Cryptocurrency businesses (specifically money services businesses (MSBs) money transmitters), whether consisting of large, international crypto exchanges or a single bitcoin ATM, must monitor transactions and identify red flags as part of a robust AML compliance program.
Financial criminals are increasingly attracted to crypto to execute their money laundering schemes. Whether a crypto business exchanges crypto for crypto, crypto for fiat (like the U.S. dollar), or some combination, entrepreneurs in the space must be ever-vigilant for signs of illegal activity.
When monitoring transactions, crypto businesses must be on the lookout for certain “red flags” that may indicate suspicious or potentially criminal behavior. Typically, red flags are raised based on customer behaviors.
All crypto businesses should have a list of red flags that they check transactions against. In this post, we’ll talk about some of the most common red flags.
If you run a crypto business, this will help you. However…
But before we go any further, it’s important to understand that this article is educational only. It is designed to help you understand the topic of crypto red flags. It’s not a substitute for actual compliance guidance.
Why must we stress this point?
Because an institution’s red flags are always going to be unique to the institution. They depend on your institution’s risk profile, business model, customer archetypes, geographic locations, and more.
You could have anywhere from dozens to hundreds of unique red flags depending on your size and operation.
Therefore, the only way to make sure your red flags are appropriate to your business model and in compliance with regulatory expectations is to consult with an anti-money laundering (AML) expert.
When the team at BitAML conducts annual audits of crypto MSB/money transmitters, incomplete or institutionally-irrelevant red flags is not an uncommon finding. We want to make it clear that red flags are not one-size-fits-all, and you won’t be able to Google your way to a workable set of red flags.
Common crypto red flags
With that said, there are at least five broad red flags that apply to most crypto businesses. They are: velocity, volume, insufficient or suspicious information, reporting and recordkeeping, and suspicious or unusual behavior.
If you notice transactions that fit any of the following 5 typologies and they are not part of your surveillance and monitoring policies and procedures, or you are concerned that your red flags are not adequately tuned to capture potentially suspicious activity, scroll down to the bottom and fill out a form to schedule a free consultation.
Otherwise, let’s take a closer look at each of the five broad transactional red flags that cryptocurrency businesses should never ignore:
Red Flag #1: Velocity
Velocity usually refers to a high rate of transactions executed in a short amount of time. When a customer makes multiple transactions in a 24-hour period, a red flag should be raised because it could be a sign of suspicious behavior and might require further investigation.
For example, say you’re a crypto ATM operator. You notice that a customer tries to initiate four separate transactions in the same day and each of those transactions is under a particular threshold (as determined by your AML program and your BSA Compliance Officer). A red flag should be raised.
This activity could indicate the customer is structuring transactions in order to avoid a Suspicious Activity Report (SAR) which you would file for a single, large transaction.
If this is a first-time customer or a long-time customer who has never attempted to initiate a transaction like this before, then the metaphorical red flag should be raised and waving.
Red Flag #2: Volume
Volume typically refers to multiple transactions (i.e., a large number of separate transactions) spread out over a 15-day period or so. A red flag should be raised when this happens because it could mean the customer is structuring over a longer period of time.
What does a volume situation look like? Imagine you’re a crypto exchange and you notice a customer transacting large amounts over the course of a week or more, which add up to well over the reporting threshold. This behavior is unusual and could require more investigation.
Red Flag #3: Insufficient or Suspicious Information
A red flag should be raised if a customer can’t or won’t provide identification information, can’t pass a Know Your Customer (KYC) interview, attempts to lie, and so on. In other words, when a customer provides insufficient or suspicious information that is required to confirm their identity, you might need to investigate further.
Let’s say you’re a crypto lender and have an individual customer who can’t provide proof of residency or a business client that can’t provide information about beneficial owners. In both instances, a red flag should be raised because you can’t collect the identification information you need to ensure the transactions are not suspicious.
Red Flag #4: Reporting and Recordkeeping
If a customer tries to avoid answering certain questions related to reports that you need to file or seems uncomfortable or concerned with the institution’s need to file certain reports about transactions or about its AML protocols in general, a red flag might need to be raised.
The reality is that recordkeeping and reporting are required in order for your crypto business to be AML compliant, but criminals resist providing the information you need to file your reports in order to keep their activities from being detected.
For example, if you operate a crypto exchange and a customer initiates a large transaction that is above your predetermined threshold, you’ll need to file a Currency Transaction Report (CTR). If you contact the customer to gather the information needed in the report, and the customer is antsy and tries to avoid answering your questions, then you could have a problem that requires further attention.
Red Flag #5: Suspicious or Unusual Behavior
Suspicious or unusual behavior is any activity that is out of a customer’s known pattern. If a customer suddenly starts using multiple accounts, changes their mind and tries to back out of a transaction during the KYC interview, or exhibits any other behavior that is out of the norm, it could be a red flag.
For example, if you operate a crypto ATM and a customer who typically has a few small transactions per month suddenly has several larger transactions per day, that increase in transactional activity could be considered unusual.
Key takeaways about transactional red flags for bitcoin compliance
Remember, suspicious activity in itself doesn’t automatically mean something criminal is happening. You need to appoint a BSA Compliance Officer for your business who can make decisions about what behaviors and red flags warrant investigation and about when certain reports, such as SARs, should be filed.
Again, the five categories of red flags discussed in this article are described for educational purposes only. This article is not a substitute for actual compliance guidance from crypto compliance experts because each institution’s red flags are unique to that specific institution.
The only way to be certain that the red flags identified for your business are appropriate and adequate is to consult with an AML expert.
If you need help identifying the right red flags for your MSB, schedule a free consultation with BitAML.