Mixers, cold storage and onions…cocktail party or digital money laundering?

By Amy Ciolek and Julia Massarin

With terminology such as mixers, cold storage, tumblers and Onions 
(Onion Routers) (TOR), one may be excused for overlooking the 
significance of money laundering the digital age. 

FATF Report to G20 Finance Ministers and Central Bank Governors

In July 2018, the Financial Action Task Force (FATF) published its report to the G20 Ministers and Central Bank Governors on digital currency, which reports that:

  • the link between virtual currencies/crypto-assets and other predicate crimes appears to be growing;
  • countries have regulated crypto in various ways, from implementing a blanket ban against dealing, use, issue and settling, to regulating crypto exchanges; and
  • FATF will review its 2015 guidance about crypto currency, and will meet again in September 2018 to discuss crypto related money laundering in more detail.

The FATF published its first major virtual currency report in 2014, called “Virtual Currencies Key Definitions and Potential AML/CFT Risks”.   In this report, the FATF warned its 43 members about the potential risk of digital forms of money laundering.  This included lessons learned through the infamous Silk Road online black market, terrorism financing using World of Warcraft gaming tokens and other examples.

Unsurprisingly, the risk of money laundering and terrorism financing using virtual currencies has increased.  Four years on:

  • the Crime Commission has reported that virtual currencies are one of the two key enabling technologies used to facilitate virtual crime;
  • Australia has enacted an amendment to the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML Act), and requires Digital Currency Exchanges (DCEs) to register with AUSTRAC, carry out KYC and transaction monitoring, and report to AUSTRAC; and
  • abroad, in its 2018 budget, the FBI requested US$41.5 million to strengthen its cyber investigative capabilities, and US$21.6 million for operational technology investments related to the “Going Dark” initiatives and investigative technology.

Key steps of traditional money laundering

Traditionally, the three stages of money laundering include:

  1. “placement” of money into the financial system, either in a lump sum, or by “smurfing” (structuring) to split large amounts of illegitimate funds into smaller amounts to reduce raising suspicion;
  2. “layering” the placed money, usually by carrying out multiple smaller and complex transactions to blend the placed funds into the system, and hide the audit trail; and
  3. “integration” of the layered funds back into the legitimate financial system.

As digital tokens have an electronic signature, are they easy to trace (compared to notes and coins)?

Digital coins and tokens (collectively referred to as “crypto” for simplicity) have a digital identity, and digital wallets also have a digital identity, so theoretically, one may expect that digital currency flows should be traceable from one wallet into another wallet.

This traceability can be useful to law enforcement to assist track digital transactions, and other forms of illicit conduct and organised crime.  A famous Australian example was the “Eligo” National Task Force, which was established by the Australian Crime Commission (ACC) in December 2012, and ran through to 2016.  In a joint effort, the ACC, AUSTRAC, the Australian Federal Police, and other departments, monitored alternative remittance and informal value transfer systems.  Cryptocurrency was used as a method of digital remittance to purchase large quantities of elicit substances from foreign crime syndicates.  At the time, Bitcoin appeared somewhat anonymous and poorly understood, did not require complex laundering and could be used to easily and quickly make substantial international payments without going through the traditional Australian banking system.

Now days, the use of digital currency by crime syndicates is materially more sophisticated, and criminals are turning to the dark web as a transaction tool.   Law enforcement organisations are turning to digital tools to address digital crime.  Tools such as DATACRYPTO use webcrawlers to access cryptomarkets, download the HTML page content and process the contents, enabling criminal intelligence to gather information about dark web markets such as Hansa, Alphabay (which has since closed) and Python Market.

What does Money Laundering look like in today’s digital world?

As digital currency transactions (usually) leave a digital footprint, and criminal intelligence analytic tools are becoming more broadly used, criminals and crime syndicates continue to remain interested in money laundering methods to clean dirty digital currency.   The term applicable to digital money laundering is “crypto cleansing”.  The steps in crypto cleansing are fairly similar to the steps in traditional laundering.  To assist the digital cleansing process, launderers may adopt pseudonyms through encrypted email services, set up anonymous e-wallets, and run logless VPNs.

