Money Laundering

Crypto is for criminals? JPMorgan has been fined $39B and has its own token

Crypto proponents on X wasted no time pointing out the hypocrisy of JPMorgan CEO Jamie Dimon’s recent remarks about Bitcoin and crypto to the U.S. Senate Committee on Banking, Housing, and Urban Affairs.

JPMorgan CEO Jamie Dimon is being hauled over the hot coals by the crypto community on X (formerly Twitter) after claiming Bitcoin (BTC) and cryptocurrency’s “only true use case” is to facilitate crime.

“The only true use case for it is criminals, drug traffickers, money laundering, tax avoidance,” Dimon said in a hearing before the United States Senate Committee on Banking, Housing, and Urban Affairs on Dec. 5. “If I were the government, I’d close it down.”

But crypto pundits quickly pointed out the hypocrisy in Dimon’s statements, highlighting that JPMorgan is the second-largest penalized bank, having paid $39.3 billion in fines across 272 violations since 2000, according to Good Jobs First’s violation tracker.

Read more

Blockchain Association files brief in Tornado Cash case

The advocacy group was joined by the DeFi Education Fund in arguing that the crypto mixer has important social functions and that the sanctions from the Office of Foreign Assets Control could set a dangerous precedent.

Crypto advocacy groups Blockchain Association and DeFi Education Fund filed a brief in United States District Court in Austin in the case brought by six individuals against the United States Treasury Department over the sanctioning of Tornado Cash. The amicus (friend of the court) brief supports the plaintiff’s motion for a partial summary judgment.

The six plaintiffs in the case filed suit against the Treasury Department and associated parties in September after the Treasury’s Office of Foreign Assets Control (OFAC) placed addresses allegedly connected with the Tornado Cash cryptocurrency mixer on its Specially Designated Nationals and Blocked Persons List in August.

The agency accused Tornado Cash of laundering more than $7 billion, including hundreds of millions for the Lazarus Group of North Korean hackers. The designation makes it illegal for U.S. persons to interact with those addresses, under threat of large fines and imprisonment.

The plaintiffs argued that OFAC violated the Administrative Procedures Act by sanctioning an entity that was not liable to its sanction, violating users’ right to free speech and deprivation of property (crypto tied up in the mixer) without due process. The plaintiffs filed a motion for partial summary judgment on the counts of APA violation and free speech on April 5.

Related: Tornado Cash dev says ‘sequel’ to crypto mixer aims to be regulator-friendly

In their brief, the Blockchain Association and DeFi Education Fund reiterated that Tornado Cash is software, not a person or property, and argued that it is an autonomous tool that serves an important function in preserving user privacy. Blockchain Association CEO Kristin Smith added in a statement:

“Ordinarily, OFAC would not consider sanctioning neutral tools used by some people for illicit activities, it would sanction the people committing those activities. The same perspective should apply to OFAC’s action against Tornado Cash.”

The brief expanded on the legal arguments already presented. It introduced the major questions doctrine in its discussion of OFAC’s authority, for example, and stated:

“OFAC’s sanctions are ‘not in accordance with law’ for yet another reason: the sanctions are arbitrary and capricious.”

It claimed that, if the sanction is allowed to stand, it would be “effecting a vast expansion of OFAC’s power.”

Crypto think tank Coin Center sued the same parties over Tornado Cash’s sanctioning in October. Tornado Cash creator Alexy Pertsev was arrested in The Netherlands several days after the initial OFAC Tornado Cash designation. He is accused of money laundering.

Magazine: US enforcement agencies are turning up the heat on crypto-related crime

North Korea and criminals are using DeFi services for money laundering — US Treasury

Despite the warnings on DeFi, the Treasury noted that “most money laundering, terrorist financing, and proliferation financing” occurred using fiat or outside the crypto ecosystem.

A new report from the United States Treasury Department analyzing decentralized finance concluded that actors from the Democratic People’s Republic of Korea, as well as other scammers, are able to exploit vulnerabilities to facilitate money laundering.

