The Joint Chiefs of Global Tax Enforcement (J5) have issued a warning to financial institutions with risk indicators that may indicate money laundering, cybercrime, tax evasion, and other illicit activities. Risk indicators play a pivotal role in enhancing financial institutions’ ability to detect and report money laundering and illicit activities involving crypto assets.
According to the J5, detecting signs of money laundering and tax evasion requires gathering, analyzing, and reporting financial data. Keeping financial institutions informed about what to look for makes it more likely that they will detect and report suspicious activity.
Crypto Asset Layering
The J5 believes that financial institutions should prioritize the detection of layering involving crypto assets—basically money laundering where transactions are intentionally complicated to conceal the illicit origin of funds. This can include, for example, unusually high volumes with rapid movement of funds between digital wallets, especially across multiple jurisdictions. It could also include transactions where the customer is sending or receiving large volumes from private wallet addresses and conversion across different crypto assets.
Other signs include customers who are sending and receiving cryptocurrency from crypto mixers, gambling platforms, and peer-to-peer (P2P) platforms or when a disproportionate amount of activity involves buying and selling privacy coins. Red flags also include sending and receiving cryptocurrency from darknet marketplaces, fraud shops, or high-risk exchanges or when the customer is transacting in round dollar and structured amounts to avoid bank reporting requirements.
Geographical Risk Indicators
Financial institutions also need to exercise care when dealing with cryptocurrency transactions tied to jurisdictions known for weak regulatory frameworks, inadequate anti-money laundering (AML) controls, or heightened levels of corruption. Those transactions may involve exchanges operating out of high-risk jurisdictions identified as non-cooperative for AML purposes or changing IP addresses. Other factors include customer accounts accessed with IP addresses from high-risk jurisdictions, shared use of an account or access login from devices tracked to IP addresses in high-risk jurisdictions, or crypto addresses that match addresses on recognized watch lists such as the Office of Foreign Assets-Control (OFAC) list.
High-Risk Counterparties
Customer counterparties transaction beneficiaries and senders can be significant risk indicators for money laundering and illicit activities in crypto assets. Financial institutions and crypto exchanges should closely monitor customer transactions for indicators, including crypto assets that originated from an over-the-counter trade broker that advertises its services as privacy-oriented or anonymous.
Red flags may include funds or cryptocurrencies that are added or withdrawn from crypto addresses or wallets with exposure links to known suspicious sources, including darknet marketplaces, mixing/tumbling services, questionable gambling sites, illegal activities (for example, ransomware), and interaction with financial institutions or individuals subject to sanctions or based in sanctioned states.
New Client Onboarding
The J5 reminds financial institutions that robust know-your-customer (KYC) practices help crypto-asset exchanges identify potential risks associated with crypto asset transactions and ensure compliance. Warning signs can include attempts by customers to provide as little identity information as possible, including incomplete or insufficient identification, or when the customer is difficult to contact, responding only via email or web chat at unusual hours.
Flags can also include clients who register with the exchange within a short period using a shared address, mobile device, phone number, and IP addresses, or the customer’s anonymity-oriented email provider.
Also noteworthy? When a client has access to multiple bank accounts and others— that may indicate money mule activity.
Ransomware And Cybercriminals
Finally, crypto exchanges have an essential role in detecting and reporting financial flows related to ransomware and stopping ransomware payments. Cybercriminals will try and conceal the origin and destination of ransomware payments before the digital currency arrives at the final wallet or bank account under their control.
Risk indicators assist financial institutions in identifying potential bad actors or accounts associated with organizations that perpetrate ransomware and cybercrime. Signs to watch for include unusually high usage of privacy coins (digital currencies that provide enhanced anonymity by obscuring the amount, destination, and origin of transactions) or chain-hopping (where one digital currency is exchanged for another and is moved from one blockchain to another).
You can read the complete notice here.
Comments
The most recent advisory was developed by a specialized team of cyber experts, with representation from each J5 member country.
“We are operating in a digital world without borders, and it is more important than ever to raise awareness of risk indicators that are tied to cryptocurrency assets that may be indicative of criminal J5 issues notice to financial institutions about risk indicators tied to cryptocurrency assets activity,” said Eric Ferron, Director General of the Criminal Investigations Directorate at the Canada Revenue Agency. “By working together with financial institutions across the globe, we are enhancing our abilities to detect and report money laundering and illicit activities involving cryptocurrency assets.”
“Identification and detection play a crucial role in combating cybercrime on a global level,” said Guy Ficco, Chief of IRS Criminal Investigation. “Anytime we can pool the resources of our J5 partners to issue pertinent information to financial institutions about cybercrime indicators, we will seize the opportunity.”
The J5 was organized in 2018 to combat crime on a global level by sharing resources. The J5 consists of criminal intelligence communities from Australia, Canada, the Netherlands, the United Kingdom, and the United States, committed to collaborating in the fight against international and transnational tax crime and money laundering. Membership of the J5 includes the heads of tax crime and senior officials in tax agencies, including the Australian Criminal Intelligence Commission (ACIC) and Australian Taxation Office (ATO), the Canada Revenue Agency (CRA), the Fiscale Inlichtingen-en Opsporingsdienst (FIOD), HM Revenue & Customs (HMRC) and Internal Revenue Service Criminal Investigation (IRS-CI).
You can read more about the J5 here.
Read the full article here