原文标题:Crime and crypto: Concrete steps to address money laundering
原文作者:Michele Korver&Jai Ramaswamy
Original source: https://a16zcrypto.com/
编译:火星财经,Daisy
Mainstream media coverage of cryptocurrencies tends to focus on high-profile allegations of illegal financial activity, especially when cryptocurrencies are used to launder the proceeds of money hacking, ransomware attacks, or other cybercriminal activities. As former prosecutors who have spent a significant portion of their careers punishing criminals, including money launderers, our interest is not in creating headlines, but in helping Congress and other policymakers determine what measures are most effective in apprehending bad actors and curbing illicit financial activity in the burgeoning cryptocurrency industry. In short, the United States government should take action against the criminal behavior of foreign criminals because they are the main threat. Here are some suggestions on how to deal with it.
Let's discuss two topics that are crucial when tackling cryptocurrency money laundering.
First of all, it is very difficult to combat money laundering. Money launderers imitate legitimate activities and keep illicit financial flows visible. To do this, they take advantage of opaque corners of the financial system and employ a variety of financial technologies. There is no one-size-fits-all way to combat this kind of activity in either the traditional financial world or the cryptocurrency ecosystem. Demystifying any illegal financial scheme, including one involving cryptocurrency, requires forensic skill and time.
Second, and perhaps more importantly, money laundering has never been a source of criminal activity. Money laundering promotes the profitability of underlying crime. It is used to "launder" illicit proceeds: think of Walter · White in Breaking Bad, who bought a car wash to cover up his profits from selling methamphetamine. So it's no surprise that money laundering isn't just a cryptocurrency-specific problem. Money laundering and illicit finance have long been significant issues in traditional finance – for example, recent actions by FinCEN and the Department of Justice against TD Bank have shown that three different money laundering networks have moved $670 million through the bank over several years.
But here's the thing: we don't ban cars just because bank robbers use them as a means of escape. Again, there is a general consensus that we should not sue the programmers who develop the software. Ransomware and other cybercrimes existed before the advent of cryptocurrencies and used various techniques, such as "money mules" and PIN withdrawals, to launder money. Without cryptocurrency, the profitability of ransomware attacks will only prompt the few criminals who use cryptocurrencies to turn to other tools to divert or hide their ill-gotten gains.
The core issue is that this is a cybersecurity issue that stems from at least three factors: vulnerabilities in our critical digital infrastructure; the use of "bulletproof" hosting providers that are outside the jurisdiction of the United States authorities; and ransomware-as-a-service. None of these factors are specific to cryptocurrency. Targeting cryptocurrencies alone – whether through new restrictive legislation, or so-called legal tactics – is unfair to the millions of law-abiding United States citizens who use blockchain technology, and could cause more harm by pushing crypto transactions underground or into the dark corners of the traditional global financial system.
Acknowledging these stubborn facts does not mean accepting defeat. But it does mean we have to do the hard work of understanding how to curb the flow of illegal crypto activity. The good news is that blockchain analytics firms and law enforcement agencies have done a lot of this due to the transparency and auditability of most blockchain transactions. For example, we know that the majority of illicit financial activity in the cryptocurrency ecosystem is conducted through only a handful of exchanges in jurisdictions with weak or non-existent anti-money laundering regimes. We also know that these activities are often carried out by foreign actors who cannot be pursued through existing United States law enforcement mechanisms. Therefore, attempts to legislate to regulate peer-to-peer transactions between private individuals in the same way as banks and other financial intermediaries ultimately fail to address the core problem.
So, what should the United States government do? It should respond to crime by continuing to strengthen the resilience of our critical digital infrastructure, while expanding the Treasury Department's powers to combat foreign criminals. We support three such expansions – coincidentally, the Treasury Department as well. We will discuss these proposals in detail, but in summary, the specifics are:
- Amending the International Emergency Economic Powers Act (IEEPA) and the Bank Secrecy Act (BSA) to explicitly authorize extraterritoriality in specific circumstances;
- strengthening the enforcement capacity of the Ministry of Finance to address compliance failures;
- Expand information sharing between government and the private sector.
