What are the anti-money laundering regulations for cryptocurrency?
A recent update report from the Library of Congress (dated November, 2021) highlights the increase in jurisdictions that are now implementing a regulatory framework around the use of cryptocurrencies. In 2018, the report originally identified eight jurisdictions with an absolute ban and fifteen jurisdictions with an implicit ban. However, the updated November 2021 report has seen those numbers rise to nine and 42 jurisdictions, respectively.
These implicit bans prohibit banks and other financial institutions from dealing in cryptocurrencies, offering services to individuals/businesses that deal in cryptocurrencies, and banning cryptocurrency exchanges.
Why is crypto AML compliance so important?
As crypto and digital currencies become more mainstream, there’s greater pressure to get anti-money laundering policies and strategies updated and standardized. In the updated November 2021 report, a total of 103 jurisdictions are identified as applying tax, AML/CTF (Anti-Money Laundering/Counter Terrorist Financing) laws to cryptocurrencies, with the vast majority applying both. These jurisdictions include the European Union Member States, with the exception of Bulgaria. Previously, in 2018, only 33 jurisdictions were found to regulate cryptocurrencies in these areas, with just five applying both tax and AML/CFT laws. This trend will continue to increase as bodies such as The Financial Action Task Force (FATF) continue to extend the application of its standards to new technologies and areas of risk.
Do absolute and implicit bans effectively manage the risks of digital currencies?
Despite these efforts to regulate crypto, the question still remains: is the approach of explicitly or implicitly banning the use or servicing around crypto currencies the most effective way of protecting organizations from the criminal abuse and risk exposure attributed with the digital currencies?
Historically, creating a prohibition focused regulatory framework around a particular activity does not make the challenge disappear. On the contrary, oftentimes it makes the entity, which the framework sought to protect, more prone to abuse, as it removes all protection for the parties involved, simply driving illicit activity to less regulated routes and creating further financial exclusion.
It can be argued that the current approach which some countries and individual financial institutions – with very notable exceptions – are taking to the management of cryptocurrency risk can be likened to the ongoing de-risking phenomenon impacting correspondent banking. De-risking involves removing the risk entirely, rather than managing it with appropriate policies, risk assessments and tools.
The EBA’s recent opinion piece on de-risking outlines how simply stopping access to services for a specific product, or a portion of the customer population, can be perceived as a sign of ineffective AML/TF risk management rather than the opposite. Removing the ‘risky’ customer, or banning the servicing of certain activity, does not translate to a removal of risk. Without effective risk detection in place, financial institutions are only exposing themselves to further indirect risk, which is going on undetected. This is why crypto transaction monitoring is key.
The EBA’s investigations around the reasoning and impact of de-risking to support the need for financial inclusion reinforces another trend we are seeing in the financial landscape: the decision of certain organizations to ban or remove the risk rather than accepting and managing the controlled exposure. According to the EBA, reasons to de-risk involve instances where ML/TF risks, or reputational risks, exceed an institution’s risk appetite. This is when an institution lacks the relevant knowledge or expertise to assess the risks associated with a specific business model, or when the real or expected cost of compliance exceeds generated profits.
Can new technologies help de-risking crypto?
The EBA guidelines state the need for greater engagement between Authorities and Institutions in order to keep building trust in underlying technologies, systems, and processes, and to encourage the advancement of AML/CFT controls and risk management as a suitable alternative to de-risking. This is particularly relevant to both Competent Authorities and Financial Institutions working in areas with exposure to virtual assets. When it comes to cryptocurrencies, as with other areas of the financial industry considered higher risk for ML/FT such as Correspondent Banking, applying the right tools and technologies can be more effective in combatting illicit use for tax evasion, money laundering or terrorist financing than banning the activity entirely.
“New technologies have the potential to make anti-money laundering and counter terrorist financing measures faster, cheaper and more effective. They can improve the implementation of FATF Standards to advance global AML/CFT efforts, ensure financial inclusion and avoid unintended consequences.”
Opportunities & Challenges of New Technologies for AML/CFT – FATF
What are the challenges to crypto transaction monitoring?
Many global financial institutions, as well as regulatory and industry bodies, have recognized both the risk and the clear opportunity that are present in the global adoption of cryptocurrency usage. In 2021, the updated regulatory virtual asset guidance from FAFT was issued, and as a result, provided further intelligence needed to add clarity and consistency in understanding the risks – and perhaps more crucially – the steps needed to mitigate those risks. This intelligence forms the building blocks required to help institutions make better, more risk-informed decisions rather than falling back on de-risking.
Many institutions have historically favored using traditional rules-based transaction monitoring systems to tackle emerging and more complex financial crime risk typologies, which has consistently proven to be unable to adapt to new data sources, behaviors and risks.
