According to Chainalysis’ 2022 Crypto Crime Report, the total transaction volume of cryptocurrencies grew to $15.8 trillion in 2021, a 56% increase from the numbers reported in 2020. With such massive adoption, it’s no wonder that crypto use for criminal activity also reached an all-time high in 2021, with illicit addresses receiving $14 billion, up from $7.8 billion in 2020.
While $14 billion worth of cryptocurrencies being associated with illicit addresses is undoubtedly concerning, a slightly encouraging stat pops up when this is compared with the total crypto transaction volume in 2021. Transactions involving illicit addresses represented just 0.15% of crypto transaction volume in 2021.
Driving these numbers down is critical, and one of the ways to do this is by stifling bad actors’ access to funds through solid anti-money laundering policies. So what is AML in crypto, and how does it work? Let’s get answers.
What is Crypto Money Laundering?
Cryptocurrency money laundering is the process of making illegally obtained cryptocurrency look legitimate. Bad actors achieve this by funneling such ill-gotten cryptocurrencies through exchanges or other services to keep them safe from the authorities and eventually convert them to fiat money. In 2021, cybercriminals laundered a whopping $8.6 billion worth of cryptocurrency.
Bad actors typically adopt one of two methods to launder crypto funds: they either send these funds to unregulated crypto-fiat services or exchanges or use fake or stolen identities to convert the funds on regulated exchanges. Chainalysis found that in 2019, $2.8 billion in Bitcoin was moved from criminal entities to exchanges, with Binance and Huobi receiving just over 50% of these funds.
Further analysis revealed an interesting inference. Only a small percentage of accounts on Binance and Huobi received most of the illicit Bitcoin funneled into both exchanges. It’s suspected that these accounts are, in fact, OTC (over-the-counter) brokers. OTC brokers facilitate transactions between crypto buyers and sellers who do not want to operate on an open exchange and some likely provide money laundering services by taking advantage of lower KYC requirements.
Although cryptocurrency-based crimes include everything from stolen funds to scams and terrorism financing, money laundering holds a special spot. The reason is it’s what enables criminals to access their funds in the first place. In other words, crypto laundering is a crucial enabler of other illicit activities or transactions connected to cryptocurrency. As such, crippling its effectiveness would mean making it difficult for bad actors to cash out cryptocurrency, thus reducing their incentive to commit crimes in the first place. And that’s where “crypto AML” comes in.
What is Crypto AML and How Does it Work?
Anti-money laundering in the crypto world entails all the regulations, policies, and guidelines designed to prevent criminals from successfully converting illegally-gained crypto to fiat currency.
The Financial Action Task Force (FATF) is responsible for setting global standards for anti-money laundering laws. In 2014, the organization began releasing the guidelines for crypto anti-money laundering, and legislators in its member jurisdictions started using these guidelines to create crypto AML laws.
Next up on the chain of command are virtual asset service providers (VASPs), which according to FATF, are persons or businesses that facilitate one or more of the following activities for or on behalf of other people or services:
Exchange between virtual assets and fiat currencies
Exchange between one or more forms of virtual assets
Transfer of virtual assets
Safekeeping and or/administration of virtual assets or instruments enabling control over virtual assets
Participation in and provision of financial services related to an issuer’s offer and/or sale of a virtual asset.
(FATF defines a virtual asset as “a digital representation of value that can be digitally traded or transferred and can be used for payment or investment purposes.”)
FATF’s definition of virtual asset service providers covers crypto exchanges, stablecoin issuers, and on a case-by-case basis (meaning depending on how they are used), DeFi protocols, and NFT marketplaces. All these institutions are required to integrate know-your-customer checks on their platforms and monitor suspicious transactions that may be linked to money laundering, so they can thwart them. VASPs also have to report suspicious activity to regulators so they can trace the flow of funds and ultimately pin such activities to real-world actors.
The Basic Pillars of Crypto AML
While there might be variations in AML stipulations across different jurisdictions, most of the laws have similarities. This means that it’s easy to identify common pillars that VASPs should integrate into their operations for AML compliance. Thanks to the USA’s Bank Secrecy Act, no one has to guess what those pillars are. Let’s take a quick look at these principles.
- Appoint a Compliance Officer
Appointing a compliance officer involves designating someone who would oversee and ensure your company’s compliance with AML regulations. Their job typically involves evaluating your current processes, identifying areas for improvement, drafting new policies in accordance with existing regulations, and supervising their implementation.
Naturally, the designated officer should have the requisite knowledge regarding your company and industry. They should also be conversant with AML regulations and have experience drafting implementation strategies.
- Create Internal Policies
Another obvious pillar is the development of internal policies and processes that will ensure compliance with AML regulations. These policies include the implementation of customer identity verification systems, monitoring transactions and flagging suspicious activity, conducting regular AML reviews, and more. Companies either build these systems or integrate with platforms that offer them such as Bitpowr.
- Develop a Training Program for Employees
Getting buy-in from employees is critical to maintaining AML compliance. To kick start the process, employees have to understand what AML stipulations apply to their company, why they are critical, and how to uphold them. This would require frequent training using a program that aligns with updated AML requirements and current industry trends. The compliance team is usually tasked with building this course.
- Ensure Independent AML Compliance System Testing and Auditing
Beyond internal AML policy assessments, subject your system to testing and auditing by qualified independent entities. Assessments by such third parties will reveal loopholes in your system and help you avoid violations that may lead to serious sanctions. They also provide unbiased proof of AML compliance, which can drive credibility and adoption.
Ensure the party conducting the assessment has ample knowledge of the industry, the latest AML requirements, and your company’s operations. This is so the testing process can be thorough and effective.
- Conduct a Thorough Risk Assessment
Risk assessment generally involves conducting customer and transaction due diligence. In 2018, FINCEN released a customer due diligence rule which advised financial institutions to verify the identity of their customers and continuously monitor transactions to spot and report suspicious activity.
FINCEN recommends a risk-based approach to monitoring customer activity. This approach involves assessing the risk specific accounts or customers may pose based on certain characteristics or activities. In this case, financial institutions would have to set triggers for possible red flags, accounts, or transactions that require extra attention.
Cybercriminals laundered $8.6 billion worth of cryptocurrency in 2021 alone. It’s critical to drive this figure down because making the crypto ecosystem a convenient pipeline for illicit funds will stifle crypto adoption, increase the likelihood of hostile regulations, and, worse, hurt innocent users. On the flip side, creating solid structures to deter crypto laundering or money laundering via crypto would improve the industry’s reputation and drive widespread adoption and greater support from governments and regulators.
At Bitpowr, we offer robust AML and KYC policies you can tap into when you integrate with us. Now you can easily comply with AML regulations, protect your customers and business and build brand credibility. Learn more about our AML system here. Ready to integrate with Bitpowr? Come talk to us!