DoJ’s crypto czar joins FinCEN in brand-new role: Why it matters

Published at: July 9, 2021

In her monthly Expert Take column, Selva Ozelli, an international tax attorney and CPA, covers the intersection between emerging technologies and sustainability, and provides the latest developments around taxes, AML/CFT regulations and legal issues affecting crypto and blockchain.

Talk about ending a stellar career at the United States Department of Justice with a bang. The DoJ’s first-ever “crypto czar,” Michele Korver, advised government attorneys, federal agents, the Department of the Treasury’s Financial Stability Oversight Council and the U.S. delegation to the Financial Action Task Force on cryptocurrency matters, and she developed cryptocurrency seizure and forfeiture policy and legislation. While she was wrapping up her last day on the job, an affiliate of the notorious “REvil” gang, which is best known for extorting $11 million in Bitcoin (BTC) from meat processor JBS after an attack on Memorial Day, executed the single biggest global ransomware attack on record to kick off the July 4 holiday weekend.

Related: Meet DoJ’s Crypto Czar: Expert take

REvil’s supply chain-targeted ransomware attack successfully spread malware to thousands of businesses in at least 17 countries that outsourced their IT department to Kaseya, a privately held company based in Dublin, Ireland. It did so in one fell swoop, thanks to Kaseya’s compromised IT management software, VSA — resulting in a $70 million payday in Monero (XMR). If REvil is successful, they could perform a second attack on the businesses that chose to pay the Mondero demand. According to a recent report by Cybereason titled “Ransomware: The True Cost to Business,” 80% of businesses that choose to pay a ransomware demand are targeted a second time. REvil could then turn around and launder the illicit proceeds on dark web markets, as outlined in a report issued by Flashpoint and Chainalysis.

Related: Are cryptocurrency ransom payments tax-deductible?

Criminals prefer using cryptocurrency tumblers/mixing services or privacy coins like Monero when paying for illicit goods and services in order to obscure the trail back to the fund’s original source, points out Korver, who co-authored an article titled “Surfing the First Wave of Cryptocurrency Money Laundering” in a journal issued by the DoJ. As she writes:

“Criminals follow common paths when placing, layering, and integrating their ill-gotten cryptocurrency. Those paths go through several primary domains, including institutional exchanges, P2P exchangers, mixing and tumbling services, and traditional banks. [...] Some of these primary domains, such as P2P exchangers and mixing services, appear to more directly cater to criminals in need of laundering cryptocurrency.”

For example, Korver explains: “To first possess cryptocurrency, criminals [including cyberattackers and ransom demanders] must set up wallets. Those wallets might be under their exclusive control [un-hosted wallets], or they might be custodial wallets hosted by a third-party service provider, such as an institutional exchange. Once in a wallet, funds can be sent to mixing services or gambling sites to obscure their historical trail. From there, the funds can be converted to fiat currency through exchanges, P2P exchangers, or kiosks. Sometimes, the funds will then be sent to bank accounts or cryptocurrency debit cards where they can be used to buy things or pay off debts. While this is the typical way in which the primary domains appear in the PLI process, criminals can use the domains in almost any way they want: Wallets can be used to mix funds; P2P exchangers can be used to integrate the funds; and kiosks can be used for layering. Criminals can also repeat the steps of the PLI process to further obfuscate the origin of the ill-gotten funds, though they incur additional costs and risk every time they repeat the cycle.”

Related: The United States updates its crypto AML/CFT laws

In the context of ransomware payments, the number of which has increased by around 500% since the onset of the COVID-19 pandemic, Korver goes on to say that “Victims of ransomware attacks have relied on P2P exchangers. With the rise of ransomware as a standardized criminal enterprise, an increasing number of victims have been forced to purchase cryptocurrency in short order. It has been estimated that 9% of Bitcoin transactions are attributable to ransomware or some other form of cyber extortion payment. If it takes days or weeks to open a validated account at an institutional exchange, a P2P exchanger can offer cryptocurrency at a moment’s notice, and victims are willing to pay this speed premium. Victims have noted that ‘the processing times [at a registered institutional exchange] were far beyond the scope of the immediacy posed by the ransom’ and that a P2P exchanger was a better option for obtaining cryptocurrency in a hurry.”