In its “Illicit Finance Risk Assessment of Decentralized Finance” report released on April 6, the U.S. Treasury said many groups engaged in illicit activity from North Korea benefited from some DeFi platforms’ non-compliance with certain Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) regulations. According to the report, insufficient AML/CFT controls and other shortcomings in DeFi services “enable the theft of funds.”

“Illicit actors, including criminals, scammers, and North Korean cyber actors are using DeFi services in the process of laundering illicit funds,” said Brian Nelson, under secretary of the Treasury for Terrorism and Financial Intelligence. “Capturing the potential benefits associated with DeFi services requires addressing these risks.”

The report noted that some projects had “affirmatively touted a lack of AML/CFT controls as one of the primary goals of decentralization,” noting that actors were often able to circumvent sanctions from the U.S. and United Nations. However, the Treasury reiterated that “most money laundering, terrorist financing, and proliferation financing” occurred using fiat currency or was otherwise outside the digital asset ecosystem.

Officials recommended an increase in the regulatory supervision of AML/CFT for platforms offering DeFi services, guidance to DeFi platforms with respect to AML/CFT, and addressing any regulatory gaps.

“DeFi services at present often do not implement AML/CFT controls or other processes to identify customers, allowing layering of proceeds to take place instantaneously and pseudonymously, using long strings of alphanumeric characters rather than names or other personally identifying information.”

Related: In crypto winter, DeFi needs an overhaul to mature and grow

The assessment was in accordance with the executive order on digital assets signed by President Joe Biden in March 2022. Since the implementation of the executive order, many U.S. government agencies have begun investigating the potential impact of aspects of the digital asset space on the country’s financial system and existing payment infrastructure. In September 2022, the Treasury released a report that included countering illicit finance risks from crypto assets.

Magazine: DeFi abandons Ponzi farms for ‘real yield’

North Korean hackers using stolen crypto to mine more crypto via cloud services: Report

Cybersecurity firm Mandiant has “graduated” a new group of hackers who finance state goals and their own existence with the help of crypto laundering.

The North Korean cybercrime operator APT43 is using cloud computing to launder cryptocurrency, a report from cybersecurity service Mandiant has found. According to the researchers, the North Korean group uses “stolen crypto to mine for clean crypto.”

Mandiant, a Google subsidiary, has been tracking the North Korean Advanced Persistent Threat (APT) group since 2018 but has only now “graduated” the group to an independent identity. Mandiant characterized the group as a “major player” that often cooperated with other groups.

Although its main activity was spying on South Korea, Mandiant found that APT43 was likely engaged in raising funds for the North Korean regime and funding itself through its illicit operations. Apparently the group has been successful in those pursuits:

“APT43 steals and launders enough cryptocurrency to buy operational infrastructure in a manner aligned with North Korea’s juche state ideology of self-reliance, therefore reducing fiscal strain on the central government.”

The researchers detected the North Korean group’s “likely use of hash rental and cloud mining services to launder stolen cryptocurrency into clean cryptocurrency.”

Hash rental and cloud mining are similar practices that involve renting crypto mining capacity. According to Mandiant, they make it possible to mine crypto “to a wallet selected by the buyer without any blockchain-basedassociation to the buyer’s original payments.”

Mandiant identified payment methods, aliases, and addresses used for purchases by the group. PayPal, American Express cards and “Bitcoin likely derived from previous operations” were the payment methods the group used.

Related: South Korea sets independent sanctions for crypto theft against North Korea

In addition, APT43 was implicated in the use of Android malware to harvest credentials of people in China looking for cryptocurrency loans. The group also operates several spoof sites for the targeted credential harvesting.

North Korea has been implicated in numerous crypto heists, including the recent Euler exploit of over $195 million. According to the United Nations, North Korean hackers had a record haul of between $630 million and more than $1 billion in 2022. Chainalysis put that figure at a minimum of $1.7 billion.

