New report makes case for greater regulatory oversight of crypto asset sector
A new report by blockchain intelligence firm CipherTrace provides insights into the state of the global crypto asset sector. The Q1 2019 Cryptocurrency Anti-Money Laundering Report makes the case for increased regulatory oversight as the industry matures.
CipherTrace, is a cryptocurrency intelligence firm based out of the United States. Initially funded by two government agencies, the U.S. Department of Homeland Security (DHS) Science and Technology (S&T), and DARPA, the firm is now backed by a number of Silicon Valley venture capitalists. CipherTrace provides a range of blockchain-related security, regulatory and forensics solutions. In April, the firm signed a partnership with leading digital asset exchange platform Binance to help with regulatory compliance.
The Q1 Cryptocurrency AML Report
CipherTrace publishes quarterly reports that evaluate the crypto sector from a threat, security and regulatory perspective. Its new report, the Q1 2019 Cryptocurrency Anti-Money Laundering Report, reveals some of the ongoing security issues facing the sector. The report focuses on security breaches originating from within crypto organizations, noting the high volume of funds lost through this attack vector.
CipherTrace found that losses due to cryptocurrency thefts, scams and fraud tally more than $1.2 billion in the first quarter of 2019. This includes $356 million stolen from exchanges and the loss of $850 million by major exchange Bitfinex.
Additionally, the report says there has been an increase in the use of cryptocurrencies to facilitate cross-border payments. In the US, crypto asset users have increased cryptocurrency-enabled cross-border payments by over twenty percent in the last two years. The report suggests this may point to the use of crypto assets as tools for the evasion or avoidance of global financial regulations.
The report notes that cryptocurrencies are finding real-world use cases in the traditional financial sector. Several cannabis-related businesses in the US are using crypto assets to hold their funds while they wait to secure banking services from banks reluctant to provide financial services to cannabis businesses due to federal law. In February, the California State Assembly introduced AB-953, which would allow cannabis businesses to pay their taxes and fees in stable coins—cryptocurrency that is designed to minimize volatility by fixing its value to a currency or traded commodity.
The report notes that the SEC has published its first ICO no-action letter for a little known private flight firm. The tokens issued by TurnKey will allow wealthy people to pay for private flights outside of wire banking hours. This is the SEC’s first ICO no-action letter, confirming TKJ tokens are not securities as long as they abide by the terms in the letter. This is a somewhat unexpected move from the regulator and the report says this “no action” points to the SEC’s recent trend towards softening the correlations between token and security.
**Inside jobs **
Crypto exchange security breaches are an unfortunately common occurrence in the industry. In 2019, the majority of these incidents stem from the actions of the management teams involved.
The first major incident of 2019 involved Canadian exchange QuadrigaCX. Prior to the incident, QuadrigaCX was one of the leading digital asset exchange platforms in Canada. In December, exchange CEO, Gerald Cotten, died under suspicious circumstances during a trip to India. After Cotten’s death, it was revealed that the exchange was run from his encrypted laptop, and that only he had access to the cold wallets used to store customer funds. As a result, customers were unable to access their funds.
After the exchange was put into maintenance mode for several days in January, QuadrigaCX announced on the 31st that it was filing for creditor protection from the Canadian courts. The platform claims its challenges stem from friction related to the traditional financial sector. A number of payment processors are reported to be holding the platform’s funds until the courts reach a decision. However, because of the many suspicious red flags surrounding the unfolding QuadrigaCX story, CipherTrace has concluded the incident is most likely a $250 million “exit scam.”
Also in January, New Zealand based Cryptopia suspended trading after thieves stole crypto assets valued at $16 million from its platform. This amount represented 9.4 percent of the exchange’s holdings. Cryptopia has said it will compensate users who lost funds. The thieves have not yet been caught and while there has been speculation that the unusual nature of the breach may have involved inside knowledge, this remains unknown.
The next exchange to encounter controversy was Bitfinex, accused last month of instigating an $850 million fraud. According to the New York Attorney General, Bitfinex allegedly lost $850 million, and then used funds from stablecoin company Tether to cover the shortfall. Tether and Bitfinex are both under the umbrella of IFinex, a company which the New York Attorney General has filed a cease and desist court order against. Bitfinex and Tether refute the claims.
This week, the industry’s biggest exchange, Binance, suffered a major security breach. In a blog post, Binance CEO Changpeng Zhao said, "We have discovered a large scale security breach today, May 7, 2019 at 17:15:24. Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses and other attacks." The post says that the hackers were able to withdraw 7000 BTC, or 2% of the exchanges total BTC holdings. Binance will use its SAFU fund to cover the losses.
Despite the nature of these ongoing incidents, Dave Jevans, CEO of CipherTrace, says the sector is moving in the right direction. “Although this report punctuates some of the negative occurrences within the crypto ecosystem, it is important to view these illuminations as markers for improvement,” he said. “This is the wake-up call crypto needs. Cryptocurrency is maturing, and that means having a few growing pains. Once we identify problems, we can find solutions. Cryptocurrency projects must grow up before they can move forward.”
**The case for mature crypto asset regulation globally **
The report found that businesses within the crypto asset sector sometimes have to deal with less than desirable payment processors as current regulations prevent traditional financial institutions from working with them.
Exchanges and crypto businesses that operate in less regulated countries, as is the case with Tether and Bitfinex, typically have difficulty gaining traditional banking relationships. This forces digital asset businesses to deal with “shady” operators, often in countries like Panama where regulatory protection is weakened.
While the details remain murky, Crypto Capital, the Panamanian payment processor, is involved in both the Bitfinex and QuadrigaCX cases. The payment processor has a murky past of its own, and as Decrypt reports, most crypto businesses elected to use Crypto Capital as a last resort when unable to work with more reputable financial organisations.
The report says that global regulators are increasingly aware of the legal grey area that is the crypto industry. It says a “tsunami of tough new global anti-money laundering (AML) and counter-terror financing (CTF) regulations will roll over the crypto landscape in the coming year.”
Brave New Coin reaches 500,000+ engaged crypto enthusiasts a month through our website, podcast, newsletters, and YouTube. Get your brand in front of key decision-makers and early adopters. Don’t wait – Secure your spot and drive real impact in Q4. Find out more today!