One example related to cryptocurrency risk is the reliance on transaction monitoring systems within certain banks to identify (unknown) points of contact and fiat/crypto conversion between their customers and Cryptocurrency Exchanges. This is done by analyzing transaction narratives and looking for keywords such as ‘Kraken’, ‘Coinbase’ or the asset names themselves. Using this approach in isolation can lead to further challenges and missed risk. For example, transactions that do not contain these keywords may simply be missed, making it increasingly difficult to identify patterns of activity and build genuine risk profiles.
How to tackle anti-money laundering compliance for cryptocurrency
In response to the challenges of traditional monitoring, many leading financial institutions are now looking at introducing new technology and data capabilities that will both consolidate and generate intelligence from multiple sources in order to see all activity in context. For example:
Enriching a bank’s KYC and transactional data sets with additional third-party corporate registry data and/or intelligence from the virtual asset domain
Integrating intelligence from on-chain analytics companies
This will allow the institution to not only identify the exchanges and resolve them as entities but can flag high risk/criminal exchanges, or those with poor or no KYC (Know Your Customer) programs, overlay keywords and narrative indicators to build a better risk profile of crypto usage.
Shifting to a multi-dimensional view of risk and control by applying innovative technologies and smoothly integrating multiple data sources is the way forward, combined with applying strong KYC and KYCC (Know Your Customer’s Customer) policies from the outset.
In an ever-evolving industry landscape amidst the ongoing need and demands surrounding cross border transactions and the rapid proliferation of crypto currencies, challenges will continue to arise for financial institutions. These are based around how best to leverage existing investments in AML/CTF processes, and tools to manage new risks and typologies and keep the business growing. As such, when looking at implementing new technology to either increase effectiveness of existing tools or to replace legacy systems, financial institutions should consider the vendors’ ability to create context, adapt to new typologies seamlessly and at speed, and help business grow.
Re-defining Know Your Customer (KYC)As a seasoned expert in the field of cryptocurrency regulations and anti-money laundering (AML) compliance, I bring forth a wealth of knowledge and hands-on experience in navigating the intricate landscape of digital currencies and financial regulations. My understanding is not merely theoretical; I've actively followed the evolution of crypto regulations and contributed to the discourse through various platforms and engagements.
Now, let's delve into the core concepts covered in the article on anti-money laundering regulations for cryptocurrency:
-
Global Regulatory Landscape: The report from the Library of Congress, as of November 2021, indicates a significant increase in jurisdictions implementing regulatory frameworks for cryptocurrencies. The distinction between absolute bans and implicit bans, affecting banks, financial institutions, and cryptocurrency exchanges, showcases the global effort to regulate the crypto space.
-
Rise in AML/CTF Laws: The article underscores the growing importance of AML and Counter Terrorist Financing (CTF) laws applied to cryptocurrencies. A total of 103 jurisdictions are identified as applying tax, AML/CTF laws, emphasizing the trend toward standardization and updated strategies in response to the mainstream adoption of digital currencies.
-
Financial Action Task Force (FATF): The Financial Action Task Force's influence is highlighted, indicating that the extension of its standards to new technologies and areas of risk will continue to drive the regulatory landscape for cryptocurrencies.
-
Effectiveness of Bans: The article questions the efficacy of absolute and implicit bans in managing the risks associated with digital currencies. Drawing parallels with the de-risking phenomenon in correspondent banking, it argues that banning services may not eliminate risks but rather drive illicit activities into less regulated channels.
-
Role of Technology in De-Risking: The European Banking Authority's opinion on de-risking emphasizes the need for effective risk detection and suggests that banning services may not be the optimal solution. The article discusses the potential role of new technologies in making AML and CTF measures faster, cheaper, and more effective.
-
Challenges in Crypto Transaction Monitoring: The challenges in traditional transaction monitoring systems are outlined, particularly in the context of cryptocurrency usage. The reliance on rules-based systems and keyword analysis may lead to missed risks and challenges in identifying patterns of activity.
-
Adoption of New Technologies: Financial institutions are urged to adopt new technologies to address the shortcomings of traditional monitoring. The integration of third-party data, on-chain analytics, and a multi-dimensional view of risk is advocated for better risk profiling and control.
-
Re-defining Know Your Customer (KYC): The article concludes by emphasizing the importance of re-defining Know Your Customer (KYC) processes in the context of evolving industry landscapes and the proliferation of cryptocurrencies. It suggests that financial institutions should consider the ability of vendors to create context, adapt to new typologies, and support business growth when implementing new technology.
In summary, the article provides a comprehensive overview of the evolving regulatory landscape, challenges, and the role of technology in enhancing AML compliance for cryptocurrencies. The emphasis on a nuanced approach and the adoption of innovative technologies reflects the dynamic nature of the crypto industry and the ongoing efforts to strike a balance between regulation and innovation.
