News & Views

Crypto Compliance Goes Institutional: Making Sense of CipherTrace’s Cryptocurrency Crime and Anti-Money Laundering Report

Crypto Compliance Goes Institutional: Making Sense of CipherTrace’s Cryptocurrency Crime and Anti-Money Laundering Report

As if compliance professionals haven’t had enough to deal with in recent years, the rapid rise of cryptocurrency has created a brave new world in terms of the risks and regulations that capital markets firms must navigate on a daily basis. With institutional investors actively contemplating the long-term future of the asset class, anything less than a full understanding of the unique market dynamics and quirks that define this space is a liability.

That’s why reports like CipherTrace’s Cryptocurrency Crime and Anti-Money Laundering Report can serve as such a valuable resource. The latest version, released in February, is a comprehensive snapshot of the past year in the digital assets space through a compliance lens, outlining key trends and developments, major enforcement actions, hacking events, central bank activity and more. Armed with this information, compliance professionals can identify common vulnerabilities and take proactive steps to ensure their firms are leaving nothing to chance.

One welcome insight revealed by the report is the increasing security of cryptocurrency transactions: CipherTrace valued crypto crime in 2020 at $1.9 billion, down 57% from $4.5 billion in 2019. This is great news in terms of adoption and strong evidence of better market surveillance and maturing compliance programs, but it also means that for crypto exchanges, there is increasingly less excuse for this activity occurring on their watch.

Among the numerous enforcement actions summarized by the report were several instances of individual exchange executives facing legal consequences for their firms’ noncompliance, with charges including the sale of unregistered securities and serving investors in sanctioned jurisdictions. In a maturing marketplace, it is common to see well-intentioned people inadvertently finding themselves on the wrong side of the regulatory fence. Cryptocurrency exchange executives need only look at the fates of some of their peers to understand the importance of taking proactive steps to steer clear of regulatory crosshairs. Today, the risk is personal, not just organizational.

Beyond regulatory risks, there are also business risks associated with falling short on security and compliance. The report revealed that 2020 saw an all-time low in global Bitcoin volume sent to high-risk exchanges, a categorization based on the firm’s reputation, adherence to AML and KYC measures and regulatory track record. That figure dropped below 1% for the first time, representing a 59% reduction from 2019. This reflects the growing sophistication and oversight that exists in the crypto space. Institutions are doing their due diligence on exchanges, and those that don’t pass muster can expect to see prospects take their business elsewhere.

Fortunately for these exchanges, there is a solution that addresses both compliance and business challenges: a robust platform for trade surveillance and market risk. “Robust” is the operative word here – cumbersome legacy systems will not do. From a regulatory perspective, it is critical to cast a wide net in search for suspicious activity. Out-of-the-box solutions are helpful but incomplete in a world where bad actors are constantly updating their methods. Flexible and customizable surveillance methods enable exchanges to take a more accurate view of their compliance obligations and more efficiently monitor transactions and detect market abuse. From a business perspective, clients want to know that the exchanges they route to are equipped with a powerful market surveillance system backed by experience, expertise and industry recognition.

These considerations are especially relevant in light of forthcoming regulations in the U.S., which are outlined in the CipherTrace Report. One notice of proposed rulemaking (NPRM), issued in October, seeks to amend FinCEN’s Travel Rule, which currently requires virtual asset service providers (VASPs) to submit records for any cryptocurrency transfers exceeding $3000. The NPRM would lower that threshold to $250 for transfers beginning or ending outside the U.S. This would push the number of relevant annual disclosures to over one million, more than doubling the total. Even lowering the threshold to $1,000, which is the Financial Action Task Force’s (FATF) minimum in its version of the travel rule, would increase the need for compliance action by a factor of 1.7, making this NPRM a highly consequential proposal.

Another FinCEN NPRM from late last year would require banks and VASPs to take specific actions when transacting with unhosted wallets: verify customer identities, keep records of transactions exceeding $3,000 and submit CTR-style reports for transactions exceeding $10,000.

Both of these proposed regulations have met their share of red tape. The Trump administration had already extended the unhosted wallet NPRM once, while the Biden administration’s “regulatory freeze” has thrown things into a state of flux. As for the Travel Rule, the FATF is targeting June for a reassessment of progress towards a solution and further guidance. Timelines will take greater shape as the year advances, but it remains likely that these rules or ones like them will be implemented in the first half of 2021, which will increase compliance burdens by an order of magnitude.

Fortunately for firms operating in the crypto markets, they don’t need to look far for a solution that can minimize compliance risk, impart peace of mind to counterparties and adapt to increasing and uncertain future regulation. We at Eventus Systems are dedicated to serving the capital markets through our Validus platform, offering deep surveillance capabilities, actionable alerts and highly intuitive workflows, and we have compiled a track record of helping some of the industry’s most prominent crypto exchanges including Coinbase, Gemini, ErisX and others stay compliant and address risks.

But whether or not you choose to forge ahead with us, the point remains the same: between growing institutional interest and increasing regulation, the crypto space is evolving to become more secure, more legitimate and overall, more like the asset classes that came before it. For firms that want to thrive in this new and changing environment, a powerful trade surveillance and market risk solution is the only answer.


About Eventus Systems

Eventus Systems is a leading global provider of multi-asset class trade surveillance and market risk solutions. Its powerful, award-winning Validus platform is easy to deploy, customize and operate across equities, options, futures, foreign exchange (FX), fixed income and digital asset markets. Validus is proven in the most complex, high-volume and real-time environments of tier-1 banks, broker-dealers, futures commission merchants (FCMs), proprietary trading groups, market centers, buy-side institutions, energy and commodity trading firms, and regulators. The company’s rapidly growing client base relies on Validus and Eventus’ responsive support and product development teams to overcome its most pressing regulatory challenges. For more, visit www.eventus.com.