Cryptocurrency

Money Laundering
Methods and Financial
Crime Prevention
 Cryptocurrency Money Laundering using
Virtual Currency Exchanges
There are numerous cryptocurrency
exchanges that are regulated, that comply
with applicable laws and regulations, and that
cooperate with law enforcement authorities.
The majority of them also requires customer
identification and conducts customer due
diligence. However, there are still a few
cryptocurrency exchanges that aligned their
services towards the needs of criminal clients
by enabling purchasing and selling virtual
currencies without requiring a proper form of
identification or verifying the provided
identities.
But criminals can certainly use legitimate
exchanges and apply various techniques
there to circumvent verification processes and
take advantage of the payment methods
offered by exchanges. Fake identity
documents are available online and via
Darknet markets enabling criminals to stay
anonymous. Some exchanges have already
upgraded their customer due diligence
requirements and are now putting in Skype
verification calls or require customers to
produce self-generated images holding their
ID and papers with a random text written on it.
However, criminals already found new ways
to bypass the current verification processes.
Virtual currencies exchanges offer different
payment methods to buy or sell virtual
currencies, predominately bank transfers and
credit or debit card payments. Some also
offer the use of Money Service Businesses
such as Western Union and MoneyGram,
PayPal, bank cheques and even cash
including cash deposits and cash in mail.
Money laundering vulnerabilities associated
with the use of cash are commonly known.
Cryptocurrency Money Laundering Methods and Financial Crime Prevention
The use of cash is widely recommended
by criminals discussing in online forums as
a simple means of avoiding tracing or
detection. Money launderers can simply
engage in crypto-to-cash transactions
either with their associates or with third
parties they encounter.
Another simple way to stay anonymous is
the use of prepaid credit and debit cards
which can be bought in supermarkets,
stores or online. There are exchanges
where customers can buy cryptocurrencies
with a prepaid credit and debit cards
instantly without the need to supply any
proper form of identification.
Another avenue through which criminals
can undertake Bitcoin money laundering is
unregulated cryptocurrency exchanges.
Exchanges that are not compliant with
AML practices and which fail to perform
strict and thorough identity checks allow for
cryptocurrencies to be traded over and
over again across various markets,
deposited onto unregulated exchanges,
and traded for different altcoins.
The repeated exchanges of one type of
cryptocurrency for another can slowly
clean the funds, which criminals can
eventually withdraw to an external wallet.
01
 Let’s take a look at probably one of the most scandalous cases of the recent past. Following
an investigation led by US authorities a Russian national operating one of the largest virtual
currency exchanges in the world was arrested in Greece in July 2017. This exchange was
by all means an exchange for cybercriminals worldwide, and one of the principal entities
used to launder and liquidate criminal proceeds from digital currencies to fiat currencies,
including U.S. dollars, Euros, and Rubles. This exchange lacked in basic anti-money
laundering controls and policies, such as Know-Your-Customer, and was therefore very
attractive to those who desired to conceal criminal proceeds. The exchange facilitated
serious crimes, including computer hacking, ransomware, fraud, identity theft, tax refund
fraud schemes, public corruption, and drug trafficking.

But there is more. The users of the exchange could not fund an account by directly
transferring money from their bank accounts to a bank account of the exchange itself, but
rather had to wire funds to bank accounts of one of the exchange’s shells or affiliate entities.
It was also possible to send or receive fiat currencies and virtual currencies from other
users, but users could not withdraw funds from their accounts directly. Instead they were
required to make deposits or withdrawals through the use of third-party exchanges, thus
enabling the exchange of question to avoid collecting any information about its users
through banking transactions or other activity that would leave a financial paper trail.

According to the authorities, users even openly and explicitly discussed criminal activity on
the exchanges user chat and the exchange’s customer service representatives offered
advice on how to process and access money obtained from illegal drug sales on darknet
markets like Silk Road, Hansa Market, and AlphaBay.

Finally it is also important to bear in mind that virtual currency exchanges do not only serve
the purpose of converting virtual into fiat currency and vice versa, but they can also be used
for the conversion of a virtual currency into another, including the more recent and with
enhanced anonymity virtual currencies.

