- The intergovernmental organization presented a list of cases when the transaction can be considered suspicious.
- The FATF admitted that each case must be considered separately.
- Eastern Europe remains the leader in cryptocurrency crimes.
The intergovernmental organization publishes a list of patterns that should be the red flags of potentially fraudulent activities
FATF has presented a list of cryptocurrency transactions that the organization believes may indicate fraudulent activity. In a published report that is called “Virtual Assets.Red Flag Indicators of Money Laundering and Terrorist Financing” the organization describes key behavioral algorithms that signal strange activity in the crypto market.
FATF refers to suspicious crypto transactions:
- transactions with various wallets, especially those that are registered or operate in a different legal field;
- transfer of large funds in a short time (several transactions in 24 hours);
- transfers of large amounts to a newly registered or previously inactive account on the exchange;
- quick deposit and withdrawal of funds from a cryptocurrency exchange;
- deposit of funds suspected of theft or fraud;
- a large initial deposit that does not match the user’s profile on the exchange;
- trading with all available balance or withdrawal of the full balance from the platform in one operation;
- frequent transfers within a definite timeframe to the same account by two or more users or large sums sent from one IP address;
- exchange of a token from a monitored blockchain network for anonymous cryptocurrencies (like Monero or Zcash), with further withdrawal to decentralized exchanges or hardware wallets.
As an example of money laundering through cryptocurrencies, FATF told about a case when attackers accepted payment in bitcoin, as well as EXMO codes (the internal currency of the EXMO cryptocurrency exchange) in order to hide the source of illegal funds obtained from illegal drug trafficking.
Illegal funds received in fiat currency were converted into cryptocurrencies using an anonymous account on the Blockchain platform (most likely referring to blockchain.com). Then the cryptocurrencies were converted back to fiat through the exchange and later transferred back to the personal bank accounts of the attackers.
“To cover their tracks, cryptocurrencies were first transferred to decentralized bitcoin wallets, and then to different wallets at different exchanges,” the FATF said.
Despite the impressive list of suspicious transactions, the organization recognized that the list is not exhaustive, and each pattern must be considered in a specific situation.
Suspicious transactions remain invisible
CipherTrace, an analyst firm, said financial institutions cannot identify up to 90% of suspicious cryptocurrency transactions.
The results of the CipherTrace study indicate that most of the banks around the world don’t understand the nature of cryptocurrency transactions, and therefore cannot adequately analyze and block them.
Eastern Europe became the leader in the number of criminal cryptocurrency transactions due to the inability of traditional financial institutions to track cryptocurrency transactions.