Money laundering is one of the biggest issues that blockchain exchanges tend to face as cryptocurrency. In fact, someone may think that crypto is considered to be a breeding ground for hackers, frauds and so called “black market”. Though cryptocurrency itself is secure and immutable. The danger grows from the cryptocurrency services, their vulnerability to hacks. Regardless of the kind of cryptocurrency, you cannot be guaranteed that your assets are safe (unless you have an insurance. Only in Ethereum digital criminals stole $255 million in 2018. $1 billion is a total volume of money stolen from different exchanges in 2018. About $480 billion were stolen from different exchanges in the first part of 2019.
All these numbers just show that the problem with AML compliance is at the urge.
Do you want to know, how they usually do it?
The most common money laundering scenario includes such steps as:
- Distributing money to as many wallets as possible.
- Running the distributed money through so-called cryptocurrency mixers, atomic swaps and privacy coins.
- Depositing money from the mixers to the exchanges with no or low-performing KYC/AML.
- Gathering all the money by withdrawing it to “clean wallets” from those exchanges.
- Getting “clean” cryptocurrency or fiat!
Alexander Vinnik was accused of money laundering and arrested in 2017. He controlled one of the oldest and biggest cryptocurrency exchanges, which was suspected to work sketchy. The exchange did not have any system to identify its clients. That way it was easy to carry out transactions on a non-attributable basis without specifying the source of funds. Being anonymous, users received and sent money for blackmailing, drug dealership and other illegal actions. Besides, Alexander was claimed guilty for pulling money from Mt. Gox, the Japanese exchange through BTC-E and then withdrew money to offshores. The whole damage was estimated to be about $480 million.
Another high profile scandal happened in Canada. One of its citizens, Gerald Cotten, founded a company, Quadriga CX in 2013. Soon this cryptocurrency exchange had 80% of BTC customers in the country. In 5 years customers started experiencing issues withdrawing assets. Gerald’s wife claimed him dead in January 2019 — and assets worth around $180 million were lost. Earlier Gerald Cotton was claiming himself to be the only person having keys to cold wallets, where the assets were residing. Besides, he insisted on using multisignature for those wallets. The list of these wallets has never been revealed, which made the customers furious. So far they could find only Litecoin wallets, where the transactions have kept happening every day up till now, which is weird, considering that the owner is dead. There are two opinions about this situation: people think that Gerald’s wife is using the money or Gerald has never died and he is simply hiding somewhere, probably — under a different identity.
Going to India having Grohn’s disease and creating a testimony shortly before his “death” say in support of the second version. Anyway, nobody has any doubts, that it was a fraud. However, it is impossible to punish everyone involved or return the stolen money back since crypto-exchanges are not regulated.
One of the main reasons why the VASPs will implement regulations is because FATF (Financial Action Task Force) issued new rules for crypto exchanges. Due to these new rules they need to be regulated as banks, they will need to provide information about their customers. The numbers mentioned above and the understanding, that cryptocurrencies and their exchanges are extremely vulnerable to hacker attacks and dishonest users or exchange owners bring us to a thought, that in spite of one of the main privileges of most crypto exchanges — their anonymity, soon the platforms dealing with cryptocurrencies will need to identify their users.
Recently a popular exchange platform ShapeShift has made an announcement about mandatory registration and verification for users of their exchange. It means that from now on each user will need to provide personal data in order to comply with KYC and AML regulatory requirements. This caused a tidal wave from ShapeShift users leaving the platform. However, the first step to cryptocurrency regulations has been made.
Our feeling is that cryptocurrency exchanges will get more and more regulated. Therefore we have thought about analytics that can be used by users to see the history of their wallets transactions. This has inspired us to invent the Global Ledger — a service that would allow financial regulators and virtual asset service providers to identify suspicious transactions, validate sources of funds and prevent legal actions by cooperating with authorities handling anti-fraud activities. Moreover, one of the main goals of Global Ledger is to allow users to make sure that their transactions are clean and the users cannot be accused of being a part of a fraud. Apart from providing AML reports, it allows visualizing all transactions of assets between the addresses. By design, Global Ledger is supposed to help keeping records about users’ assets flow and assist them with getting to know their counter-parties. Right now, however we get more and more requests for transactions transparency approval and even investigations. A few investigations have also been made by our own research team, as a part of evidence collection for lawsuits. Moreover, one of our future ideas is to check the markets, where the compromised wallets may be to make sure that users deal with reliable counter-parties and all the transactions happening outside exchanges are fair. Our vision is that in future cryptocurrency will not be jointed with fraud and money laundering, it will fade away due to current trends and changes.