New cryptocurrencies such as monero, zcash, dash or pivx allow anonymous transactions.
Especially monero and zcash provide private transactions keeping amounts, balances,
source and destination addresses anonymous and thus making it hardly possible to trace
back transactions or identify their real owner. Other’s such as dash and pivx simply mix
transactions involving multiple sources into a single transaction.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

02
 Using Money Mules or Smurfs
The first cryptocurrency money laundering method involves the use of so-called money
mules or smurfs. A money mule is a person that transfers funds on behalf of the money
launder. Money launderers usually utilize numerous of money mules and break up and
divide large funds between them so that they don‘t get detected easily. Cryptocurrency
money launderers apply the same principle and utilize money mules as well. They usually
do this in 4 quite simple steps:

1. The first step is opening verified
accounts at crypto exchanges. In order to
convert cryptocurrency that is deriving from
illegal activities, such as ransomware and
fraud, into fiat currency, the money
launderer opens numerous accounts using
money mules as frontman with false
documents to surpass identification and
verification.
2. The second step is transferring the dirty
cryptocurrency from crypto addresses or
wallets to the exchanges. The money
launderers then use tumblers or mixers for
transferring the cryptocurrency to the
verified account opened at an exchange
with false identification documents.
3. The third step is opening bank accounts
with money mules. The money mules
open several bank accounts in a third
country with false foreign identification
documents. All the documentation
associated with the opening of these bank
accounts is then delivered to the money
launderer.
4. The last step is transferring the
cryptocurrency from the exchanges to the
local bank accounts opened by money
mules. At this stage since the criminal
money was already separated from its
original source. Then money launderer
can use the money for whatever purpose.
Usually these bank accounts are used for
short periods of time and their balance
typically does not exceed EUR 30,000.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

03
 Using Prepaid Cards or Debit Cards
The second cryptocurrency money laundering is quite simple and involves using prepaid
cards. Believe it or not, but nowadays prepaid debit cards can be loaded with
cryptocurrency. Once the prepaid debit card is loaded, the funds can then be used to fund
different types of illegal activities, they can be traded for other currencies, or they can be
handed off to third parties.

Online Gambling and Gaming

The third cryptocurrency money laundering methods is also rather simple and involves
online gambling. There numerous online gambling and gaming websites that accept
cryptocurrencies. Cryptocurrency can be used to buy credit or virtual chips. Usually, the
money launderers would play for a few rounds and than cash out again after just a few small
transactions. By doing so, the money launderer has an explanation for the origin of the
funds right away. He can simply claim that the funds are the proceeds from winning in online
games.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

04
 Using ATMs
The next cryptocurrency money laundering method is a little bit more sophisticated and
involves the use of automated teller machines or ATMs.

As of September 2019, there were 5,457 Bitcoin ATMs worldwide. Continually connected to
the internet, Bitcoin ATMs allow anyone with a credit or debit card to purchase Bitcoin.
Additionally, they may possess bi-directional functionality allowing users to trade Bitcoins for
cash using a scannable wallet address.

Bitcoin ATMs can also accept cash deposits, providing a QR code that can be scanned at a
traditional exchange and used to withdraw Bitcoin or other cryptocurrencies.
Regulations used by financial institutions to obtain a record of customers and transactions
for these machines vary by country and are often poorly enforced. Criminals can exploit
loopholes and weaknesses in cryptocurrency ATM management to get around Bitcoin
money laundering risks.

Money launderers are increasingly making use of Bitcoin ATMs to launder illegally obtained
money. Whereas previously banking transfers or remittance services such as Western
Union or MoneyGram where used, criminals now instruct their money mules to withdraw
money from compromised bank accounts and to use it to buy Bitcoins via a Bitcoin ATM. To
avoid any identification procedures the criminal depositors would apply smurfing techniques
to split the funds to batches of under EUR 1.000.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

05
 Using P2P Networks
The fifth cryptocurrency money laundering method involves the so-called peer-to-peer
networks. In fact, to lower crypto money laundering risk, many criminals turn to
decentralized peer-to-peer networks which are frequently international. Here, they can often
use unsuspecting third parties to send funds on their way to the next destination.
Most cryptocurrency money laundering schemes end with the clean coin funneled into
exchanges in countries with little or no AML regulations. It's here that they can finally
convert it into local fiat and use it to purchase luxury or other high-end items such as sports
cars or upscale homes.

