Decoding Money Laundering Typologies
Merkle Science
The emergence of innovative technologies like decentralized exchanges (DEXs) and cross-chain bridges has significantly reduced obstacles to the unrestricted movement of capital between different blockchains.
However, in addition to their application in retail payments and various financial transactions, the Financial Action Task Force (FATF) has identified crypto assets being employed in a diverse array of criminal activities. These include money laundering, the illicit trade of controlled substances and prohibited items like firearms, fraud, tax evasion, circumvention of sanctions, computer-related crimes such as cyber-attacks resulting in theft or ransomware, exploitation of children, human trafficking, and financing of terrorist activities.
Criminals exploit the anonymity provided by these tools to transfer billions of dollars in cryptocurrency across various assets and blockchains, effectively obscuring their illicit financial transactions.
Virtual or crypto assets possess various characteristics that make them enticing to individuals and businesses. Unfortunately, these same attributes make them equally attractive to criminals and terrorists. The broad spectrum of illicit uses highlights the need for robust measures to address and mitigate the risks associated with crypto assets.
It is therefore imperative for countries to establish stringent regulations or prohibitions regarding crypto assets. At the same time, the financial industry must comprehend its responsibilities and diligently adhere to obligations aimed at curbing the risks of money laundering and terrorist financing.
What is Money Laundering?
Money laundering has a precise legal definition that must be adapted to the cryptocurrency context. The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) defines money laundering as the three-step process of making “illegally-gained proceeds (i.e. ‘dirty money’) appear legal (i.e. ‘clean’),” by 1) placing dirty money in the legitimate financial system, 2) layering it within additional transactions to obfuscate its origins, and 3) integrating it into the financial system with more transactions so that funds appear licit.
Stated below are a few protocols extensively used for leveraging money laundering objectives and obfuscating trails of illegally acquired funds.
Money laundering through Cross-Chain Bridges
Cross-chain bridges are advanced protocols or mechanisms designed to facilitate effortless transfers of digital assets between diverse blockchain networks. They allow users to interact with assets on one blockchain while maintaining their value and functionality on another. By obviating the necessity for centralized exchanges, these bridges enhance liquidity across multiple chains, fostering a more interconnected and inclusive decentralized finance (DeFi) ecosystem.
Layering through Multiple Chains: Money launderers exploit cross-chain bridges to execute complex layering techniques. By leveraging the interoperability offered by these bridges, they move funds between different blockchains, obfuscating the source of the assets. This layering process involves transferring funds through multiple chains, making it extremely difficult to trace the origin and destination of the illicitly obtained funds.
For example, a money launderer could convert their ill-gotten gains into a privacy-focused cryptocurrency like Monero, known for its enhanced anonymity features. They can then use a cross-chain bridge to transfer the Monero to another blockchain, such as Ethereum or Binance Smart Chain, further complicating the tracing process. By repeating this process across multiple chains, they create a convoluted trail that makes it challenging for investigators to follow the flow of funds.
Example: Ren Protocol is a cross-chain liquidity protocol that facilitates the transfer of assets between blockchains, including Bitcoin, Ethereum, and other networks. While the Ren Protocol serves legitimate purposes, it can also be utilized for money laundering. Criminals can leverage Ren Protocol's interoperability to move funds across different chains, effectively disguising the origin and destination of the laundered assets.
Money laundering through Coin Mixers
Mixers and tumblers refer to cryptographic tools or services that blend various streams of funds, potentially eliminating the ability to trace the original source of those funds. Their primary purpose is to safeguard the privacy of crypto asset holders by allowing them to combine their coins with others in order to maintain anonymity.
These are specialized services that aim to enhance privacy and fungibility in cryptocurrency transactions. The primary objective of a coin mixer is to break the link between the sender and the recipient of the cryptocurrency, thereby creating a layer of anonymity and making it challenging to associate specific funds with their original source.
Money launderers exploit coin mixers to obscure the illicit origins of their stolen funds and create an illusion of legitimacy. Through a series of intricate steps designed to confound transaction trails, they effectively launder money, making it almost impossible to trace the flow:
- Deposit: The money launderer begins by depositing their unlawfully acquired funds into the coin mixer, establishing a connection between the tainted funds and the mixer's pool.
- Mixing: Once deposited, the mixer combines the funds with those of other users. Through multiple rounds of shuffling and redistributing, the mixer
- obfuscates individual transactions, making it extremely challenging to trace the funds.
- Splitting: To further perplex the trail, the mixer may divide the funds into smaller amounts and send them to different addresses. This fragmentation enhances overall anonymity and adds complexity to identifying the original source of the funds.
- Withdrawal: In the final stage, the money launderer withdraws the mixed funds from the mixer, obtaining a clean set of cryptocurrencies dissociated from their illicit origins. These funds can be spent or converted into other cryptocurrencies without raising suspicion.
Examples: Tornado Cash
Tornado Cash, one of the most notable coin mixers, was sanctioned by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on August 8, 2022, for allowing illicit actors to launder more than $7 billion since its creation in 2019. This included the $455 million stolen by the infamous hacking group, Lazarus, in one of the largest known virtual currency heists. Tornado Cash was subsequently used to launder more than $96 million of malicious cyber actors’ funds derived from the June 24, 2022, Harmony Bridge Heist, and at least $7.8 million from the August 2, 2022, Nomad Heist.
DEXs or Swap Protocols
Swap protocols, also known as decentralized exchanges (DEXs), are automated platforms that allow users to trade cryptocurrencies directly with one another. These protocols operate on blockchain networks and rely on smart contracts to execute and settle transactions. Unlike traditional centralized exchanges, swap protocols eliminate the need for intermediaries and enable peer-to-peer trading, enhancing privacy and reducing costs.
Money launderers leverage swap protocols to obscure the source and destination of their illicit funds. By utilizing the decentralized and pseudonymous nature of these protocols, they can execute sophisticated techniques to launder money effectively.
Front-Running: Money launderers can take advantage of the time delay between transaction submission and confirmation on swap protocols. They strategically submit transactions to swap large amounts of illicitly obtained tokens into more reputable cryptocurrencies, such as Bitcoin or Ethereum, before the original transaction is confirmed. This tactic allows them to exploit price discrepancies and ensure their funds are laundered before any potential red flags are raised.
Liquidity Pool Manipulation: Swap protocols rely on liquidity pools, which consist of user-contributed funds that facilitate token swaps. Money launderers can manipulate these pools by injecting their illicit funds and subsequently executing a series of trades. By artificially increasing the trading volume and altering token prices within the pool, they can obfuscate the origin of their funds and create a veneer of legitimacy.
Flash Loans: Flash loans are a feature offered by some swap protocols that allow users to borrow assets without collateral, as long as the borrowed funds are returned within the same transaction. Money launderers exploit this feature to execute complex transactions, combining multiple steps within a single block, and effectively launder their funds. Flash loans enable them to move assets across different protocols, swap tokens, and even repay the borrowed funds, all within a single transaction.
Example:
Uniswap
Uniswap, one of the most popular swap protocols built on the Ethereum blockchain, has gained attention due to its involvement in money laundering activities. Criminals exploit Uniswap's liquidity pools to convert their illicitly obtained tokens into more reputable cryptocurrencies. By creating complex transactions involving multiple swaps and liquidity pool manipulation, money launderers can obscure the origins of their funds.