Connect with us


OKEx founder reportedly under investigation as exchange suspends withdrawals



The founder of major global cryptocurrency exchange OKEx has been reportedly questioned by authorities previous to OKEx suspending cryptocurrency withdrawals.

OKEx founder Mingxing Xu, also known as Star Xu, has reportedly been questioned by the police, Chinese news agency Caixin reported on Oct. 16. According to the report, the exec was investigated “at least a week ago” and has also been absent from work for a while.

When approached for comment on Xu’s participation in a police inquiry, OKEx told Cointelegraph that the exchange is no longer affiliated with OK Group, where Xu is a senior executive, and therefore was not in a position to comment on his activities. 

The news comes shortly after OKEx suspended withdrawals of crypto assets on its platform on Oct. 16. According to the exchange, OKEx’s private key holders are cooperating with a public security bureau in an ongoing investigation. The exchange told Cointelegraph:

“We are unable to disclose the nature of an ongoing investigation but would like to assure all OKEx users that their funds are safe and that all other functions on OKEx are unaffected.”

OKEx CEO Jay Hao said that the decision to temporarily suspend withdrawals was taken “with user security in mind,” stating: 

“As a world-leading exchange, user security is not something that OKEx can or will ever compromise on. We will do everything in our power to reinstate this service promptly and will provide updates on the matter as soon as possible.”

Source link


How US authorities are using old AML tools to crack down on crypto




The ease of laundering money in the U.S. before 1970 boggles the mind. Prior to the Bank Secrecy Act (BSA) of that year, there were no federal standards for banks to keep records on activity that fell under the category of “suspicious.” There were also no consistent reporting requirements — it was the BSA that established the $10,000 threshold that stands to this day.

But it’s not like the BSA banished money laundering from U.S. shores. It wouldn’t even be until 1986 that money laundering was classified as a federal crime — a landmark in global anti-money laundering. Despite that classification, America’s proud tradition of illicit financing continues to this day.

The technology behind banking was making huge advances long before the word “fintech” got mouths watering in boardrooms around the world. And obviously, since 1970, the globalization movement has picked up a fair bit of steam, opening up new opportunities for international shell companies to house money stripped of any identifying or incriminating information about the funds’ actual, original owner.

And then came Bitcoin, and a host of other tokens on its heels.

Enter FinCEN

For a long time it was unclear whether any of the traditional rules — like the BSA — were going to apply to crypto. As early as 2013, the Financial Crimes Enforcement Network (FinCEN) assured the industry that anyone exchanging “convertible virtual currencies,” i.e. those that are readily exchangeable, qualified as a money services business. Such firms need to register as an MSB and generally fall under the purview of the BSA.

In 2013, however, regulators were still lost when it came to the technology behind Bitcoin. Last year, FinCEN made it clear that it was still paying attention. This year has seen the regulator ramping up its capabilities to follow through with that declared authority.

FinCEN hit Larry Dean Harmon, the operator of several Bitcoin mixing services, with precedent-setting fines earlier this week. The Department of Justice is pressing criminal charges against BitMEX’s executive team over the exchange’s facilitation of money laundering. And on Friday, FinCEN indicated that it was looking to expand the requirement for financial institutions to share customer information to international transactions as small as $250, explicitly citing crypto businesses as subject to the same rules. We are witnessing a major push. Authorities mean business when it comes to the BSA.

All U.S. AML law all descends from the BSA of 1970, which was really the first of its kind anywhere in the world. The Money Laundering Control act of 1986 made violations a federal criminal offense, thereby involving the DoJ and sometimes the FBI.

FinCEN itself did not come into being until 1990. It handles the civil side of AML law, charging fines and making financial institutions report on their systems in a way that the DoJ does not get involved in. FinCEN became a full Treasury bureau as part of the PATRIOT Act of 2001, when cutting off illicit funds to terrorism became a top priority. In this capacity, FinCEN’s work can overlap with the Office of Foreign Asset Control (OFAC), which spearheads sanction enforcement, as well as the Internal Revenue Service (IRS), which handles tax investigations.