PLACEMENT: First, crypto holders have to “place” their crypto.  Instead of making a  purchase, or placing funds into the financial system, digital “placing” often involves sending tokens to a digital storage location (e.g. a “wallet”).   Rather than one wallet, a launderer will generally open multiple wallets, one via the a public net (potentially using a VPN and other security tools to protect their device’s identity and location), and others within a dark web (e.g. through TOR or similar).  This enables the launderer to transfer crypto from the public net into the dark web wallets to reduce traceability.

LAYERING: Common methods of layering include “mixing” or “tumbling”  and splitting crypto.  One form of mixing involves swapping existing token addresses against temporary digital wallet addresses to break the audit trail.  Services such as (the now closed) Bitmixer, and Helix by Grams swap “dirty coins” for clean coins that have not been used on the dark net.  Cryptomixer.io and Bitcoin Blender offer an alternative service, which includes a high volume mixer, with an option to split and output the tokens to multiple different wallets (which may be stored on the dark web).   Other forms of layering can involve passing tokens through multiple wallets, exchanging tokens into different altcoins, or exchanging tokens into “privacy coins” (which are a class of digital token that is designed to support anonymity).

INTEGRATION:  Crypto can be converted into fiat currency through a digital exchange, so that it can be used in the traditional financial system.   However, unlike traditional money laundering, digital launderers may have no need to integrate the funds.  As the popularity of digital currency increases, so does the opportunity to use digital currency for other purposes (legitimate or not) without needing to exchange into fiat currency.  For example, to purchase large quantities of prohibited substances from an offshore supplier.

How will AUSTRAC’s recent changes to DCE regulation assist to reduce laundering?

On 3 April 2018, the AML Act imposed obligations on DCEs  with an adequate Australian nexus to register with AUSTRAC, and take part in Australia’s AML/CTF regime in the capacity of a designated service provider.  This will give AUSTRAC transparency into DCE’s business when a person opens an account with a registered DCE, uses the DCE to exchange fiat currency to digital (or digital to fiat), and makes exchanges of $10,000 or over.

This could disrupt the integration phase, when illegitimate tokens are exchanged into fiat currency, and integrated into the financial system.

The change does not regulate digital wallet providers, prevent Australians from using foreign digital exchanges or impact digital currency already in the system that is not exchanged to fiat.   Arguably, the users of legitimate registered DCEs are less likely to be users of “dirty” tokens that those using the dark web or bypassing Australian laws through a VPN.   If Australian policy makers are serious about making any inroad to money laundering, they will need to do substantially more than regulate DCEs.

Does Australia need tighter regulation?

Tighter regulation is slow, inflexible and can have unwanted results.  It is probably not the answer.  Digital cleansing has become a highly sophisticated process, supported by a range of tools, and has the benefit of being trans-border, with the ability to truly go underground.  This makes preventative or controlling regulation difficult, slow, and potentially ineffective.

Ultimately, a person engaging in a digital laundering scheme may do so under duress, or for personal gain.  Perhaps, rather than implementing tighter regulation (that could have unwanted results such as deterring legitimate innovative businesses from operating in Australia), a sensible approach may be to monitor individuals for questionable personal wealth enrichment during or after the laundering process.  Alternatively, we could focus on building Australia’s technical analytics capability to better understand and monitor digitally facilitated crime.   Interestingly, the Australian Tax Office has warned that it has increased its digital skills, and is monitoring and investigating crypto related wealth.

Have you updated your AML/CTF Threat and Risk Assessment recently?  Please contact us if you have questions about this article, or complying with Australia’s AML laws.

Leave a Comment

Filed under AML/CTF & Sanctions, Banking, Digital Currency, Financial Services Regulation, ICO, Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *