Regulators are addressing the growing threat of transnational cybercrimes in the financial industry.
The United States faces a growing threat of transnational cybercrime, particularly against its financial system. In what may be the largest prosecution of its kind in U.S. history, the U.S. Department of Justice has charged Texas tech billionaire Bob Brockman in a 39-count indictment with evading $2 billion in taxes. The businessman used encrypted devices and code words to conceal his wire fraud, tax fraud and money laundering within a network of offshore entities and bank accounts.
As the CEO of Reynolds and Reynolds Co., Brockman contributed 6.4% to the United States’ current annual deficit of $3.1 trillion — more than double the previous record of $1.4 trillion set bailing out the 2007–2008 credit crisis. Aside from Brockman’s tax fraud, the COVID-19 pandemic has deepened the debt, as both shrinking revenues and heightened spending intensify along with rising daily coronavirus infections, which have now hit 8 million people in the U.S. and 39 million worldwide.
Cyber Fraud Task Force
In recent years, cyber and traditional finance crimes have been intersecting at pace, particularly since the start of the COVID-19 pandemic. In an effort to address the growing issue, the U.S. Secret Service merged its Electronic Crimes Task Force and Financial Crimes Task Force into a single unified network dubbed the Cyber Fraud Task Force, with offices in both the U.S. and Europe.
The Cyber Fraud Task Force, or CFTF, was created amid Washington lawmakers supporting legislation that aims to return the Secret Service from within the Department of Homeland Security back to the Treasury Department in order to more effectively investigate cyber-related financial crimes.
As U.S. Attorney General William Barr in the U.S. Department of Justice’s 83-page report, titled “Cryptocurrency Enforcement Framework,” explained:
“Current terrorist use of cryptocurrency may represent the first raindrops of an oncoming storm of expanded use that could challenge the ability of the U.S. and its allies to disrupt financial resources that would enable terrorist organizations to more successfully execute their deadly missions or to expand their influence.”
The DoJ’s cryptocurrency enforcement framework
The report was released shortly after the DoJ and the Commodity Futures Trading Commission announced criminal charges and concurrent civil action against directors and entities related to BitMEX, a well-known trading platform for crypto futures contracts and other crypto derivatives that failed to register with the CFTC as a Futures Commission Merchant and implement proper Anti-Money Laundering measures.
The “Cryptocurrency Enforcement Framework” report is the second of its kind issued by the Attorney General’s Cyber-Digital Task Force, which was established in February 2018. It lays out the DoJ’s policy formulation in a number of critical areas, including cybersecurity, cross-border data transfers and protection, emerging technologies, cryptocurrency and encryption. It serves as a guide to shape the future vision of U.S. authorities and regulators toward cryptocurrencies as well as details the various ways that cryptocurrency is susceptible to abuse. The report indicates a shift in the DoJ’s perspective in that it recognizes digital assets’ several legitimate uses — a far cry from the department’s previous perception of cryptocurrency use as a red flag for money laundering and criminality. The report rather recognizes cryptocurrency as a legitimate instrument of commerce with law enforcement challenges like any other means of exchange.
The report is divided into three parts: an overview of the cryptocurrency space and its illicit uses; the laws and regulatory agencies that oversee the space; and the current enforcement challenges and potential strategies to address them.
In the first part of the report, the DoJ outlines the legal and illicit uses of cryptocurrency and addresses the emergence of the “next phase of the internet’s evolution,” known as Web 3.0, which will allow users to have greater control in protecting their digital financial information, transactions and identity from companies and governments.
In the second part of the report, the DoJ outlines the laws and regulations that govern the use of cryptocurrency. It acknowledges that in applying existing laws to the nascent sector, the advent of decentralized finance has added “an extra layer of complexity” to the institution’s tasks. As a result, blockchain technology has enabled crime to spread more easily across the globe, increasing the department’s challenge in following the money.
In conjunction with this, the report indicates that DeFi applications, privacy coins, peer-to-peer exchanges and encrypted dark markets could continue to inhibit legitimate supervision and investigation while simplifying the noncompliance of regulations for Anti-Money Laundering and counter terrorism financing, as set by the Financial Action Task Force. The report also describes the roles and responsibilities of other agencies with oversight or enforcement power in the space, including the Financial Crimes Enforcement Network, the Office of Foreign Assets Control, the Office of the Comptroller of the Currency, the Securities Exchange Commission, the CFTC, the Internal Revenue Service, the Central Intelligence Agency and the National Security Agency.
In the third part of the report, the DoJ points out that its enforcement actions are aligned with an international focus to increase AML accountability and broad jurisdiction over cryptocurrency trading platforms.
It explains that the DoJ’s cross-border reach can be quite broad, since a jurisdictional nexus exists when the aim of a criminal activity is to cause harm inside the U.S., to U.S. citizens, or to the interests of either one, even if the individuals committing criminal activity are noncitizens acting entirely abroad. The report goes on to explain that the cross-border nature of cryptocurrency transactions — particularly those utilizing “mixing,” “tumbling” or “encryption” services, which run afoul of U.S. money laundering restrictions — leads to compliance gaps, inconsistent regulations and “jurisdictional arbitrage,” or when participants move virtual assets to jurisdictions where authorities lack regulatory frameworks to support investigations.
Related: Meet DoJ’s crypto czar: Expert take
Joint Cybercrime Action Taskforce
Cross-border links between terrorism and cryptocurrency-related cybercrime underscores the need for a coherent global response. Currently, the U.S. is part of the Joint Cybercrime Action Taskforce, which collaborates with Europol’s European Cybercrime Centre, the European Commission, and the heads of the National Cybercrime Units of EU Member States. The latter has also established the European Union Cybercrime Task Force to develop and promote a harmonized approach across the EU for tackling cybercrime and the criminal misuse of information and communication technology.
According to Europol’s “Internet Organized Crime Threat Assessment 2020” report, privacy-enhancing cryptocurrency wallets, coins and open marketplaces were named as “top threats” for cybercrime, with Monero emerging as a favored transaction tool on the darkweb.
EU’s proposed digital asset legislation
Following a policy study that outlines recent developments regarding crypto assets and addresses key regulatory risks from the increase in digital opportunities within the financial sector, the European Commission published a proposed regulation on digital operational resilience for the financial sector and a new proposed directive that amends certain pieces of existing EU financial services legislation to strengthen resilience in digital operations and provide legal clarity on crypto assets.
Published shortly before the DoJ’s report was released, the proposed regulation and directive will form part of the EU’s measures on digital finance for supporting innovation in the sector while mitigating risks. The commission published the EU Digital Finance Strategy, which sets out key priorities for digitally transforming the EU’s financial sector over the coming years, along with a proposed regulation on a pilot regime for distributed ledger technology market infrastructure. The latter will provide detailed rules at the jurisdictional level for comprehensive and harmonized legislation governing distributed ledger technology.
The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.