February 24 marks the one-year anniversary of Russia’s invasion of Ukraine—an event that triggered numerous rounds of sweeping sanctions targeting Russia’s financial and economic activity to isolate it from what has become a sustained and brutal war.
At the time of the invasion and the initial imposition of sanctions on Russia last year, many observers wondered whether Moscow might turn to crypto-assets as a way to circumvent restrictions imposed by the US, UK, EU, Singapore, Japan and other countries. On the day of the invasion, The New York Times it carried a headline that read: “Russia Could Use Cryptocurrency to Soften Strength of US Sanctions.”
In this post, we examine the cryptocurrency risk and Russia-related sanctions picture one year after the invasion and consider what it means for compliance teams at crypto exchanges and financial institutions.
Not a sustainable solution to sanctions
Last year, some observers – such as European Central Bank President Christine Legarde – suggested that crypto offered an alternative to the formal financial system that would allow Russia to undermine sanctions, such as those imposed by the EU and the US on Russia’s banking sector. Largely cut off from banking systems in the US, UK and Europe and cut off from payment systems such as SWIFT – the argument went – Russia could use cryptocurrencies as a workaround to maintain payments with its trading partners.
However, we at Elliptic pointed out at the time that there are some major limitations to cryptocurrency acting as a conduit for evading large-scale Russian sanctions.
For example, the size of the crypto market relative to the Russian economy—which is larger than the entire market capitalization of all cryptoassets combined—makes it impractical for the country to engage in sanctions evasion to the extent it would need to undermine sanctions through cryptoassets.
At the time of the invasion, the value of all cryptoassets was approximately $1.7 trillion, while the total assets of the Russian banking sector were $1.4 trillion. Absorbing the scale of Russian financial sector activity needed to circumvent the extensive sanctions against Russian banks would require the use of almost every bit of cryptocurrency in circulation – a complete impracticality.
Other non-crypto-related sanctions circumvention methods available, we suggested, are likely to prove more viable than crypto as a systematic sanctions solution for Russia.
A year later, this view appears to have held. There has been no indication of widespread or systematic attempts by the Russian state to use crypto-assets to undermine sanctions. In early January 2023, rumors circulated that Iran and Russia were planning to launch a gold-backed stablecoin to facilitate trade transactions; however, it is unclear whether this claim is true.
Furthermore, it is also unclear whether a stablecoin would offer Russia a meaningful alternative to others that might prove more reliable. Indeed, to avoid sanctions, Moscow instead relies heavily on SPFS, a payment messaging alternative to SWIFT that it developed, to settle trade transactions with partners such as Iran and China through the banking system.
In addition, at the time of the invasion, there were concerns that Russian oligarchs and their associates might seek cryptocurrencies to systematically evade sanctions. In practice, there have been some anecdotal suggestions that this is happening, but no concrete evidence of widespread use of cryptocurrencies by senior Russian government officials and their associates. Last year, we noted that we had identified one such case – but this is hardly indicative of a larger trend.
But risks related to sanctions exist
Fears that cryptocurrencies could sustain the Russian government or oligarchs in the face of sweeping sanctions may have proven unfounded, but that doesn’t mean there are no risks at all. Indeed, there is evidence of cryptocurrency-related activity occurring in Russia on a more modest scale that has important implications for compliance teams seeking to manage sanctions risks.
Bitcoin mining
At the time of the invasion, we suggested that one method Russia could use to generate revenue on a more modest scale was bitcoin mining. We noted that the country could look to Iran as an example of how to raise funds through mining in the face of sanctions. As Elliptic’s previous research has shown, Iran generates as much as $1 billion in revenue by using its energy reserves to mine bitcoins, and Iran has also noted that it has settled payments for imports in bitcoins – apparently bypassing the banking sector.
Since the invasion, Russian government officials have spoken of their desire to tap into the country’s vast oil and gas resources to facilitate Bitcoin mining. Russia already accounts for around 11% of bitcoin mining hashrate globally, and the government has laid the groundwork for a miner licensing framework to oversee the sector.
Worried about the possibility of Russia using bitcoin mining as a source of revenue, the US Treasury Department last April sanctioned BitRiver, a Russian mining firm that was recently approved to operate a mining farm in Siberia with government subsidies. Although it does not appear that the Russian government is yet generating significant revenue from Bitcoin mining activities, it does offer a potential source of income for the country.
Exchange services related to Russia
When concerns began to grow last year about Russia’s potential for evading sanctions with the help of cryptocurrencies, we pointed out that any such evasion should be facilitated by cryptocurrency exchange services that could provide liquidity to the Russian market.
After the invasion, many major cryptocurrency exchange and wallet services severely limited or stopped doing any business in Russia or with Russian users. This trend accelerated in response to EU sanctions in October 2022 that banned the provision of crypto services to Russian citizens and residents.
This reduces Moscow’s potential to evade sanctions by further limiting the liquidity needed to exchange large amounts of cryptocurrency into Russian rubles or other fiat currencies, such as the euro, which could be particularly useful for sanctions avoidance purposes.