Using Local Stores

The sixth cryptocurrency money laundering method involves using local stores. Nowadays,
the possibility exists to trade cryptocurrencies Face-to-Face. On the internet, it’s possible to
find private vendors that wish to sell cryptocurrencies for a small fee. Several sites on the
Internet offer to match individuals willing to buy or sell Bitcoins in person. LocalBitcoins.com
is the most famous of such market places. Some sellers prefer cash as payment while
others may allow various forms of payment such as online payment service, bank or money
services businesses-transfers, or others.

According to information provided by a European Police Authority, it was found that a

money laundering organization, that was traditionally dedicated to place and layer criminal
funds derived from the trafficking of cocaine from Spain to Colombia via the use of bank
account smurfing techniques, had updated its modus operandi and was now using
LocalBitcoins.com to carry out its international transfers.

After picking up considerable amounts of criminal cash from drug traffickers in Europe this
money laundering organization continued to use its smurfing techniques to split and deposit
funds into a large number of bank accounts under their control. After several transfers to
other bank accounts, the funds were ultimately used for the purchase of Bitcoins from
private vendors located in different European countries, via the use of the LocalBitcoins
platform.

In order to then move the value of the obtained Bitcoins to Colombia the money laundering
organization uses two simple options:

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

06
 Option 1: On the same day, the exact amount of purchased Bitcoins in the European
Union was resold by the money laundering organization, by again using the services of
Local.Bitcoins.com. But this time the Bitcoins were sold to private buyers in Colombia
that pay with bank transfers directly into Colombian bank accounts, in Colombian pesos.

Option 2: On the same day, the LocalBitcoin wallet, in which the purchased Bitcoins
and the necessary information to access and use the wallet where stored, was delivered
to the cocaine trafficking criminal organization in Colombia. They can then use the value
stored in that wallet in Colombia or anywhere in the world.

Using Mixing or Tumblers

The last cryptocurrency money
laundering method involves mixing
services, known as tumblers.
Tumblers can be used to
effectively split up the dirty
cryptocurrency. Tumblers send it
through a series of various
addresses and then recombine it.
The reassembly results in a new,
rather clean and hardly traceable
amount of cryptocurrencies. In
most laundering cases that involve
tumblers, the cryptocurrency starts
in a legitimate wallet on the
whitenet.

It is then transferred to a wallet in

the dark web making multiple hops
before landing in a second dark
web wallet. It's at this point that the
currency is clean enough to bring it
back up to the whitenet and trade
it on a legitimate cryptocurrency
exchange or even sell if for fiat
currency, such as Euro, Dollar, or
Pound.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

07
 Identifying Cryptocurrency Red Flags
Actually, there is currently no golden source that has comprehensively identified all the red
flags and indicators relating to the use of cryptocurrencies, but there are several lessens
learned.
Technical Red Flags
Firstly, you might want to look for
discrepancies between the submitted
customer identification and the IP
address. For example, if a user
provides documentation on an
account, indicating an address in the
UK, and then all IP addresses
associated with the customer’s
activity are noted as being from
Japan, you can count this as a red
flags.
Secondly, suspicious IP addresses in
conjunction with suspicious
usernames, including nicknames or
ICQ numbers, are another red flag
that would help in the detection of
potentially criminal money flows.
Thirdly, you also want to look at
logins or login attempted from non-
trusted IP address or from a user’s IP
that was previously identified as
associated with suspicious activity.
Cryptocurrency Money Laundering Methods and Financial Crime Prevention
Financial Red Flags
First of all, watch out for large number
of bank accounts or wallets held by the
same administrator or by the same
exchange. This can, of course,
sometimes even happen in different
countries and is an indicia for flow-
through accounts, potentially indicating
layering activity. Just to double-check
this one, look if a business rationale for
such a structure is available and makes
sense.
Secondly, check if your cryptocurrency
customer or if a cryptocurrency
exchange are located in one country,
but holding there accounts and wallets
in other countries, where they do not
appears to have a reason for being at.
In addition, look for unexplained
business rationales that could be
suspicious.
Thirdly, be wary of back and forth
movement of cryptocurrency funds
between bank accounts held by
different customers or virtual currency
exchange companies located in
different countries. This may also be
indicative of layering activity in case it
does not fit the business model.
Last but not least, check if the volume
and frequency of cash transactions,
which might sometimes be structured
below reporting thresholds, conducted
by the owner of a cryptocurrency wallet
make economic sense.
01
08
Limitations of cryptocurrencies for financial
crimes
Last but not least, we will examine possible reasons for the current limited use of
cryptocurrencies in the world of financial crime, including areas of financial crime such as
money laundering and terrorist financing.

