red 
On May 9, the US Financial Crimes Enforcement Network (FinCEN) released 30 pages guidance details the regulatory scope of its enterprise cryptocurrency AML requirements and its compliance expectations.1
In light of FinCEN’s cryptocurrency guidance, we’ve identified three key steps for the success of your crypto business – including how to achieve transactional transparency and manage risk assessments. Here’s how you can successfully meet FinCEN’s requirements.
#1. Transactional transparency is key, so make sure you have the right monitoring tools in place.
FinCEN’s cryptocurrency guidance says that in order to manage risks, regulated cryptocurrencies must monitor customer transactions and understand where customer funds are going and coming from.
According to FinCEN, crypto companies meet this requirement by “building procedures into their AML programs that allow them to monitor and track transaction history [crypto] through publicly visible books.”
The message is clear: businesses that don’t have access AML monitoring tools the risk of not meeting FinCEN’s expectations.
FinCEN’s guidance also reiterates the importance of funds travel rules as a key component of transaction transparency.
The Travel Rule requires that, when transferring funds valued at $3,000 or more, FinCEN-regulated companies must provide the receiving institution with information about the identities of those sending and receiving the funds. The goal of disclosing the identity of clients on both sides of a transaction is to ensure end-to-end transparency when funds flow through regulated institutions.
Financial institutions that deal exclusively in fiat currencies already enforce this requirement when sending funds to each other. Today, FinCEN expects crypto companies to do the same. The US is also pressing Financial Action Task Force (FATF)the global standard setter for anti-money laundering regulation, for the enforcement of the Travel Rules around the world.
Sounds simple, right?
Not really.
Unlike the fiat world, in the crypto space users can send funds electronically peer-to-peer, without the presence of a financial intermediary. This means that crypto exchange users can send funds to or receive funds from pseudonymous cryptocurrency addresses that are not easily linked to real identities – a major challenge in implementing the Travel Rules.
FinCEN’s cryptocurrency guidance, however, makes clear that it expects cryptocurrencies to comply with the Travel Rule without exception.
At Elliptic, we are engaged with our customers and industry partners to address this compliance challenge. Our blockchain tracking solutions enable regulated crypto companies to identify addresses belonging to other crypto businesses with which their customers transact – a crucial first step in ensuring compliance with the Travel Rules.
#2. Crypto regulation is expanding in scope, so make sure you stay up-to-date on your requirements.
FinCEN’s Cryptocurrency Guidelines indicate as much crypto ATMs2, ICO publishersonline casinos, ieindividual P2P exchangers3certain App4 use cases and other new and innovative service models must adhere to its AML requirements.
The guidelines also have an international scope: these platforms are not covered only where they have a physical presence in the US. Crypto platform operators located outside the US serving US customers must also comply. In short – it’s not just a limited universe of centralized crypto exchanges that have US AML obligations.
This reflects a trend we see elsewhere, including the UKwhere regulators are developing broad AML requirements for cryptocurrencies covering a wide array of crypto products and platforms.
Moreover, FinCEN’s cryptocurrency guidance states that all those companies that fall under its purview will be retrospectively assessed for regulatory compliance – not just from the time of the May 9th guidance.
For example, a crypto ATM provider that has been around since 2015 but has not complied to date cannot claim ignorance of its obligations and assume it will get a pass from FinCEN.
The message is clear: any US-regulated crypto business operating without full compliance needs to get its house in order – and fast. And new start-ups must ensure rigorous compliance from the start.
#3. It all starts with a risk assessment, so make sure you do it.
FinCEN’s cryptocurrency guidance emphasizes the importance of regulated businesses conducting a thorough risk assessment as a foundation for a successful AML compliance program.
The guidelines state that crypto companies “should assess their individual exposure to the risk of money laundering, terrorist financing and financial crime based on the composition of their customer base, geographical areas served and financial products and services offered”.
FinCEN also published a concurrent advisory5 outlining key money laundering typologies and red flags to help crypto businesses identify risks.
Any regulated crypto business must therefore ensure that it understands the specific money laundering and terrorist financing vulnerabilities it faces. At Elliptic, we’ve taken an in-depth look at cryptocurrencies typologies and trends – and we also work with our clients to assess their financial crime risks so they can design successful, resilient compliance programs.
Elliptic’s AML solutions are designed to enable the world’s largest crypto exchanges, including Binanceto monitor transactions and report suspicious activity as required by FinCEN. To discuss how we can help your business understand its crypto risks and liabilities so you can succeed, contact us.
footnotes:
1. “Application of FinCEN Regulations to Certain Business Models Involving Convertible Virtual Currencies,” FiFinancial Crimes Network
2. “European Traffickers Pay Colombian Cartels Through Bitcoin ATMs: Europol Official”, moneylaundering.com
3.”FinCEN Fines Peer-to-Peer Virtual Currency Exchange for Anti-Money Laundering Violations,” Financial Crimes Enforcement Network
4.”What are Dapps? The New Decentralized Future”, Blockgeeks
5. “Advising of Unauthorized Activities Involving Convertible Virtual Currency”, Financial Crime Network
Regulation on compliance with the law