Magazine: Justin Sun vs. SEC, Do Kwon arrested, 180M player game taps Polygon: Asia Express

US Justice Department announces charges in connection with ChipMixer takedown

Minh Quốc Nguyễn, a resident of Hanoi, Vietnam, has been charged in Philadelphia with a number of offenses as the operator of ChipMixer.

The United States Justice Department announced on March 15 that it was pressing charges against a resident of Hanoi, Vietnam, in connection to the operation of the ChipMixer. The announcement came shortly after it became known that a Europol action led by German law enforcement had closed down the Vietnam-based crypto mixer.

The U.S. Attorney’s Office of the Eastern District of Pennsylvania is charging Minh Quốc Nguyễn with money laundering, operating an unlicensed money-transmitting business and identity theft, it said. Those crimes carry a maximum penalty of 40 years in prison.

Nguyễn was identified as the creator and operator of the online infrastructure used by ChipMixer. Nguyễn allegedly promoted ChipMixer online and advised customers on how to avoid Know You Customer (KYC) and Anti-Money Laundering (AML) measures. In addition, ChipMixer serviced American customers without registering with the U.S. Treasury Department’s Financial Crimes Enforcement Network or collecting KYC/AML data.

Deputy Attorney General Lisa Monaco said:

“Cybercrime seeks to exploit boundaries, but the Department of Justice’s network of alliances transcends borders and enables disruption of the criminal activity that jeopardizes our global cybersecurity.”

The Justice Department linked ChipMixer to a number of illegal activities between August 2017 and March 2023, including facilitating the laundering of $17 million in Bitcoin (BTC) connected to ransomware attacks. It also helped launder over $700 million in Bitcoin connected to wallets flagged as containing stolen funds, including funds from the Axie Infinity Ronin Bridge and Harmony Horizon Bridge exploits, and over $200 million in Bitcoin associated with the darknet, as well as the Bitcoin used by the Russian General Staff Main Intelligence Directorate to buy malware.

Elliptic said it had analyzed the mixer’s blockchain transactions and found, “ChipMixer has been used to launder over $844 million in Bitcoin that can be linked directly to illicit activity — including at least $666 million from thefts.”

Related: FTX hacker reportedly transfers a portion of stolen funds to OKX after using Bitcoin mixer

ChipMixer was already known to international law enforcement. Its processing of stolen funds was noticed at least as early as 2019.

Banks with crypto services require new Anti-Money Laundering capabilities

Large financial institutions are getting involved in digital assets by investing capital, time and effort into on-chain analytics solutions.

The new year began with the news that notable Web3 entrepreneur Kevin Rose fell victim to a phishing scam in which he lost over $1 million worth of nonfungible tokens (NFTs). 

As mainstream financial institutions begin to provide services related to Web3, crypto and NFTs, they would be custodians of client assets. They must protect their clients from bad actors and identify whether client assets have been obtained through illicit activities.

The crypto industry hasn’t made it easy for Anti-Money Laundering (AML) functions within organizations. The sector has innovated constructs like cross-chain bridges, mixers and privacy chains, which hackers and crypto thieves can use to obfuscate stolen assets. Very few technical tools or frameworks can help navigate this rabbit hole.

Regulators have recently come down hard on some crypto platforms, pressuring centralized exchanges to delist privacy tokens. In August 2022, Dutch police arrested Tornado Cash developer Alexey Pertsev, and they have worked on controlling transactions through mixers since then.

While centralized governance is considered antithetical to the Web3 ethos, the pendulum may have to swing in the other direction before reaching a balanced middle ground that protects users and doesn’t curtail innovation.

And while large institutions and banks have to grapple with the technological complexities of Web3 to provide digital assets services to their clients, they will only be able to provide suitable customer protection if they have a robust AML framework.

AML frameworks will need several capabilities that banks must evaluate and build. These capabilities could be built in-house or achieved by collaborating with third-party solutions.

A few vendors in this space are Solidus Labs, Moralis, Cipher Blade, Elliptic, Quantumstamp, TRM Labs, Crystal Chain and Chainalysis. These firms are focused on delivering holistic (full-stack) AML frameworks to banks and financial institutions.