Anonymity

The anonymity of a cryptocurrency depends on many factors, including operational and

technical factors. To understand this, let’s recall that cryptocurrencies are from a technical
perspective not owned by people or institutions. Instead, cryptocurrencies are controlled by
whoever has the cryptographic private keys.

For example, if the owner of a key gives the private key to another person, the new person
could spend the money, but so could the first person if they kept a copy of the keys. The
owner of a key can be identified only by the corresponding public key. For this reason,
Bitcoin is frequently called pseudonymous because identities are masked by the keys, but
this is somewhat misleading. The owner of a key could be well known if they publish their
public key to allow others to send them money, and even if not, they could actually be
identified.

For example, if someone were to use a single public-private key pair for all of their
transactions, which is known as key reuse, it would be relatively easy for an observer to
discover their identity. This is due to the fact that the first transaction that is made on the
blockchain is tied to the person’s real-world identity, which means that the second
transaction is as well, because the blocks always link to the predecessor. This would be an
operational failure for anonymity. Even without any key reuse between transactions, it is
possible to find users who control multiple accounts because the outputs are used together
for a single purchase.

In addition, there are many other threats to cryptocurrency anonymity that can potentially
identify users, including temporal data, off-network information, IP address data, and other
side channels. There has been much work on deanonymization using a variety of methods,
and even transactions that are not yet able to be deanonymized are plausibly susceptible,
given future capabilities.

Users can mitigate some of these technical threats to anonymity by using techniques that
are built into some newer cryptocurrency applications or by taking steps to use
cryptocurrencies more anonymously, such as using a coin mixer to hide ownership or
obfuscating IP addresses. However, defending against all threats requires significant
technical knowledge and following best practices very consistently.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

09
 Additionally, many potential operational methods of
evading detection, like using TOR to hide IP
addresses when using cryptocurrencies, have their
flaws. It is difficult for users to know when they have
been successful at evading deanonymization and
detection. For this reason, cryptocurrencies are not
trustworthy in the face of technically sophisticated
adversaries. Even with a cryptocurrency that is
more effectively anonymous than cryptocurrencies
such as Bitcoin, there are no guarantees that
anonymity will stand up to law enforcements’ efforts
to attack it.

Non-Bitcoin cryptocurrencies incorporate a variety

of mechanisms to boost their anonymity by
obfuscating transactions. Dash for example
employs a type of mixing by default. Coins as such
employ a variety of other methods for masking
ownership, such as standard denominations to hide
transaction amounts. Despite this, other avenues of
deanonymization exist. The cryptonote protocol, for
example, uses a cryptographic technique called
ring signatures that enables pseudonym reuse
while making it more difficult to associate it with a
user spending money. This approach masks which
public key was used for a transaction, making the
blockchain a less public ledger. Modifications of this
concept have been implemented that also allow
transaction amounts to be obfuscated. Monero, the
largest of these currencies, bills itself as “Secure,
Private, and Untraceable” and has begun to gain
adoption in online darknet markets for drugs. IP
masking, which has been incorporated into Monero,
is another technique to boost anonymity. Monero is,
however, only the latest in a series of purportedly
anonymous cryptocurrencies that seem poised to
gain significant market share; others are Dash,
BlackCoin, ShadowCash, and Zcash. Each has
adherents, but none has found the widespread
adoption that Bitcoin, Ethereum, and other legal
and less anonymous currencies have. Widespread
adoption, in turn, comes with more acceptance and
greater volume.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

