Cryptocurrencies have increasingly attracted the attention of criminals seeking to exploit their features for illicit activities. While governments, particularly the US government, have made progress in apprehending hackers and criminals, the level of crime facilitated by cryptocurrencies remains a significant concern.
According to Chainalysis, an industry-leading blockchain analysis firm, money laundering through cryptocurrencies is on the rise. Additionally, cryptocurrencies have been linked to payments for illicit substances like Fentanyl precursors from Chinese labs.
Is Crypto Backing the Fentanyl Trade?
Recent reports have raised questions about the role of cryptocurrencies in funding the lethal fentanyl trade, and Senator Elizabeth Warren has been a vocal critic, calling for stricter regulations on the industry. However, a critical and skeptical analysis reveals that the claims made by policymakers may be oversimplified and not adequately contextualized.
Chainalysis, a blockchain analysis firm, investigated cryptocurrency transactions associated with suspected China-based fentanyl precursor sellers. They found that these addresses received more than $37.8 million worth of cryptocurrency since 2018. The exposure to these addresses was widespread, spanning Latin America, North America, Europe, and Asia. Additionally, on-chain flows to these addresses appeared to correlate with fentanyl seizures at the US-Mexico border, suggesting a connection between cryptocurrency-based transactions and fentanyl production.
Senator Elizabeth Warren has expressed grave concerns about cryptocurrencies being used to finance the fentanyl trade. During a Senate Banking Committee hearing, she stated that enough precursor drugs were sold using crypto to produce $540 billion worth of fentanyl pills, potentially enough to kill nearly 9 billion people. Warren’s call for stricter regulations aims to address this issue and shut down the crypto-funded fentanyl trade.
Elliptic, another blockchain analytic firm, published a report indicating that many Chinese companies selling chemicals used to make fentanyl accept payments in cryptocurrencies like Bitcoin and Tether. These findings further fuel the debate on the role of crypto in the fentanyl crisis.
While the information presented by Chainalysis and Elliptic raises concerns, it is essential to view it in context. The fentanyl economy operates mostly in the shadows, making it challenging to gauge its true scale accurately. Additionally, the estimated $37.8 million in cryptocurrency transactions represents only a fraction of China’s overall chemical exports, which surpassed $100 billion in 2021. Likewise, it makes up only a small percentage of the booming fentanyl trade.
The credibility of Chainalysis’ data has also been called into question by some members of the crypto community. The firm’s figures on the percentage of crypto transactions tied to crime may be incomplete, leaving room for unidentified addresses and transactions to be overlooked. Additionally, Chainalysis’ work has faced criticism for compromising users’ privacy and undermining the notion of on-chain privacy in cryptocurrencies.
What Crime is Committed on Blockchain?
Cryptocurrencies, like any other tool, can be used for both positive and nefarious purposes. Crimes involving digital assets often revolve around fraud or theft. Let’s delve into some examples of such crimes involving cryptocurrency and the jurisdictional challenges they present.
Initial Coin Offerings (ICOs) are a way for companies to raise funds by selling tokens. While few projects resort to ICOs today compared with the ICO boom of 2017-2018, they are still prevalent among ventures that require extensive development. Unfortunately, some unscrupulous actors take advantage of investors’ trust in these projects and execute “rug pulls.” In this type of fraud, scammers create a basic crypto token and present a detailed white paper outlining ambitious development plans. Once they receive the funds, the scammers vanish, leaving investors defrauded and legitimate projects struggling to raise capital.
Sometimes the founders will pretend to continue working while embezzling the raised funds other times they will disappear as soon as the money hits their wallets.
A well-known example is the case of OneCoin, where the founders advertised and sold packages for mining OneCoin tokens—a fake cryptocurrency that was never even created. The fraud resulted in victims being defrauded of over USD 4 billion, and the founder, Ruja Ignatova, was indicted for conspiracy and securities fraud charges. Ignatova went on the run and still hasn’t been found by authorities though there are rumors that she was killed at the behest of a Hungarian mob boss.
- Cryptocurrency Exchange Fraud:
There is a substantial amount of crime that is tangentially related to cryptocurrencies but doesn’t really happen on the blockchain, like the OneCoin scam. The FTX disaster is not about a problem with cryptocurrency itself but about (alleged) criminal activity that happened at a centralized exchange.
FTX was one of the largest and most popular cryptocurrency exchanges in the world, holding billions of dollars of user assets. Law enforcement claims that it broke its terms of service, illegally diverting user funds to risky ventures that eventually failed, leading to a devastating bank run. Users lost billions of dollars in the fallout of the FTX crisis.
