How Illicit Actors Use DeFi to Evade Anti-Money Laundering Regulations: A US Treasury Report Analysis
The U.S. Treasury warns about DeFi. But they acknowledge that the majority of money laundering, terrorist financing, and proliferation financing still take place using fiat currency or outside the realm of cryptocurrency.
According to a recent report from the U.S. Treasury Department, it was observed that individuals from the Democratic People’s Republic of Korea, along with other fraudsters, were exploiting vulnerabilities of DeFi to facilitate money laundering. The report also stated that the majority of instances of money laundering, terrorist financing, and proliferation financing still took place using fiat currency or outside the crypto ecosystem.
The U.S. Treasury, in its “Illicit Finance Risk Assessment of Decentralized Finance” report, which was published on April 6th, stated that certain groups engaged in illicit activity from North Korea were able to take advantage of some DeFi platforms’ non-compliance with Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) regulations.
How illicit activity is performed on DeFi platforms
These actors utilize different tactics and services, such as exchanging virtual assets for other more manageable or less traceable virtual assets, using cross-chain bridges to swap virtual assets from other blockchains, sending virtual assets through mixers, and placing virtual assets in liquidity pools as a form of layering.
Although the money laundering process by malign actors remains the same, they may use new methods like chain hopping. Criminals find DeFi services more appealing than centralized VASPs as they don’t need to provide customer identification information.
Such laundering methods pose challenges for investigators tracing illegal proceeds, and actors typically use more than one technique, with a level of sophistication depending on their technical experience and familiarity with DeFi services. However, even lesser-skilled actors have been observed using some of these tactics, according to law enforcement.
Most of the time, they use:
- DEXs and cross-chain bridges to convert virtual assets. Illicit actors often use decentralized exchanges (DEXs) to exchange virtual assets, such as cryptocurrencies, into a different virtual asset. They may do this to exchange into a more liquid asset that has higher trading volumes and is easier to cash out into fiat currency. They may also exchange virtual assets for another virtual asset that is compatible with a cross-chain bridge, mixer, or other DeFi service or exchange for an asset that is less traceable. This allows them to move their funds between different blockchains and makes it more difficult for authorities to trace financial transactions.
- Virtual asset mixers to obfuscate transaction information. Criminals use virtual asset mixers to functionally obfuscate the source, destination, or amount involved in a transaction. Mixers pool or aggregate virtual assets from multiple individuals, wallets, or accounts into a single transaction. They may also split an amount into multiple amounts and transmit the virtual assets as a series of smaller independent transactions or leverage code to coordinate, manage, or manipulate the structure of the transaction. Mixing services may be advertised as a way to evade Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) requirements and rarely include the capacity and willingness to provide upon request to regulators or law enforcement the resulting transactional chain or information collected as part of the transaction.
- Placing illicit funds in liquidity pools to generate funds from trading fees. Illicit actors can place criminals’ proceeds in a DeFi service’s liquidity pool, where the assets provide liquidity to support trades on the service. By placing funds into liquidity pools, actors may generate funds from trading fees. Liquidity providers typically lock their virtual assets into the liquidity pool and may receive a portion of fees or some other type of return or interest created through the DeFi service. This allows bad actors to receive profits from their illicit funds without directly accessing them.
The report’s highlights
The report highlighted that inadequate AML/CFT controls and other deficiencies in DeFi services “facilitate the theft of funds.” Brian Nelson, the undersecretary of the Treasury for Terrorism and Financial Intelligence, pointed out that illicit actors, including criminals, scammers, and North Korean cyber actors, were utilizing DeFi services to launder illicit funds. To reap the potential benefits of DeFi services, addressing these risks is necessary.
However, the Treasury reaffirmed that most instances of money laundering, terrorist financing, and proliferation financing still took place using fiat currency or outside the digital asset ecosystem.
Officials recommended increasing regulatory supervision of AML/CFT for platforms offering DeFi services, providing guidance to DeFi platforms on AML/CFT, and addressing regulatory gaps.
The evaluation was conducted in compliance with an executive order on digital assets signed by President Joe Biden in March 2022. In response to the order, various U.S. government agencies have started examining the potential implications of different aspects of the digital asset space on the country’s financial system and payment infrastructure.