Top 8 Ways Criminals Avoid Sanctions Using Crypto

Regulators often place sanctions on entities like rogue governments and terrorist organizations to make it harder for them to operate. 

These sanctions forbid entities in their jurisdictions from doing business with designated entities, under the threat of severe punishments.

This article will cover who issues sanctions, what the processes are for doing so, how criminal organizations get around them, and what repercussions organizations face for failing to comply.

This article is the first in a two-part series. The second article will cover how organizations can improve their sanctions compliance. 

How Sanctions Work 

There are many organizations that implement and enforce sanctions, such as the Office of Foreign Assets Control (OFAC) in the United States or the United Nations Security Council. These authorities issue regulations that prohibit business activities with designated entities, which may include enemy countries, politically exposed persons, and criminal organizations like terrorist groups.

The prohibitions are usually built around a blacklist. OFAC, for example, maintains a blacklist of crypto addresses owned or linked to sanctioned entities. Organizations under the OFAC’s jurisdiction are expected to adhere to these prohibitions by maintaining robust compliance processes around know-your-customer (KYC), anti-money laundering (AML), and countering the financing of terrorism (CFT). 

The challenge with blacklists is that they also inadvertently help criminals. Because blacklists are published, criminals know which of their accounts has been exposed. They can then circumvent the blacklist by using accounts not yet linked to them and other technologies and techniques that obfuscate their illicit money trail. 

Top Challenges in Complying with Crypto Sanctions 

Complying with sanctions is difficult because sanctioned entities have so many ways to get around them. These are the top eight ways that crypto criminals avoid sanctions:

1. Compromised wallets - Criminals may use wallets not identified as part of a blacklist. If they need to interact with a sanctioned address to send or receive funds, they may obscure their trail of illicit funds with multiple hops. They may also steal accounts from legitimate customers who have already put them through respective KYC processes. These accounts may be obtained through a wide variety of scams, including everything from theft of private keys to social engineering. A compromised account is safer to use for sanctions evasion because it is linked to a legitimate, verified person. 

2. Non-compliant exchanges - There are two categories of non-compliant exchanges. The first are those based in countries with regulations governing sanctions. These businesses willfully or inadvertently ignore these sanctions. The second are businesses based in rogue nations, such as Russia or North Korea, that do not adhere to sanctions compliance. Criminals may seek out these businesses to use as an exit node for laundered funds. 

3. Decentralized exchanges - Decentralized exchanges, which often operate on the dark web, do not operate with a centralized authority, such as C-suite leadership and a board. Instead, decentralized exchanges operate autonomously through blockchain technology and smart contracts. Because decentralized exchanges work in this manner, governments cannot force them to comply with sanctions. Decentralized exchanges are thus an attractive option for sanctioned entities to move funds peer-to-peer with little possibility of detection. 

4. Darknet marketplaces - The darknet is the portion of the internet not accessible via typical web browsers. To access the darknet, users need special tools like Tor. Because the darknet is difficult to reach, it is a haven for crime, including marketplaces that trade in illegal goods and services. Sanctioned entities may use darknet marketplaces in one of two ways. Because sanctions may have hampered their ability to generate funds, they may sell contraband, such as drugs or firearms, to obtain crypto. Alternatively, they may attempt to launder their crypto by buying products or services, which they could turn around and sell for digital assets not already linked to them. 

5. Peel chains - For as long as thresholds have been used as red flags for identifying possible laundering, criminals have tried to circumvent these by sending money in smaller, but more frequent increments. For example, instead of sending$10,000 which may trigger a flag, they will do 10 transactions of $1,000. Peel chains effectively bring the same technique to digital assets. Sanctioned entities may divert funds into multiple addresses, which may be further distributed into smaller amounts in other addresses, a process that may repeat across several cycles. This obfuscation makes it harder for authorities to follow the trail of illicit funds and increases the chances that sanctioned entities may successfully output the money into fiat or a target digital asset. 

6. Privacy wallets - Privacy wallets are digital asset wallets that have built-in privacy features. One such example is the Wasabi Wallet, which has a coin join mechanism. It functions similar to a mixer or tumbler, only instead of pooling digital assets together, it pools transactions, which has the same effect of complicating the tracking of funds. Other privacy wallets have other anonymizing features, such as a stealth address, a unique, one-time address, and ring signatures, wherein multiple users from a group, or “ring,” sign a transaction, making it impossible to tell who spent the funds.

7. Chain hopping and side chains - A cryptocurrency transaction is less anonymous than a fiat one because there is a public record. Each cryptocurrency transaction is recorded on the blockchain, or digital ledger. Because the financial dealings of wallets linked to sanctioned entities are also publicly recorded, they may engage in chain hopping to make it more difficult to follow their movements. Chain hopping involves moving funds from blockchain to blockchain to obfuscate their trail. This technique makes it difficult for crypto investigators to manually follow their funds, and it may also confound some blockchain analytics tools, which often only have support for major blockchains. Sanctioned entities may further use less popular sidechains to maximize the difficulty of tracking funds across chain hopping. 

8. Mixers and tumblers - To evade authorities, sanctioned entities may deposit their funds into a mixer or tumbler. These services combine a user’s deposit into a large pool with other users, mixes them together, and then outputs an equal amount to what the user originally placed into the mixer. Because the coins are different from what the sanctioned entity put in—shuffled as they have been with coins from other users—the sanctioned entity now has digital assets harder to track back to them. Mixers once operated freely on the surface web, but they are facing increasing regulatory pressure due to their connection to money laundering and sanctions evasion. Many have thus moved to the dark web, where they still are easily accessible to sanctioned entities. 

Negative Consequences of Failing to Comply with Sanctions 

The negative consequences of failing to comply with sanctions can cut across all areas of the organization:

• Financial - Regulators may leverage financial penalties that may materially affect the business. 
• Legal - The key stakeholders and compliance officers of the business may face criminal charges, including the possibility of jail time in some cases. 
• Operational - The business may have its essential licenses revoked or suspended. The business may also experience increased regulatory scrutiny that will make it more difficult to operate its business. 
• Reputational - The business may face a public relations crisis for violating the sanctions or for the underlying reason. In November 2023, for example, Binance was embroiled in a public controversy of supporting terrorist group Hamas for failure to follow sanctions. 

Conclusion

As we have seen, sanctioned entities have a dizzying array of techniques to circumvent sanctions. These include tools like mixers, nodes like non-compliant exchanges, and even additional crime like the theft of a legitimate wallet.

Businesses that fail to comply with sanctions due to these evasion techniques are still held responsible by regulators and face stiff punishment, such as criminal charges, license suspension or revocation, and fines.

The next article in this two-part series will provide the crucial how-to: How can organizations adhere to sanctions compliance even in the face of these evasion strategies?