For these vendor platforms to deliver a holistic approach to AML around digital assets, they must have several inputs. The vendor provides several of these, while others are sourced from the bank or institution they work with.

Data sources and inputs

Institutions need a ton of data from varied sources to effectively identify AML risks. The breadth and depth of data an institution can access will decide the effectiveness of its AML function. Some of the key inputs needed for AML and fraud detection are below.

The AML policy is often a broad definition of what a firm should watch for. This is generally broken down into rules and thresholds that will help implement the policy. 

An AML policy could state that all digital assets linked to a sanctioned nation-state like North Korea must be flagged and addressed.

The policy could also provide that transactions would be flagged if more than 10% of the transaction value could be traced back to a wallet address that contains the proceeds of a known theft of assets.

For instance, if 1 Bitcoin (BTC) is sent for custody with a tier-one bank, and if 0.2 BTC had its source in a wallet containing the proceeds of the Mt. Gox hack, even if attempts had been made to hide the source by running it through 10 or more hops before reaching the bank, that would raise an AML red flag to alert the bank to this potential risk.

Recent: Death in the metaverse: Web3 aims to offer new answers to old questions

AML platforms use several methods to label wallets and identify the source of transactions. These include consulting third-party intelligence such as government lists (sanctions and other bad actors); web scraping crypto addresses, the darknet, terrorist financing websites or Facebook pages; employing common spend heuristics that can identify crypto addresses controlled by the same person; and machine learning techniques like clustering that can identify cryptocurrency addresses controlled by the same person or group.

Data gathered through these techniques are the building block to the fundamental capabilities AML functions within banks and financial services institutions must create to deal with digital assets.

Wallet monitoring and screening

Banks will need to perform proactive monitoring and screening of customer wallets, wherein they can assess whether a wallet has interacted directly or indirectly with illicit actors like hackers, sanctions, terrorist networks, mixers and so on.

Illustration of assets in a wallet categorized and labeled. Source: Elliptic

Once labels are tagged to wallets, AML rules are applied to ensure the wallet screening is within the risk limits.

Blockchain investigation

Blockchain investigation is critical to ensure transactions happening on the network do not involve any illicit activities.

An investigation is performed on blockchain transactions from ultimate source to ultimate destination. Vendor platforms offer functionalities such as filtering on transaction value, number of hops or even the ability to identify on-off ramp transactions as part of an investigation automatically.

Illustration of Elliptic platform tracing a transaction back to the dark web. Source: Elliptic

Platforms offer a pictorial hop chart showing every single hop a digital asset has taken through the network to get from the first to the most recent wallet. Platforms like Elliptic can identify transactions that even stem from the dark web.

Multiasset monitoring

Monitoring risk where multiple tokens are used to launder money on the same blockchain is another critical capability that AML platforms must have. Most layer 1 protocols have several applications that have their own tokens. Illicit transactions could happen using any of these tokens, and monitoring must be broader than just one base token.

Cross-chain monitoring

Cross-chain transaction monitoring has come to haunt data analysts and AML experts for a while. Apart from mixers and dark web transactions, cross-chain transactions are perhaps the hardest problem to solve. Unlike mixers and dark web transactions, cross-chain asset transfers are commonplace and a genuine use case that drives interoperability.

Also, wallets that hold assets that hopped through mixers and the dark web can be labeled and red-flagged, as these are considered amber flags from an AML perspective straightaway. It wouldn’t be possible just to flag a cross-chain transaction, as it is fundamental to interoperability.

AML initiatives around cross-chain transactions in the past have been a challenge as cross-chain bridges can be opaque in the way they move assets from one blockchain to another. As a result, Elliptic has come up with a multitiered approach to solving this problem.