In its own words: “FinCEN’s mission is to safeguard the financial system from illicit use and combat money laundering and promote national security through the collection, analysis, and dissemination of financial intelligence and strategic use of financial authorities.”

At the most mundane level, that mission entails a host of filings from financial institutions operating in the U.S., including registering money services businesses and foreign bank accounts. Most relevant to illicit funding is the Suspicious Activity Report (SAR).

The SARs-collection system came under fire at the end of September, as a leak of FinCEN’s files showed colossal flows of suspicious money that received no follow-up. Some commentators saw the bureau’s heightened focus on crypto as hypocritical.

Enforcing BSA in crypto

Regarding recent actions like those mentioned above against BitMEX and Larry Dean Harmon, it’s clear that regulators and enforcers are culling especially egregious examples of firms willingly engaging with illicit money.

Attorney Braddock Stevenson of law firm O’Melveny left FinCEN’s enforcement division in January of this year. He described what we are witnessing as an effort “to drive commerce into the regulated sector, into the exchanges, because that’s where the transparency is and that’s where FinCEN’s able to get the reporting.”

Emphasis on reporting fits with FinCEN’s overall mission. The leak of SARs from September demonstrated the reality that FinCEN is not following up — cannot, in fact, follow up — on every report it receives. Back in 2018, Director Kenneth Blanco said that the bureau gets 1,500 SARs each month related to cryptocurrency. In 2019, FinCEN reported over 850,000 SARs filed by money services businesses alone — not including other sorts of financial institutions.

The nature of FinCEN’s work is to make sure financial institutions are maintaining some sort of record-keeping policy. “The point of having to file something is to ensure that accountability is baked into the system,” said Casey Jennings, an attorney in Seward & Kissel’s blockchain and cryptocurrency group. Jennings noted that intentionality actually matters a great deal in FinCEN’s determinations of who to pursue:

“If FinCEN looked at the financial institutions compliance program and they determined, ‘ok, this bank did their best and for whatever reason, something slipped through the cracks.’ Money laundering happened. As long as the financial institution did their best then they’re probably not going to get penalized. And if they are, it’s not going to be a very big fine.”

That all sounds very well-meaning. However, the BSA also provides for criminal charges, as we have seen. While the DoJ has been involved in prosecuting crypto crime for the better part of a decade, that’s usually been reserved for fraud, theft, sanctions evasion or terrorism funding. BitMEX was different. The executive team at BitMEX didn’t seem ideological — if anything just greedy. But their platform, the DoJ feared, can function as a playground for the worst sorts of actors.

When comparing the DoJ’s massive seizure of crypto funds from a terrorist funding network in August to the BitMEX action, Andrew Jacobson, also of Seward & Kissel’s blockchain and crypto group, said ideology and greed were largely the same problem to regulators when they lead to illegal underreporting:

“Both objectives can be gained on parallel tracks. If you’re an exchange processing millions of transactions every week — potentially on a daily basis — and you don’t have an AML program or you don’t have a sufficient one, then you’re helping facilitate those ideological actors’ bad acts. The fact that terrorists or others can get access to your platform just because you don’t have proper controls in place, from the regulators’ point of view, is equally unacceptable.”

Regarding the shift to more enforcement, a senior staffer for the Congressional Blockchain Caucus told Cointelegraph that it was not a clear-cut matter that the BSA’s AML provisions would hold sway in crypto: “A lot of commentators thought that new laws would have to be passed for these parties to be targeted.” He continued:

“Bringing in the Bank Secrecy Act is a big deal. With all the other things — the CFTC, SEC actions — those are all regulatory, which means they are all civil penalties. All money. With the BSA, you’re bringing in criminal punishment, and also different investigatory bodies.”

FinCEN is not likely to start fining every crypto exchange that does not live up to the standards the BSA sets out for banks, and the DoJ is hardly going to start Arthur Hayes-level manhunts for the execs of every crypto exchange registered outside of the U.S. and not keeping BSA-level customer records. As Braddock Stevenson noted, “we haven’t seen an action that’s been based on just pure lack of transparency issues without an additional nexus to more suspicious activity.” Nonetheless, these regulators are wrangling the industry into tightening boundaries of acceptable behavior.

