Skip to Main Content

How to Best Handle Cryptocurrency Compliance Risks

By Adalla Kim, Product Marketing Specialist, RMA

4/13/2021

It is official now that consumers can buy a Tesla car with Bitcoins in the US. Either obtained by mining coins or purchasing from the exchanges, cryptocurrencies have been backed by interests from certain entities and individuals. Amid the backdrop, regulators have also enhanced their oversight in the cryptocurrency world.

The latest webinar on cryptocurrencies, Managing AML Risks of Cryptocurrencies, delivered by the Risk Management Association, pointed out issues that compliance officers have been facing due to risks borne by cryptocurrencies.

A cryptocurrency is considered either as a currency or a virtual asset. The details vary per state across the US. Still, an entity operating in the cryptocurrency industry is typically required to obtain a Money Service Business (MSB) license or a Virtual Asset Service Providers (VASP) license.

For banks and custodian groups, however, the evolving cryptocurrency industry introduces new risks and challenges. Case studies provided by Grant Thornton, a global accountancy consulting group, have illustrated key tasks for client-facing bankers as well as internal auditors on cryptocurrency-related anti-money laundering (AML) compliance programs.

The webinar brought three Grant Thornton compliance experts - Joseph Luzong, Hubert Recana, and Chris Ludwig - together to share their insight on conducting Know Your Customer (KYC) compliance, sanctions screening and transaction monitoring. Other discussion topics included:

  • Understand current regulatory requirements and identify regulatory authorities on cryptocurrencies. 
  • Identify recent regulatory highlights that could have a major impact on the cryptocurrency space.
  • Understand general AML and OFAC regulatory obligations cryptocurrency companies must adhere to.
  • Understand the risks specific to cryptocurrencies and unique controls that companies should consider implementing to address these risks.

According to the speakers, there are four regulatory authorities with mandates on the cryptos that compliance officers should be closely monitoring: Financial Crimes Enforcement Network (FinCEN), Office of Foreign Assets Control (OFAC), Office of the Comptroller of the Currency (OCC) and The Securities and Exchange Commission (SEC).

Current US Regulatory Landscape for Cryptocurrencies
Infogram

According to poll results, designated compliance officers and custodian groups may find it complicated to monitor and support the compliance function of financial services groups. It is owing to the evolving regulatory environment of the cryptocurrency industry as well as the sophistication of money laundering techniques through cryptocurrency transactions.

Notably, about 300 respondents out of 537, or 56 % of the total poll participants, understood the concept of ‘layering’ in the context of cryptocurrency transactions.

According to the speakers, an example of the layering includes both the initial purchase of cryptocurrency using fiat currencies, as well as the usage of ‘stablecoins’ to trade for a Bitcoin. The stablecoin is understood as a relatively new class of cryptocurrency that tries to offer price stability backed by a reserved asset.

Especially, more than 376 participants out of 523, or 70.2% of the voting participants, chose the correct answer to a live question, ‘A cryptocurrency exchange identifies a customer transacting in volumes that exceed his/her expected activity. What would be an appropriate immediate action the exchange can take?’, that the compliance department should perform a due diligence review to determine if the activity is suspicious.

Also, most of the audience groups selected correct regulatory authorities for a hypothetical cryptocurrency exchange which is licensed as an MSB that operates in the state of New York. To be specific, 73% of the poll participants answered correctly that this exchange operator is subject to regulations by FinCEN, the New York Department of Financial Services (NYDFS) and OFAC.

Lastly, the results showed that over 467 out of the total of 531, or 88 % of the poll respondents, has no ownership of any cryptocurrency. The webinar participants included individuals working in the banking and the financial services industry.

Anti-Money Laundering and OFAC on Crypto
Infogram

Similarly, in Europe, ​the 5th anti-money laundering Directive (AMLD V) was extended AML and Counter Terrorism Financing (CTF) rules to virtual currencies.

According to a factsheet released by the European Commission on July 9, 2018, the rules apply to entities that provide services that oversee holding, storing and transferring virtual currencies, to persons who provide similar kinds of services to those provided by auditors, external accountants and tax advisors. These new actors will have to identify their customers and submit any suspicious activity reports (SARs) to the Financial Intelligence Units.

Now you know what is going on. Then how can you boost the cryptocurrency-related risk management capacity?

The presenters concluded that key challenges in managing AML and OFAC risks of cryptocurrencies remain. Additional considerations included the lack of jurisdictional oversight when monitoring foreign transactions given the USA PATRIOT Act Section 352 and the OFAC guidelines on sanctions.

Among the concerns that compliance officers have, the speakers raised the data inaccuracy issue when conducting an early KYC onboarding program, such as collecting data for the Customer Identification Program (CIP) purpose.

This may add up the burden of performing enhanced due diligence processes when compliance officers only have an insufficient monitoring capacity on customer accounts. The experts noted that many regulators are starting to expect automated transaction monitoring and blockchain monitoring tools.

Answering an audience question regarding when a compliance officer should enhance the customer due diligence process in the context of cryptocurrency transactions, one of the speakers added that using deposit thresholds to segment customers or appropriate vendor tools can help the situation.

WATCH NOW

Register to watch this session, Managing AML Risks of Cryptocurrencies, and many more from the webinar series from RMA.

Adalla Kim

As Product Marketing Specialist, Adalla is responsible for driving both the strategic and tactical aspects of RMA’s product sales. Prior to RMA, Adalla worked as a reporter for global media services and publication groups such as PEI Media and the Financial Times Group. She started her career at Campbell Lutyens, a global private capital advisory group. As an avid learner and a curious adventurer, Adalla speaks Korean, English, and Spanish, and has traveled to 19 countries. She graduated from Incheon National University with a Bachelor of International Trade in Northeast Asia Economic Studies.