However, as we noted, there are still at least 400 smaller exchanges with a Russian nexus – exchanges that either operate from Russia, or that serve a mostly Russian clientele. These services often do not apply anti-money laundering (AML) controls and can pose a risk of sanctions to crypto-asset businesses and financial institutions that interact with them. The US government has been particularly proactive in singling out certain high-risk exchanges linked to Russia and involved in facilitating illegal activity.
For example, between September 2021 and April 2022, OFAC sanctioned three exchange services – SUEX, Chatex and Garantex – registered in Eastern Europe, but which OFAC accused of facilitating money laundering on behalf of Russian ransomware gangs.
In January 2023, the US Treasury’s Financial Crimes Enforcement Network (FinCEN) took its first action to designate a crypto exchange as a “primary money laundering concern” when it banned US exchanges and banks from doing business with Bitzlat, a Russian-owned exchange. accused of facilitating activities on behalf of dark net markets and ransomware gangs.
These actions were intended to inform regulated exchanges and financial institutions of the risks of working with high-risk exchange services linked to Russia, and to deny those identified services access to the US financial system.
Ransomware
In addition to targeting crypto exchanges that facilitate Russia-related ransomware activity, the US and other countries are using sanctions to target other components of Russia’s ransomware ecosystem.
At the same time that it sanctioned the Garantex exchange in April 2022, OFAC sanctioned Hydra, a Russian dark web marketplace that was taken down by US and European law enforcement last year, and which served as a hub for Russian ransomware attackers and where money laundering services. offered that ransomware gangs are used to try to hide funds from large-scale attacks.
In February 2023, OFAC and the United Kingdom’s Office of Financial Sanctions Enforcement (OFSI) jointly imposed sanctions on seven Russian cybercriminals linked to the Conti and Ryuk ransomware campaigns, freezing their assets. While neither OFAC nor OFSI added any crypto addresses to their sanction lists belonging to these individuals, we at Elliptic identified 53 addresses belonging to the six sanctioned individuals.
As highlighted in OFAC and OFSI guidance, payments to ransomware campaigns in Russia may carry sanctions risks – and crypto exchanges and financial institutions must be sure they can identify and address sanctions risks related to ransomware payments .
Support to paramilitary groups
Even before Russia’s invasion of Ukraine, Elliptic’s research highlighted how Russian-linked paramilitary groups in eastern Ukraine were increasingly looking to Bitcoin as a source of fundraising in anticipation of conflict.
As we describe in our report “Cryptocurrency in Conflict: The Role of Cryptocurrencies in the Russia-Ukraine War,” pro-Russian military groups have raised nearly $5 million in cryptocurrencies since the conflict began. While this is hardly a huge sum, crypto exchanges in the US, EU and other countries must be alert to the risks of dealing with these Russia-linked groups who may operate from regions of eastern Ukraine – such as Donetsk, Luhansk, Kherson and Zaporozhye – which were the subject of trade and investment sanctions.
Sanctions may also have implications for activities related to Russian arms procurement. In January 2023, the US Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Jonatan Zimenkov, who OFAC alleged was involved in military procurement on behalf of the Russian government. As part of the action, OFAC included two of Zimenko’s crypto addresses on its sanctions list. However, there is no clear indication that these crypto addresses were involved in facilitating transactions related to arms deals – and crypto exchanges must ensure that they do not deal with these addresses.
Managing Russia-Related Sanctions Risks Using Blockchain Analytics
Cryptocurrency businesses and financial institutions can use block analysis solutions like those offered by Elliptic to ensure they can identify and manage these Russia-related sanctions risks.
For example, using a wallet verification solution like Elliptic Lens, compliance teams can identify wallets linked to sanctions on Russian crypto exchanges or addresses controlled by Russian ransomware attackers and can prevent customers from transacting with those addresses.
Additionally, with a transaction monitoring solution like Elliptic Navigator, compliance teams can identify crypto transactions with third parties located in Russia and can scrutinize those transactions to identify potential sanctions risk exposure. Using our configurable risk rule settings, compliance teams at crypto exchanges and financial institutions can tailor their monitoring to their specific requirements to ensure they identify transactions they consider high risk.
Our solutions also enable compliance teams to take advantage of holistic screening, risk exposure screening when funds are transferred through cross-chain and cross-asset services.
Finally, compliance teams should take advantage of insights into Russian entities like those we included in Elliptic Discovery, which includes data on thousands of Virtual Asset Service Providers (VASPs) around the world. With profiles on hundreds of Russia-related VASPs, Elliptic Discovery can equip your compliance team with the insights needed to detect and manage the risks associated with high-risk crypto exchange services in Russia.
The impact of Russia’s sanctions on crypto activity is complex and multifaceted, but with blockchain analytics solutions like Elliptic, your compliance team can successfully manage the challenges.
Contact us to learn more about how Elliptic can help your business manage risks related to Russian sanctions.
Download Crypto in Conflict
Sanctions Compliance Regulation