Report Focuses on Travel Rule Implementation – or Lack Thereof

The Financial Action Task Force (“FATF”) recently issued an updated review of the implementation of its anti-money laundering (“AML”) and counter-terrorist financing (“CFT”) standards to financial activities involving Virtual Assets (VAs) and Virtual Asset Service Providers (VASPs), entitled Targeted Update On Implementation Of The FATF Standards On Virtual Assets And Virtual Asset Service Providers (“Report”). 

This post highlights the three main takeaways from the Report – with a focus on the FATF’s Travel Rule.  Condensed, the FATF Travel Rule requires the private sector to obtain and exchange beneficiary and originator information with VAs transfers valued at $1,000 or more. The Report also suggests that some DeFi arrangements are not truly “decentralized.”

Continue Reading  FATF Issues Targeted Update Report on Implementation of AML/CFT Standards on Virtual Assets

On June 6, Attorney General Merrick Garland (“AG”) issued a report titled “How to Strengthen International Law Enforcement Cooperation For Detecting, Investigating And Prosecuting Criminal Activity Related To Digital Assets” (the “Report). Led by the Department of Justice, the Report represents a collaborative effort with feedback from the Department of State, Department of Treasury, Department of Homeland Security, Securities and Exchange Commission, and Commodities Future Trading Commission (“CFTC”). The Report also comes as U.S. senators Cynthia Lummis, R-Wyo., and Kirsten Gillibrand, D-N.Y. recently introduced a sweeping bipartisan bill to bring clarity to cryptocurrency regulation by defining most digital assets as commodities (to be regulated primarily by the CFTC) and enacting rules governing stablecoins.

The Report was required by President Biden’s March 9, 2022 Executive Order, Ensuring Responsible Development of Digital Assets, on which we previously blogged.  The Executive Order addressed concerns about the growing role of digital assets in money laundering crimes and sanctions evasion, and called for a report to be published by the AG for the purpose of strengthening international law enforcement cooperation.  The resultant Report stresses the pragmatic problems facing cross-border investigations – particularly the reluctance or sheer inability of foreign jurisdictions to tackle such investigations independently – and makes three basic recommendations, all of which relate to improved funding, communication and standards.

Continue Reading  DOJ Report Calls For International Cooperation to Fight Digital Asset Crime

On May 19, 2022, the Associate Director of the Enforcement and Compliance Division of the Financial Crimes Enforcement Network (“FinCEN”), Alessio Evangelista, spoke at the Chainalysis Links Conference in New York City on the topic of “The Intersection of Cryptocurrencies and National Security.”  Associate Director Evangelista stressed “responsible innovation” by the cryptocurrency industry, in order to protect consumers and national security interests, as well as to combat cybercrime and other illicit financial activity.  Associate Director Evangelista also denied that FinCEN’s enforcement efforts represent a “gotcha” enterprise.

Shortly after Associate Director Evangelista’s speech, Acting Comptroller of the Currency Michael J. Hsu discussed vulnerabilities in the cryptocurrency framework and recent volatility with stablecoins in pointed remarks at the DC Blockchain Summit 2022.  Describing himself as a “crypto skeptic,” Acting Comptroller Hsu acknowledged the potential value of innovation presented by crypto, but repeatedly bemoaned a “hyped-based” crypto economy, and stressed that “hype is not harmless.”

Combined, these speeches leave no doubt that regulators are exceedingly focused on digital assets and cryptocurrencies, and in particular are increasingly focused on consumer protection concerns, beyond the usual illicit finance and terrorist financing concerns.

Continue Reading  FinCEN and OCC Address Cryptocurrency:  Responsible Innovation and Pervasive Hype

Hefty Monetary Penalties – Accompanied by the Possibility of No Prison Time

The legal saga involving the civil and criminal cases against the entity and former individual owners of the Bitcoin Mercantile Exchange, or BitMEX—a large and well-known online trading platform dealing in futures contracts and other derivative products tied to the value of cryptocurrencies (see here, here, and here)—continues unabated. 

Most recently, BitMEX co-founder and former CEO, Arthur Hayes, a high-profile leader in the cryptocurrency industry, settled his civil charges with the CFTC and pleaded guilty to criminal charges brought by the DOJ.  He now faces sentencing in the criminal case, currently scheduled for the end of this week.  As we will discuss, Hayes and the government take very different views regarding his appropriate sentence.

These cases emerged publicly in October 2020 when: (1) the Commodity Futures Trading Commission (“CFTC”) filed a civil complaint against the entities operating the BitMEX trading platform and its three individual owners for allegedly failing to register with the CFTC and violating various laws and regulations under the Commodity Exchange Act (“CEA”); and (2) the Department of Justice obtained an indictment against the three individual owners and another individual, including Hayes, charging each with violating, and conspiring to violate, the Bank Secrecy Act (“BSA”) by failing to maintain an adequate anti-money laundering (“AML”) program.

The cases have raised novel legal questions concerning which, if any regulatory regimes, apply to participants in the cryptocurrency market.  Moreover, Hayes’ upcoming sentencing raises the question of whether an offense is so novel that it can merit probation, despite the high dollar value of the alleged scheme at issue.

