Crypto currencies - take a step back

n my previous article "Detecting money laundering using Crypto currency transactions" I highlighted some key pointers for banks, to take into account, while monitoring crypto currencies. It's a rocket science (with some exceptions) for banks to dig out such transactions and monitoring is still far fetched. Looking at the complications, I decided to write a follow-up article which will help banking staff in understanding how their bank can be potentially exposed by this underground activity. Most likely I will have to pen down a series of articles as I dig more, but that is for later...

Now back to our topic. All of us know criminals nowadays are way beyond the placement stage in most cases. They need a smart mechanism for layering and crypto currencies are just about right medium.

Let's go to pre-historic times (in comparison to crypto transactions!). Most of us are aware how banks are inter-connected via Correspondent Banking network - originators send payments to beneficiaries where multiple banks can play an intermediary role. Your bank (marked in blue) can take any position in this chain. Taking the example of swift MT103, it's relatively easy to track which banks are involved, who is the originator, what is the destination/address of beneficiary etc. This is possible because banks share "RMA" keys and know who are their correspondents (and in turn their correspondents).

Now let's get back to our crypto world. Anyone buying/selling/transacting in crypto will have to get the money in/out to make something out of it. I am making a very blunt statement - as of now (with a few exceptions) there is no real value of a crypto currency unless you cash it out. A bitcoin may be worth €25,000 for 0.5 BTC but without cashing it out it's just a virtual currency of 0.5 BTC! The bigger question is, how do you get the money in/out and more importantly how banks become the most vulnerable party in this chain.

Funding - Taking a step back

The reason I gave the example of "Correspondent banking" earlier is because of the different parties which can be potentially involved in a crypto transaction. The similarity stops there! There are so many unknown parties in the chain that it makes the overall fund flow as opaque as it could be. I will list down some possibilities to give some insights:

• Funding an exchange - This is the most basic use case of all, which I also covered in my previous article. Most users will create an account at one of the crypto currency exchanges. Then they will link their bank account and fund this account using funds held at their bank account. As mentioned, this is quite straight-forward and as banks you can keep a track of what kind of funds are leaving/entering through all sorts of different exchanges.

• Funding a crypto wallet - Now let's start to make things a bit more complex. There is what you call a wallet, similar to the wallet you carry, but it's digital. You can store crypto currencies in this wallet which may or may not have been bought via an exchange. You can simply fund this wallet, buy some currencies and stay anonymous! On top of it, you can transfer these crypto currencies from one wallet to another in a matter of seconds. But let's hold on and allow me to explain with an example.

A crypto wallet cannot be funded directly and will mostly need a PSP (Payment Service Provider) in between. You initiate a buy order for a crypto currency (Bitcoin, Etherium etc.) on your wallet. This will initiate a fund request which a PSP will assist by linking your bank account and then in turn helping fund the required amount to pay for the currency. As you can imagine, there can be any number of PSP's who will be facilitating such transactions. You as a bank have to be extra careful because in most cases the PSP's won't be indicating the transaction relates to a crypto currency purchase. This can leave you clueless and hence vulnerable! In the PSP's defence, they do perform KYC but that is just knowing who is funding the wallet and that is it! There is generally no post fact monitoring to look at patterns or behaviours to look at.

• Direct bank transfers - This is something relatively new which I explored in my research. In today's day and age of Fintech companies, there are several "new kid on the block" exchanges who will simply request you to send funds to their bank account (at another bank) and then reflect the amount in their exchange. For your bank, it will be a simple fund transfer but end of the day these transactions will end up funding a crypto purchase via an exchange.

So what...?

There are so many permutations and combinations which I can list down, but at least it can give you some food for thought. I will close this article with a simple flow of events which should raise some serious alarm bells.... Imagine a person funding their wallet sitting in US. By simply sharing the password/key-phrase of their wallet with a person sitting in Australia, the coins held in the wallet are exchanged without anyone knowing (remember we were so scared of bearer shares sometime back!).