house arrest pending trial.

The Statement of Facts by the government in support of the criminal complaint filed against the defendants reveals a vast and complicated web of transactions that allegedly permitted Lichtenstein and Morgan to transfer approximately 25,000 of the 119,754 BTC stolen by hackers—valued at “only” $71 million at the time of the theft but now worth about $4.5 billion—to various virtual currency exchangers.  According to the Statement of Facts, the stolen BTC was shuttled to an unhosted wallet (i.e., a cryptocurrency wallet not controlled by a third-party but by the user) with over 2,000 BTC addresses, then to various accounts at the “darknet market AlphaBay,” later to a number of accounts at four different virtual currency exchangers, then to more unhosted BTC wallets, and finally to accounts at six more virtual currency exchangers where it was converted into fiat currency, gift cards, and precious metals.  The defendants further allegedly liquidated BTC through a BTC ATM and purchasing non-fungible tokens.

As if the sheer volume and layers of accounts was not enough, the duo allegedly:

  • Moved the funds in a “series of small amounts, totaling thousands of transactions”;
  • Used software to “automate transactions” which allowed for “many transactions to take place in a short period of time”;
  • “Layered” transactions by depositing and withdrawing the BTC through many accounts to obfuscate the trail, including through extensive layering activity that employed the “peel” chain technique; and
  • “Chain hopped” by converting BTC to anonymity-enhanced virtual currency to cut and disguise the blockchain trail.


Continue Reading  A Record $3.6 Billion Seizure and the Twisting Paths of Money Laundering in the Digital World

On October 6, the Department of Justice (“DOJ”) announced the creation of a National Cryptocurrency Enforcement Team (“NCET”).  The DOJ press release is set forth in part below, without further commentary, other than to observe that the NCET’s stated goals are to address issues on which we repeatedly have blogged:  crypto exchangers and their AML

Global AML Compliance Faces Challenges Relating to Regulator Expertise, the Travel Rule, Decentralized Finance, and “Regulator Shopping”

Today we are very pleased to welcome guest blogger Federico Paesano from the Basel Institute on Governance (“Basel Institute”). The Basel Institute recently issued its Basel AML Index for 2021 (“Basel AML Index”). This data-rich and fascinating annual publication, one of several online tools developed by the Basel Institute to help both public- and private-sector practitioners tackle financial crime, is a research-based ranking that assesses countries’ risk exposure to money laundering and terrorist financing. This year, we will focus on the section of the Basel AML Index which analyzes data from the Financial Action Task Force (“FATF”) on how jurisdictions are responding to money laundering and terrorist financing threats related to virtual assets.  The Basel AML Index concludes: “not well at all.”

Federico Paesano is a Senior Financial Investigation Specialist at the Basel Institute’s International Centre for Asset Recovery, and leads its Cryptocurrencies and Anti-Money Laundering Compliance Training.  For 14 years, Federico worked for the Italian Financial Police, ending his career as Chief Investigator, leading and conducting judicial and financial investigations, focusing in particular on economic crimes such as corruption and money laundering.  In July 2009, he was seconded by the Italian Government to the European Union Police Mission in Afghanistan (“EUPOL”) as Mentor to the Minister of Interior on Anticorruption.  Along with Europol and Interpol, Federico and the Basel Institute are co-organizing on December 7–8, 2021 the 5th Global Conference on Criminal Finances and Cryptocurrencies, which focuses on the emerging threat posed by criminals using new payment methods to conceal the proceeds of their crimes. His Quick Guide to Cryptocurrencies and Money Laundering Investigations may be found here.

The Basel Institute is a not-for-profit Swiss foundation dedicated to working with public and private partners around the world to prevent and combat corruption, and is an Associated Institute of the University of Basel. The Basel Institute’s work involves action, advice, and research on issues including anti-corruption collective action, asset recovery, corporate governance and compliance, and green corruption.  Money Laundering Watch was pleased to have Gretta Fenner and Dr. Kateryna Boguslavska of the Basel Institute guest blog on the Basel AML Indices for 2020 and 2019.

This blog post again takes the form of a Q & A session, in which Federico responds to questions posed by Money Laundering Watch about the Basel AML Index 2021 and wider debates on the topic. We hope you enjoy this discussion of money laundering risks and virtual assets — which addresses regulators’ frequent lack of expertise, tracing of cryptocurrency transactions, the Travel Rule, the challenges posed by decentralized finance, “regulator shopping,” and more.  —Peter Hardy and Andrew D’Aversa
Continue Reading  The Basel AML Index 2021: Virtual Assets and Money Laundering. A Guest Blog.