Mismatch between crypto and BSA reqs

Especially tricky for crypto is 31 CFR 1010.410(f) — known as the Travel Rule — which requires financial institutions to pass on information on transactions of greater than $3,000 in value — a threshold that, as mentioned before, may be on its way down to $250. That information includes the names and addresses of the people sending and receiving those funds. It makes sense if you are running a bank and there is account information readily accessible, but that back-and-forth is part of why bank transfers are slow.

Moreover, a core component of the crypto industry’s ethos is data privacy. Though U.S. regulators generally see emphasis on privacy as potentially indicative of illegal activities, it’s not just for concealing illicit funding. If an exchange is holding all the data for all of its customers — and most U.S.-based exchanges gather that already, rather than waiting for a client to exceed the $3,000 threshold on a transaction — that is a target to hack. That means importing the vulnerabilities of the traditional financial system onto crypto without necessarily guaranteeing the same protections.

Casey Jennings noted this mismatch, saying:

“The whole notion of crypto is that there are no gatekeepers and the BSA requires that there be gatekeepers. Those two notions are very much at odds with one another. But the BSA is the best system that we’ve got right now. […] The other option would be for Congress to get involved and create a new regulatory scheme and I’m not sure that anyone in the industry wants to see that happen.”

Right now, the BSA is what everyone is working from, and with the DoJ claiming authority over all crypto firms that touch American servers, it behooves everyone to pay attention.

As with so many of the interactions between crypto and regulators, there is an issue of negative PR — FinCEN and the DoJ are looking at crypto as first and foremost a tool for laundering money. But when you’re talking AML regulators, they have limited real incentive to look at the positive sides of crypto at all. The role of, say, the Securities and Exchange Commission in crypto has been controversial, but the highest ranks of the SEC have conceded that the technology could be a huge boon for U.S. securities markets.

FinCEN and related AML authorities are, conversely, strictly risk-averse. That includes fellow Treasury branches like OFAC and the IRS, as well as the DoJ. The task before FinCEN is to hamper criminals trying to use their ill-gotten gains. The bureau doesn’t have institutional incentives to adopt any of the benefits of crypto technology, and indeed that is not really their job. Similarly, it is not the mission of the DoJ to streamline transactions, nor the aim of the IRS to ensure data privacy. At best, these entities tolerate crypto as a mission.

For now, this is what the crypto industry is working with if it wants to work with the United States. There doesn’t seem to be any pending legislation on the horizon to shift the duties of the BSA in crypto, and the authorities that maintain it have doubled down on enforcement in the industry.

We’ll likely be seeing FinCEN and the DoJ build out their authority in the cryptosphere with more prosecutions in the near future. At the same time, they will be communicating with exchanges operating within what they determine to be their jurisdiction. There is, consequently, no reason to doubt an impending rise in user data collection and inter-exchange communication unless something dramatic shakes the landscape.

Source link

Continue Reading


Cybercrime task force monitoring the global digital financial system




The United States faces a growing threat of transnational cybercrime, particularly against its financial system. In what may be the largest prosecution of its kind in U.S. history, the U.S. Department of Justice has charged Texas tech billionaire Bob Brockman in a 39-count indictment with evading $2 billion in taxes. The businessman used encrypted devices and code words to conceal his wire fraud, tax fraud and money laundering within a network of offshore entities and bank accounts. 

As the CEO of Reynolds and Reynolds Co., Brockman contributed 6.4% to the United States’ current annual deficit of $3.1 trillion — more than double the previous record of $1.4 trillion set bailing out the 2007–2008 credit crisis. Aside from Brockman’s tax fraud, the COVID-19 pandemic has deepened the debt, as both shrinking revenues and heightened spending intensify along with rising daily coronavirus infections, which have now hit 8 million people in the U.S. and 39 million worldwide.

