As a crypto enthusiast, I’m currently engrossed in State of Crypto, the insightful newsletter by CoinDesk that explores the intriguing nexus of cryptocurrency and government. Want to join me on this educational journey? Click here to subscribe for upcoming editions.

‘This is not a ban on mixers’

The narrative

Brian Nelson serves as a seasoned expert in the Treasury Department, dealing with the complexities of money laundering and sanctions matters. He has played a pivotal role in implementing policies set by FinCEN (Financial Crimes Enforcement Network) and OFAC (Office of Foreign Assets Control). Recently, he graced the stage alongside me during Consensus.

Why it matters

Last month at the event in Austin, I had the opportunity to listen to Under Secretary Brian Nelson of the U.S. Treasury for Terrorism and Financial Intelligence, as he shared insights into the proposed rulemakings from the Treasury Department, along with other relevant topics.

Breaking it down

Nikhilesh De: I’d be happy for you to take a moment to tell us about yourself, share what you’ve been working on recently, and explain why you’re present here.

As a crypto investor, I’d like to begin by expressing my gratitude for this opportunity to engage with you all. You may be aware that I hold a significant role in the U.S. Department of the Treasury, serving as the Under Secretary for Terrorism and Financial Intelligence. In this capacity, I oversee critical functions such as the Office of Foreign Assets Control (OFAC) and the Financial Crimes Enforcement Network (FinCEN). The OFAC is in charge of enforcing U.S. economic sanctions, while FinCEN administers the Bank Secrecy Act and all related anti-money laundering/countering the financing of terrorism (AML/CFT) obligations for financial institutions operating within our borders. Moreover, I manage international policy initiatives, recognizing the importance of collaborating with global partners to establish consistent standards in this domain. Lastly, my team and I are supported by an intelligence office that plays a pivotal role in informing much of our work through insightful analysis.

Let me bring everyone up to speed on the key objectives of our ongoing efforts in the relevant field, and provide some insight into our future plans. Throughout various sessions this year, there has been a consistent theme emphasizing innovation, maintaining privacy, and addressing potential risks. My main concern lies within the realm of risks related to illicit finance. I am here because it is essential that we all possess a solid grasp of the dangers and vulnerabilities associated with these products and services, including financial services.

In addition to recognizing emerging trends in the digital asset sector, we’ve noticed a surge in investment scams. This includes schemes like pig butchering, which have resulted in significant losses totaling over two and a half billion dollars since 2023. We’ve also detected increased use of stable coins, such as Tether USD, by scammers and terrorist groups. A common thread among these activities is that they often occur in jurisdictions with weak or non-existent anti-money laundering/countering the financing of terrorism (AML/CFT) regulations, or where sanctions are not strictly enforced. Virtual asset service providers have failed to meet their compliance obligations, exacerbating these issues. These developments underscore the need for our collaboration and emphasize the potential national security risks posed by some of this activity to the United States. As a reminder, last year we took enforcement action against Binance, the largest virtual assets service provider, due to the prevalence of illicit activities on their platform and their inadequate compliance program regarding U.S. persons. Our goal is to foster an environment that encourages compliance through education, regulation, and enforcement. I look forward to discussing this further with all of you.

“The topic I’d like to delve into further is the NFT report you recently discussed. Could you expand on that by sharing what actions you plan to take next? How will you utilize this information moving forward?”

In 2022, our risk assessment highlighted Non-Fungible Tokens (NFTs) as a potential risk area within the digital asset ecosystem due to their complex nature and the surge in NFT marketplaces. We recognized that regulating NFTs and their platforms was challenging because of their diverse capabilities. The NFT marketplace experienced significant volatility throughout the year. Given these risks, we pledged to engage stakeholders, including industry partners and regulatory bodies, to clarify how our regulatory frameworks apply to NFTs. We also committed to increasing dialogue and enhancing compliance measures. Additionally, we identified jurisdictional arbitrage as a concern, where virtual asset companies in certain jurisdictions may lack adequate technology or regulatory oversight to manage illicit finance risks. To address this, we plan to collaborate with international partners to establish a unified approach to regulating NFTs.

One thing that I think was really controversial within crypto circles was the NPRM, the Notice of Proposed Rulemaking, last year on crypto mixers and potentially treating them as areas of primary money laundering concern. Can you speak to the feedback you’ve received, the risks that you’re trying to address and then where you might go from here?

As a researcher in this field, I’d like to share some insights about our proposed rule concerning financial institutions reporting transactions with crypto mixers. Following the comment period, we have received numerous responses, and are currently reviewing each one carefully to finalize the regulation.

Today’s reality reveals that mixers are not intended to guarantee privacy, but rather serve as a means to conceal the origin, travel route, and ultimate destination of digital assets. In this context, they become an alluring target for illicit actors, such as North Korean cyber criminals and ransomware perpetrators. This situation poses a substantial national security concern for us. In light of this NPRM (Notice of Proposed Rulemaking), our aim is to increase transparency regarding the activities surrounding virtual currency mixing services. However, let me clarify that this proposal does not signify a ban on mixers. Instead, it is a transparency-enhancing measure aimed at managing financial risks associated with these technologies and their service providers. As we proceed with public comments towards the final rule, more details will be shared about effectively addressing illicit finance risks while maintaining privacy desires for some of these technologies.