Treasury Offers Something for Everyone to Comply With: Trades and Businesses, Banks, Crypto Exchangers and Individuals

On May 21, 2021, the U.S. Department of Treasury (“Treasury”) released its American Families Plan Tax Compliance Agenda (“Agenda”), a comprehensive set of initiatives to increase tax compliance and close the “tax gap” between the amount taxpayers owe and the amount that is actually paid.  While part of the $80 billion plan calls for providing Treasury and specifically the Internal Revenue Service (“IRS”) with additional resources to combat tax evasion, the Agenda also proposes revisions to current regulations and leveraging existing infrastructure to “shed light on previously opaque income sources;” namely, cryptocurrency.  Although the sweeping Agenda obviously focuses on tax compliance, it also has related consequences for Bank Secrecy Act (“BSA”) compliance in areas where the BSA and the tax code overlap as to cryptocurrency.

The Agenda also represents the latest in a string of initiatives by the U.S. government regarding the increasing regulation of the use of cryptocurrency, whether by direct users, exchangers of cryptocurrency, or financial institutions with customers dealing in cryptocurrency.  The Agenda represents both an acknowledgement by the U.S. Treasury that cryptocurrency use has become “normalized,” coupled with a clear signal that its use will be highly scrutinized and regulated.
Continue Reading  As Treasury Eyes Crypto in Tax Compliance Agenda, Reporting Obligations May Increase – Including a Crypto “Form 8300” for Transactions over $10K

ABA Tax Fraud Panel to Discuss IRS CI and Crypto Criminals

The Internal Revenue Service – Criminal Investigation (IRS CI) has made it clear that it is focusing on the abuse of digital currencies to further tax evasion, money laundering, and other offenses. IRS-CI also has made it clear that this is an international effort, and that it is trying to partner with law enforcement agencies across the globe in order to coordinate and share investigative leads.

This is a hot topic, and we are honored that Ballard Spahr will be moderating a panel on these very same issues, at the ABA’s annual Tax Fraud/Tax Controversy Conference in Las Vegas on December 12, entitled Charging Cryptocurrency Violations—Tax Crimes or Money Laundering.  We are pleased to be joined by our wonderful panelists, Evan J. Davis, Betty J. Williams, and Ian M. Comiskey.  This is a unique conference, and we invite you to attend if you are interested in the fascinating cross-section of tax evasion and money laundering.

This blog will discuss the recent efforts by IRS-CI to “up its game” in investigating cross-border offenses committed through cryptocurrency, such as its participation in the international Joint Chiefs of Global Tax Enforcement task force. We then will discuss a recent high-profile case which exemplifies these two goals of fighting crypto-related crime and collaborating with foreign law enforcement officials to do so: the notorious “Welcome to Video” case, which led to a global takedown of a darkweb child pornography website, its administrator, and its customers. The Welcome to Video investigation, led by IRS-CI, also illustrates a key point we will discuss at the ABA conference: that cryptocurrency is only “pseudo-anonymous,” and that its protections can yield to a determined combination of modern digital forensics and old-fashioned investigative techniques.
Continue Reading  IRS CI Highlights International Efforts to Tackle Cryptocurrency Abuse, Money Laundering and Tax Evasion

Proposed Settlement Comes After Court Issues Rulings on Extraterritorial Application of U.S. Criminal Law, Evidence of Intent to Conceal and Tracing of Money Laundering Proceeds

On the eve of trial this past Friday, the government announced an agreement to settle, subject to court approval, a major civil forfeiture action in the Southern District of New York.  In the case, United States v. Prevezon Holdings, Ltd. et al., the government alleged an elaborate scheme involving money laundering and other offenses committed in Russia, Cyprus, and Manhattan. The case gained some notoriety in the press due to lurid allegations of the suspicious death while in pretrial detention in Moscow of a Russian lawyer who had uncovered the tax refund fraud scheme, and the alleged defenestration earlier this year of a lawyer working for the decedent’s family. Although the civil forfeiture complaint filed in 2013 sought to forfeit at least $230 million worth of assets, the parties settled for approximately $5.9 million. In the wake of this settlement, both the defense and the government now appear to be claiming victory.

The buildings located on the Red Square: Kremlin wall (at left) and Saint Basil's Cathedral (at right), Moscow, Russia. UNESCO World Heritage Site

This post will analyze an opinion issued by the court in this case last week, prior to the settlement, denying summary judgment to the defense.  The legal rulings contained therein are perhaps not as suitable for a Hollywood-style thriller as some of the content of the government’s press releases and pleadings, but nonetheless represent important issues in the field of money laundering and forfeiture.  Primarily, we analyze an increasingly common and key question: when can U.S. law apply to conduct occurring primarily overseas?  This question has broad implications for federal criminal law enforcement in general, including for RICO and tax fraud prosecutions, as well as for potential civil lawsuits brought by shareholders or other plaintiffs.
Continue Reading  Forfeiture Case Based on Alleged Elaborate $230 Million Russian Laundering and Fraud Scheme to Settle