Juan Aja Aguinaco, 5 October 2020


A recent major report talked about the kind of warning signs that users and owners of “virtual assets” such as cryptocurrencies need to be aware of. In this article, a practitioner in the space explains what industry players need to understand.

Repercussions from money laundering and the fight against dirty money come in many forms. The arrival of cryptocurrencies such as Bitcoin adds a whole new dimension. On one side of the argument, one hears concerns that cryptos make it easier for criminals and other bad actors to get under the radar, but defenders say these new financial instruments leave an audit trail. Whatever the rights and wrongs of the argument, debate continues. Regulators, central banks and policymakers from across the world know that cryptos aren’t going away any time soon. Massive injections of central bank fiat money – raising risks of eventual inflation – also mean that the “apolitical” cryptocurrencies have a lot of adherents.

In this article, Juan Aja Aguinaco, co-founder of Barbados-based tech firm Shyft Network, examines a recent report by the international body drawn from national governments, called the Financial Action Task Force, or FATF. Shyft Network Inc makes Veriscope, a blockchain-based compliance framework and smart contract platform for Virtual Asset Service Providers. (Blockchain is the best-known form of distributed ledger technology that powers cryptos such as Bitcoin.)

The editors are pleased to share these views with readers and invite responses. As ever, we value debate. The usual editorial disclaimers apply to guest commentators’ views. Email tom.burroughes@wealthbriefing.com and jackie.bennion@clearviewpublishing.com

On 14 September, the Financial Action Task Force released a new report titled Virtual Assets Red Flag Indicators of Money Laundering and Terrorist Financing, and the signal is clear: expect more anti-money laundering regulation. 

The FATF’s first major release back in October 2018 signalled the beginning of a new era for cryptocurrencies and those entities doing business with them, i.e., the Virtual Asset Service Providers (VASPs). With a clear mission to “protect the integrity of the global financial system,” this first report left a lot of unanswered questions, many of them asking how VASPs were to report suspicious activities and to whom. 

The report serves as a guideline for all VASPs, showing them how to identify suspicious activity and “red-flag” it; it also sets several cornerstones of what will become the regulatory framework for VASPs. For example, it reiterates VASPs’ obligation to conduct customer due diligence and understand who their clients and beneficial owners are, to understand the purpose of business relationships, and the source of funds. Under the report, VASPs are now clearly identified as reporting entities. 

Red flags
As the name suggests, red flag indicators are warnings suggesting that there is a potential problem or threat, within this context, that illegal activity may be taking place. The report has outlined the red flag indicators of money laundering and terrorist financing for VAs as follows:

Red flag indicators related to transactions
The conduct of criminal activity through VAs can be detected by reviewing the size and frequency of transactions. Perpetrators can conceal such activity by repeatedly depositing small amounts that do not meet reporting thresholds. This can be achieved by structuring a high-value transaction into smaller amounts that often occur within a short time either in a regular or staggered pattern. Depositing VAs on exchanges and withdrawing them immediately to private wallets or converting them to several other VAs could be a red flag as the user incurs unnecessary transaction fees.

Red flag indicators related to transaction patterns
Potential ML/TF activity can be detected by identifying transactions with irregular, unusual, or uncommon patterns. An initial large deposit by a new user on a VASP is a red flag, especially where there are discrepancies between the customer profile and the value of the VAs. Further questions should arise when a new user makes a huge initial deposit and begins trading the entire amount immediately or tries to withdraw it all soon after. Concerns should also arise if such a new user tries to send large amounts off the VASP platform.

Transactions concerning all users
Red flags can arise for illogical transactions involving more than one person, especially if they are conducted frequently within a given period of time, say a week or month. Concern should arise where one VA account receives large amounts from multiple sources without proper explanation. Also, an alarm should be raised where one wallet serves as the recipient of several small amounts from multiple unrelated sources followed by conversion of the accumulated VAs to fiat. The exchange of a large amount of VA to fiat at a loss or uncharacteristically high fees is also a red flag.

Red flag indicators related to anonymity
Anonymity in cryptocurrencies is inbuilt and therefore, preference for a greater degree of privacy should not be misconstrued as a red flag. However, concern should be raised where users go to great lengths to disguise transactions and the source of funds. For instance, use of mixing and tumbling services, excessive use of P2P platforms to cash out of VAs at a high level and volume. Abnormal transaction activity with accounts associated with the dark web, questionable gambling sites and other suspicious sites are all red flags. 

Red flag indicators about senders or recipients
Users trying to create multiple accounts under the guise of different names on VASPs is an immediate red flag. So is the attempt to open different accounts on a single VASP using the same IP address. Refusal or reluctance to complete KYC requirements or disclose the source of funds should be a cause of concern for VASPs. The same goes for attempts to complete the KYC process with fake documentation. The existence of information linking a customer with illegal activity should serve as a warning to VASPs.

Red flag indicators in the source of funds or wealth
A customer’s inability to declare the source of VAs is a major concern for VASPs as they could be linked to criminal activities such as drug trade, human trafficking, and fraud, among others. VASPs should pay great attention to VA addresses receiving funds from accounts related to criminal activities. They should also be wary of the use of multiple credit/debit cards to make large fiat withdrawals from a VA account. Similar caution should be paid to accounts receiving VAs from mixing services and other questionable sources like fraudulent ICOs. 

So what does this mean for VASPs?
“VASPs are now required to comply with the international AML/CFT standards. This means they must be licensed or registered in the jurisdiction where they were created and where their place of business is located. They are also required to verify the identity of their customers including beneficial owners and to file suspicious transactions reports where they suspect a transaction relates to criminal activity. These are onerous requirements but they can be made much easier by using well designed red flag indicators.” (Rick McDonell, former FATF executive secretary, and Shyft Network advisor.)

The report serves clear guidance on what VASPs should be on the lookout for. It also clearly represented the added regulatory burden that any VASP should be considering if they want to participate in an increasingly regulated marketplace. Some of these red flags suggest a de-facto exclusion of any non-compliant VASP or a VASP that operates in a non-compliant jurisdiction. It also draws a line in the sand for anonymity enhanced cryptocurrencies and other technologies that enhance the user’s privacy. Ultimately, the goal appears to get VASPs to operate as closely as possible to traditional financial institutions. Whether this is technically feasible is a different matter altogether. 

It is important to remember that while these reports are not the letters of the law, nor are they regulatory instruments, they heavily influence local regulation and it is reasonable to expect that most countries will enact them into their AML regulation very soon.