cryptocurrency money laundering cases
2020 saw WoToken, a similar scheme operated by some of the same people as PlusToken, defraud investors out of $1.1 billion in its exit scamâ58% of 2020âs major crime volume. What was that first transaction? Airbit was advertised as a cryptocurrency mining and trading company according to the Justice Department. This is the first time OFAC has listed Monero (XMR) in their designations. Michael Corbat, the Chief Executive of Citigroup, was quoted at a December 2020 Bloomberg event saying that Citigroup is working with various governments around the world to assist them with building their own CBDCs. extradited to the United States to face the charges, Criminal - Computer Crime and Intellectual Property Section, Criminal - Office of International Affairs. As of now, the limit for KYC checks is capped at â¬1,000 and only for crypto-to-fiat. Back in February, tokenized margin trading and lending platform bZx suffered two attacks, which were defined not as oracle attacks, but âa clever arbitrage execution.â. In January 2021, the incoming Biden administration declared a freeze on agency rulemaking, which includes these proposed changes. The gaps in these regulations present avenues that can be exploited by money launderers and terrorist organizations. By providing such services, banks can continue to fulfill the financial intermediation function they have historically played in providing payment, loan, and deposit services.â. The fact that BitGo is a small company, cooperated with OFACâs investigation into the violations, and invested in significant remedial measures in response to the violation were mitigating factors that contributed to the lower settlement amount. At one point during the height of ICO mania, the BitConnect pyramid scheme was valued at over $2.5 billion. In the aftermath of the hack, the details of Twitterâs lack of security protocols were harshly revealed. Investment schemes like BitConnect were rampant at the height of the 2017 cryptocurrency bull market, which may hold lessons for the nascent DeFi sector. John Bigatton, an Australian man who worked as a promoter for cryptocurrency lending scheme BitConnect, was charged by the Australian Securities and Investments Commission (ASIC) and sentenced to a maximum of two ten-year terms in prison. The Argentine news outlet Infobae reported that the hack shut down all border crossings for more than four hours as authorities took all computer networks used by immigration officials offline. The new rule would see much smaller transfersâanything over $250âcome under the same requirements if the transmittal of funds begins or ends outside the United States. Citigroup is just the latest addition from the private financial sector to join in on CBDC development, as Visa and Mastercard have also launched CBDC programs. Most notably, the 2020 NRA increased the money laundering and terrorist financing risk of cryptoassets from âlowâ to âmedium.â The assessment noted that the cryptoasset ecosystem has matured, developed, and expanded considerably in the last three years; however, by their analysis this maturation has also provided additional opportunities for abuse resulting in âan increased money laundering risk, with criminals increasingly using and incorporating them into their money laundering methodologies.â The NRA also noted that the inclusion of VASPs into the Money Laundering Regulations (MLRs) since January 2020 would help to mitigate vulnerabilities over time. However, any stablecoin arrangements âshould have the capability to obtain and verify the identity of all transacting parties, including for those using unhosted wallets.â. Although the statutory maximum civil monetary penalty applicable in these matters is $53,051,675, OFAC determined that the Apparent Violations constituted a ânon-egregious caseâ and the two parties came to a settlement of $93,830. Conor Freemanâs main job was to go through victims’ emails to find their cryptocurrency accounts. MSBs committed to controlling money laundering will have to comply with legal frameworks in various countries implementing AML requirements. You can find more details in our Spring 2020 Crypto Crime and Anti-Money Laundering Report: https://ciphertrace.com/spring-2020-cryptocurrency-anti-money-laundering-report/. The South Korean Ponzi scheme was advertised as a high-yield investment for crypto traders, with the company claiming investors would achieve 9% to 18% monthly returns. According to OFAC, âthe IRA uses cryptocurrency to fund activities in furtherance of their ongoing malign influence operations around the world.