Prior to Korver’s arrival at the Financial Crimes Enforcement Network, FinCEN authorities proposed a rule taking aim at transactions involving unhosted cryptocurrency wallets, which are generally software installed on a computer, phone or other device. The cryptocurrency in an unhosted wallet are controlled by an individual, who can receive, send and exchange their crypto assets person-to-person with other unhosted wallets, or on an exchange platform, without revealing their identity — making it more difficult to trace and scrutinize transactions for Anti-Money Laundering and Counter-Terrorist Financing compliance risks.

Related: Authorities are looking to close the gap on unhosted wallets

These concerns are shared by the Financial Action Task Force (FATF), the intergovernmental body responsible for setting AML standards. The updates proposed by the FAFT to its 2019 guidance expand the definition of a Virtual Asset Service Provider (VASP) to include several noncustodial cryptocurrency businesses, meaning they will be subject to AML/CFT regulations. Peer-to-peer decentralized exchanges/structures (except for rules that apply to all entities, like targeted financial sanctions) remain under review.

As cryptocurrencies — along with ransomware attacks — become more mainstream, Korver will advance FinCEN’s leadership role in the digital currency space by working across internal and external partners to bring forward strategic and innovative solutions to prevent and mitigate illicit financial practices and exploitation.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Selva Ozelli, Esq., CPA, is an international tax attorney and certified public accountant who frequently writes about tax, legal and accounting issues for Tax Notes, Bloomberg BNA, other publications and the OECD.
Tags
Aml
Related Posts
FinCEN lists cryptocurrencies as top AML and CFT priorities
The United States’ Financial Crimes Enforcement Network will continue to closely follow the cryptocurrency industry as one of its top priorities for combating crimes like money laundering. FinCEN officially announced Thursday that “virtual currency considerations,” or operations involving cryptocurrencies like Bitcoin (BTC), will be among its top national priorities for countering terrorism financing and ensuring proper Anti-Money Laundering policies. “The establishment of these priorities is intended to assist all covered institutions in their efforts to meet their obligations” under related laws and regulations, the regulator said. FinCEN elaborated that it will soon issue regulations to specify how financial institutions should …
Bitcoin / July 1, 2021
Digital intelligence must overcome challenges to solving crypto crimes
While the value of cryptocurrencies has varied wildly in the last year, this has not diminished crypto’s attractiveness to criminals. Many of them are moving their illegal activities underground and outside the view of law enforcement. Because of the public nature of most blockchains, however, this rapid movement shouldn’t be a major concern to law enforcement agencies. With the right tools and training, following the proceeds of crypto-enabled crime is actually not as difficult as it may seem. However, intelligence agencies must have a cryptocurrency investigation plan that includes the right tools to lawfully collect digital evidence and the properly …
Technology / Aug. 20, 2021
The United States updates its crypto AML/CFT laws
Against great pushback from the crypto industry and as the price of Bitcoin (BTC) has reached new all-time highs several times during the last couple of months, the United States has updated its cryptocurrency Anti-Money Laundering/Combating the Financing of Terrorism laws. Related: COVID-19 pandemic spurs crypto law updates in J5 countries The Anti-Money Laundering Act of 2020 and the Corporate Transparency Act Last December, the Senate approved the National Defense Authorization Act and, as part of that legislation, passed the Anti-Money Laundering Act of 2020 and the Corporate Transparency Act. Related: EU amends AML laws for crypto trading as US …
Blockchain / Jan. 24, 2021
Cybercrime task force monitoring the global digital financial system
The United States faces a growing threat of transnational cybercrime, particularly against its financial system. In what may be the largest prosecution of its kind in U.S. history, the U.S. Department of Justice has charged Texas tech billionaire Bob Brockman in a 39-count indictment with evading $2 billion in taxes. The businessman used encrypted devices and code words to conceal his wire fraud, tax fraud and money laundering within a network of offshore entities and bank accounts. As the CEO of Reynolds and Reynolds Co., Brockman contributed 6.4% to the United States’ current annual deficit of $3.1 trillion — more …
Technology / Oct. 24, 2020
Jack Dorsey warns that FinCEN regulations will drive crypto users offshore
Major U.S crypto firms are rallying against FinCEN’s proposed regulations that would force businesses operating with crypto to gather information on the identities of non-customer counterparties. A Jan. 4 letter from Jack Dorsey, CEO of financial services firm Square takes aim at the proposal for seeking to impose reporting obligations that go “far beyond what is required for cash transactions,” and that Sqaure would be expected to collect “unreliable data about people who have not opted into our service or signed up as our customers.” “Counterparty name and address collection/reporting should not be required for [virtual currency] CTRs or recordkeeping, …
Regulation / Jan. 5, 2021