Consumers are increasingly transacting cryptocurrency remotely, and financial criminals are taking advantage of the trend. What does this mean for your institutional compliance?
Cryptocurrency moved closer to mainstream adoption more quickly toward the end of 2020 than at any other point in its history.
The price of bitcoin has experienced what could only be described as a meteoric, unprecedented rise in a short period of time due to a variety of factors including but not limited to growing investor interest, wider adoption as a payment option, and even political instability in the U.S.
But with this new wave of consumer interest, regulators are increasingly concerned about cryptocurrency transactions and their ability to identify and curb financial crime in this nascent financial space.
Add to that real-world factors like pandemic lockdowns complicating consumer behavior by limiting their movements, which may be contributing to a rise in remote purchases and transactions of cryptocurrency.
If you’re a financial criminal, what you would see in what was just described is opportunity.
One should never underestimate the sophistication of financial criminals and money launderers, especially when it comes to exploiting gaps in remote transaction security and taking advantage of timely trends, like COVID-19 vaccine rollout.
If you are a business that offers remote transactions of cryptocurrency, listen up: the coming year is one in which you need to up your game considerably.
Not only will regulators be paying more attention than ever to the safeguards and consumer protection practices you have in place, but the scrutiny on identifying scam activity and suspicious transactions will be like never before since you started your business.
Here’s what you need to know about how financial criminals exploit remote transactions and what you should have in place to mitigate them.
Why financial criminals are attracted to remote cryptocurrency transactions
Walk-up transactions at a cryptocurrency kiosk have an advantage from an AML compliance perspective over remote transactions for a couple of reasons.
Assuming the kiosk operators have updated BSA/AML Programs and associated policies and protocols in place, the Know Your Customer controls, transactional red flags, and even the presence of a camera are tools sophisticated enough to identify, report, and in some cases intervene a wide variety of attempted scams.
For remote exchanges, this is not necessarily the case.
Though remote exchanges and other business models may have more institutional resources dedicated to AML compliance than your average mom-and-pop kiosk operator, they have a harder time identifying scam activity.
Though security protocols at most major exchanges have become very state-of-the-art in order to avoid hacks (think two-factor authentication, captchas, etc.), they have more trouble identifying good old-fashioned cons, where the user has willingly surrendered their credentials to a scammer.
Additionally, the volume of transactions processed each day on exchange versus at a walk-up kiosk makes it difficult for compliance teams at exchanges to identify suspicious activity in real-time, or to follow up with customers.
For example, a kiosk processes one customer at a time. Through the camera, the operator may detect that the victim looks stressed or frightened, and respond by sending them a text asking if they are okay, being pressured to initiate a transaction, etc.
At an exchange, where hundreds or thousands of transactions are being processed every hour, and there is no live camera, a scam victim is more difficult to identify, especially if the victim is a recurring customer locked into a long-term romance scam. Such customers will appear indifferent from any other regular transactor.
Some exchanges may require a customer selfie before a transaction, but in the case of the romance scam, where a fraudster may be impersonating a customer, it is very simple for the scammer to secure a quick selfie from the victim.
This all adds up to a criminal advantage when it comes to remote transactions.
What businesses that offer remote transactions should do
Customer service outreach is something exchanges could work to improve upon. Though despite arguably more AML compliance resources at their disposal than the average kiosk operator, it will always be a challenge.
But with the knowledge that transactions are increasingly remote and offer unique advantages to financial criminals, exchanges must not rest on their laurels.
This means:
- Consumer protection as a priority — Consumer protection is fast becoming a priority in the crypto space among regulators, and there’s a lot that exchanges and other crypto money transmitters can be doing now to establish industry norms that curb financial crime.
- Detailed disclosures — Cryptos have a unique advantage when it comes to consumer education. Detailed disclosures about cryptocurrency, including risks and potential scam activity, are a must for any new customer.
- Staying abreast of nascent scams — A recent newsletter from The Pennsylvania Department of Banking offered a plethora of updates regarding Elder Financial Exploitation, Cyber Security, and other scam activity in the financial space. Now that the COVID-19 vaccine is slowly rolling out, there’s a new scam that offers individuals to “jump ahead” the vaccination line in return for a payment in bitcoin. Of course, these scam artists cannot actually facilitate vaccination for COVID-19, leaving the victim with nothing. This is just one example of an extremely timely scam that exchanges (and all crypto business models) must be constantly vigilant for.
Again, this is not to put a negative light on exchanges, but merely to offer helpful solutions.
Exchanges are understood to have more resources than kiosk operators, and while detection of financial crime might have its unique challenges at scale, that won’t be an excuse regulators or examiners will accept.
If anything, they will expect that you have more ability to respond quickly to changes in financial compliance and new models of financial crime in the market.
Staying apprised of new scam typologies, updating your AML compliance policies and protocols frequently, and prioritizing consumer protection are good places to start.
Key takeaways for businesses
If you operate a cryptocurrency exchange, or another business model that engages in online trading and transactions, it might be time to take a look at your AML compliance policies and procedures to make sure that you’re doing everything you can to educate your customers and identify potentially suspicious activity.
Since financial criminals have an easier time exploiting online transactions, and new scams attached to timely trends like the COVID-19 pandemic continue to evolve, you can’t afford to rest on your laurels here.
Reach out to BitAML for a free consult today.