At the same time, the fact that current owners might not be involved with illicit activities in the past, doesn’t imply that you don’t have to monitor transactions. All crypto providers should, and are legally required to do so. The difference is that the monitoring is risk based, taking all kinds of information into account. A reference on the blockchain to a “tainted” event might trigger a closer inspection, but should not be used as the sole determiner if the transaction is suspicious. For example the transaction multiple steps back, or you received the funds via a reputable registered trading platform or exchange that complies with the strict AML/CTF regulations.
To combat that virtual assets are being used for criminal activity the Financial Action Task Force (FATF) published the guideline ‘Virtual Assets Red Flag Indicators of Money Laundering and Terrorist Financing”. The guidelines are based on more than 100 case studies collected by the 200 member states of the FATF Global Network; it highlights the most important red flag indicators that could suggest criminal behaviour. Key indicators are:
- Technological features that increase anonymity – such as the use of peer-to-peer exchange websites, mixing or tumbling services or anonymity-enhanced cryptocurrencies
- Geographical risks – criminals can exploit countries with weak, or absent, national measures for virtual assets
- Transaction patterns – that are irregular, unusual or uncommon which can suggest criminal activity
- Transaction size – if the amount and frequency has no logical business explanation
- Sender or recipient profiles – unusual behaviour can suggest criminal activity
- Source of funds or wealth – which can relate to criminal activity
AML 5: AML/CFT and KYC
The EU and their member states implemented these recommendations in the 5th anti-money laundering Directive (AML5). The package harmonises AML/CFT rules across the EU. It also proposes the creation of a new EU authority to fight money laundering.
AML5 will ensure that custodial wallet providers and virtual currencies exchanges collect KYC/CDD information on customers such as name, address, nationality and identification. The customer still can trade crypto with all the benefits including less public visibility while the identity is known to the virtual currencies providers. Next to the identification of the customer (KYC) they are legally obliged to:
- enhance due diligence to high risk customers;
- monitor transactions; and
- file STRs where they suspect illicit activity.
Financial institutions, money service businesses, and other non-financial services and professions (DNFPBs) that need to deal with virtual asset transactions, need to understand these requirements. In particular, how to apply the risk-based approach to their customer due diligence requirements, which require knowing who their clients and the beneficial owners are, understanding the nature and purpose of the business relationship, and understanding the source of funds and wealth.
Because of the strict regulation and the obligation of the registered virtual service providers, the risk that you receive “tainted” cryptocurrencies from these providers is extremely low.
Most individuals and companies buy and sell their crypto through these regulated companies. Thus decreasing the risk of being associated with any illicit activities.
Compliance is key
The term “tainted cryptocurrencies” is misleading and not practical. From a compliance perspective the focus should be on customer due diligence and risk based transaction monitoring rather than a sole indicator that the cryptocurrency is “tainted”. The increased traceability of the blockchain does not equal that the holder is accountable or linked to the criminal offence.
There are tremendous opportunities in the cryptocurrency industry. But regulatory compliance is a complex subject and many businesses are unsure about the challenges that arise when connecting to public blockchains. For example, they are unsure how to handle transactions between fiat money in traditional financial systems and cryptocurrencies in public blockchains, how to comply with regulatory rules and procedures (KYC, AML) and how to properly manage their risks, such as trading risks, volatility risks and fraud prevention.
Our NEXUS platform for automated token, crypto and fiat transaction processing solves these problems. NEXUS offers functionality such as wallet management, minimizing price & counter party risk and compliant customer management tools. NEXUS is used by many companies in the cryptocurrency industry and last year we processed up to 200.000 on-chain transactions per day while keeping our partners and their customers safe.
Get in touch with us today to find out what we can do for your business!