â These designations include BTC, LTC, ZEC, and BSV addresses. The US Securities and Exchange Commission (SEC) responded to the OCC Interpretation, stating that certain stablecoins might not constitute securities under federal law. However, this exchange also sent $36.7 million worth of bitcoin directly to criminally associated addresses. Regarding the investigation, Assistant Attorney General Brian Benczkowski of the Justice Departmentâs Criminal Division commented, âTodayâs modern cybercriminals rely on increasingly sophisticated techniques to defraud victims, often masquerading as legitimate businesses.â He continued, âThese guilty pleas demonstrate that the United States will hold accountable foreign and domestic criminal enterprises and their enablers, including crooked bitcoin exchanges that swindle the American public.â, The real danger, though, may come from other nation-state actors who seek to replicate this behavior by using cryptocurrency exchanges to cover their tracks. Cryptocurrency Crime and Anti-Money Laundering Report, Whitepaper: UTXO vs Wallet-to-Wallet Tracing in Bitcoin Investigations, Cryptocurrency Risk Intelligence for Financial Institutions. This revelation highlights the need to continue developing methodologies for tracing illicit money flows via privacy coins. VASPs must adhere to local laws when doing business with their citizens. Treasury claims BitGo had reason to know that these users were located in sanctioned jurisdictions based on IP data collected when users log in to the platform, but that BitGo lacked any controls to block users in sanctioned jurisdictions from accessing its services. On October 23, the Financial Crimes Enforcement Network (FinCEN) and the Federal Reserve Board proposed a rule change that would require financial institutions, including banks and cryptocurrency exchanges, to collect, store, and transfer information on international payments at a much lower threshold. Not all European VASPs are making the investment in updating their compliance regimes to meet the new AMLD5 requirements. On November 13, DeFi platform Akropolis suffered an approximately $2 million loss via a re-entrancy attack utilizing a flash loan from derivatives platform dYdX. During the same period, Karlsson and EMS used deceptive “devices and contrivances” to sell securities and then tried to conceal the proceeds of the wire fraud and securities fraud. In the case of this cryptocurrency exchange, dark market exposure more than tripled two hops out, according to CipherTrace data. Safra Bank (MYSB)âthe first-ever enforcement action against a US-based bank. The recently-enacted Anti-Money Laundering Act significantly increases the potential value of awards for whistleblowers under the Bank Secrecy Act. FinCENâs proposed rule change to the âTravel Ruleâ threshold would more than double the number of âTravel Ruleâ messages needed to be sent by US VASPs. The SEC complaint, dated September 29, alleged that Gity defrauded investors of $6.8 million from January 2018 through January 2019 by promoting the false representation that “he was a highly-profitable digital asset trader and had never lost money during a trading day.”. A health-foods cafe was one of the first establishments to accept payments in the Sand Dollar; $130,000 of the currency is currently in circulation. However, any sentence following conviction would be imposed by the court only after consideration of the U.S. In a livestream, KuCoin CEO Johnny Lyu said that the group that infiltrated their system had obtained the private keys to KuCoinâs ethereum hot wallets. That is … Compliance can help keep MSBs from becoming a front for cryptocurrency money laundering cases reducing bitcoin money laundering risk. Karlsson pleaded guilty to all the charges pending against him. Karlsson advised investors that, in the unlikely event that the gold payout did not happen, he guaranteed to them 97% of the amount they invested. Another NPRM issued in December would require banks and VASPs to verify the identity of their customers, keep records of virtual currency transactions greater than $3,000, and submit CTR-like reports for virtual currency transactions over $10,000, if the counterparty in the transaction uses an unhosted (noncustodial) or âotherwise coveredâ wallet. The report states, âCBDC issuance is not so much a reaction to cryptocurrencies and private sector âstablecoinâ proposals, but rather a focused technological effort by central banks to pursue several public policy objectives at once.