Report of the Attorney General's Cyberdigital Task Force: Cryptocurrency Enforcement Framework

On Oct. 8, 2020, the United States Department of Justice (DOJ) Office of the Deputy Attorney General’s Cyber-Digital Task Force, published “Cryptocurrency: An Enforcement Framework” (the Framework). The Framework highlights the emerging criminal and national security threat that cryptocurrency use poses to the US and provides detailed information about the DOJ’s approach to combating the illicit uses of cryptocurrency and related technologies. This client alert summarizes the information contained in the Framework and provides strategies for compliance with cryptocurrency-related regulatory requirements.

Illicit Uses of Cryptocurrency

The Framework begins with an overview of cryptocurrency and some of its key characteristics (e.g., decentralized in nature, varying degrees of anonymity), and then describes in some detail both the legitimate and illegitimate uses of this type of virtual asset. In focusing on the ways in which malicious actors leverage cryptocurrency for criminal and illegal purposes, the Framework identifies the following categories of illicit activity:

A. Using cryptocurrency to commit crimes or support terrorism 

  1. Buying and selling illegal goods (e.g., drugs, child sexual abuse material, firearms, explosives, toxic substances, counterfeit identification documents, stolen credit card numbers)
  2. Buying and selling the tools required to commit crimes or support terrorism (raw materials to manufacture drugs or explosives, cyber tools, and computing capabilities, including servers and domains, to engage in cybercrime)
  3. Ransom, blackmail, and extortion
  4. Raising funds for criminal activity and terrorism 

B. Using cryptocurrency to hide financial activity

  1. Money laundering
  2. Operating unlicensed, unregistered, or noncompliant exchanges
  3. Tax evasion
  4. Sanctions evasion

C. Committing crimes within the cryptocurrency industry

  1. Theft and fraud
  2. Cryptojacking

Throughout this section, the Framework gives examples of recent enforcement actions that highlight various criminal schemes involving cryptocurrency, such as cases relating to ransomware, darknet markets, terrorist financing, money laundering, and operating unlicensed money services businesses.  Specific examples include the SamSam ransomware case, in which two Iranian men were indicted in November 2018 for executing an international computer hacking and extortion scheme involving $6 million in ransom payments and over $30 million in losses to more than 200 victims, along with the recent (August 2020) actions to dismantle three terrorist financing cyber-enabled campaigns involving the al-Qassam Brigades, al-Qaeda, and ISIS. These cases highlight the cross-border nature of enforcement, the risk typologies associated with cryptocurrencies, and the importance of adhering to regulatory requirements.

Regulatory Landscape

In its second section, the Framework presents the current cryptocurrency regulatory landscape, including applicable laws and regulations, as well as relevant regulatory authorities. For the subsection on laws and regulations, the Framework describes the wide variety of federal criminal code authorities that prosecutors can use to bring cases for cryptocurrency-related crimes, including money laundering and asset forfeiture charges. When discussing relevant regulatory authorities, the Framework describes the key US federal, state, and international regulatory agencies that have enforcement authority over cryptocurrency activity. The Framework also highlights the close interaction that DOJ has with several of these agencies, such as the assistance the Financial Crimes Enforcement Network provides to law enforcement by generating investigatory leads through regulatory reporting requirements, DOJ’s enforcement of criminal violations of US sanctions law, and the support DOJ provides to the U.S. delegation to the Financial Action Task Force (FATF) (e.g., contributions to the development of FATF standards, analysis, and case examples).

Ongoing Challenges and Future Strategies

In its final section, the Framework identifies the types of business models and activities that may facilitate cryptocurrency-related criminal activity as well as strategies that DOJ expects to deploy in response. These business models and response strategies are presented below.

A. Business Models and Activities That May Facilitate Criminal Activity

  1. Cryptocurrency exchanges
  2. Peer-to-peer exchangers and platforms
  3. Cryptocurrency kiosks
  4. Virtual currency casinos
  5. Anonymity-enhanced cryptocurrencies
  6. Mixers, tumblers, and chain-hopping
  7. Jurisdictional arbitrage and compliance deficiencies

B. DOJ Response Strategies

  1. Investigations and prosecutions generally
  2. Promoting law enforcement awareness and expertise
  3. The Digital Currency Initiative
  4. Fostering cooperation with state authorities
  5. Enhancing international cooperation and promoting comprehensive and consistent international regulation 
  6. The General Data Protection Regulation 
  7. Conducting private sector education and outreach

Guidehouse Strategies for Compliance

A. Risk Assessment

Institutions should conduct or update their Bank Secrecy Act/Anti-Money Laundering/Sanctions risk assessment to identify how cryptocurrencies may impact the organization’s risk for potential exposure to money laundering and sanctions violations.  When conducting a risk assessment, it is important to understand the types of cryptocurrency actors and how they may interact with your own institution, including administrators, miners, exchangers, and mixers. 

B. Know Your Customer  Assessment and Update

Institutions may need to conduct a Know Your Customer (KYC) refresh to include additional information related to cryptocurrency activity. In addition, institutions should update their KYC procedures to ensure that the additional information is captured in the future.  Additional information they should consider capturing includes the following:

  1. Wallet addresses
  2. IP addresses 
  3. Expected cryptocurrency activity, including types of cryptocurrencies expected to be used
  4. Expected counterparties 

C. Transaction Screening and Surveillance

An institution must ensure that its filter technology solution is capable of generating alerts on cryptocurrency-related identifiers. An institution should also be proactive in using blockchains to analyze patterns behind how sanctioned entities use digital assets.  Technology marketed by detection solution providers can trace activity by individual wallet addresses to identify activity obscured by mixers and tumblers. Any blockchain analysis should be incorporated into policies, procedures, and training.  

D. Training

Institutions should periodically conduct training related to cryptocurrencies. Training topics should include:

  1. Characteristics of cryptocurrencies and their susceptibility to sanctions risks.
  2. Money laundering and sanctions-evasion typologies unique to cryptocurrencies.
  3. Reinforcement of reporting requirements for money laundering and sanctions-related violations that may include cryptocurrencies.
  4. Regulator guidance and industry best practices related to cryptocurrencies.

Guidehouse has deep expertise in helping clients in the digital assets space with implementing these and other compliance strategies. In addition, our Business Optimization and Strategy Services offering brings integrated solutions and subject matter expertise to develop lasting, effective, and high-performing organizations in the cryptocurrency area. The core components include business and operating models, governance, and regulatory and compliance advisory services, but the real success comes from integrating these offerings with other technical disciplines—such as Enterprise Risk Management, data analytics, human capital, and cybersecurity. While our clients’ challenges may be diverse, our goal is simple—enable clients to be resilient in the future, while optimizing in the present.

About the Experts

Back to top