The feds must rein in crypto-financed terrorism

As regulators and policymakers debate and try to decide whether cryptocurrencies have a future in the economy, early adopters, including terrorists and violent extremists, are taking advantage of a police blind spot. The ease with which money laundering and terrorist financing takes place with cryptocurrencies and the more dangerous privacy coins becomes a security threat of our own making through bureaucratic inaction.

The recent indictment of a New York woman accused of sending funds to Hay’at Tahrir al-Sham—designated by the United States and the United Nations as a foreign terrorist organization—is newsworthy because it is the exception, not the rule. But this does not necessarily mean that financing terrorism with cryptocurrency itself is a rare event. Rather, the few prosecutions that have been announced reflect the limitations of law enforcement’s capabilities in the United States and around the world — a problem that can and should be addressed.

The United States has only a small group of dedicated law enforcement personnel to track and seize cryptocurrencies used for criminal purposes. Responsible agents are also tasked with investigating all aspects of cryptocurrency abuse, from extortion and money laundering to sanctions evasion and terrorist financing. This lack of specific focus widens the potential for cryptocurrency abuse to go undetected, especially in light of the steady migration from criminals to so-called privacy coins that encrypt wallets – such as Monero – and in some cases the transactions themselves.

Related: CBDCs will lead to absolute government control

In June 2020, my own Counter Extremism Project (CEP) found a notorious pro-ISIS website asking for Monero (XMR) cryptocurrency donations “because it offers more privacy and security features than Bitcoin.” Months later, a website supporting the National Socialist order and spreading violent neo-Nazi propaganda solicited donations via Monero, and a neo-Nazi chat group on Telegram posted a guide on how to buy Monero for the dark web. Neo-Nazi accelerator group The Base has also asked for donations of cryptocurrency in Monero to facilitate training and unspecified equipment.

Although the United States has the most advanced capacity to track and seize cryptocurrencies used for criminal purposes, these and other privacy coins pose technical hurdles that no country has yet overcome. Their encryption technology makes law enforcement largely blind to who has Privacy Coins and for what purpose they are being used, and users know it. The availability of so-called decentralized wallets, shareware that can be downloaded from the Internet, outside cryptocurrency exchanges also provides another layer of anonymity by removing a third party responsible for fulfilling customer identification obligations and due diligence procedures.

In May 2022, the Senate Committee on Homeland Security and Governmental Affairs reported that “the IRS has had to develop new partnerships with private companies to try to develop a tool or solution to track Monero transactions” and that “regulators expressed concern about the use of privacy coins, noting that there is a “significant difference between more transparent cryptocurrency and more opaque transactions.”

However, Congress has yet to create new regulatory frameworks or fund the development of new technological tools for the technical obstacles facing law enforcement that would ensure that the financing of terrorism risks from such privacy-enhancing but transparency-reducing technologies is appropriately mitigated.

In addition to blockchain analytics, officials should consider behavioral transaction monitoring standards and regulatory requirements for the tech industry to cooperate with law enforcement, given the intertwined use of cryptocurrencies, including privacy coins, with social media, messenger services and crowdfunding platforms. These service providers can and should become part of the first line of defense. Yet the tech industry is unlikely to focus on countering the misuse of its services for terrorist financing unless motivated by regulation and compelled by liability risks.

Behavioral monitoring of exchanges focuses on the actions of wallet holders and recognizes patterns that do not fit the usual behavior of users. If such suspicious patterns occur, they are flagged for further inspections to determine whether there is a risk of money laundering, terrorist financing or other financial crime. Exchanges have access to real-time user information that is broader than the information available to traditional financial institutions, which rely heavily on information provided by their customers. For this powerful tool to be used more effectively, appropriate regulatory standards should be developed to guide its use by exchanges while adequately protecting user data.

Related: Elizabeth Warren is pushing the Senate to ban your crypto wallet

Stronger regulatory standards for content monitoring and Know Your Customer procedures for social media, messenger services and crowdfunding platforms are needed when these platforms are used for commercial purposes, for example through online stores or crowdfunding campaigns. These internet platforms currently operate solely on their own unregulated standards, which present an uneven defensive mechanism across different platforms and generally very low moderation standards.

Non-custodial wallets and exchanges, as the Financial Action Task Force (FATF) recommends, should be considered high-risk technologies. Therefore, their use outside of exchange should always be considered a strong indication of malicious activity. If exchanges choose not to require users holding non-custodial wallets to fully disclose their identity during a transaction involving such non-custodial wallets, it would be advisable for those exchanges not to process such transactions.

Ultimately, only through government cooperation with industry stakeholders, combined with effective regulatory standards for the technology and fintech industry, can significant progress be made and the risk of cryptocurrencies and privacy coins being used to finance extremism and terrorism significantly reduced.

This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts and opinions expressed herein are those of the author alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.