â, The report provides an alternative explanation to the sudden increase in CBDC tests, hirings, and studies that have occurred in the past year. It was revealed by Bloomberg in 2017 and 2018 that those contractors with access to the admin tool had previously misused it to snoop on the likes of Beyonce, tracking the musician’s geolocation data and viewing private information. On October 3, Lyu announced that the exchange had identified the suspected hackers and had officially involved law enforcement in their investigation. On July 22, the Office of the Comptroller of the Currency (OCC) issued a statement that gave a green light to bank to hold crypto assets for their customers. In 2020, 70% of US Exchangesâ outgoing bitcoin volume was sent to unhosted wallets; 52.1% of incoming BTC volume came from unhosted wallets. On October 15, the US Department of Justice unsealed a superseding indictment, which detailed a case against six individuals for conspiring to âlaunder millions of dollars of drug proceeds on behalf of foreign cartels.â Casinos, front companies, cash smuggling, and bank accounts were all used to launder the funds, with one individual using cryptocurrency to bribe a US Department of State official in an attempt to acquire fraudulent US passports. On December 11, the United States Congress presented the National Defense Authorization Act (NDAA) for Fiscal Year 2021 to then-President Donald Trump for final authorization. The French operatives purchased âhundreds of thousands of eurosâ worth of cryptocurrency âcouponsâ from licensed tobacco outlets in France and sent the credentials on the coupons to jihadists in Syria, where the Bitcoin could be redeemed online. The way cryptocurrencies are treated in the judicial system can reveal the direction of the lawâs treatment of cryptocurrencies moving forward. On December 18, the Financial Crimes Enforcement Network (FinCEN) released a proposed rule change for virtual currency transactions with unhosted wallets. The following morning, Eterbase announced from its Telegram channel that hot wallets for six of the cryptocurrencies listed on the exchange had been compromised. CipherTrace assesses the average DeFi hack in 2020 to be worth roughly $6 million. âIt should not surprise anyone that our enemies use modern technology, social media platforms and cryptocurrency to facilitate their evil and violent agendasâ¦â. “The attack on July 15, 2020, targeted a small number of employees through a phone spear-phishing attack,â Twitter said in a tweet, adding, “This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems.”. This fruitless effort caused no effect on Monero’s on-chain mechanisms, and was mitigated by Tor, I2P, and Dandelion++. On September 16, two Russian nationals were added to OFACâs SDN List for their involvement in a sophisticated phishing campaign that targeted customers of two US-based and one foreign-based virtual asset service providers (VASPs) in 2017 and 2018. According to CoinGecko, by the end of December 2020, DeFi had already locked 19.8 billion USDâ23% of Ethereumâs total market capitalization. This figure equates to more than a 1000% increase from the $1.7 billion held in DeFi at the start of 2020. On September 30, 2020, law enforcement arrested 29 French operatives linked to a terrorism financing operation which used cryptocurrency âcouponsâ in an attempt to obfuscate the source and flow of funds. The French operatives are believed to be affiliated with the Hayat Tahrir Al-Sham organization, an Al-Qaeda affiliate. Police Commissioner Andrew Coster said that the âNew Zealand Police has worked closely with the Internal Revenue Service of the United States to address this very serious offending.â. Think of a tumbler or âmixerâ as being analogous to blender into which you put various types of fruit to make a smoothie. CipherTrace is uniquely capable to help VASPs and banks aggregate multi-chain aggregation payments and leverage predictive analytics to identify structuring. Any new UK cryptoasset businesses that began operations after January 10, 2020, must now register with the FCA before conducting business. Cryptocurrency Fraudster Pleads Guilty to Securities Fraud and Money Laundering Charges in Multi-Million Dollar Investment Scheme A citizen of Sweden pleaded guilty to securities fraud, wire fraud, and money laundering charges that defrauded more than 3,500 victims of … The Report concludes that, depending on its structure, global stablecoins could and would likely fall within securities market regulatory frameworks. For this analysis, CipherTrace has identified payment and funds transfers by filtering out blockchain data within the same entity (for example, any transactions from Binance to Binance). Companies that failed to apply by that date were warned of the potential to encounter registration processing delays. A third of cross-border Bitcoin volume is sent to exchanges with demonstrably weak KYC. The SEC alleges that Gity used the majority of investor funds to perpetuate his Ponzi-like scheme, while funneling about $1.8 million to his son. According to the U.S. Army memo, the groupâs mission is to âcreate social chaos by weaponizing enemy network vulnerabilities and delivering a payload if directed to do so by the regime.