US officials have outlined how criminal applications of blockchain technologies and cryptocurrency should be responded to through a new framework.
While the possibilities of the blockchain are considered "breathtaking" prospects that could allow humans to "flourish," the new "cryptocurrency enforcement framework" focuses on darker applications -- such as the use of virtual assets in criminal enterprises.
The US Department of Justice (DoJ), together with Attorney General William Barr, announced the public release of the framework on Thursday.
The report is based on the efforts of the Attorney General's Cyber-Digital Task Force, tasked with investigating "emerging threats and enforcement challenges associated with the increasing prevalence and use of cryptocurrency," according to the department.
The document outlines DoJ and law enforcement response strategies to blockchain and cryptocurrency-related crimes. Split into three main sections, the 83-page framework document (.PDF) first outlines the applications of blockchain and cryptocurrencies, ranging from smart contracts, wallets, Initial Coin Offerings (ICOs), and the exchange of virtual coins themselves.
The report then examines today's "illicit" uses of cryptocurrency, separating them into three categories: financial transactions associated with the commission of crimes; money laundering and the shielding of legitimate activity from tax, reporting, or other legal requirements; and direct crimes including theft.
In particular, the framework says that cryptocurrency can be linked to organized crime outfits and terrorist activities.
"They can avoid large cash transactions and mitigate the risk of bank accounts being traced, or of banks notifying governments of suspicious activity," the report says. "Criminals have used cryptocurrency, often in large amounts and transferred across international borders, as a new means to fund criminal conduct ranging from child exploitation to terrorist fundraising. Cryptocurrency also has been used to pay for illegal drugs, firearms, and tools to commit cybercrimes, as well as to facilitate sophisticated ransomware and blackmail schemes."
Examples cited in the document include the use of fundraising platforms and encouraging donors on social media to contribute cryptocurrency to groups such as ISIS, a practice US prosecutors often describe as "providing material support" to a criminal or terrorist organization.
The second section of the report outlines the legal and regulatory tools currently used against criminal crypto activities. These include the wide range of charges that can be brought against a suspect -- such as wire fraud, securities fraud, money laundering, intrusion in connection to computers, and the operation of an unlicensed money transmitting business -- as well as the power to seize virtual assets and the ability to confiscate website domains.
The US Treasury's Office of Foreign Assets Control (OFAC), too, has recently laid out guidelines for businesses that may be tempted to pay out a ransomware blackmail demand, as such activities could violate US sanctions.
Finally, the report outlines the present and future challenges that the criminal usage of cryptocurrencies present to regulators and law enforcement. Cryptocurrency and peer-to-peer exchanges, for example, are said to have a duty to assist law enforcement in investigations.
"Given their potential to facilitate criminal activity, these entities have a heightened responsibility to safeguard their platforms and businesses from exploitation by nefarious actors and to ensure that customer data is protected and secured," the task force says.
Bitcoin ATMs, cryptocurrency casinos are also mentioned as legitimate businesses that may be exploited for criminal gain.
"Cryptocurrencies and distributed ledger technology present tremendous promise for the future, but it is critical that these important innovations follow the law," commented Task Force member Brian Rabbitt. "The Cryptocurrency Enforcement Framework provides the public with important information intended to help them understand and comply with their obligations under the legal regimes that govern these new and fast-developing technologies."
A 2018 report published by the task force focused on cyberthreats on a more general basis, including the emergence of critical infrastructure attacks, threats to national security, and cross-border and nation-state campaigns.
Previous and related coverage
- US seizes Iranian government domains masked as legitimate news outlets
- Google Cloud joins the EOS blockchain network as block producer candidate
- Former Amazon finance manager and family charged with $1.4m insider trading scheme
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0