Continue Reading  BitMEX Co-Founder and Owner Settles with CFTC and Now Faces Criminal Sentencing

Enforcement Trends, Crypto, the AML Act — and More

We are very pleased to be moderating, once again, the Practising Law Institute’s 2022 Anti-Money Laundering Conference on May 17, 2022, starting at 9 a.m. This year’s conference will be both live and virtual — and it will be as informative, interesting and timely as always. 

On April 28, 2022 the New York Department of Financial Services (“NYDFS”) issued its Guidance on Use of Blockchain Analytics, a document directed to all virtual currency business entities that either have a NYDFS Bitlicense or are chartered as a limited purpose trust company under the New York Banking Law.  The Guidance emphasizes “the importance of blockchain analytics to effective policies, processes, and procedures, including, for example, those relating to customer due diligence, transaction monitoring, and sanctions screening.”

The NYDFS is stressing the role of blockchain analytics in anti-money laundering (“AML”) compliance because “virtual currencies such as Bitcoin and Ether can be transferred peer-to-peer directly from one individual or entity to another pseudonymously, absent the use of a regulated third party (e.g., between non-custodial wallets, or self-hosted wallets that allow users to maintain control of their private keys). . . . [T]hese wallet addresses are typically pseudonymous, with nothing on the face of the transfer tying back to the originator, beneficiary, or underlying beneficial owners.”

Given the potential compliance challenges presented by such characteristics, the NYDFS wants virtual currency entities to leverage the fact that virtual currencies also enable provenance tracing because “the blockchain ledger’s immutability typically allows a historical view of a virtual currency transmission between wallet addresses, providing the opportunity for greater visibility into transaction lineage than is typically found with traditional, fiat funds transfers.”

The Guidance provides that, ultimately, all risk mitigation strategies must account for an entity’s business profile to assess risk across types of virtual currencies and effectively address the specific characteristics of any particular virtual currency involved.  If a virtual currency entity chooses to outsource its control functions to third-party service providers rather than use only internally developed blockchain analytics, it must have “clearly documented policies, processes, and procedures with regard to how the [third-party] blockchain analytics activity integrates into the [entity’s] overall control framework consistent with the [entity’s] risk profile.”
Continue Reading  NYDFS Stresses Use of Blockchain Analytics for AML Compliance by Virtual Currency Businesses

The Office of the Comptroller of the Currency (“OCC”) entered into a Consent Order (available here) with Anchorage Digital Bank (“Anchorage”), which requires Anchorage to create a compliance committee and take steps to remediate alleged shortcomings with respect to the implementation and effectiveness of Anchorage’s Bank Secrecy Act/Anti-Money Laundering (“BSA/AML”) program.  Notably, Anchorage will pay no civil penalty.

Anchorage is not any regular entity overseen by the OCC:  it is a cryptocurrency custodian.  As we will discuss, the timing of the Consent Order indicates that even when regulators permit crypto activities by financial institutions, they remain cautious, particularly as to BSA/AML compliance.  The OCC’s actions send a clear message that regulated entities offering emerging technology financial services must adhere to the same BSA/AML monitoring and reporting requirements as more traditionally regulated entities.
Continue Reading  OCC Targets BSA/AML Compliance by Anchorage Digital Bank – Only 15 Months After Granting National Trust Bank Charter to the Crypto Custodian

On April 5, 2022 the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) announced sanctions against “the world’s largest and most prominent darknet market, Hydra Market” and Garantex, a virtual currency exchange registered in Estonia but operating in Moscow and St. Petersburg, Russia.  The sanctions are part of a larger initiative targeting Russian cybercrime that spans across multiple federal departments—including the U.S. Department of Justice, Federal Bureau of Investigations, Drug Enforcement Administration, Internal Revenue Service Criminal Investigation, and Homeland Security Investigations—and across the globe—including international partners like the German Federal Criminal Police and Estonia’s Financial Intelligence Unit.  The sanctions follow September and November sanctions of SUEX OTC, S.R.O. and CHATEX, two virtual currency exchanges operated out of Moscow that allegedly facilitated transactions for ransomware actors.  SUEX was the first virtual currency exchange subject to OFAC sanctions (and the subject of a previous post).

While ostensibly focused on closing another avenue for ransomware purveyors to profit off of their wares, the sanctions may also cut off all types of cybercriminals who allegedly find “a haven” in Russia and used Hydra or Garantex.
Continue Reading  OFAC Designates “Hydra” –  the Largest Darknet Market – and Third Russian Virtual Currency Exchange

On March 7, the Financial Crimes Enforcement Network (“FinCEN”) issued an alert “advising all financial institutions to be vigilant against potential efforts to evade the expansive sanctions and other U.S.-imposed restrictions implemented against potential efforts to evade the expansive sanctions and other U.S.-imposed restrictions implemented in connection with the Russian Federation’s further invasion of Ukraine.”  The press release is here.  The alert itself is here.
Continue Reading  Russian Sanctions:  FinCEN Provides Red Flags for Potential Evasion Attempts