â It’s also thought that the hackers use privacy coins to cover their tracks when converting funds into cash. [1] Below are some key provisions of the AML Act, and here is a more detailed description of … When looking at the outflows of South Korean-domiciled VASPS, CipherTrace found that 63% of the exchange-to-exchange BTC volume was cross-border, with 53% of the total cross-border volume being sent to VASPs with demonstrably weak KYC. On June 30, Vether (VETH) had their entire Uniswap pool drained, about 919,299 (VETH) equivalent to US$900K, for just 0.9 ETH ($200). According to the company, hackers were able to infiltrate the personal computer of an OTC transaction manager based in East Delhi, India, infecting his device with malware. On the regulatory front, the cryptosphere has been inundated with new legal attention as regulatory and policy making bodies weigh in on how the space should operate. This further corroborates BitMEXâs position on strengthening their compliance procedures, proving the effort to hire a new CCO isnât in jest. The man who ran Italian-based cryptocurrency exchange BitGrail was arrested for allegedly defrauding more than 230,000 people of â¬120 million ($146 million) collectively. On November 13, a domain name hosting provider that manages one of Liquid Exchangeâs core domain names incorrectly transferred control of the account and domain to a malicious actor. From our early days as a start-up, we have always sought to comply with applicable U.S. laws, as those laws were understood at the time and based on available guidance.â. According to OFAC, the duo employed a variety of methods to move the legitimate funds out of usersâ accounts, including the creation of exchange accounts with fake or stolen IDs; swaps to different virtual currencies, such as Monero; and moving the virtual currency through multiple intermediary addresses. Customers converting a large amount of fiat currency into VAs with no logical business explanation. At the time, it was one of the biggest crypto hacks yet. The EU, meanwhile, has introduced Markets in Crypto-Assets (MiCA), a proposed regulation which, if passed, will ban decentralized exchanges from trading with any European Union citizens if they are not incorporated as a legal entity and have their registered office in a Member State. The funds came from cryptocurrency donations the groups solicited online via social media and their own websites. In discussing the DOJâs ongoing challenges in combating these threats, the framework promises that the Department of Justice will continue its aggressive investigation and prosecution of those who use cryptocurrencies to commit, facilitate, or conceal their crimes, highlighting the fact that the DOJ âhas prosecuted a number of individuals operating as P2P exchangers for money laundering and for violating the BSA.â. The Central Bank of Nigeria has explained why it banned cryptocurrency-related transactions in the country, claiming the digital currency is used for money laundering and terrorism. Last year, the operators of PlusToken performed a suspected exit from their scam, in which roughly $3 billion was withdrawn from the accounts of up to four million users who suddenly found themselves unable to access their funds. Reportedly, the court issued an order of seizure from Takayoshi Doi, an Obihiro City doctor. Instead, the operators of Airbit were using those funds to pay for their extravagant lifestyles. Other jurisdictions have similar provisions; over 190 jurisdictions around the world have committed to recommendations from the Financial Action Task Force (FATF), a pan-government organization designed to fight money laundering. “Following the money” generally leads to the source. Since the indictment, BitMEX has hired Malcolm Wright, an associate fellow of the Centre for Financial Crime and Security Studies at the UK’s Royal United Services Institute, as the companyâs Chief Compliance Officer. The US Secret Service seized millions of dollars in virtual currency and US dollars from Karasavidiâs accounts in a forfeiture action. According to the indictment, Helix made it possible for customers to send bitcoin in a manner that was designed to conceal the transaction and the owner of the bitcoin. Jason Blazakis, former director of the Finance and Designations Office at the US Department of Stateâs Bureau of Counterterrorism, and current director of the Center on Terrorism, Extremism, and Counterterrorism, explained, â[T]errorists donât have to raise a lot of crypto or cash to maintain sanctuary for sleeper cells or, worse yet, the ammunition, guns, and bombs that can maim innocent civilians. Unfortunately, due to a lack of definitive