Using Blockchain Analytics to Combat Crypto Sanctions Evasion

In the first installment of this series, we covered the eight ways that sanctioned entities avoid sanctions through crypto. The techniques are vast and include mixers, tumblers, privacy coins, darknet marketplaces, decentralized exchanges, and more.

The commonality of all these evasion methods is technology. Authorities must also combat sanctions evasion with technology, and blockchain analytics in particular. These tools enable authorities to enforce ever-changing blacklists, track accounts that may be using evasion techniques, and apply customizable, behavior-based rules to suit different jurisdictions and their regimes.

In this article, we will discuss non-technical methods of combating sanctions evasion, how blockchain analytics can help in general, and how Merkle Science’s Compass can help in particular. 

Non-tech methods of combating crypto sanctions evasion 

Not all methods of combating sanctions evasion are based around technology. At the top level, governments and regulators may publish updates to sanction lists on a regular basis, such as the United Nations Security Council, European Union, and the United Kingdom. They can make these updates as soon as they discover and verify addresses linked to sanctioned entities. 

The exchanges can also self-regulate to an extent. They can share information on suspicious entities or transactions that—while they do not currently appear on a sanctions list—appear highly suspicious. Such entities may agree to not do business with these high risk entities. 

International organizations like the Federal Bureau of Investigation and Interpol may also share intelligence on suspicious wallets that do not yet appear on sanctions lists. They may prefer instead to apprehend suspects first or freeze accounts on centralized exchanges, before coordinating for addresses to appear on relevant sanctions lists.

Non-tech methods of combating sanctions are extensive, but not as effective as those based on blockchain analytics. 

Why blockchain analytics tools are the best way to combat sanctions evasion 

At a basic level, blockchain analytics tools can function as blacklists. Regulators, such as the Office of Foreign Assets Control (or OFAC), publish blacklists on entities that organizations should not deal business with. In a first, they recently included crypto wallets as part of their sanctioned entities, due to their affiliation with these organizations. 

With a blockchain analytics solution, organizations can automatically prevent themselves from inadvertently doing business with these sanctioned entities. Moreover, these solutions update the blacklists in lock-step with regulators, so organizations can rest assured knowing that they are compliant with official blacklists. 

Unfortunately, sanctioned entities are becoming increasingly sophisticated in evading sanctions through crypto. As we mentioned in the first part of this series, sanctioned entities are using everything from mixers and sidechains to compromised wallets and privacy coins. In this kind of environment, businesses cannot rely on enforcing blacklists alone.

Businesses need to identify transactions likely associated with sanctioned entities through customizable rules. For example, some cybercrime groups, such as North Korea’s Lazarus Group, will pull off hacks and then attempt to withdraw the majority of the funds with a single transaction within a very small time frame. To identify such occurrences, the business can set a configurable rule within their blockchain analytics solution that flags any withdrawal of over 90% of total funds within 5 minutes of receipt. In this way, they can spot illicit activity as soon as it happens and work with authorities to take immediate action, such as by freezing accounts.

Blockchain analytics can also scan for open source intelligence on the dark web, the portion of the internet that users need special tools, like Tor, to access. From this intelligence, users may discover more about accounts linked to sanctioned entities and thus mark them as high risk on their platform. An organization can choose to do business with them based on their particular risk appetite. 

Blockchain analytics, in short, is a key tool in the fight against sanctions evasion through its provision for open source intelligence, enforcement of blacklists, and customizable, behavior-based rules that may identify accounts linked to sanctioned entities. 

How Merkle Science can help law enforcement fight crypto sanctions evasion

Some blockchain analytics tools input a single data dump of blocked addresses. The problem with this approach is that the number of crypto addresses linked to sanctioned entities is always growing. This sanctions list thus needs to be treated as a living document—otherwise the business faces the risk of running afoul of law. 

Merkle Science’s tool, Compass, possesses exactly this ability. Regularly updated with the latest sanctioned addresses, businesses can feel confident in knowing they are dealing with customers that are not sanctioned.

Moreover, sanctioned entities have been known to transfer money from wallet to wallet, known as hops, in a bid to separate themselves from officially sanctioned addresses. Compass can keep track of dozens of these hops. This ability extends across popular blockchains as well as side-chains, which are frequently used for laundering. This way, no matter how far the sanctioned entity tries to obfuscate the trail of illicit funds, law enforcement can still identify the crypto as belonging to them. 

Different jurisdictions have their own unique regimes, and this applies to sanctioned entities as well. Some entities will be sanctioned in some markets, but not in others. It would not make sense for an organization to take a one-size-fits-all approach to its business dealings. Instead, a blockchain analytics tool would enable the business to take a market-specific approach. 

In a market where an entity is sanctioned, the business can enforce it through a specific rule to meet its risk profile for that market. Conversely, in a market where the same entity is unsanctioned, the business can mark the entity as only medium or high risk, so that it can conduct business with them on a case-by-case basis.

Conclusion

With the growing rate of all kinds of cybercrime, blockchain analytics solutions have become an absolute necessity. Sanctioned entities are connected to a wide variety of crime including, money laundering, drugs and trafficking, terrorism, and more. The organizations that do business with sanctioned entities—advertently or inadvertently—should be rightfully punished by their legal authorities with fines, restrictions, and possibly even jail time.

To avoid these punishments, organizations must avail of a strong blockchain analytics tool like the one offered by Merkle Science with Compass, which regularly updates sanctions lists, enables full customization of rules that may detect sanctions evasion, and is configurable based on jurisdiction.