In traditional banks, when you deposit money, you become almost like a creditor, and the bank doesn’t need to keep all the money available at once, a practice called fractional reserve banking. Some crypto exchanges work similarly, but unlike banks, they are not government-insured.
So, if you put money into an exchange and buy bitcoin or another crypto, the exchange may not have enough reserves for all its customers if there is a bank run. This is the risk you take when you don’t hold your cryptocurrencies in a personal wallet.
In the FTX case, the exchange seems to have moved a ton of customer money to its sister investment firm called Alameda Research. When the value of one of the assets FTX held dropped drastically, the exchange couldn’t afford to buy the assets it was supposed to have back, leaving customers unable to withdraw and counting losses.
FTX and Alameda Research’s leadership being from the US and their dealings with US customers indicate that they intended to fall under US laws. Even though FTX was managed from the Bahamas, it did business in the US, which establishes personal jurisdiction. However, there are still questions about how personal jurisdiction applies in other countries where account holders are located, and this will be discussed in the next section.
One of the most significant hacking incidents in history happened in 2014 when the Mt Gox cryptocurrency exchange was compromised. Initially starting as an online trading platform for the card game Magic The Gathering, Mt Gox later expanded to trade Bitcoin, becoming responsible for about 70% of global Bitcoin trading volume at the time.
In 2014, the exchange stopped trading and revealed that hackers had stolen approximately 850,000 Bitcoins, which would be worth a staggering $19.7 billion at the time of writing. As a result, Mt Gox filed for bankruptcy in the Tokyo district court and was ordered to liquidate, a process that is still ongoing, leaving creditors waiting for their owed Bitcoins.
Theft of cryptocurrencies is closely related to hacking because hackers often target large cryptocurrency wallets to steal their contents. If someone stores their cryptocurrency in a digital wallet connected to the internet (also known as a hot wallet), hackers could potentially compromise it and steal the owner’s cryptocurrency if security measures are insufficient.
To avoid such risks, users are advised not to keep large amounts of cryptocurrency in hot wallets, just like one wouldn’t carry large amounts of cash in their pocket. Hardware wallets, also known as cold wallets, are devices kept purposely offline to prevent cyberattacks.
Similarly, saving a digital copy of the private key also exposes users to the risk of having their funds stolen, as hackers can create software to find and use these private keys on compromised devices.
While unauthorized access to computer systems (hacking) is clearly illegal and covered by specific statutes, using legally obtained private keys to steal cryptocurrency raises some jurisdictional complexities. The decentralized nature of cryptocurrencies makes it challenging to determine the exact location of the bad actor and the victim, as nodes are spread globally.
In jurisdictions where cryptocurrencies are considered property, stealing them with a private key would likely be classified as larceny. However, it remains unclear how courts will handle cases where the thief operates from a different physical location than the victim due to the global nature of cryptocurrency networks. Unless the scale of the theft is massive, it may not be worth the effort to extradite the criminal.
Money laundering using cryptocurrencies is a process where criminals attempt to hide the origins of illegally obtained money. It’s a misconception that cryptocurrencies like Bitcoin are completely anonymous because all transactions are recorded on the blockchain, which is an entirely public ledger. While the identity of wallet owners may not be immediately apparent, once it’s linked to an individual, all their transactions become traceable.
This is particularly easy because most legal ways of selling cryptocurrency for fiat currency, such as using a registered centralized exchange, require personal information to verify your identity to prevent money laundering and other illicit activity.
To protect their privacy, some people use “mixers” or “tumblers,” which are tools that allow them to mix their cryptocurrencies with others. This process makes it difficult to determine who owns which funds, providing a level of anonymity. However, mixers have drawn controversy as they can be exploited for illegal activities, including money laundering.
One well-known mixer called Tornado Cash has already faced sanctions from the US Department of Treasury, alleging that North Korean hackers used it to launder stolen funds. Despite the controversies surrounding mixers, some privacy-focused individuals use them for legitimate reasons, like donating anonymously to causes.
The legal responsibility of developers for the misuse of their open-source software, like Tornado Cash, is a contentious issue. In some cases, developers have been arrested for their alleged involvement in money laundering facilitated by their software.
In conclusion, money laundering using cryptocurrencies involves attempts to conceal illegally obtained money. While cryptocurrencies can offer some level of anonymity, all transactions are recorded, making it possible to trace them. Mixers are tools that can provide additional anonymity, but they aren’t perfect and draw suspicion.
