Sanctions Compliance Tools for Crypto Market Operators03.08.2022 By Markets Media
By: Brett Harrison (President, FTX US) & Sam Bankman-Fried (CEO, FTX and FTX US)
March 4, 2022
As FTX has stressed across all of its regulatory and policy efforts, active coordination and communication with regulators and policymakers is crucial to ensuring that laws and rules achieve their intended outcome. In few areas is this more critical than sanctions compliance, and we have appreciated the opportunity to be in active dialogue with various regulators and policymakers in recent days in order to discuss their priorities and the steps we continue to take to ensure that a robust and thorough sanctions compliance program is in place and implemented for our markets. In this post, we identify and describe the key tools used to implement a sanctions compliance program – in part as a summary educational tool but also as a demonstration of the level of resources and intention that is put into sanctions compliance by FTX.
How crypto exchanges enforce US sanctions:
— Brett Harrison (@Brett_FTXUS) March 6, 2022
In order for sanctions to be an effective tool for global diplomacy, they must be properly upheld and enforced by all major participants in the financial ecosystem. The world’s attention on Russia’s aggressive conflict with Ukraine, combined with the new omnipresence of cryptocurrencies, has created the natural question now being asked in all major media: can cryptocurrency be used by sanctioned parties to avoid US sanctions?
The short answer is: no. But to reach this conclusion, it is necessary to understand more about blockchains, fiat on- and off-ramps, transaction monitoring tools, AML/KYC, and the role that regulated cryptocurrency exchanges play in all of the above. There are multiple safeguards in place at regulated exchanges that create material and substantial challenges and blocks for would-be sanction evaders.
US crypto exchanges are regulated as Money Service Businesses (MSB) by the Financial Crime Enforcement Network (FinCEN). Exchanges under these licenses are required to implement Know-Your-Customer (KYC) and Anti-Money Laundering (AML) programs in order to operate. Many are also subject to parallel requirements under state money services laws.
The KYC program consists of collecting identifying information, such as name, address, date of birth, phone number, and social security number, often along with photo identification, to be able to verify any new customer. Exchanges cross check the information against various databases to ensure veracity; for example, the social security number can be checked against a government repository to verify that it matches the provided name. Then, as part of any standard AML program, the names are checked against a variety of sanctions lists and other watchlists that would result in automatic rejection of the user if matched, including the US Treasury’s OFAC sanctions lists, the US Department of Justice’s FBI wanted list, and the United Nations consolidated sanctions list. This rigorous process provides the first line of defense against allowing sanctioned individuals to open accounts with and otherwise trade on a US cryptocurrency exchange.
But imagine that the KYC/AML program was thwarted, let’s say by someone who was acting on behalf of a sanctioned individual but wasn’t themselves on one of the lists. Now they need to deposit currency, either fiat RUB or a cryptocurrency like Bitcoin (BTC), in order to use the exchange to convert to USD, withdraw, and achieve their aim. The second line of defense here is in transaction monitoring of these deposits.
Exchanges that can accept wire transfers as sources of fiat deposits know the identity of the source financial institution, and can therefore detect whether the currency is coming from, for example, a sanctions listed Russian bank, a blacklisted source, or some other problematic funds source. This provides one simple and effective way of blocking a significant amount of direct activity from sanctioned institutions.
But how about if they tried to deposit BTC instead? One oft-held misconception about cryptocurrencies is that they are absolutely anonymous and untraceable. On the contrary, US regulated exchanges all use advanced dynamic on-chain risk-analysis and transaction monitoring tools, such as Chainalysis and TRM Labs, that help identify cryptocurrency transfers that originated from any known illicit or sanctioned source. Cryptocurrency addresses (also known as “wallets”) that have ever been associated with a deposit to or withdrawal from an exchange with KYC can be forever linked with a person’s identity, especially if that person is identified on one of the AML lists. Further, heuristics can help identify the geographic origin of crypto transfers, and powerful machine learning algorithms spot patterns in transaction histories and other wallet interactions that would indicate increased risk. Not only have these tools become highly effective for exchanges (and utilized by, among others, the FBI), they were also vital for government and law-enforcement agencies (last month, the US Department of Justice was able to trace crypto transactions in order to retrieve billions in stolen funds from the 2017 Bitfinex exchange hack).
Finally, there is one last line of defense at the exchange: the fiat off-ramp, or the ability for the user to convert cryptocurrency to USD and withdraw that USD to a financial institution that accepts such transfers. By only partnering with a small set of trusted banks, who themselves have their own set of AML/KYC programs in place to detect incoming transfers from sanctioned sources, exchanges can cut off illicit activity before the currency can be laundered back into the global financial system.
With these technological procedures in place, evading sanctions through cryptocurrency exchanges is practically impossible. But if you’re skeptical about the efficacy of any of the above measures, there’s still one remaining fact that makes cryptocurrency an impractical medium for sanctioned persons: the total amount of blockchain transactions on the Bitcoin blockchain, which has the largest amount of daily on-chain transaction volume, oscillates between 5 and 15 billion USD worth of BTC per day. Any attempts to move crypto at the scale required by the Russian government (in violation of sanctions) would be instantly noticed on the public, open ledger provided by the blockchain, which could then be traced and effectively stopped from routing through exchanges.
The ability for exchanges to effectively comply with sanctions is only possible because of the cooperative work of law enforcement, regulators, and the industry. It is critical that the industry continue to engage in constructive dialogue with regulators and lawmakers to ensure that cryptocurrency has proper oversight.
Concerns about using cryptocurrencies to evade US sanctions against Russia are largely unfounded. What is undoubtedly true, however, is the unprecedented degree to which cryptocurrencies are being used to provide assistance to Ukraine. With blockchain technology that enables borderless payments, instant settlements, and open access, more than $30 million worth of BTC, ETH, stable coins, and other crypto assets have been donated to the Ukraine government and various relief organizations.
The piece can be read here
JPMorgan was fined $200m for failing to monitor their employees use of WhatsApp.
Solidus detects fraud, manipulation and market abuse in crypto and DeFi.
Solidus HALO is currently used to monitor more than 1 trillion events per day across more than 150 markets.
The absence of designated intermediaries pose challenges for regulation, compliance, and financial stability.
This integration will form part of BNY Mellon’s development of cryptocurrency services.