red 
The recent sell-off and falling prices in crypto markets have led some observers to herald the arrival of another “crypto winter”. Indeed, the prospect of crypto markets cooling off for an extended period has led some crypto companies to announce significant layoffs in anticipation of further declines (although this is far from universal, as some firms announce plans for additional hiring).
While some across the industry may be facing a period of belt-tightening, it’s crucial that crypto companies don’t lose sight of the importance of investing in an important area: regulatory compliance.
If another crypto winter does indeed occur, companies in the sector must not lose focus on the importance of ensuring they can respond to rapidly evolving regulatory requirements. Regulators will continue to set high standards for crypto businesses regardless of market conditions, and those firms that treat compliance as a priority during any market fluctuations are likely to come out the other side of crypto winter prepared for success.
Tightening of the regulatory environment
Regulatory scrutiny of the crypto sector will not only continue in the coming weeks and months, but is likely to become even more intense.
As Elliptic’s research has shown, regulators in the US alone have so far issued more than $3.3 billion in penalties related to non-compliant crypto activities – including $180 million in fines in 2022 alone. While the U.S. leads the way in terms of the scope of enforcement action, other countries are starting to get in on the game, with Canada, Turkey and others recently announcing enforcement findings against crypto firms.
Recent major market events – such as the collapse of the Terra/UST stablecoin and withdrawal freezes on stressed cryptocurrency trading platforms – are causing regulators to step up their scrutiny of the sector. Legislative developments in the US and EU, recent regulatory developments around stablecoins, and the pending implementation of travel rules also raise the prospect of tightening regulatory requirements globally.
When it comes to anti-money laundering (AML) and financial crime compliance, there are several key areas where crypto firms should ensure their controls remain particularly robust. By ensuring they continue to increase these key elements of compliance programs, crypto companies can prepare to weather the crypto winter and regulatory storms ahead.
Detecting suspicious activity
A critical component of any AML compliance program where regulators have zero tolerance for lapses relates to the detection of suspicious activity. Regulators will not tolerate lapses in a firm’s ability to spot red flags and typologies of illegal activity and file Suspicious Activity Reports (SARs). Regulators such as the US Treasury’s Financial Crimes Enforcement Network (FinCEN) have in the past imposed significant fines against firms that do not have adequate systems in place to detect illegal activity and that fail to file SARs. FinCEN also expects the firms it regulates to have robust systems for detecting and reporting illegal activity.
Central to this capability is having systems in place that allow you to identify high-risk activities. A transaction verification capability like Elliptic Navigator can enable your firm to identify potential exposures in your clients’ crypto transactions—detecting connections to wallets associated with darknet markets, cybercrime, fraud, and other illegal activities. This includes the ability to identify financial crime risks associated with unhosted wallets, which regulators in the UK and US have recently drawn attention to.
Armed with these insights into your customers’ transactions, your compliance team can take appropriate action, such as filing SARs or closing customer accounts if you have concerns about their legitimacy.
Sanctions check
Another critical element of a compliance program where investment should remain strong relates to economic and financial sanctions.
As highlighted in a recent Elliptic webinar, the US Treasury’s Office of Foreign Assets Control (OFAC) remains laser-focused on ensuring the crypto industry complies with sanctions requirements. It continues to impose sanctions targeting crypto activity in countries such as Russia and North Korea, and OFAC expects crypto companies to comply with these requirements, without exception.
Such firms must ensure that they have a strong sanctions compliance program that can meet OFAC’s expectations. This should include the ability to check sanctions such as Elliptic Lens which allows your business to identify crypto wallets associated with sanctioned actors on OFAC, UN, EU, UK, Australia and other sanctions lists used globally , so you can block transactions and avoid dealing with blacklisted actors.
Staff training
Another component of compliance where it is vital that high standards are achieved at all times relates to staff training.
Training compliance staff is essential to ensure they can identify and manage financial crime risks, and enable them to act as part of the firm’s defense against illegal activity.
Regulators have highlighted the importance of crypto businesses implementing robust training.
In guidance published in May 2019 on virtual currencies, FinCEN noted that crypto firms’ AML programs must “provide training for appropriate personnel, including training to detect suspicious transactions.”
In guidance issued to the crypto industry in October 2021, the US Treasury’s Office of Foreign Assets Control (OFAC) stated that “sanctions-related training is critical to the success of any company’s sanctions compliance program […]. A well-developed OFAC training program will provide needs-based job-specific knowledge, delegate sanctions compliance responsibilities to each employee, and hold employees accountable for meeting training requirements through the use of assessments.”
A robust training program for your compliance team should therefore touch on a number of areas and cover compliance requirements and arrangements such as:
- How to detect red flags and typologies related to money laundering, terrorist financing, sanctions and other illegal activities.
- How to manage blockchain analytics capabilities for use in transaction tracking and sanctions screening, and how to interpret and act on the results of these systems.
- How to file SARs related to crypto activity.
- Understanding of key regulatory developments and requirements related to cryptoassets – including standards set by the Financial Action Task Force (FATF), as well as local requirements in the various jurisdictions in which you operate.
At Elliptic, we have developed a suite of training solutions that empower compliance teams to improve in these areas, and that provide visible external evaluation of learning to both regulators and internal stakeholders. This includes our Elliptic LEARN Certify program – the only university-accredited cryptocurrency compliance certification.
Weathering the storm
Periods of market volatility are never easy times for crypto businesses. However, compliance is one area of investment that should not suffer if your business is to succeed in the long term.
At Elliptic, we have experience working with leading companies across the crypto industry to help them implement scalable compliance frameworks as they grow.
Contact us for a demo and learn more about how our leading compliance solutions can equip your business for success.
Key takeaways
- Ensure your compliance team has access to effective transaction monitoring and sanctions screening capabilities to detect illegal or prohibited activity.
- Make sure your compliance team receives regular, ongoing training that ensures they can identify red flags and typologies of illicit activity in crypto – enabling them to detect illicit activity and file effective SARs.
Global Compliance Regulation
