Deutschland
India
Lietuva
United Kingdom
Search
Search
Search
By Alma Angotti, Gene Bolton
On October 19, 2023, the Financial Crimes Enforcement Network (FinCEN) announced a Notice of Proposed Rule Making (NPRM) that identifies Convertible Virtual Currency (CVC) mixing (CVC mixing) as a class of transactions of primary money laundering concern pursuant to Section 311. This is the first time FinCEN has designated a class of transactions under Section 3111. The NPRM proposes rules that would require covered financial institutions to implement certain recordkeeping and reporting requirements for transactions involving CVC mixing.
Current State: Regulatory Requirements and CVC Mixing
One of the primary differences between crypto and traditional finance is that crypto-currency transactions are traceable on publicly available blockchains. CVC mixing, however, uses anonymity-enhancing technologies to make crypto harder to trace. Due to the numerous illicit applications of CVC mixing, it has long been (in crypto years) a known money laundering typology2. The Office of Foreign Assets Control (OFAC) has, in fact, designated certain mixing services as Specially Designated Nationals and Blocked Persons (SDNs) (see: Tornado Cash) due, at least in part, to the fact they are a CVC mixing service.
Currently, covered financial institutions (FIs) with CVC mixing exposure (such as CVC exchanges), are required to report suspicious activities if there is activity by, at, or through the institution that meets Suspicious Activity Report (SAR) filing criteria. For example, CVC exchanges with hosted wallets may file a SAR if a customer receives digital assets directly from a known CVC mixing service. Whether an institution files a particular SAR, however, is based on the totality of circumstances (i.e., whether the exposure is direct or indirect), and other red flags—or mitigants—about that particular customer.
Future State: Proposed Requirements and Implications
This proposed rule does not change a covered FI’s SAR filing obligations, but instead imposes new reporting requirements on CVC mixing as a class of transactions. Specifically, covered FIs would be required to report "covered transactions” to FinCEN within 30 calendar days of initial detection, regardless of whether such transactions were already reported in a SAR3.
FinCEN defines “covered transactions” as “A transaction as defined in 31 CFR 1010.100(bbb)(1) in CVC by, through, or to the covered financial institution that the covered financial institution knows, suspects, or has reason to suspect involves CVC mixing within or involving a jurisdiction outside the United States.”
Importantly, FinCEN states that “…covered transactions do not include transactions that are only indirectly related to CVC, such as when a CVC exchanger sends the non-CVC proceeds of a sale of CVC that was previously processed through a CVC mixer from the CVC exchanger’s bank account to the bank account of the customer selling CVC.4” In other words, off-ramping transactions in fiat would not be considered a covered transaction, even if the crypto was involved in CVC mixing.
In the NPRM, FinCEN highlights several different types of CVC mixing methods, but notes that one of the most common is the use of mixers—like Tornado Cash. “CVC mixers can accomplish this through a variety of mechanisms, including: pooling or aggregating CVC from multiple individuals, wallets, or accounts into a single trans-action or transactions; splitting an amount into multiple amounts and transmitting the CVC as a series of smaller independent transactions; or leveraging code to coordinate, manage, or manipulate the structure of the transaction…5”
FinCEN, however, explicitly states that CVC mixing does not solely rely on the use of a CVC mixing service. In the NPRM, FinCEN highlights methods that may be indicative of CVC mixing, such as “peel chains”6 and “chain hopping,”7 among other methods. Covered FIs, therefore, may need to implement new monitoring techniques to detect activity indicative of CVC mixing, beyond simply looking at exposures to mixing services8.
FinCEN would require covered FIs to report the following information about a covered transaction9:
FinCEN would also require covered FIs to report the following customer information associated with the covered transaction10:
As part of the NPRM, FinCEN is requesting comments on specific matters. If you are an impacted FI, then you should review these specific matters and provide comments, as appropriate. In addition, impacted FIs should start reviewing current systems, processes, and controls to assess (a) their exposure to CVC mixing; and (b) ability to detect and potentially report transactions as required.
Industry participants may also argue that there are legitimate applications for CVC mixing. FinCEN addresses this perspective in the NPRM (See: The extent to which the class of transactions is used for legitimate business purposes) but does not offer much by way of specificity. Although FinCEN states “…CVC mixing may be used for legitimate purposes, such as privacy enhancement for those who live under repressive regimes or wish to conduct licit transactions anonymously,” most of this section highlights the illicit nature of CVC mixing, despite its title. This section is a telling sign of Treasury’s expectations—that CVC mixing should be generally regarded as suspicious, regardless of other factors. As a result, impacted FIs, at a minimum, should consider reviewing investigative protocols and detection systems to ensure they are able to identify CVC mixing and file SARs, as appropriate.
Guidehouse is a global consultancy providing advisory, digital, and managed services to the commercial and public sectors. Purpose-built to serve the national security, financial services, healthcare, energy, and infrastructure industries, the firm collaborates with leaders to outwit complexity and achieve transformational changes that meaningfully shape the future.