Cryptocurrency and Money Laundering: Deciphering the Why and the How

The financial sector continues to revel in the advancement of disruptive technological innovations. Due to the attractive rates and fees, ease of access and account setup, variety of innovative products and services, and improved service quality and product features, financial technology is attracting more customers and investors today.[1] Despite the numerous advantages of these sectoral transformations, it is impossible to deny that the digitization and ease with which the internet has enabled all of us to function effectively in our day-to-day work has also created a space for virtual crimes.

Amidst the pioneering fintech revolution, cryptocurrency has emerged as a modern financial technology that can be used to easily launder money. Despite rapid market fluctuations and an uncertain legal status, cryptocurrency continues to captivate Indian investors, who are undeterred and unbothered by the associated risks of cyber fraud.

This article will explore how the crypto market nurtures a convenient and fertile ground for money laundering activities.

 

Cryptocurrency and India

 

The Indian regulatory market has had a hot and cold relationship with cryptocurrency over the years. The RBI, vide Circular DBR.No.BP.BC.104/08.13.102/2017-18 dated April 06, 2018[2], restricted all crypto transactions. However, in 2020, the Supreme Court effectively struck down the ban. As a result, the RBI stated in Circular DOR. AML.REC 18/14.01.001/2021-22 that banks and financial institutions cannot cite the aforementioned circular to warn their customers against dealing in Virtual Currencies. However, it did state that, “Banks, as well as other entities addressed above, may, however, continue to carry out customer due diligence processes in line with regulations governing standards for Know Your Customer (KYC), Anti-Money Laundering (AML), Combating Financing of Terrorism (CFT) and obligations of regulated entities under the Prevention of Money Laundering Act (PMLA), 2002, in addition to ensuring compliance with relevant provisions under the Foreign Exchange Management Act (FEMA) for overseas remittances.”[3]

At present, while the talks of implementing comprehensive legislation governing cryptocurrencies have fizzled out, the Union Budget 2022 brought digital currencies under the tax net. As of 2022, the crypto asset market in India stands at an approximated evaluation of 45,000 Crores and 15 million investors[4].

However, it is pertinent to note that it is transactions, not investments, in the digital currency that pose an issue. In India, the Enforcement Directorate discovered over 4,000 crores of such illegal cryptocurrency transactions in 2021. As per the 2022 Crypto Crime Report by blockchain data firm Chainalysis[5], cybercriminals laundered $8.6 billion worth of cryptocurrency in 2021, $6.6 billion in 2020 and $10.9 billion in 2019. Furthermore, the study discovered that at the moment, darknet market sales or ransomware attack profits are virtually derived in cryptocurrency rather than fiat currency, thus significantly contributing to the data. 

Money laundering, terror financing, drug dealing, and other criminal activities are all done using cryptocurrency transactions. Although these transactions are recorded on a blockchain and are traceable, criminals use mixers and tumblers to make it difficult for a third party to track them.

 

The Laundering Mechanism

                           

                                    Eurospider Information Technology AG, “Mixers Tumbler Example,” fig.

For clarity, refer to the above image. Using the OHNE mixer, A sends 20 bitcoins to B, U sends 15 bitcoins to V, and X sends 5 bitcoins to Y. These are single-layer transactions that are simple to trace and identify.

The transaction takes place in a different way in the second image, where the MIT mixer is used. For the sake of brevity, let us consider a single layer of mixer being used. In real life, the number of mixers used is in the thousands. Here, A sends 20 bitcoins to M1, U sends 15 bitcoins to M2 and X sends 5 bitcoins to M3. In the next stage, B receives 20 bitcoins from M2, V receives 15 bitcoins from M1, and Y receives 5 bitcoins from M1. The difference we must notice is that B, V, and Y are receiving the same number of bitcoins as in picture one, but not from A, U and X, respectively. Because there is no information about A sending bitcoins to B, U sending bitcoins to V, or X sending bitcoins to Y, these transactions are not single-layered and are impossible to trace. Hence, making the transaction anonymous.