10
 Usability

Secondly, there is the issue of Usability. Like many emerging technologies, cryptocurrencies
are difficult for newcomers to use. Once a new user has broken through the initial
knowledge challenges, the user will most likely find himself using wallets for managing the
cryptocurrency. However, such easy-to-use online wallets that manage funds for the user
are problematic for surreptitious use, because the service can both see details of what is
being done and freeze funds. You can imagine these wallets as being similar to banks in
that they are subject to anti–money laundering regulations.

Methods of managing cryptocurrency anonymously require somewhat more technical

sophistication, but general trends indicate that the technical sophistication of both users and
the public is increasing, while cryptocurrency developers are increasing usability and
working on making these systems more secure. For example, there is a quite infamous
book on using Bitcoin anonymously that is relatively user- friendly for those who are
technically adept. On the other hand, use of techniques that allow anonymity might,
paradoxically, function as a red flag for law enforcement monitoring the use of these
currencies. Additionally, even the use of sophisticated techniques will not necessarily
provide anonymity in the face of a sophisticated opponent.

Security

Let us talk about Security for a moment. Closely related to usability is security. Security is a
critical need for any user of a monetary system, and cryptocurrencies have many potential
weaknesses that traditional currencies do not share. For example, many formerly centrally
run cryptocurrency exchanges, which allowed users to easily create online wallets, have
been compromised. These compromises - both insider-driven and external - led to well-
publicized losses of user funds. This type of loss is far from unknown in traditional banking,
but the procedures for handling it make these losses unlikely to affect depositors.

The alternative to such centrally run systems are user-controlled wallets. The use of such
wallets requires the user to secure the system. Hardware wallets, which allow users to store
currencies in a dedicated device, are susceptible to a variety of attacks that range from
highly technical thefts to simple theft. The use of software wallets on the other hand require
the user to secure the system being used to store them. A compromise of the computer
system could easily lead to a complete loss of funds. Even in 2011, so rather early in the
history of cryptocurrencies, some computer viruses were found that stole Bitcoin. Most
users are not capable of fully securing a computer or smartphone holding cryptocurrency,
and in other domains, even well-protected, fully offline systems have been hacked by
sophisticated adversaries.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 11

 In addition to hacking, there is a possibility of protocol-level vulnerabilities: If there is a flaw
in the software, or in the logic of how the system works, it could be exploited. Even if the
code is secure, the standard assumption in cryptography is that systems and algorithms
become less secure over time as flaws and attacks against the system are found. It is very
likely and quite real that this also applies to all sorts of cryptocurrencies.

As alternative cryptocurrencies become more widespread, attract academic interest, and

become valuable enough for attackers to want to steal, they are likely to experience the
same types of attacks that have been waged against Bitcoin in the early days. For example,
the ring signature schemes used in some cryptocurrencies have been found to provide no
anonymity, leaving the systems vulnerable to attack.

It is unclear how difficult it will be to use these currencies securely in the future. I personally
expect that concerns about security will decrease over time if no such breaches occur.
Nonetheless, criminal organization still might not trust these systems, especially because
they are largely designed and maintained by people working in Western countries, and
many of the world’s largest criminal organizations, including large-scale money launderers
and terrorist groups, they are not.

Acceptance

In addition, one must keep in mind the acceptance of cryptocurrencies. The limited reach of
cryptocurrencies at present is a significant challenge, especially in the regions where
criminal organizations operate, which applies to terrorist organizations and large-scale
money launderers in particular. For example, despite the large network of Bitcoin-accepting
vendors and services, there are few Bitcoin ATMs in the Middle East and outside of Israel.
The future trajectory of these currency technologies is uncertain, but if and when consumer
use increases across the world, it will make use by criminals such as terrorists, for example.
much more plausible. Generally, however, the conditions needed to allow, for example,
terrorist groups, to establish themselves and flourish, such as failed states and lack of
government oversight, might make the technological infrastructure needed for
cryptocurrencies infeasible.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

12
 In addition to hacking, there is a possibility of protocol-level vulnerabilities: If there is a flaw
in the software, or in the logic of how the system works, it could be exploited. Even if the
code is secure, the standard assumption in cryptography is that systems and algorithms
become less secure over time as flaws and attacks against the system are found. It is very
likely and quite real that this also applies to all sorts of cryptocurrencies.

