By Ted Sausen, Director, Subject Matter Expert, AML, NICE Actimize
In the early stages of global regulatory involvement in cryptocurrencies, regulators and enforcement officials expressed concern but had different priorities depending on their locale. The APAC region seemed to be more focused on the theft of cryptocurrencies, whereas, the Americas (US) was more concerned about the safety of its investors and market manipulation. Regulators in EMEA were more concerned about cryptocurrencies ties to money laundering activities. In today’s world, the industry is addressing all those areas of concern, and safety measures are being put in place to address each of them. But the story doesn’t stop here.
Are crypto firms themselves laser-focused on anti-money laundering compliance? They may be coming around and stepping up by providing greater controls – but in some cases, perhaps not fast enough.
For several years, US regulators have been alerting the markets of the risks involved with cryptocurrencies and the necessity to take action to protect their institutions and their customers. It’s hard to believe that it has been a decade since virtual assets worked their way into regulations set forth by FinCEN. In 2011, FinCEN changed the definition of Money Services Businesses (MSBs) to include virtual assets. This was further clarified in 2013, when FinCEN clarified that MSBs who deal with Convertible Virtual Currencies (CVCs) are money transmitters and must abide comply with the rules set forth in the Bank Secrecy Act (BSA). This was again stated in the AML Act of 2020. Cryptocurrencies are within the scope of the BSA. Interestingly enough, you won’t specifically find the words “virtual”, “digital”, or even “crypto” currencies in these regulations, it is much more broadly stated, and makes reference to any “value that substitutes for currency.”
But let there be no doubt that enforcement actions have begun. As early as 2015, we started to see actions taken against companies like Ripple for not registering as an MSB. In 2017, FinCEN made its first sizeable ($110 million) fine against BTC-e for operating without a license and conducting criminal behavior. In 2019, FinCEN assessed a civil money penalty against an individual, Eric Powers, for willfully violating the Bank Secrecy Act’s (BSA) registration, program, and reporting requirements. And just recently (August 2021), FinCEN and the CFTC settled their civil lawsuits against BitMEX crypto exchange and its holding company to the tune of $100 million. To date, US regulators have levied over $2.5 billion in penalties since bitcoin’s debut in 2009 – most of which have come from the Securities and Exchange Commission.
Going back to the original question, “Are crypto firms laser-focused on Anti-Money Laundering compliance,” the term “laser focused” may be a bit strong, at least for the US market; however, special attention is being focused on complying with Anti-Money Laundering regulations. The amount of focus and resources applied though, varies by the organization. There are larger, more established institutions, that have addressed these issues head on. They recruited experienced AML Experts and established compliance teams. Processes are in place to do all the necessary checks to onboard clients and monitor their activities throughout the life of the customer relationship. As many of these organizations are new, they have implemented the latest technologies for such things as identify verification using facial recognition. Progress has been made, and advanced technology has been adopted.
Unfortunately, this is not always the case with every institution dealing with cryptocurrencies. As with traditional financial institutions, AML program maturity varies, sometimes significantly. Crypto firms understand AML compliance is a requirement; however, they don’t all have skilled resources, and some look to do the bare minimum needed to get by. As with the UK, there are virtual asset service providers in the US market that are not registered. This opens the door for money launderers and bad actors of other illicit activities such as terrorist financing.
Where do we go from here, particularly in the US? Regulations are set, and the “grace period” is over. We’ve seen several enforcement actions, some sizeable, and this will continue to occur. Tighter controls will be put in place to enforce adherence to regulations, and new regulations will continue to evolve. There may always be unregistered virtual asset service providers; however, the number will continue to shrink.
But one thing the markets can count on is that in the next several years, we will see stronger enforcements, and unprecedented fines. If cryptocurrency firms don’t become invested in strengthening their anti-money laundering compliance programs, it will be to their detriment and certainly will result in a major loss of profits. More important, it could be detrimental to their reputations, key to successful market adoption.