An illustration of how a cross-chain transaction between Polygon and Ethereum is identified as having its source with a crypto mixer — a sanctioned entity. Source: Elliptic

The simplest scenario is when the bridge provides end-to-end transparency across chains for every transaction, and the AML platform can pick that up from the chains. Where such traceability is not possible due to the nature of the bridge, AML algorithms use time value matching, where assets that left a chain and arrived at another are matched using the time of transfer and the value of the transfer.

The most challenging scenario is where none of those techniques can be used. For instance, asset transfers to the Bitcoin Lightning Network from Ethereum can be opaque. In such cases, cross-bridge transactions can be treated like those into mixers and the dark web, and will generally be flagged by the algorithm due to the lack of transparency.

Smart contract screening 

Smart contract screening is another crucial area to protect decentralized finance (DeFi) users. Here, smart contracts are checked to ensure there are no illicit activities with the smart contracts that institutions must be aware of.

This is perhaps most relevant for hedge funds wanting to participate in liquidity pools in a DeFi solution. It is less important for banks at this point, as they generally do not participate directly in DeFi activities. However, as banks get involved with institutional DeFi, smart contract-level screening would become extremely critical.

VASP due diligence

Exchanges are classed as Virtual assets service providers (VASPs). Due diligence will look at the exchange’s overall exposure based on all addresses associated with the exchange.

Some AML vendor platforms provide a view of risk based on the country of incorporation, Know Your Customer requirements and, in some cases, the state of financial crime programs. Unlike previous capabilities, VASP checks involve both on-chain and off-chain data.

Recent: Tel Aviv Stock Exchange’s crypto trading proposal a ‘closed-loop system’

AML and on-chain analytics is a fast-evolving space. Several platforms are working toward solving some of the most complex technology problems that would help institutions safeguard their client assets. Yet, this is a work in progress, and much needs to be done to have robust AML controls for digital assets.

North Korean hackers try to launder $27M in ETH from Harmony bridge attack

Three main addresses sent 17,278 Ether to six exchanges, which managed to freeze at least some of the stolen funds.

North Korean exploiters behind the Harmony bridge attack continue to try and launder the funds stolen in June. According to on-chain data revealed on Jan. 28 by blockchain sleuth ZachXBT, over the weekend the perpetrators moved 17,278 Ether (ETH), worth about $27 million.

The tokens were transferred to six different crypto exchanges, ZachXBT wrote in a Twitter thread, without disclosing which platforms had received the tokens. Three main addresses carried out the transactions.

According to ZachXBT, the exchanges were notified about the fund transfers and part of the stolen assets were frozen. The movements made by the exploiters to launder the money were very similar to those taken on Jan. 13, when over $60 million was laundered, the crypto detective said.

The funds were moved a few days after the Federal Bureau of Investigation (FBI) confirmed that Lazarus Group and APT38 were the criminals behind the $100 million hack. In a statement, the FBI noted that “through our investigation, we were able to confirm that the Lazarus Group and APT38, cyber actors associated with the DPRK [North Korea], are responsible for the theft of $100 million of virtual currency from Harmony’s Horizon bridge.”

Related: ‘Nobody is holding them back’ — North Korean cyber-attack threat rises

Harmony’s Horizon Bridge facilitates transfer between Harmony and the Ethereum network, Binance Chain and Bitcoin. A number of tokens worth about $100 million were stolen from the platform on June 23.

Following the exploit, 85,700 Ether was processed through the Tornado Cash mixer and deposited at multiple addresses. On Jan. 13, the hackers started shifting around $60 million worth of the stolen funds via the Ethereum-based privacy protocol RAILGUN. According to an analysis from crypto tracking platform MistTrack, 350 addresses have been associated with the attack through many exchanges in an attempt to avoid identification.

Lazarus is a well-known hacking syndicate that has been implicated in a number of key crypto industry breaches, including the $600 million Ronin Bridge hack last March.

South Korea to deploy cryptocurrency tracking system in 2023

The “Virtual Currency Tracking System” will be used to monitor transaction history, extract information related to transactions and check the source of funds before and after remittance.

