The U.S. Department of Justice’s cryptocurrency czar joins FinCEN in a new role: Why it matters

In her monthly Expert Take column, Selva Ozelli, an international tax lawyer and CPA, introduced the intersection between emerging technologies and sustainability, and provided information on taxation, AML/CFT regulations, and laws affecting encryption and blockchain The latest development of the problem.

Talk about ending a brilliant career at the U.S. Department of Justice with a loud noise. The first “crypto czar” in the history of the U.S. Department of Justice, Michel Korver, Suggest Government lawyers, federal agents, the Financial Stability Supervision Committee of the Department of the Treasury, and the U.S. delegation joined the Financial Action Task Force on cryptocurrency issues. She formulated cryptocurrency seizure and forfeiture policies and legislation. When she finished the last day of work, The notorious “REvil” gang, The most famous is the Bitcoin extortion of 11 million US dollars (Bitcoin) After the attack on Memorial Day from meat processor JBS, it carried out the largest global ransomware attack in history to kick off the July 4th holiday weekend.

related: Meeting with the Crypto Czar of the U.S. Department of Justice: Expert Views

REvil Ransomware targeting the supply chain attack Successfully spread malware to thousands of companies in at least 17 countries, which outsourced their IT departments to Kaseya, a private company based in Dublin, Ireland. Due to the destruction of Kaseya’s IT management software VSA, it did it in one fell swoop-resulting in Monero getting a $70 million payday (XMR). If REvil succeeds, they can launch a second attack on companies that choose to pay for Mondero’s needs.According to a recent Cybereason report entitled “Ransomware: The Real Cost of Enterprises”, 80% of the companies that choose to pay for ransomware needs are Targeted the second time.Then REvil can turn around and launder illegal proceeds on the darknet market because Overview In a report published by Flashpoint and Chainalysis.

related: Are cryptocurrency ransom payments tax-free?

Criminals prefer to use cryptocurrency tumblers/hybrid services or privacy coins like Monero when paying for illegal goods and services to cover up clues back to the original source of the fund. Point out Korver, he co-authored an article entitled “Surfing the First Wave of Cryptocurrency Money Laundering” in a journal issued by the US Department of Justice. As she wrote:

“Criminals follow a common path when placing, layering, and integrating ill-gotten cryptocurrencies. These paths pass through several major areas, including institutional exchanges, P2P exchanges, hybrid and rollover services, and traditional banks. […] Some of these main areas, such as P2P exchanges and hybrid services, seem to cater more directly to criminals who need money laundering. ”

For example, Korver explained: “In order to have cryptocurrency in the first place, criminals [including cyberattackers and ransom demanders] A wallet must be set up.These wallets may be under their exclusive control [un-hosted wallets], Or they may be custodial wallets hosted by third-party service providers (such as institutional exchanges). Once in the wallet, funds can be sent to hybrid services or gambling sites to cover their historical trajectory. From there, funds can be converted into legal tender through exchanges, P2P exchanges or kiosks. Sometimes, funds will be sent to bank accounts or cryptocurrency debit cards, where they can be used to buy things or pay off debts. Although this is the typical way the main domains appear in the PLI process, criminals can use these domains in almost any way they want: wallets can be used to mix funds; P2P exchanges can be used to integrate funds; and kiosks can be used for distribution Floor. Criminals can also repeat the steps of the PLI process to further confuse the source of ill-gotten gains, even though they will incur additional costs and risks every time they repeat the cycle. “

related: U.S. updates its cryptocurrency AML/CFT laws

In the context of ransomware payments, the number of ransomware payments has increased by about 500% since the beginning of the COVID-19 pandemic. Korver continued, “Victims of ransomware attacks rely on P2P exchanges. With ransomware With the rise of software as a standardized criminal enterprise, more and more victims are forced to purchase cryptocurrency in a short period of time. It is estimated that 9% of Bitcoin transactions can be attributed to ransomware or other forms of online ransom payment. It takes several days or weeks for an institutional exchange to open a verified account. P2P exchanges can provide cryptocurrency immediately, and the victim is willing to pay this speed premium. The victim pointed out, “Processing time [at a registered institutional exchange] It goes far beyond the real-time scope of the ransom, and P2P exchanges are a better choice to quickly obtain cryptocurrency. “

prior to Korver joins the Financial Crime Enforcement Network, FinCEN authorities proposed a rule aimed at transactions involving non-custodial cryptocurrency wallets, which are usually software installed on computers, mobile phones or other devices. The cryptocurrency in a non-custodial wallet is controlled by an individual. Individuals can receive, send, and exchange their crypto assets with other non-custodial wallets or on trading platforms without revealing their identity-which makes tracking and trading more difficult. Review the transaction’s anti-money laundering and anti-terrorist financing compliance risks.

related: Authorities are seeking to close the gap in uncustodial wallets

The Financial Action Task Force (FATF), an intergovernmental agency responsible for setting anti-money laundering standards, also has these concerns.Update suggested From FAFT to Its 2019 guide Extending the definition of virtual asset service provider (VASP) to include several non-custodial cryptocurrency businesses, which means that they will be subject to AML/CFT regulations. Peer-to-peer decentralized transactions/structures (except for rules that apply to all entities, such as targeted financial sanctions) maintain Under review.

As cryptocurrencies—and ransomware attacks—become more mainstream, Korver will work with internal and external partners to propose strategic and innovative solutions to prevent and mitigate illegal financial behavior and exploitation, thereby enhancing FinCEN’s leadership in the field of digital currency.

The views, thoughts, and opinions expressed here are only those of the author, and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Selva Ozeli, Esq., CPA, is an international tax lawyer and certified public accountant. He often writes articles on tax, legal and accounting issues for tax notes, Bloomberg BNA, other publications and the OECD.