Criminals use a similar method to send money using cryptocurrencies. Consider the following scenario to gain a better understanding: A, B, C, and Z are cryptocurrency users who keep their coins in their digital wallets. They use the same mixing service to make transactions. A, B, and C are law-abiding citizens, while Z is a criminal involved in drug trafficking. A has to pay X a certain amount of money. X is paid, but the bitcoins he received were deposited by Z, a drug trafficker. When X received the payment, he had no idea that the bitcoins he had were dirty bitcoins and had been used for illegal activities. This is a straightforward explanation of how dirty bitcoins are making their way through the market, paving the way for money laundering. 

 

What can be done?

 

The International Monetary Fund (IMF) has released a report titled “Global Financial Stability Report”[6] which discusses the following details about how cryptocurrencies should be regulated, considering their increasing market capitalization and the growing exposure of banking and financial systems to crypto assets:

  1. Implementation of global standards applicable to crypto-assets should be the key focus area of national policies.
  2. Regulators should identify and control the associated risks of crypto assets, specifically in areas of systemic importance.
  3. Coordination among national regulators is key for effective enforcement and fewer instances of regulatory arbitrage.
  4. Data gaps and monitoring of the crypto ecosystem for better policy decisions should be prioritised by the regulators.

The report also discusses how stablecoins and decentralized finance pose a significant risk to the crypto market and the overall economy if they are not properly regulated and supervised by issuers.

  1. Regulations should be proportionate to the risk and in line with those of global stablecoins.
  2. Coordination is a must, to implement requisite recommendations in the areas of acute risks, enhanced disclosure, independent audit of reserves, and fit and proper rules for network administrators and issuers.

The report also discusses the importance of managing macro-financial risks through:

  1. Enactment of de-dollarization policies, including enhancing monetary policy credibility.
  2. Formulating a sound fiscal position with effective legal and regulatory measures and implementing central bank digital currencies
  3. Reconsidering Capital Flow Restrictions with respect to their effectiveness, supervision, and enforcement

However, according to the report, cryptoization would make finance more cost-effective, quick, and accessible.

There is also an intergovernmental organisation known as the Financial Action Task Force, which is constantly updating its recommendations to maintain legal, regulatory, and operational methods for combating money laundering, terrorism financing, proliferation, and other threats to the integrity of the international financial system. The Financial Action Task Force (FATF) recently released a compliance framework recommending that all anti-money laundering rules that traditional financial systems follow be applied to stable coins, cryptocurrency, and virtual asset service providers. Even though identifying the source of such funds and keeping track of who is the beneficiary of such funds is difficult, countries are still being encouraged to develop provisions that provide for due diligence, record keeping, and the reporting of suspicious transactions.[7]

 

The Legislative Way Forward for India

 

At present, there is no comprehensive legislative framework to govern fintech advancements encompassing blockchain and cryptocurrencies. At best, the present regulatory framework is a patchy, cross-networked arrangement that demands careful deliberations in alignment with the evolving technological innovations in the sector.

The Information Technology Act, 2000:

While the legislation successfully addresses issues like identity theft, hacking, and ransomware and provides a means to tackle the issue of extraterritorial jurisdiction, it is safe to conclude that the serpentine considerations of blockchain cannot be comprehended and addressed by the Act.

The Prevention of Money Laundering Act, 2002 and the Prevention of Money Laundering Rules, 2005

The offences listed in Parts A, B and C of the PMLA Schedule attract the penalties enumerated under the Act.

Part A categorises offences under: Indian Penal Code, Narcotics Drugs and Psychotropic Substances Act, Prevention of Corruption Act, Antiquities and Art Treasures Act, Copyright Act, Trademark Act, Wildlife Protection Act, and Information Technology Act.

Part B enlists offences under Part A with a valuation of Rs 1 crore or more.

Part C exclusively deals with trans-border crimes.

Recently, the Enforcement Directorate attached proceeds of crimes amounting to Rs 135 crores in 7 cases in which the usage of cryptocurrency for money laundering activities was flagged by the authorities.[8]

However, it is pertinent to note that the offences recognised under the respective parts of the schedule only comprise the offences under the current framework of legislation, which is at present not equipped to regulate any segment of cryptocurrency transactions and digital currency operations in the country. 