The Ministry of Justice in South Korea announced plans to introduce a crypto-tracking system to counter money laundering initiatives and recover funds linked to criminal activities.

The “Virtual Currency Tracking System” will be used to monitor transaction history, extract information related to transactions and check the source of funds before and after remittance, according to local media outlet khgames.

While the system is slated to be deployed in the first half of 2023, the South Korean ministry shared plans to develop an independent tracking and analysis system in the second half of the year. A rough translation of the ministry’s statement reads:

“In response to the sophistication of crime, we will improve the forensic infrastructure (infrastructure). We will build a criminal justice system that meets international standards (global standards).”

The South Korean police previously established an agreement with five local crypto exchanges to cooperate in criminal investigations and ultimately create a safe trading environment for crypto investors.

Related: South Korean prosecutors request arrest warrant for Bithumb owner: Report

The South Korean Supreme Court ruled that crypto exchange Bithumb must pay damages to investors over a 1.5-hour service outage on Nov. 12, 2017.

The finalized ruling from the supreme court ordered damages ranging from as little as $6 to around $6,400 be paid to the 132 investors involved.

“The burden or the cost of technological failures should be shouldered by the service operator, not [the] service users who pay commission for the service,” the court stated.

Crypto Twitter explodes over the news of Sam Bankman-Fried’s arrest

US politicians, crypto execs and influencers fired up their Twitter apps upon learning that Sam Bankman-Fried was in custody in the Bahamas.

Crypto Twitter has blown up over the shocking news of Sam Bankman-Fried’s arrest in the Bahamas, with many surprised it had occurred so quickly. 

On Dec. 12, the disgraced FTX founder was arrested by the Royal Bahamas Police after they received notification that the United States government had filed criminal charges against him.

Within hours, politicians, crypto executives and influencers had all booted up their Twitter apps to comment on the arrest of the former CEO.

New York Democratic Representative Alexandria Ocasio-Cortez, who’s held a fairly neutral view on the crypto industry to date, told her 13.4 million Twitter followers that Bankman-Fried’s was a step  toward “justice being served,” but noted that the arrest would postpone Bankman-Fried’s testimony before the House Financial Services Committee, which was scheduled for Dec. 13.

U.S. Senator Cynthia Lummis was also pleased, tweeting that prosecutors made the right decision to hold Bankman-Fried accountable for the “good, old-fashioned fraud” he allegedly committed.

Fellow U.S. senator and crypto skeptic Elizabeth Warren agreed, stating in a Dec. 13 tweet to her 7 million followers that the U.S. Department of Justice needs to hold more lawbreaking corporate executives accountable.

Others took the opportunity to make light of it all. Benjamin Cowen, the chief executive and founder of the crypto-analysis channel called Into The Cryptoverse, used ChatGPT to create poetry about Bankman-Fried’s latest predicament.

Meanwhile, memes are already making the rounds on Twitter:

Much is also being said about Bankman-Fried’s Twitter posts and media appearances since FTX’s stunning collapse in November.

The co-host of Not Investment Advice, Trung Phan, told his 538,000 Twitter followers on Dec. 13 that Bankman-Fried’s erratic public behavior will make life harder for his defense attorney, while others believe that Bankman-Fried’s arrest will likely see him pointing the finger at colleagues and people linked to the FTX debacle, including those that received his sizeable political donations.

Related: BF tried to destabilize crypto market to save FTX: Report

In what is likely his last Twitter Spaces interview, with Unusual Whales on Dec. 12, Bankman-Fried stated “I don’t think I’ll be arrested” when pressed about the possibility.

The Royal Bahamas Police Force made the arrest following the formal notification from the U.S. that it has filed criminal charges against Bankman-Fried, according to a Dec. 12 announcement by the Bahamas’ Office of the Attorney General.

Illicit cross-chain transfers expected to grow to $10B: Here’s how to prevent them

Forecasts predict cryptocurrency criminals laundering more than $10 billion through cross-chain bridges by 2025, leading to calls for holistic screening solutions.