Prevent foreign criminals from using their overseas residences to evade the law
First, Congress should pass legislation clarifying that the International Emergency Economic Powers Act (IEEPA) applies to the overseas actions of any entity with significant points of contact in the United States. The IEEPA has authorized the Treasury Department to impose sanctions on foreign offenders, and the Treasury Department has used the law to effectively combat money laundering and cybercrime. Explicitly granting extraterritoriality would allow the Treasury Department's Office of Foreign Assets Control (OFAC) to clearly regulate foreign transactions affecting the United States market. OFAC may then take action against entities that have a relationship with United States businesses operating abroad, or those that provide services to United States residents.
This change could prevent virtual asset service providers and covered digital asset platforms from choosing to set up abroad for judicial arbitrage to circumvent regulation. The proposal will not negatively impact legitimate cryptocurrency businesses or legitimate financial activities conducted through them, nor will it disrupt the decentralized architecture of blockchains, which is essential to maintaining its security and resilience.
By incorporating the current practices and guidance of the Treasury Department's Financial Crimes Enforcement Network (FinCEN) into law or regulation, having clear rules in place can also help deter bad actors. For example, while FinCEN's 2019 virtual asset guidance is the clearest roadmap for regulators to provide to the industry, codifying it into regulations could remove the uncertainty caused by litigation since its release.
In addition, FinCEN has made it clear that the Bank Secrecy Act (BSA) applies to money transmitters outside the United States when the money transmitter, including centralized cryptocurrency exchanges, conducts all or all of their main business in the United States. Codifying this extraterritorial criterion into legislation would eliminate the risk of litigation for issues that have not yet been tested in court. This will allow the authorities to pursue foreign outlaws more aggressively. The amendments could also be designed to allow covered foreign entities to comply with the requirements of their home jurisdiction, provided that these requirements meet certain minimum standards, such as those developed by the Financial Action Task Force (FATF).
Strengthen the enforcement capacity of the Ministry of Finance to address compliance failures, especially those entities operating in countries where regulation is not established.
Non-compliance by exchanges, ATMs, and other money transmitters is the biggest illegal financial risk in the blockchain industry. Imposing severe penalties for regulatory failures and criminal violations will help deter money services businesses that provide access to fiat currencies for the blockchain ecosystem from facilitating money laundering and sanctions evasion.
Of course, while the government has the ability to use its existing powers to address these failures, the relevant agencies still need adequate resources to enforce the law. In short, we can't fight illegal practices without the right people and tools. In addition to enforcement actions, we recommend increasing criminal penalties and providing additional funding to the Treasury Department and relevant law enforcement agencies to attract and retain personnel, and enhance government access to blockchain and data analytics tools.
The number of FinCEN employees responsible for overseeing compliance across the industry is, frankly, too little. This is similar to earlier cybercrime crackdown efforts: initial attempts to combat cybercrime included specialized units with expertise in investigating these breaches, but these units were quickly inundated with cases. With specialized cyber forensics tools widely available and staff trained to use them, law enforcement effectiveness has improved. Similarly, blockchain analytics should no longer be a forensic profession within law enforcement agencies; They should become an essential tool for all investigators to use.
Expand information sharing between relevant agencies and private sector actors
Cybersecurity-related hacks and theft of digital assets provide a known source of funding for sanctioned state actors like North Korea (DPRK). Rapid information sharing between the private and public sectors is essential to address this issue. Federal agencies should establish real-time information-sharing mechanisms and specialized working groups that involve both the private and public sectors in response to cybersecurity incidents, including North Korean hacking of digital asset platforms, bridges, and applications. FinCEN can set up a 24/7 hotline, similar to what it does when dealing with business email scam incidents, especially when it comes to ransomware attacks. Information obtained through these mechanisms can be shared with investigative agencies so that they can take immediate action to freeze assets if possible.
In addition to tackling the realities of cybercrime, the three proposals have the added advantage that they are "technology neutral". They will also help governments eradicate money laundering from the traditional financial system.
No one wants to address misconduct involving cryptocurrencies more than responsible industry players. However, imposing sweeping regulatory restrictions, if neither technically feasible nor realistic, could expel innovation overseas, leading to an increase, rather than a decrease, in cryptocurrency money laundering.
Cryptocurrencies — a technology that has the potential to provide us with a cheaper, faster, global financial system, and a fairer internet — should take root in United States. Cryptocurrency is a new technology, and like all technologies, it can be used for both good and bad things. Cryptocurrency isn't an inherent crime — just ask the millions of law-abiding United States who use it and the many entrepreneurs who are starting businesses with it. So let's stop seeing it as a crime and start working together to find a practical solution to the potential threat.