The US Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) announced a Notice of Proposed Rule Making (NPRM) that identifies international Convertible Virtual Currency Mixing (CVC mixing) as a class of transactions of primary money laundering concern.
This NPRM highlights the risks posed by the extensive use of CVC mixing services by a variety of illicit actors throughout the world and proposes a rule to increase transparency around CVC mixing to combat its use by malicious actors including Hamas, Palestinian Islamic Jihad, and the Democratic People’s Republic of Korea (DPRK). The NPRM is a key part of Treasury’s efforts to promote transparency for CVC mixing activities.
“Today’s action underscores Treasury’s commitment to combatting the exploitation of Convertible Virtual Currency mixing by a broad range of illicit actors, including state-affiliated cyber actors, cyber criminals, and terrorist groups,” said Deputy Secretary of the Treasury Wally Adeyemo, in a statement. “More broadly, the Treasury Department is aggressively combatting illicit use of all aspects of the CVC ecosystem by terrorist groups, including Hamas and Palestinian Islamic Jihad.”
“CVC mixing offers a critical service that allows players in the ransomware ecosystem, rogue state actors, and other criminals to fund their unlawful activities and obfuscate the flow of ill-gotten gains,” said FinCEN director Andrea Gacki, in a statement. “This is FinCEN’s first ever use of the Section 311 authority to target a class of transactions of primary money laundering concern, and, just as with our efforts in the traditional financial system, Treasury will work to identify and root out the illicit use and abuse of the CVC ecosystem.”
The lack of transparency surrounding international CVC mixing activity is an acute money laundering and national security risk, and increasing transparency in connection with this activity is a key component to denying illicit actors access to the US and global financial systems.
This increased transparency is also consistent with longstanding Treasury Department efforts to counter the efforts of terrorist groups, such as Hamas and Palestinian Islamic Jihad, that engage in violence against innocent civilians; the efforts of ransomware criminals targeting critical infrastructure; and the efforts by state actors and their supporters to evade US and global sanctions. In support of these important goals, the NPRM would require covered financial institutions to report information about a transaction when they know, suspect, or have reason to suspect it involves CVC mixing within or involving jurisdictions outside the United States.
The proposed rule follows multiple prior actions by Treasury to target illicit finance involving the use of mixing services:
- In February 2022, the 2022 National Money Laundering Risk Assessment (NMLRA) identified that criminals have increased their use of anonymity-enhancing technologies, including CVC mixing, to help hide the movement or origin of funds.
- Shortly after publication of the NMLRA, OFAC designated Blender.io, which provided mixing services that were used by DPRK to launder over $20.5 million from the Axie Infinity Heist in May 2022. In 2022, OFAC also designated Tornado Cash, which provided mixing services that obfuscated the movement of over $455 million stolen in March 2022 by the OFAC-designated, North Korea-controlled Lazarus Group in the largest known virtual currency heist to date.
- In addition to actions specifically focused on mitigating risks associated with CVC mixing, Treasury has taken several other actions to counter illicit finance in the CVC ecosystem more broadly. For example, in January 2023, FinCEN identified the virtual currency exchange Bitzlato Limited as a primary money laundering concern in connection with Russian illicit finance, an action coordinated with US law enforcement and foreign partners.