Review of Cryptocurrency Money Laundering Cases: How Governments and Companies Collaborate to Combat Money Laundering?

Author: David Carlisle, Vice President of Policy and Regulatory Affairs at Elliptic

Compiled by: JIN, Techub News

Over the past decade, criminals have exploited various technologies to engage in ⌜money laundering⌟ with cryptocurrency assets.

These include the use of mixers, privacy coins, unregulated cryptocurrency exchanges, DeFi, NFTs, and combinations of these projects, showcasing the cunning and diversity of methods criminals use to evade regulation.

At the same time, as criminals' ⌜money laundering⌟ techniques continue to evolve, governments and companies are also enhancing their research into relevant technologies, developing methods to uncover these illegal activities. In my recently published book, Cryptocurrency Money Launderers: Crimes and Cryptocurrencies from the Dark Web to DeFi and Beyond, I describe how law enforcement, regulatory agencies, and the private sector have adapted to technological changes and the evolution of criminal strategies, achieving significant victories to make the cryptocurrency ecosystem more secure.

Cryptocurrency Money Launderers: Crimes and Cryptocurrencies from the Dark Web to DeFi and Beyond reviews the efforts against financial crime in the cryptocurrency space over the past decade and how the public and private sectors have responded and adapted to the rapid changes in this field.

From ⌜Silk Road⌟ to Blockchain Analysis Technology

The Silk Road dark web case (2011 to 2013) was the first instance where law enforcement discovered that criminals were using cryptocurrency on a large scale for illegal activities. Silk Road quickly became a multimillion-dollar black market trading site for buying and selling drugs and other illegal items with Bitcoin, shocking law enforcement officials who feared the emergence of a new digital currency black market on the internet.

In the early stages of the Silk Road case, U.S. law enforcement discovered a tool for investigation: the blockchain, the public ledger of Bitcoin transactions. As described in Cryptocurrency Money Launderers:

As law enforcement investigators explored Silk Road, they quickly recognized the key role played by Bitcoin. Undercover agents began purchasing Bitcoin on cryptocurrency exchanges to buy drugs on Silk Road. As they became familiar with Bitcoin, they discovered an important feature of the technology: since all transactions are publicly recorded on the blockchain, government agencies could identify their transactions with Silk Road by viewing the ledger. When criminals made staged payments on the site, drug agents were instructed to send Bitcoin to Silk Road's address for transaction settlement; then the drug agents could see the Bitcoin received from the drug buyers on the Silk Road website, and after the transaction was completed, they would pay the Bitcoin as a fee to the site vendor. Through this feature, the FBI was soon able to monitor in real-time hundreds of thousands of transactions to and from Silk Road's Bitcoin addresses.

In fact, during the investigation of Silk Road, government agencies found that the blockchain provided a source of intelligence that was entirely different from traditional domains, which was easier to obtain than the financial intelligence gathered in traditional money laundering cases. Unlike obtaining bank records through court-issued subpoenas or the complex process of acquiring international funds flow information through mutual legal assistance treaties (MLAT), the Bitcoin ledger is globally public and decentralized, allowing anyone to view real-time, continuously updated transaction information, providing a stream of financial intelligence that unfolds in real-time.

Using blockchain technology, U.S. law enforcement combined transaction data from Silk Road with other intelligence sources to successfully arrest and convict its founder, Ross Ulbricht, on charges of money laundering and other crimes.

The Silk Road case not only demonstrated the remarkable innovative capabilities of law enforcement in the face of new technologies but also reflected their ability to adapt to the ever-changing criminal environment. As the cryptocurrency space continues to evolve, criminals are also adapting and evolving, with new dark web markets like Alphabay and Hansa Market emerging, far surpassing Silk Road in scale. Additionally, new cryptocurrency mixing services like ++Helix Mixer++ and ++Bitcoin Fog++ allow illegal users to "wash" hundreds of millions of dollars worth of Bitcoin. Scammers and Ponzi scheme orchestrators have also increasingly targeted innocent and unsuspecting cryptocurrency investors, attempting to steal billions of dollars and bankrupt victims.

In the face of an expanding cryptocurrency crime ecosystem, law enforcement cannot rely solely on manual analysis of blockchain data, as they did in the Silk Road case. There is a need for new specialized capabilities to address this complex environment. As described in Cryptocurrency Money Launderers:

The investigation of the Silk Road case and subsequent dark web markets clearly indicates that law enforcement agencies require complex capabilities to investigate the expanding cryptocurrency crime ecosystem. While the open and transparent nature of the blockchain is suitable for monitoring transactions, it is impractical for law enforcement investigators and compliance analysts at cryptocurrency exchanges to manually analyze billions of cryptocurrency transactions. Relevant parties in the public and private sectors need specialized tools to quickly and seamlessly sift through the growing blockchain data.

With the increasing variety of cryptocurrencies, containing thousands of new coins, the demand for blockchain data analysis becomes even more pronounced: because each new cryptocurrency has its unique transaction history, analyzing data from the entire cryptocurrency ecosystem beyond Bitcoin requires the ability to effectively navigate the ever-increasing volume of transaction information across thousands of ledgers. Police investigators or analysts must face the vast amount of cryptocurrency transaction data without being distracted by the myriad of information that could impede the progress of their investigations.

These challenges have given rise to the blockchain data analysis industry, which specializes in developing software for the rapid analysis and detection of illegal activities across the entire cryptocurrency ecosystem.