Could you please elaborate a bit more on that topic and clarify your perspective on the nuanced difference between privacy and obfuscation? How do you approach finding a balance between these two related concepts when it comes to the use of technology?

The principles Treasury has long adhered to in its rulemaking can be traced back to focusing on the nature of an activity rather than the specific product. Subsequently, regulations should be designed based on the risks inherent in that activity. This risk-based approach is fundamental to our regulatory philosophy. When considering 80s and mixers, for instance, their allure as anonymous actors raises important concerns regarding privacy versus anonymity. However, it’s not necessary for everyone to disclose their identities with each transaction. Instead, there should be a mechanism enabling U.S. persons to comply with domestic laws and avoid transactions with sanctioned individuals or institutions unintentionally. In other words, the goal is to maintain the ability for U.S. citizens to adhere to regulations without compromising privacy, while also preventing engagement in illicit activities like funding weapons production in North Korea. We acknowledge that technology advances rapidly, and we need to collaborate closely with industry to ensure a proper understanding of emerging technologies and potential regulatory responses. Furthermore, as virtual assets gain prominence, we will need to redefine financial institutions to include these entities and address related issues.

Last year, the Treasury Department sought extra powers and funds from Congress to address crypto-related matters explicitly. You mentioned this need repeatedly in recent risk assessments. Could you provide insights into how Congress has responded so far? What was the nature of their engagement on this issue? Do you anticipate securing the desired authorities and resources?

I believe we’re consistently engaging with Congress on this matter. We’ve identified some significant risks, including the lack of regulatory infrastructure in jurisdictions developing virtual assets, which poses challenges for managing illicit finance and ensuring compliance with Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) regulations as set by the Financial Action Task Force. To mitigate these risks for U.S. persons and financial institutions, we propose granting Treasury the authority to prohibit U.S.-based financial institutions and individuals from dealing with virtual asset service providers operating in jurisdictions lacking meaningful AML/CFT compliance or facilitating illicit finance.

We’ve been giving a lot of consideration to the risks associated with stable coins, especially as they have become more appealing to criminal elements like terrorists. To address this issue, we could collaborate with Congress to establish legal frameworks that make it clear US-backed stable coins fall under OFAC sanctions. Furthermore, it’s crucial to ensure that virtual asset service providers and other relevant entities operating in the crypto ecosystem understand their obligations. Currently, many argue they are not subject to regulatory requirements because of the nature of their products or services. However, regulation should be based on the activities these entities engage in. A statutory definition of financial institutions could help clarify this ambiguity.

In our discussion earlier, you brought up Binance. Tomorrow, we have an entire panel dedicated to the topic of corporate monitoring in crypto businesses and their future developments. Could you please elaborate on the settlement itself and how it came about? I’m also curious to learn more about your anticipated interaction with the newly appointed corporate monitor in the coming weeks and months.

Binance was involved in significant regulatory actions taken by the Department of Justice and CFTC, resulting in a $4 billion settlement – the largest in Treasury history. A key aspect of this settlement is the five-year monitorship. The reason for this monitoring period is due to the identified infringements, including apparent sanctions violations. U.S. persons were found engaging with jurisdictions under U.S. sanctions, such as Iran, Syria, North Korea, Cuba, Crimea, and Ukraine.

As an analyst, I’ve uncovered concerning findings regarding Binance’s lack of a substantial Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) compliance program. This oversight resulted in approximately 100,000 suspicious transactions going undetected over several years. To rectify this situation, Binance will undergo a monitorship by FinCEN.

It seems that an increasing number of crypto companies are recognizing the importance of having compliance departments and addressing regulatory issues earlier in their development. What suggestions or guidance would you offer these firms to prevent potential enforcement actions in the future?

The essential element is indeed establishing the right tone from leadership and embedding compliance deeply within an organization’s culture since day one. It’s not a viable option to put it off until after growth has been achieved. A common pitfall is the tendency to delegate or outsource compliance functions, which doesn’t lead to a successful business model. Moreover, investing in the necessary tools and technology for managing financial risks, including Anti-Money Laundering (AML), Countering the Financing of Terrorism (CFT), Know Your Customer (KYC), and sanctions list screening, is crucial from the start rather than waiting until a larger scale has been reached. Lastly, we strongly encourage open communication and collaboration with regulatory bodies to address any concerns or issues promptly.

As an analyst, I strongly believe in taking a proactive approach to assessing risks, especially since regulatory environments can change rapidly. Engaging in this manner allows me to stay informed and ensure my compliance program remains effective in the current context.

In the remaining seconds before we conclude this discussion, could you please share some insights on the specific challenges encountered in ensuring effective sanctions compliance and monitoring by crypto companies? These entities are eager to collaborate with regulatory bodies like the Treasury, but require guidance on how to meet their obligations accurately.

As an analyst, I believe there are two key aspects to consider when navigating compliance with OFAC and FinCEN regulations. Firstly, it’s essential to familiarize yourself with the restrictions imposed by being on a sanctions list and the authorities granted to OFAC. OFAC provides a 24-hour hotline for inquiries, so don’t hesitate to reach out if you have questions or uncertainties.

Stories you may have missed

This week

Thursday

Elsewhere:

If you have ideas or queries for future topics or any feedback in general, please don’t hesitate to reach out to me via email at nik@coindesk.com or connect with me on Twitter @nikhileshde.

You can also join the group conversation on Telegram.

See ya’ll next week!