data, we were not able to verify each incident. In order for banks to comply with any of the red flags indicated in the report, it is necessary for them to be able to accurately identify and monitor all crypto-related transactions. US prosecutors are attempting to return $6.5 million in cryptocurrency that was taken from the victims of the âBanana.Fundâ crowdfunding projectâan alleged Ponzi scheme. Tian and Liâs use of bank accounts linked to their crypto exchange accounts also demonstrates the importance of banks being able to detect crypto-related transactions in their payment networks. John McAfee, the antivirus software pioneer whose former company still bears his name, has been indicted on fraud and money-laundering conspiracy charges stemming from two cryptocurrency schemes, the U.S. Justice Department said on Friday. According to the German newspaper Der Spiegel, movie2k.to was one of the largest platforms for the sharing of pirated movies. On December 17, an oracle manipulation vulnerability in Warp Finance was exploited, resulting in the loss of approximately $7.8 million of USDC and DAI from the WarpVaultSC. Gity used this lie, along with promises of huge returns, to lure in over 18 investors to his operation. When analyzing US VASPs outbound transaction volume for 2020, CipherTrace researchers found that 24% of the BTC volume sent to Virtual Asset Service Providers went to VASPs with weak or porous KYC. In the process of the investigation, the Federal Bureau of Investigation (FBI) subpoenaed Coinbase for Gratkowskiâs transaction records. Due to the cross-border nature and global reach of virtual assets and VASPs, compliance with this definition would be difficult to enforce, especially given many VASPs are registered in multiple jurisdictions around the world. To perpetrate their scheme, one of the fraudstersâPotekhinâspoofed the websites of numerous legitimate virtual currency exchanges to collect usersâ login credentials and gain access to their real accounts. Thompson also settled with the Commodity Futures Trading Commission (CFTC), agreeing to pay $7.4 million in restitution as well as being barred from all future bitcoin trading and promising full cooperation in any future CFTC investigations. âTo enhance the Federal Reserveâs understanding of digital currencies, the Federal Reserve Bank of Boston is collaborating with researchers at the Massachusetts Institute of Technology in a multiyear effort to build and test a hypothetical digital currency oriented to central bank uses,â Brainard said. Like the altcoin boom before it, the exponential explosion of capital and lack of regulatory clarity have attracted criminal actors to DeFi, ultimately resulting in the most DeFi hacks in a year to date. The Mars Finance report suggested that Xu may be being held by police to assist with an investigation into the backdoor listing of OK Group, completely separate from the exchange’s halting of withdrawals. In a one-year time span from December 2016 to December 2017, Bitcoin went from $750 to a staggering $20,000! The scope of the review highlights three main assessment areas: emerging market trends and money laundering risks, public sector implementation and enforcement of the revised Standards, and private sector development and adoption of a Travel Rule compliance mechanism. The central bank introduce PIX, an instant payment system, in November 2020 soft launch. His sentencing was scheduled for January 7, 2021. Karlsson directed his victims to make investments using virtual currencies, such as Bitcoin. On November 4, the US Department of Justice (DOJ) announced that âOperation Egypto,â the code name used for the joint U.S.-Brazilian effort to recover funds stolen from a cryptocurrency fraud scheme, resulted in the seizure of $24 million. “⦠CipherTrace found that 58% of the exchange-to-exchange BTC volume was cross-border, with 41% of the total cross-border volume being sent to VASPs with weak or porous KYC.”. The report suggested that the group is overseen by Bureau 121, the cyber warfare guidance unit of North Korea. This exponential boom eclipses the 70% increase from the start of 2019, when the DeFi market cap was only $1.0 billion, to the beginning of 2020. Despite attempting to obfuscate the true nature of the funds by layering deposits through multiple accounts and multiple virtual currency blockchains, blockchain analytics were still able to trace the stolen funds to his account. In an effort to improve compliance, BitMEX has already taken steps to increase their AML procedures. Brainard explained that the COVID-19 pandemic has advanced the need for âimmediate and trusted access to funds.â She observed that the recipients of COVID-19 stimulus funds spent them quickly, indicating the level of urgency needed.