Cyber Fraud Task Force

In recent years, cyber and traditional finance crimes have been intersecting at pace, particularly since the start of the COVID-19 pandemic. In an effort to address the growing issue, the U.S. Secret Service merged its Electronic Crimes Task Force and Financial Crimes Task Force into a single unified network dubbed the Cyber Fraud Task Force, with offices in both the U.S. and Europe.

The Cyber Fraud Task Force, or CFTF, was created amid Washington lawmakers supporting legislation that aims to return the Secret Service from within the Department of Homeland Security back to the Treasury Department in order to more effectively investigate cyber-related financial crimes.

As U.S. Attorney General William Barr in the U.S. Department of Justice’s 83-page report, titled “Cryptocurrency Enforcement Framework,” explained:

“Current terrorist use of cryptocurrency may represent the first raindrops of an oncoming storm of expanded use that could challenge the ability of the U.S. and its allies to disrupt financial resources that would enable terrorist organizations to more successfully execute their deadly missions or to expand their influence.”

Related: Darknet, cryptocurrency and two intersecting health crises

The DoJ’s cryptocurrency enforcement framework

The report was released shortly after the DoJ and the Commodity Futures Trading Commission announced criminal charges and concurrent civil action against directors and entities related to BitMEX, a well-known trading platform for crypto futures contracts and other crypto derivatives that failed to register with the CFTC as a Futures Commission Merchant and implement proper Anti-Money Laundering measures.

Related: The case against BitMEX is a compass pointing toward the future of crypto regulation

The “Cryptocurrency Enforcement Framework” report is the second of its kind issued by the Attorney General’s Cyber-Digital Task Force, which was established in February 2018. It lays out the DoJ’s policy formulation in a number of critical areas, including cybersecurity, cross-border data transfers and protection, emerging technologies, cryptocurrency and encryption. It serves as a guide to shape the future vision of U.S. authorities and regulators toward cryptocurrencies as well as details the various ways that cryptocurrency is susceptible to abuse. The report indicates a shift in the DoJ’s perspective in that it recognizes digital assets’ several legitimate uses — a far cry from the department’s previous perception of cryptocurrency use as a red flag for money laundering and criminality. The report rather recognizes cryptocurrency as a legitimate instrument of commerce with law enforcement challenges like any other means of exchange.

Related: Not like before: Digital currencies debut amid COVID-19

The report is divided into three parts: an overview of the cryptocurrency space and its illicit uses; the laws and regulatory agencies that oversee the space; and the current enforcement challenges and potential strategies to address them.

In the first part of the report, the DoJ outlines the legal and illicit uses of cryptocurrency and addresses the emergence of the “next phase of the internet’s evolution,” known as Web 3.0, which will allow users to have greater control in protecting their digital financial information, transactions and identity from companies and governments.

In the second part of the report, the DoJ outlines the laws and regulations that govern the use of cryptocurrency. It acknowledges that in applying existing laws to the nascent sector, the advent of decentralized finance has added “an extra layer of complexity” to the institution’s tasks. As a result, blockchain technology has enabled crime to spread more easily across the globe, increasing the department’s challenge in following the money.

In conjunction with this, the report indicates that DeFi applications, privacy coins, peer-to-peer exchanges and encrypted dark markets could continue to inhibit legitimate supervision and investigation while simplifying the noncompliance of regulations for Anti-Money Laundering and counter terrorism financing, as set by the Financial Action Task Force. The report also describes the roles and responsibilities of other agencies with oversight or enforcement power in the space, including the Financial Crimes Enforcement Network, the Office of Foreign Assets Control, the Office of the Comptroller of the Currency, the Securities Exchange Commission, the CFTC, the Internal Revenue Service, the Central Intelligence Agency and the National Security Agency.

In the third part of the report, the DoJ points out that its enforcement actions are aligned with an international focus to increase AML accountability and broad jurisdiction over cryptocurrency trading platforms.