Foreign Exchange Management Act, 1999

Even though the Act specifies procedures to conduct cross-border and foreign exchange transactions, it fails to identify the role of technology as an instrumental enabler of such transactions at present. However, it is interesting to note that it empowers the RBI to establish a regulatory framework to address the same.

The Payment and Settlement Systems Act, 2007

The PSS Act was enacted with the objective of establishing a regulatory framework for banks and ancillary financial institutions, designating RBI as the nodal authority. Section 4 of the Act states that no payment system shall operate in India without the prior due authorization of the RBI.

Apart from the above-mentioned legislation, regulators like SEBI, Ministry of Electronics and Information Technology (MeitY), Insurance Regulatory and Development Authority of India (IRDAI), and Ministry of Corporate Affairs (MCA) have also undertaken initiatives to implement specialised guidelines. While these regulations deal with the contemporary issues of payments, digital lending and global remittances, none of them has managed to find a concrete ground for effectively supervising and regulating cryptocurrency transactions backed by blockchain in the current volatile ecosystem.

At present, key industry regulators and stakeholders should collaborate to understand the novelty, process and extent of the present disruptive fintech trends. Furthermore, initiatives should be taken to ensure transparency of such transactions, establish secure authentication transactions for the exchanges and tighten the legislative noose on cyber security systems in the country. Additionally, establishing a centralised statutory body and local self-regulatory bodies across the sovereign, and implementing an extensive centralised framework is also imperative. The current scheme of criminal activities in virtual space transcends geographical boundaries, hence it is crucial for global policymakers to implement mechanisms to ensure coordination and collaboration by institutionalising inter-governmental bodies.

References: 

[1] ‘The Current Landscape Of The Fintech Industry – Fintech Crimes’ (Fintech Crimes, 2022) <https://fintechcrimes.com/the-landscape-of-fintech-in-year-2020/> accessed 9 February 2022.

[2] https://www.rbi.org.in/scripts/FS_Notification.aspx?Id=11243&fn=2&Mode=0

[3] https://rbi.org.in/Scripts/NotificationUser.aspx?Id=12103

[4] https://timesofindia.indiatimes.com/business/india-business/union-budget-2022-no-crypto-bill-listed-this-budget-session/articleshow/89265038.cms

[5] https://go.chainalysis.com/rs/503-FAP-074/images/Crypto-Crime-Report-2022.pdf

[6] ‘Global Financial Stability Report’ (2021) <https://www.imf.org/en/Publications/GFSR/Issues/2021/10/12/global-financial-stability-report-october-2021> accessed 11 February 2022.

[7] ‘VIRTUAL ASSETS AND VIRTUAL ASSET SERVICE PROVIDERS’ (2021) <https://www.fatf-gafi.org/media/fatf/documents/recommendations/Updated-Guidance-VA-VASP.pdf> accessed 11 February 2022.

[8] https://economictimes.indiatimes.com/news/india/ed-investigating-7-cases-of-cryptocurrency-usage-in-money-laundering-attaches-rs-135-crore/articleshow/90200012.cms

 

Image Credits: Photo by Bermix Studio on Unsplash

At present, key industry regulators and stakeholders should collaborate to understand the novelty, process and extent of the present disruptive fintech trends. Further, initiatives should be undertaken to ensure transparency of such transactions, establish secure authentication transactions of the exchanges and tighten the legislative noose on cyber security systems in the country.

Related Posts

POST A COMMENT

Impact of India's Proposed Central Bank Digital Currency (CBDC)

Numerous signals have been emanating from the government and the RBI in the past several months to indicate the imminent launch of India’s Central Bank Digital Currency (CBDC). This includes the announcement last month that the Cryptocurrency and Official Digital Currency Bill, 2021 will be tabled for discussion in the ongoing session of the Indian parliament.

What is a CBDC?

In simple terms, it is the digital version of legal tender issued by a sovereign central bank. In terms of value, it is the same as the country’s fiat currency and is exchangeable with physical currency on demand. Thus, India’s CBDC will be denominated in Rupees. Like physical currency notes/coins, CBDC can be used by individuals and businesses as a store of value and to make payments for purchasing goods/services.