Improved blockchain analytics will become increasingly important to combat the use of cross-chain bridges for illicit means, which are estimated to surpass $10 billion in value by 2025.

Blockchain analytics firm Elliptic forecasts a 60% rise in the value of illicit cryptocurrency laundered through cross-chain bridges from $4.1 billion in June 2022 to $6.5 billion next year. This figure is projected to double midway through the decade.

Cross-chain crime has been a major talking point in 2022 with over $2 billion fleeced in hacks targeting cross-chain bridges. Aside from these bridges and their contracts being targeted, these bridges have also become an avenue for criminals to launder cryptocurrency. A prime example is an unknown hacker moving stolen funds from the now bankrupt FTX using cross-chain bridges.

Cointelegraph unpacked the findings of research released by Elliptic in correspondence with senior cryptocurrency threat analyst Arda Akartuna. 

The Elliptic analyst explained that billions of dollars in assets have been transferred between Bitcoin, Ethereum and other blockchains using bridge services such as Portal, cBridge and Synapse. Decentralized cross-chain bridges offer an unregulated alternative to exchanges for transferring value between blockchains.

Related: After FTX: Defi can go mainstream if it overcomes its flaws

While some bridges are used legitimately, Akartuna noted that the tools have emerged as a key facilitator in money laundering. ‘Chain-hopping’, or moving proceeds of crime between blockchains, has long been used to evade tracing efforts by exchanging cryptocurrency assets through decentralized or anonymous exchanges.

As blockchain surveillance, enforcement and regulatory efforts have improved, criminals have turned to cross-chains to continue laundering illicit funds:

“Decentralized cross-chain bridges provide unregulated alternatives that are being embraced by cybercriminals.”

Akartuna also notes that the sanctioning of cryptocurrency mixing service Tornado Cash has seen a shift in the way criminals launder money. Decentralized exchanges, cross-chain bridges and coin swap services are becoming a new means of moving illicit funds:

“Although the use of these platforms is overwhelmingly legitimate, they facilitate cross-chain money laundering and terrorist financing due to their lack of identity checks and anti-money laundering controls.”

An example of increased use of a cross-chain avenue for illicit means is RenBridge, which Elliptic research found to have laundered around $540 million of criminal proceeds as of August 2022. Meanwhile centralized exchanges, which also facilitate cross-chain or cross-asset swaps, are less popular for illicit actors given the push for AML and identity screening/KYC solutions.

The growing prevalence of cross-chain bridge usage for illicit means highlights the need for solutions or efforts to minimize criminal usage. Akartuna suggested users conduct due diligence on the services used to hop between blockchains and tokens and be wary of platforms associated with illicit activity.

Businesses should make use of blockchain analytics tools to screen addresses and transactions and set clear risk rules for their cryptocurrency usage. Nevertheless, there are some circumstances that simply cannot be predicted or avoided, as Akartuna explained:

“The sanctions against Tornado Cash is a prime example of how legitimate wallets may be inadvertently tainted due to sudden enforcement actions, as you now have ‘pre-sanctions activity’ which doesn’t carry the same risk as post-sanctions activity.”

Existing single blockchain analytics solutions have done a lot to combat money laundering in the cryptocurrency space but fall short of capabilities to trace, screen or forensically investigate transactions across blockchains or tokens.

As the Elliptic threat analyst highlighted, once an asset ‘hops’ to a different blockchain, investigations become significantly more complex and resource intensive.

“The risk here is that a wallet can hold any number of different assets, and legacy blockchain solutions are not able to automatically trace the activities of the same entity across separate chains.”

Screening the movement of funds on separate blockchains may see some assets flagged as sanctioned while others may show no risk. In theory, this could lead to an exchange or wallet user unwittingly transacting with a sanctioned entity.

Elliptic, for example, makes use of a proprietary analytics tool with ‘holistic screening’ capabilities which merges existing blockchains into an interconnected system. This allows for visualization and screening across chains to better detect the movement of illicit funds.