It explains that the DoJ’s cross-border reach can be quite broad, since a jurisdictional nexus exists when the aim of a criminal activity is to cause harm inside the U.S., to U.S. citizens, or to the interests of either one, even if the individuals committing criminal activity are noncitizens acting entirely abroad. The report goes on to explain that the cross-border nature of cryptocurrency transactions — particularly those utilizing “mixing,” “tumbling” or “encryption” services, which run afoul of U.S. money laundering restrictions — leads to compliance gaps, inconsistent regulations and “jurisdictional arbitrage,” or when participants move virtual assets to jurisdictions where authorities lack regulatory frameworks to support investigations.

Related: Meet DoJ’s crypto czar: Expert take

Joint Cybercrime Action Taskforce

Cross-border links between terrorism and cryptocurrency-related cybercrime underscores the need for a coherent global response. Currently, the U.S. is part of the Joint Cybercrime Action Taskforce, which collaborates with Europol’s European Cybercrime Centre, the European Commission, and the heads of the National Cybercrime Units of EU Member States. The latter has also established the European Union Cybercrime Task Force to develop and promote a harmonized approach across the EU for tackling cybercrime and the criminal misuse of information and communication technology.

According to Europol’s “Internet Organized Crime Threat Assessment 2020” report, privacy-enhancing cryptocurrency wallets, coins and open marketplaces were named as “top threats” for cybercrime, with Monero emerging as a favored transaction tool on the darkweb.

Related: COVID-19 pandemic spurs crypto law updates in J5 countries

EU’s proposed digital asset legislation

Following a policy study that outlines recent developments regarding crypto assets and addresses key regulatory risks from the increase in digital opportunities within the financial sector, the European Commission published a proposed regulation on digital operational resilience for the financial sector and a new proposed directive that amends certain pieces of existing EU financial services legislation to strengthen resilience in digital operations and provide legal clarity on crypto assets.

Published shortly before the DoJ’s report was released, the proposed regulation and directive will form part of the EU’s measures on digital finance for supporting innovation in the sector while mitigating risks. The commission published the EU Digital Finance Strategy, which sets out key priorities for digitally transforming the EU’s financial sector over the coming years, along with a proposed regulation on a pilot regime for distributed ledger technology market infrastructure. The latter will provide detailed rules at the jurisdictional level for comprehensive and harmonized legislation governing distributed ledger technology.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Selva Ozelli, Esq., CPA, is an international tax attorney and certified public accountant who frequently writes about tax, legal and accounting issues for Tax Notes, Bloomberg BNA, other publications and the OECD.

Source link

Continue Reading


South Korean gov’t doesn’t know who will protect crypto exchanges from Kim Jong-Un’s hackers




There has been a hot political debate underway on who should take responsibility for countering North Korean hacks targeting South Korean cryptocurrency exchanges. Recently, South Korea’s financial watchdog made it clear that they do not see this issue as any of their business.

According to Fn News, the Financial Services Commission, or FSC, has replied to a written inquiry from the National Assembly’s Political Affairs Committee on October 23. The FSC says that they’re not responsible for the crypto stolen during attacks from hackers sponsored by the Kim Jong-un’s regime, such as Lazarus Group, on crypto exchanges.

Per the report, the watchdog argued that crypto exchanges do not fall under their jurisdiction without providing more details on the matter. They forwarded the responsibility to the Ministry of Foreign Affairs and the Korea Communications Commission, or KCC.

But both the Ministry and the KCC believe that the FSC is still responsible for any damages suffered by crypto companies, as these are related to financial matters. The pair cite the FSC’s position “in charge of the management and supervision of virtual asset providers such as cryptocurrency exchanges.”

Representative Seong Il-jong, an opposition party secretary of the National Assembly’s Political Affairs Committee, doesn’t agree with the FSC’s stance. He reminded them that “with the passage of the revised South Korean crypto bill, all crypto-related matters became the task of the Financial Services Commission.”

Back in February, it was reported that Lazarus Group targeted several crypto exchanges in 2019. One of the attacks involved the creation of a fake, but realistic trading bot website that was offered to employees of DragonEx exchange.

Also, in August, a report from the U.S. Army said that North Korea now has more than 6,000 hackers stationed in countries such as Belarus, China, India, Malaysia, Russia, among others.

Source link

Continue Reading