 

Why does India need a CBDC?

There are many reasons why countries will need their own CBDC systems. In India, interbank transactions and settlements already take place through the reserves individual banks maintain with the RBI, so there may not be much impact in this arena. However, in the retail segment, a bulk of the transactions still rely on physical cash and increasingly, on digital payment solutions. It is important to recognize that payment solutions such as those from Google, Amazon, Apple, or Paytm and Phonepe are all privately-owned and controlled; as such, their growing popularity does pose a risk to the country’s financial system.

For example, it is estimated that 94% of mobile payment transactions in China are processed on transactions owned by Alibaba or Tencent. As the companies behind these apps start to build “ecosystems”, more and more goods and services can be paid for through these apps. Such integration and breadth of usage can easily create a virtual stranglehold that has the potential to place at risk the entire financial system of a country; there could even be regional or global ripples. The launch of a CBDC is thus not just a digital payment system, but also a mechanism towards mitigation of major risks that are associated with an increasingly digital world.

Currently, all payment solutions in India, whether developed and deployed by fintech players, Big Tech or banks, run on the Unified Payments Interface (UPI) infrastructure built and managed by the National Payments Corporation of India (NPCI), which is jointly promoted by the RBI and the Indian Banks’ Association (IBA). That India’s payments backbone has never been in private hands reduces the level of risk to our financial system. Also, it must also be acknowledged that the NPCI has done a fabulous job so far. The month of October 2021 alone saw more than 4.2 billion transactions being processed through NPCI infrastructure. But it is important to keep in mind that the payment apps owned and managed by fintech and Big Tech companies are not under the direct regulatory supervision of the RBI because they are not licensed banks. A CBDC-based ecosystem will make the regulation of such apps and platforms easier and more effective- thus enabling a higher degree of consumer protection. 

There are other reasons too why an Indian CBDC will become a necessity sooner rather than later. Countries like China are already at an advanced stage of launching their versions of CBDC. Given global cross-border trade and investment flows and repatriation of funds by Indian diaspora overseas and tourist travel, it is only a matter of time before Chinese or other CBDC enter the Indian financial system. And as more countries launch their own CBDC, it is imperative that we have our own, so that we can negotiate from a position of experience (and strength) when it comes to agreeing on multilateral CBDC protocols.

A well-designed CBDC system reduces the threat of counterfeit currency- something that our adversaries have used over many decades to weaken our economy. Arguably, CBDC can also play an important role in the nation’s fight against corruption and black money- although much will depend on how it evolves and the operational rules and regulatory framework governing it.

 

CBDC: The Road Ahead

At this time, it is unclear when and how the government will choose to launch India’s CBDC. But it is fair to say that an entirely new digital currency ecosystem will be needed. It is likely that the RBI itself will cause to design, develop and run the CBDC infrastructure. There are also speculations that they would be regulated as financial assets by the Securities & Exchange Board of India (SEBI). Big Tech, fintech and banks will need to link their apps to this new infrastructure as well- assuming that over time, individuals will retain the option to pay via physical currency-backed UPI platforms or their CBDC cousins.

Since no regulator can compete with those it is tasked with regulating, the RBI may have to let financial intermediaries continue to take responsibility for the distribution of digital currency via e-wallets or other pre-paid digital instruments and similar solutions. This also means that fintech players, BigTech and retail banks will need to evolve their platforms and come up with innovative offerings to ride this new wave of opportunity. The road ahead will have its own challenges at both the policy and operational levels. The success of CBDC will also depend on how quickly internet access expands across the country and how resistant to hacking and breaches the underlying systems are.

Fasten your seatbelts and prepare for an interesting ride at the end of which, digital currency could be the crowned king. 

 

Image Credits:  Photo by Alesia Kozik from Pexels

At this time, it is unclear when and how the RBI will choose to launch India’s CBDC. But it is fair to say that an entirely new digital currency ecosystem will be needed. It is likely that the RBI itself will cause to design, develop and run the CBDC infrastructure

Related Posts

POST A COMMENT

India's Own Crypto Asset Regulations Soon: Plugging an Important Gap

Till last year, most people (at least in India) had probably only heard of cryptocurrencies such as Bitcoin and Ethereum; now, many other names such as Dogecoin, Solana, Polkadot, XRP, Tether, Binance etc. are being spoken of commonly in media. The global cryptocurrency market cap is estimated at over US$2.5 Trillion.