Overall, crimes involving cryptocurrency are predominantly fraud and theft-related, which both often entail money laundering as well to wash the funds. Jurisdictional challenges emerge due to the decentralized and borderless nature of cryptocurrencies, presenting complexities for legal authorities to hold perpetrators accountable across different jurisdictions.
As these issues continue to evolve, the law must adapt to address the unique challenges posed by digital assets and crimes committed on the blockchain.
The Dual Nature of Transparency in Blockchain Technology
The advent of cryptocurrencies has captured the attention of criminals, but it’s important to recognize that blockchains themselves offer an unprecedented level of transparency, which can be both advantageous and challenging for illicit activities. Each transaction conducted on the blockchain is publicly recorded, creating an unchangeable and auditable ledger.
This transparent nature of blockchain proves to be a powerful tool for law enforcement agencies as they can effectively trace the flow of money on the blockchain. This significantly hinders criminals’ ability to completely conceal their activities and cover their tracks.
To counter criminal exploitation of cryptocurrencies, regulated cryptocurrency exchanges have implemented strict Know Your Customer (KYC) protocols, especially those that offer trading with fiat currencies. These measures require users to verify their identities, serving as a deterrent for criminals attempting to easily convert their illicit gains into traditional currencies.
- Proposed Legislation to Tackle Crypto Crime
In response to the rising concerns surrounding crypto-related criminal activities, lawmakers have introduced various bills aimed at regulating the crypto industry more effectively.
One such proposal is the Digital Asset Anti-Money Laundering Act (DAAMLA), which is a proposed bill that would impose new regulations on cryptocurrency businesses in the United States. The bill was introduced by Senator Elizabeth Warren in December 2022.
Elizabeth Warren proposed the Digital Asset Anti-Money Laundering Act in December to control cryptocurrency transactions. She introduced this bipartisan legislation with Senator Roger Marshall to address the security risks of crypto.
The act aims to extend the Bank Secrecy Act to wallet providers, miners, validators, and others involved in the crypto network. It also wants to regulate self-custodial digital wallets and prevent financial institutions from using mixers and privacy technologies.
While some praise the Act for its potential to prevent illegal crypto use, there is a growing group of critics who see it as part of a larger plan to weaken the crypto industry. Senator Warren’s recent statements of building an ‘anti-crypto army’ have raised concerns that the act might be a stepping stone toward an outright ban on cryptocurrencies, rather than just a regulatory measure.
The CANSEE Act, a more recent bill introduced by Senators Jack Reed, Mike Rounds, Mark Warner, and Mitt Romney, aims to address money laundering violations in the DeFi ecosystem. It proposes new penalties for those who control or create applications for digital asset transactions and requires compliance with anti-money laundering and KYC standards.
Coin Center, a crypto think tank, has concerns about the bill, calling it “messy” and “unconstitutional.” They worry about the broad power given to the Treasury Secretary, which could lead to uncertainty for developers. The definition of “controls” over a DeFi protocol is a major point of contention, as it leaves the decision solely to the Treasury Secretary, potentially resulting in excessive and arbitrary controls that don’t work in the complex context of DeFi.
DeFi is decentralized in nature, making some of the requirements outlined in the bill and similar proposed legislation essentially impossible to implement and enforce. Coin Center believes the bill may infringe on software developers’ First Amendment rights to freely publish code.
The Blockchain Association shares Coin Center’s concerns. CEO Kristin Smith argues that the bill overstates money laundering in DeFi, and illicit transactions represent a tiny fraction of total digital asset transactions. Smith believes current law enforcement tools are sufficient and considers the new punitive measures unnecessary.
Effectiveness of Proposed Legislation and Impact on the US Crypto Industry
While the proposed bills represent a proactive approach toward curbing crypto crime, some experts question their potential efficacy. Critics argue that overregulation may stifle innovation and cripple the growth of the US crypto industry without meaningfully fighting crime.
The introduction of KYC requirements for decentralized finance (DeFi) platforms, as recently advocated by lawmakers, is particularly contentious. Critics proclaim that such stringent measures wouldn’t actually stop the small amount of financial crime occurring in the sector. Instead, it could eliminate the entire DeFi sector in the US, pushing developers, innovation, and investment offshore.
Striking a balance between effective regulation and fostering innovation within the US crypto industry is crucial. The proposed legislation reflects the government’s commitment to address these issues, but the industry and policymakers must work together to ensure that such measures do not inadvertently hinder legitimate growth and development. By finding a middle ground, the crypto industry can thrive while simultaneously minimizing its misuse by criminals.
