By Edward Moss, Head of Market Research, and Deleep Nair, Solution Engineering, Symphony AyasdiAI
Financial institutions last year filed more than 3 million suspicious activity reports (SARs) in 2021 – and money services businesses (the category that includes cryptocurrency exchanges) located in San Francisco (which include Coinbase, Binance and others) filed more SARS than all securities firms and casinos combined. That’s according to Dynamic Securities Analytics, a Florida-based anti-money laundering consultancy. Because there are no cryptocurrency categories on the SARs forms, it can’t be confirmed what percentage of San Francisco’s filing were by crypto exchanges but increased activity in the space was the most likely explanation, according to DSA. FinCEN issued guidance in 2019 stressing the need for dealers in “convertible virtual currencies” to register as money services businesses and comply with anti-money laundering requirements.
As previously mentioned in our previous article, DeFi remains largely unregulated and observes minimal KYC (Know Your Customer) or AML checks. Traditional centralized finance has a clear regulatory framework and centralized virtual asset service providers (VASPs) are tied to the standards set for traditional financial institutions. That’s because they’ve been designated as DSPs (direct stock purchases) so they have started to become regulated by the SEC and the Federal Election Committee (FEC) because they’re money providers. The rest is the wild west, creating huge opportunities for financial growth but unfortunately, corruption, exploitation and easy crime as well.
Monero is a popular cryptocurrency among ransomware attackers, as noted previously.
It’s estimated that about 10-20% of ransoms are paid in Monero – and that’s expected to rise. At the same time, an increasing number of marketplaces that are on the dark web are exclusively accepting crypto for everything from guns to drugs.
Criminals are also getting smarter about DeFi regulation efforts. Within the dark web, there are places that give tips and tricks on how to further hide your coins. Criminals are checking these tips to see whether their actions will catch regulators’ eyes. Anti-analysis allows criminals to check their own Bitcoin wallets and see whether they have any sort of association with criminal activity.
A Look into the Modern Criminal
Recognizing the inherent vulnerabilities of separate fraud and AML (FRAML) units, many firms have started to explore how they can share data, intelligence, processes, and people, and foster a holistic approach to financial crime prevention. Moving to a converged state also enables firms to introduce greater workforce flexibility, increase staff enthusiasm, and improve operational efficiencies.
Historically, FRAML functions often operated as two distinct organizational units at FIs, with minimal data or resource sharing, but organized criminal rings do not operate in silos. Thriving on fragmented financial crime controls at FIs, criminals benefit when data and process gaps prevent their true identity and criminal intent from being discovered.
Bad actors are always looking for new ways to hide their actions. NFTs and DeFi are newly popular venues for criminals to launder their dirty money, which means the finance industry will need to keep current with the latest criminal trends. They’ll also need to work closely with regulators to make money laundering as difficult and risky as possible.
Financial institutions are finding it difficult to keep up with the changing times and are experiencing pain points such as too many false positives, difficulties seeing a holistic view of risk on an entity basis and linkage between related suspicious activity. Financial institutions are in need to improve the efficacy of their cryptocurrency fraud and AML products’ ability to discover and define the true risk. A holistic view increases the precision in which you score and triage alerts which will segue into an improvement in efficiency.
To address the identified risks, the U.S. Department of the Treasury recommends consideration of several non-regulatory and regulatory options:
- Encouraging the creation and enhancement of private sector information-sharing programs to foster transparency among art market participants.
- Updating guidance and training for law enforcement, customs enforcement, and asset recovery agencies.
- Using FinCEN recordkeeping authorities to support information collection and enhanced due diligence
- Applying AML/CFT requirements (such as suspicious activity reporting and know-your- customer procedures) to certain art market participants and/or obligating them to create and maintain AML/CFT