India too is witnessing a surge in investment in cryptotokens – especially by millennials. There is a correspondingly increase in the number of advertisements for cryptocurrencies on national television as well as on various web sites; mainstream media reports extensively on the daily price movement of cryptocurrencies. One estimate puts the number of crypto investors in India at between 15-20 million, and the total holdings to be in excess of US$5.3Billion. 

This surge in unregulated cryptoassets is a matter of rising concern globally. Recently, PM Modi urged democracies around the world to work together to ensure that cryptocurrencies do not “end up in the wrong hands, as this can “spoil our youth”. His exhortation came just days after RBI Governor Shaktikanta Das spoke of “serious concerns” around cryptocurrencies.

The RBI’s 2018 blanket ban on cryptocurrencies was lifted by the Supreme Court in 2020. However, the time has now come for the government and regulators to act quickly, and there are indications that regulations are just around the corner. At the time of writing, the government has already announced its intention to table The Cryptocurrency and Regulation of Official Digital Currency Bill, 2021 in parliament in the winter session.

It is expected that through this legislation, the Indian government will seek to ban private cryptoassets. This means that those trade in such cryptoassets may be liable for penalties and/or other punishment. It is also expected that there will be tighter regulations around advertising such products and platforms where cryptoassets can be bought and sold. Another regulatory salvo could be around taxing cryptogains at a higher rate (although such notifications may have to wait for the next budget due to be announced in another three months). The bill is also expected to deny the status of “currency” to cryptoassets because the prevailing ones are issued by private enterprises, and not backed by any sovereign.

The government has also acknowledged the potential of sovereign digital currencies (or CBDC- Central Bank Digital Currency, as they are officially called) in the days ahead. Countries such as China and the USA, are at various stages of launching their own digital currencies, and experts predict that such CBDC will be the “future of money”. In this context, the proposed bill is expected to create a “facilitative framework” to pave the way for the RBI to launch India’s sovereign digital currency in the days ahead by. In fact, the RBI is already working on India’s CBDC, and some media reports suggest that such a launch may happen in the next couple of months (which may also explain the timing of tabling the The Cryptocurrency and Regulation of Official Digital Currency Bill, 2021, at this time). CBDCs too require crypto and blockchain technologies that are similar to those that underpin cryptoassets, so the bill is also expected to promote these technologies for specific purposes. Indeed, not doing so would be akin to throwing out the baby with the bathwater.

Given their wide global reach, cryptoassets arguably will have a role to play in the world’s financial system. However, countries such as India must ensure proper regulation because by their very nature, cryptoassets can easily be misused for various activities that can destabilize the nation. They will allow for free inward/outward remittances that will make it harder to trace; being encrypted, the origins of such wealth too will become easier to hide. All this will make cryptoassets even more convenient ideal for nefarious activities such as money laundering, terror-funding, drugs-financing etc. In the absence of appropriate regulations, the rising supply of cryptocurrencies can hobble the RBI’s ability to perform its basic role. Its ability to manage the Rupee’s value against global currencies too will weaken, as will its ability to use domestic interest rates as a means to balance the economy’s twin needs of inflation management and providing growth impetus. This is a scary scenario, but not one that could unfold in the short-term. Even so, India needs to be prepared.

PS: The Indian government’s announcement to regulate cryptoassets has already triggered a significant (8-10%) correction in the prices of various cryptoassets. It’s therefore a good idea for resident Indians holding cryptoassets to sell them. They can decide on their future course of action once there is clarity on the specific regulatory impact of the proposed bill.

 

Image Credits: 

Photo by Worldspectrum from Pexels

Given their wide global reach, cryptoassets arguably will have a role to play in the world’s financial system. However, countries such as India must ensure proper regulation because by their very nature, cryptoassets can easily be misused for various activities that can destabilize the nation.

Related Posts

POST A COMMENT