In fact, a few years after the Silk Road case, blockchain data analysis technology became commonly used in law enforcement investigations involving cryptocurrency and played a key role in investigations of criminal cases such as the 2020 Twitter hack.

Addressing New Challenges

For law enforcement agencies, acquiring new investigative tools is crucial to responding to the evolving landscape of crime and cryptocurrency. As new, more sophisticated criminals begin to exploit updated technologies, new challenges arise.

For example, by 2018, there was evidence that organized crime groups were attempting to use Bitcoin ATMs for cross-border money laundering, converting cash from criminal proceeds into cryptocurrency through these self-service kiosks. As noted in the book:

With the increase in the number of Bitcoin ATMs, the trend of organized crime networks adopting Bitcoin more widely also increased. In the early days of cryptocurrency, illegal users primarily came from online black markets and internet scammers who found that digital payment methods could support their cybercrime activities. However, organized crime networks engaged in physical-world crimes such as street drug dealing or human trafficking initially did not adopt cryptocurrency on a large scale, as these criminal activities typically involved large amounts of cash.

Over time, evidence showed that organized criminals increasingly integrated cryptocurrency into their existing money laundering schemes. International drug trafficking organizations have long used various methods to launder money through the banking system, including ⌜smurfing⌟ strategies and complex trade-based money laundering techniques, which involve repeatedly depositing small amounts of cash into different bank accounts to avoid suspicion of large cash transactions. For decades, drug trafficking organizations have also relied on trade-based money laundering techniques, such as the notorious ⌜black market peso exchange⌟, a money laundering method that allows South American drug traffickers to purchase goods with drug trade proceeds and sell those goods overseas through foreign trade to realize cash. With the proliferation of Bitcoin ATMs, organized crime groups found an opportunity to combine these long-standing money laundering techniques with new technologies.

The physical characteristics of Bitcoin ATMs mean that law enforcement agencies must combine the policing techniques they use on city streets with new capabilities for tracking crypto assets. More successful cases, such as ++the 2019 crackdown on a money laundering network in Spain++, which utilized Bitcoin ATMs to funnel drug sales proceeds to South American drug trafficking groups.

Similarly, advanced cybercriminals, particularly those associated with sanctioned countries like North Korea, Iran, and Russia, exploit cryptocurrency for ransomware attacks and hacking cryptocurrency exchanges, presenting new challenges for detecting and disrupting illegal fund flows. Cryptocurrency Money Launderers describes the complexity of the emerging online money laundering ecosystem that these cybercriminals can exploit:

Like ransomware attackers, exchange hackers are able to leverage an increasingly complex money laundering ecosystem to move the large amounts of cryptocurrency they acquire. In addition to familiar techniques for cashing out through non-compliant exchanges, laundering through mixers and coin-to-coin exchange services, or laundering through the dark web, hackers can also employ other methods to handle their large amounts of cryptocurrency. For example, they can purchase stolen credit card, debit card, and prepaid card information on the dark web, or acquire personal identification information that helps them bypass compliance controls at regulated exchanges, allowing them to cash out funds stolen from other exchanges. This approach encourages hackers to recruit ⌜runners⌟ or proxy teams specifically to provide laundering services for hackers.

Faced with increasingly sophisticated cryptocurrency money laundering techniques, investigators must invest more human and material resources into research and cracking these cases. And indeed, they have done so. In the Colonial Pipeline case, U.S. law enforcement successfully identified and seized Bitcoin from Russian ransomware attackers; in the Bitfinex hack case, investigators relied on advanced techniques to analyze transaction flows on the blockchain, which is also the largest amount involved in a hack in U.S. history. The details of these cases are reviewed in depth in Cryptocurrency Money Launderers.

From Cross-Chain Crimes to NFTs

With the arrival of the 2020s, the public and private sectors dedicated to reducing cryptocurrency crime face a series of new challenges: how to respond to emerging and innovative criminal technologies in the cryptocurrency space.

First, the emergence of DeFi opened up vast new avenues and possibilities, providing opportunities for innovators seeking to launch financial products in the cryptocurrency space, such as DEX, but it also opened up new avenues for cross-chain money laundering. As noted in Cryptocurrency Money Launderers:

With the increase in the number of tokens traded in the Ethereum ecosystem, DEX trading volumes grew rapidly. The minting of stablecoins, in particular, allowed users to move funds in and out of DEX more quickly, greatly enhancing DEX liquidity. From 2017 to 2019, DEX trading was relatively small, but it surged significantly in 2020. By mid-2021, DEX monthly trading volumes exceeded $160 billion. This rapid growth has significant implications from a money laundering perspective: the highly liquid DEX ecosystem does not require user identity information, transactions are fully automated, and there are no intermediaries, providing criminals with new opportunities to attempt to hide their illicit activities by swapping tokens.

DeFi presents new challenges for regulators, including how to regulate a decentralized environment. But it also has a key point: transactions conducted within the DeFi ecosystem are transparent, even if criminals attempt to obscure their activities through convoluted operations. However, relying on blockchain data analysis technology still enables the detection and tracking of funds. This allows investigators to trace the flow of funds within the DeFi ecosystem, as demonstrated in the recent case of stolen funds during the collapse of FTX in November 2023.

Another innovation, NFTs, which widely appeared in fraud and scam cases in the early 2020s, has forced investigators to adopt creative responses. Although NFTs are a novel and innovative technology, investigators have been able to leverage the skills and capabilities developed over the past decade to bring criminal charges against those using NFTs for criminal purposes and ensure convictions.