Criminals have been taking advantage of crypto assets as they are largely under regulated in comparison to traditional institutions.
This has led the EU to create new laws for crypto assets, whilst the FATF developed red flag indicators to help the industry identify suspicious behaviours.
More on these stories below.
Leaked EU Draft Proposes All-Encompassing Laws for Crypto Assets
A leaked version of rules to be issued later this month by the European Commission proposes an all-encompassing set of regulations covering the trading or issuance of digital assets across the 27-nation bloc.
The takeaway is that Europe intends to treat crypto the same as any other regulated financial instrument, which will doubtless provide legal clarity. The unknown is whether that may stifle this nascent and fast-moving space.
With regulators homing in on tighter regulations regarding crypto assets, could we expect the industry to adapt quickly to new laws?
FATF identifies red flag indicators to detect misuse of virtual assets
The Financial Action Task Force (FATF) has prepared a report on red flag indicators to assist financial institutions, investigating agencies and regulators in detecting misuse of virtual assets for money laundering, terrorist financing and other crimes.
The red flag indicators included in the report are based on more than 100 case studies contributed by various jurisdictions from 2017-2020, a confidential FATF report on financial investigations involving virtual assets (June 2019) and earlier report published in June 2014, in addition to information available in the public domain.
Among possible indicators are:
- Transferring virtual assets immediately to multiple service providers, particularly those registered in another jurisdiction with weak anti-money laundering regulations
- Quick deposits and withdrawal without additional exchange activity
- Conversion to multiple types of virtual assets without any logical explanation
- Withdrawal for transfer to a private wallet are possible indicators.
These indicators will not only identify criminals, but also those who are potential mules or scam victims.
How to launder ill-gotten gains
The Economist recently ran a feature looking at how cyber thieves operate as organised crime groups or state actors targeting banks and cryptocurrency exchanges while soliciting the help of money mules to inject the money back into the financial system.
From 2018 it has been estimated that total cyber-crime revenue sits at $1.5trn or more a year (including not only bank jobs but also theft of intellectual property, counterfeiting, data-ransoms and so on). It could be higher now, thanks to covid-19. Many financial firms have struggled to keep security tight with so many staff working from home.
A popular method for laundering the gains from cyber heists is known as an “ATM cash-out”. Far from being all-digital, it involves hacking cash machines to spit out notes, which are grabbed by accomplices known as “money mules”. The mules then use a variety of methods to get the stolen cash back into the banking system. This is very often done by converting the cash into chips at a casino, and in turn exchanging that into a cheque which is easily deposited into a bank without triggering any alerts.
Robbing a bank may certainly have changed over time - as something criminals can do from the comfort of their own home. With any luck, tighter regulations and clearer red flag indicators should slow down criminals’ attempts, but how much more money will be stolen, or laundered, until such time?
Looking to identify suspicious transactions going through your institution?