red 
On April 7, the Federal Deposit Insurance Corporation (FDIC) issued a letter to its supervised financial institutions asking them to disclose any current and future crypto-asset activities they intend to engage in.
The FDIC – as one of the more risk-averse regulators in the United States – highlights its concerns about the overall risks of “safety and reliability risks, as well as financial stability and consumer protection risks” of crypto-asset products and services offered by banks.
This letter from the FDIC comes as no surprise, especially when the new acting chairman of the FDIC – Martin Gruenberg – named crypto as one of the agency’s top priorities for 2022.
The FDIC contextualizes the letter’s requests by adding that “the dynamic nature of crypto-related activity makes it difficult for institutions, as well as the FDIC, to adequately assess the safety and soundness, financial stability, and consumer protection implications without considering each crypto-related activity on an individual basis.”
Therefore, the FDIC requires all FDIC-supervised institutions that are considering engaging in cryptocurrency-related activities to notify the FDIC of their intent and provide all necessary information to enable the FDIC to engage with the institution regarding the associated risks.”
It’s genuinely encouraging to see that the FDIC understands that different crypto products carry their own unique risks and rewards, and therefore should be treated accordingly. This letter takes a broader tone of consideration and understanding, rather than casting blanket aspersions on the market as a whole.
Although the FDIC typically tends to take a more conservative approach to the functions and activities of its banks, this letter makes clear that it supports broad industry innovation as long as it is done tactfully and with clear safeguards.
Some stakeholders may see the FDIC’s request for information as a threat to the industry. Often, policymakers or regulators will propose a blanket ban on cryptoassets in an attempt to mitigate any potential negative consequences or unforeseen outcomes.
Instead, this letter actually benefits banks by providing them with an opportunity to illustrate the “how” and “why” of their crypto-asset activities to their primary regulatory authorities. While the FDIC’s letter undoubtedly doesn’t shy away from raising broad concerns about banks’ crypto-asset activities, it doesn’t take a heavy-handed or punitive approach.
This letter opens the door for ongoing learning and discussion between the banks and the FDIC regarding the crypto-asset activities they are currently doing and provides transparency regarding their future plans. This level of communication is the appropriate next step towards safe and efficient space management.
If executed well, this could open the door for more banks to diversify their offerings through cryptoassets. Well-maintained deposit insurance is a cornerstone of the American banking system. Banks doing secure custodial services for cryptocurrencies or other things is a good thing, but not if they do so at the expense of our system integrity.
North Korea’s Lazarus group has been identified in the $540 million Ronin Bridge hack
From Elliptic Intel: “14. In April, the US Treasury’s Office of Foreign Assets Control (OFAC) announced new sanctions against the thief’s ether address and named the owner of this address as the Lazarus Group – a North Korean state hacking group. The sanctions prohibit US persons and entities from transacting with this address to ensure that the state-sponsored group cannot cash out any further funds they continue to hold through US crypto exchanges.”
The Lazarus Group orchestrated this attack by targeting Ronin Bridge validator nodes through stolen cryptographic keys. Through these stolen keys, they were able to artificially force the majority “approval” of validator nodes to withdraw funds. According to the autopsy published by Ronin: “All evidence points to this attack being social engineering, not a technical flaw.”
Over $80 million from the hack is currently being laundered through Tornado Cash, which provides its users with complete anonymity by “breaking the link in the chain between recipient and destination addresses. It uses a smart contract that accepts ETH deposits that can be withdrawn at another address. Whenever ETH is withdrawn from a new address, there is no way to link the withdrawal to the deposit.” Meanwhile, another $16 million was laundered through centralized exchanges.
Even with the funds being laundered through Tornado Cash and other centralized exchanges, the Lazarus Group hackers still have access to another $433 million in stolen cryptocurrencies sitting in their wallets.
Elliptic investigators are tracking assets and flagged addresses associated with this attacker in our systems. This will ensure that our customers will be alerted if they receive any of these funds. For Elliptic customers, receiving or interacting with assets stolen by the Lazarus Group is a major threat, completely illegal at any monetary level, and should be treated with the utmost seriousness. In these situations, handling even one penny of stolen or laundered funds is too much.
Ronin assured its users that it “works directly with various government agencies to ensure that criminals are brought to justice. We are in the process of discussing with Axie Infinity/Sky Mavis stakeholders how best to move forward and ensure that customer funds are not lost.”
Brazilian Senate approves “Bitcoin Law”
The Brazilian Senate has announced the upcoming approval of the latest “Bitcoin Law”. This law does not attempt to classify Bitcoin as legal tender, as was the case in El Salvador. Instead, it seeks to allow Brazil’s president to designate a federal entity responsible for establishing cryptocurrency rules.
The president would either create a new regulator or delegate this function to the country’s Securities and Exchange Commission (CVM) or the Central Bank of Brazil (BC). The regulator will be responsible for defining market guidelines and establishing norms in accordance with international standards for preventing money laundering and asset concealment.” This law will be attached to another law related to cryptocurrencies that has already been approved by the Economic Affairs Committee of the Brazilian Senate.
The proposed Senate bill also seeks to further incentivize cryptoasset miners to move their mining operations to Brazil. The main incentive listed is a full tax break on the import of ASIC mining machines into the country. While this is a big tax break, it is unclear whether it is a strong enough incentive to overcome Brazil’s high energy prices relative to other neighboring countries in South America.
Project Lithium: US CBDC Prototype Announced
The Depository Trust and Clearing Corporation – in partnership with the Digital Dollar Project (DDP) – announced the launch of Project Lithium last week. DDP is a non-profit organization focused on promoting discussion and research around a potential US central bank digital currency (CBDC). The Lithium prototype project will test the US market and settlement infrastructure for its ability to support a potential CBDC issued by the Federal Reserve on top of distributed ledger technologies.
Project Lithium will aim to “demonstrate direct, bilateral settlement of cash tokens between participants in a real-time delivery versus payment (DVP) settlement. The pilot will also identify how it can leverage DTCC’s robust clearing and settlement capabilities to fully realize the potential benefits of CBDCs, including reduced counterparty risk and captive liquidity, increased capital efficiency, more efficient, automated workflow, assurance that cash and securities are submitted and add transparency to regulators.”
From DTCC’s press release, David Treat – Global Metaverse and Blockchain Leader at Accenture and Co-Director of DDP – stated that “Project Lithium is another key aspect in the modernization of the capital markets’ core infrastructure. Direct exchange of tokenized assets for [a] central bank digital currency provides a tremendous foundation for simplification, efficiency and a new frontier of product and service innovation. We welcome DTCC’s continued leadership and focus.”
CBDCs Crypto Crime Compliance
