Virtual Assets- Potential Red Flags for Illegal Activity

Virtual assets are any digital representation of value which can be traded or invested in a particular environment, it can be used as a means of exchange or store of value among a given group or community. The scope of virtual assets go far beyond crypto currencies, they may or may not be assigned values in fiat currency. Blockchain technology that gained traction in the past decade has created a new world in finance and subsequently money laundering and terrorism finance.

Case studies done between 2017-2020 showed that the majority of crimes committed using virtual assets were money laundering offences. The criminal world has also taken advantage of Virtual Assets, the types of crimes include sale of controlled substances, fraud and tax evasion, human trafficking, illicit pornography, extortion and other crimes. The layers of security and anonymity offered by virtual asset providers makes it an ideal ground for illegal activity.

Some commonly acknowledged guidelines for knowing if a transaction should be red flagged include: a small number of large transactions from an inactive account during a short period of time, in some cases account holders who had incomplete or fraudulent profiles with constantly changing addresses or details. Large transactions preceded by a period of inactivity or by people unfamiliar with VA technology was found to be a sign of ransom cases. Constantly changing unrelated IP addresses were a major indicator of cybercrime. Another common trend was to link the VA assets to various shell corporations and fake businesses, this trend was prevalent in money laundering as well as criminal funding. The AEC Currencies that charge extra to ensure more privacy also known as “private coins” are found to be widely used for purchase of controlled substances including but not limited to firearms. Most commonly used tipoff points are the existence of discrepancies between the customers’ profiles and the IP addresses used or the age of the user is not in the nominal range.

IP addresses or browsers linked to the dark web is a major indicator of illicit activity, as seen in the Alphabay case. AlphaBay was one of the largest criminal darknet markets dismantled by authorities in 2017, it was used by hundreds of thousands of people to buy and sell illegal drugs, stolen and fraudulent identification documents and access devices, counterfeit goods, malware and other computer hacking tools, firearms, and toxic chemicals over a two-year span. The site operated as a hidden service on the TOR network to conceal the locations of its underlying servers as well as the identities of its administrators, moderators, and users. AlphaBay vendors used a number of different types of VAs, and had approximately 200 000 users, 40 000 vendors, 250 000 listings and facilitated more than USD 1 billion in VA transactions between 2015 and 2017.

All the above are subject to change under various circumstances. The problem with tracing virtual assets that are used in money laundering and other illicit financial activity is that the volume of transactions among the various networks that exist is enormous. We currently do not have the technology to trace and identify each potential red flag. The guidelines provide a basic identifying mechanism, and it is up to law enforcement nationally and globally to adapt to the same to catch if not prevent money laundering and terrorism financing.

-Neha Ramesh