As alternative cryptocurrencies become more widespread, attract academic interest, and

become valuable enough for attackers to want to steal, they are likely to experience the
same types of attacks that have been waged against Bitcoin in the early days. For example,
the ring signature schemes used in some cryptocurrencies have been found to provide no
anonymity, leaving the systems vulnerable to attack.

It is unclear how difficult it will be to use these currencies securely in the future. I personally
expect that concerns about security will decrease over time if no such breaches occur.
Nonetheless, criminal organization still might not trust these systems, especially because
they are largely designed and maintained by people working in Western countries, and
many of the world’s largest criminal organizations, including large-scale money launderers
and terrorist groups, they are not.

Acceptance

In addition, one must keep in mind the

acceptance of cryptocurrencies. The limited
reach of cryptocurrencies at present is a
significant challenge, especially in the regions
where criminal organizations operate, which
applies to terrorist organizations and large-scale
money launderers in particular. For example,
despite the large network of Bitcoin-accepting
vendors and services, there are few Bitcoin
ATMs in the Middle East and outside of Israel.
The future trajectory of these currency
technologies is uncertain, but if and when
consumer use increases across the world, it will
make use by criminals such as terrorists, for
example. much more plausible. Generally,
however, the conditions needed to allow, for
example, terrorist groups, to establish
themselves and flourish, such as failed states
and lack of government oversight, might make
the technological infrastructure needed for
cryptocurrencies infeasible.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

12
 Reliability

The newness and instability of cryptocurrency as a whole, and of specific cryptocurrencies,

might create concerns about reliability. Bitcoin’s price instability is the obvious example, but
additional reliability issues exist - especially if support for the currency declines - and could
lead to developers abandoning a project or a lack of commercial support by exchanges.
Most cryptocurrencies that have been launched are abandoned or shut down, some
because of neglect, and others because of scams or attacks.

These problems are less severe for short-term uses, which cover many potentials uses by
criminals. The stability of a cryptocurrency system depends on typical market risks and the
continuing involvement of developers, interest of miners, and the ecosystem of applications
that support the currency. For this reason, it is unclear how many of the newer
cryptocurrencies will last. These factors matter primarily in the medium-to-long term, not in
the short term, when money would be transferred in and out of such a currency quickly.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

13
 Volume

Last but not least, there is the issue of volume. Transaction volume is actually a quite critical
limitation of cryptocurrency use for many criminal organizations, especially medium-to-large
scale money launderers and some of the bigger terrorist organizations. Many
cryptocurrencies have a too low market volume in comparison to what many criminals would
require. Low market volume makes the prices more sensitive to transactions and makes the
transfer of large amounts of money expensive. Essentially, this is due to the most basic
equation of supply and demand. This is particularly a critical concern for smaller and newer
cryptocurrencies, in addition to concerns about the security and reliability of any new
system.
The other critical problem with low volume is the traceability of transactions. This problem
manifests in two ways.

First of all, large transactions have impacts on price and an increased demand is visible,
making the transaction less anonymous.
Secondly, a public ledger, even one with robust technical anonymity, cannot mask the
fact that large volumes or high-value single transactions appear. Because transactions
are posted publicly for all to see, including law enforcement, changes in average volume
are easy to detect. Thus, a sudden spike in volume is enough to attract attention.

Having an understanding of why cryptocurrencies might not be useful to criminals at scale

and to understand the limitations certainly helps to cut through the hype. Sure, many of the
major news outlets report about cryptocurrencies as the non-plus-ultra for facilitating
criminal activity, but I hope that this video has helped you to better understand that there are
limitations to the use of cryptocurrencies or illicit purposes.

Cryptocurrency Money Laundering Methods and Financial Crime Prevention 01

14