The U.S. House Financial Subcommittee on Terrorism and Illicit Finance considered testimony by law enforcement agencies on the use of Bitcoin and other virtual currencies for money laundering and terrorist financing. Subcommittee staff noted that the allure of anonymity, low transaction costs and lack of cross-border regulation make virtual currency especially attractive to criminals and other illicit actors.

Witnesses at the hearing included Mr. Thomas Ott, Associate Director of the Financial Crimes Enforcement Network ("FinCEN") Enforcement Division; Mr. Robert Novy, Deputy Assistant Director of the United States Secret Service Office of Investigations; and Mr. Gregory Nevano, Deputy Assistant Director of the Homeland Security Investigations Illicit Trade, Travel and Finance Division.

Witnesses testified on the importance of collaboration between U.S. and international jurisdictions in closing regulatory gaps that currently exist. Mr. Ott pointed out that the United States led the way in regulating and supervising virtual currency transactions. Nevertheless, he said, billions of dollars of transactions involving ransomware extortion and hacks of virtual currency exchangers and darknet marketplaces occurred in recent years. He also expressed concern that "most jurisdictions still do not have a regulatory framework in place or in-progress to address virtual currencies." He concluded that "until jurisdictions ensure that these businesses adhere to the same international AML/CFT standards as other financial institutions, there will be vulnerabilities that expose the U.S. to illicit finance risks."

Mr. Novy observed that only a few of the many digital currencies available today "have been substantially adopted for engaging in certain illicit activities." He said, "some digital currencies are primarily used to purchase illicit goods and services (e.g., drugs, credit card information, personally identifiable information (PII), and other contraband or criminal services). Other digital currencies are primarily used for money laundering — particularly transnational transfers." He argued that "both platforms effectively conducted no customer verification, and were extensively used for a range of illicit activities, from child exploitation to identity theft. . . ." As a result, he emphasized the importance of know-your-customer ("KYC") procedures.

Mr. Nevano argued that the use of cryptocurrency for illicit purposes is not a cyber crime per se, but rather an online-enabled financial crime, and thus must be addressed by adapting traditional AML techniques to this new technology.

Commentary / Joseph V. Moreno

For firms doing business in the cryptocurrency space or that deal with customers or clients involved in virtual currency transactions, the Subcommittee hearing provided some interesting insights into how law enforcement views this industry and its role in regulating virtual currency transactions to address AML risks.

  • Aggressive Compliance Examinations. Cryptocurrency exchanges – the on- and off-ramps for converting fiat currency to virtual currency and vice versa – are seen by regulators as the most effective control point for law enforcement focus. According to FinCEN, since 2014 the Internal Revenue Service's Small Business/Self-Employed Division conducted AML compliance examinations of more than one-third of all registered virtual currency money transmitters in the United States. Unsurprisingly, going forward, FinCEN's goal will be to ensure that virtual currency exchangers and administrators are subject to the same routine AML compliance examinations as any other financial institution under the Bank Secrecy Act.
  • AML Red Flags. Law enforcement appears especially attuned to anonymity-enhanced cryptocurrencies ("AECs"), often referred to as "privacy coins," which serve as Bitcoin alternatives and are increasingly being accepted on darknet marketplaces. Several witnesses called for additional legislative or regulatory actions to address AECs, cryptocurrency mining pools, and other services designed to further obscure the identities of persons involved in blockchain transactions (such as cryptocurrency "tumblers" or "mixers"). Witnesses cited unregistered cryptocurrency exchanges, often in the form of direct "Peer-to-Peer (P2P) exchangers," as particularly attractive to criminals. Organizations involved in the virtual currency industry would be wise to remain wary of these technologies and platforms from an AML risk perspective and consider avoiding them altogether.
  • Scrutiny of Initial Coin Offerings ("ICOs"). FinCEN, the SEC and the CFTC have made it clear that they expect businesses involved in ICOs to meet all of their AML compliance obligations. With the rapid growth of ICOs in recent years, it is no surprise that regulators are highly focused on these transactions. Scrutiny will remain intense. While some regulators display a seemingly open mind when it comes to ICOs, others appear hostile and quick to prejudge ICOs as fraudulent. Firms directly or indirectly involved in ICOs should bear this in mind.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.