By Rajat Gupta, 17 June 2024
The buzz today surrounding artificial intelligence is at so high a pitch, that it takes an effort to remember that for years, it was crypto, not AI, that was the word on everyone’s lips. If it can sometimes feel as if crypto has been eclipsed, it is worth reminding ourselves of crypto’s ongoing transformative impact – including its use as a vehicle for crime.
The daily number of crypto transactions worldwide is consistently above the half a million mark, [1] but the ugly truth is that crypto remains in the minds of many a vehicle overrepresented in the financial crime methodology rankings. Some may claim that this is an unfair characterisation, but few could deny crypto’s attraction to financial criminals. The key for regulators (and compliance) is in identifying how criminals exploit crypto, and the means by which their window of opportunity for doing so can be narrowed.
The foremost issue is that virtual asset service providers (VASPs), which help in transferring crypto to fiat money (and vice versa), are in most jurisdictions unregulated, and thus are not in full compliance with know your customer, anti money laundering or terrorist financing regulations implemented by regulatory bodies around the globe. Two problems are particularly thorny: the anonymous facilitation of money laundering through VASPs, and the use of VASPs to swiftly move funds across the borders.
Example
Let’s take a simple example.
This example is based on a real-life case in Brazil, where in 2022 the government unearthed a network that was using crypto to launder the funds from illegally procured gold.[2] The money channelled through the criminal group’s accounts numbered $3 billion; worse, the mining itself took an incredible toll on the natural environment of the northern Brazilian state in which it was carried out – the sad marriage of ecological destruction and cutting-edge tech.
Faced by such malfeasance, financial institutions are in a conundrum – namely, how to intercept and counter these kind of threats. To do so, the following core concepts should be adopted:
- implementing robust and effective controls
- ensuring transaction monitoring is overseen by a team of experts, well-versed in unusual or high-risk transaction patterns
- conducting enhanced due diligence of a customer’s transactions during periodic reviews, and
- during onboarding, executing the capturing of details about the customer, including their source of funds, the flow of cash and any underlying transactions.
All of which, however, comes with a significant caveat, which is that no blanket ban should be applied on any kind of customer. The appeal of a blanket ban for financial institutions is obvious, in that it it is a sweeping measure that nips risk in the bud and lends compliance teams comfort. The drawback is that it creates an unbanked class of customers, and it should be no institution’s objective to foster an unbanked society, which would help fuel financial crimes like fraud. The Financial Action Task Force (FATF) has been forthright on this issue, claiming that tailored, and detailed, regulations are preferable to blanket bans.[3] Compliance should develop robust controls with proper trained teams and help financial institutions in their business endeavours.
Much like AI, the question with crypto is how to exploit the opportunities and benefits it offers while stymieing the myriad financial crime and other risks that come with it. Draconian measures like blanket bans are unlikely to furnish welcome results. The answer, as with much in compliance, is the adoption of nuanced, diligent and rigorous processes and policies that can quash threats while allowing enough room for growth and opportunity.