Written by James Thomas on Monday January 4, 2021
James Thomas considers fraud risks associated with cryptocurrencies in the context of COVID-19
“In the first five months of 2020, crypto thefts, hacks, and frauds totalled $1.36bn, suggesting 2020 could see the second-highest value in crypto crimes ever recorded. In a trend that continues from last year, fraud and misappropriation still make up most of the year’s stolen crypto compared to hacks and thefts.”
- CipherTrace Cryptocurrency Anti-Money Laundering and Crime Report, Spring 2020 
2020 has seen a plethora of fraud risks unleashed by COVID-19, as criminals have seized upon the fear and disruption created by the pandemic , including potential weaknesses associated with work from home arrangements and temporary regulatory reliefs introduced to support firms and individuals through the crisis.
In a recently published article we reviewed the main frauds of 2020. In this piece, however, we consider the convergence between the pandemic and the ongoing digital revolution. Specifically, we highlight how the coming together of the two is further focusing the minds of both criminals and the anti-financial crime community on the fraud risks and opportunities associated with cryptocurrencies.
The pandemic has led to a growth in online activity  as individuals, confined to their homes as a result of global lockdowns, have increasingly accessed services and products virtually as opposed to physically. While cash transactions were already in decline  prior to the pandemic, COVID-19 has accelerated (and has potentially locked in) the trend towards cashless payments. Indeed, the World Health Organisation has identified physical money as a vector for the virus, encouraging the use of alternative payment methods.
It is worth noting that criminals have also been living through lockdown conditions, making it more difficult for them to access their physical networks and the cash economy. Therefore, while cash has traditionally been king  in financial crime, the restrictions imposed by the pandemic may have led wrongdoers to look more closely at the possibilities presented by virtual currencies.
As Tim Tyler, Head of Financial Crime Compliance, ICA, suggests: “While there is, as yet, no firm evidence of this trend, it is reasonable to anticipate that criminals will be defaulting to use cryptocurrencies amidst the pandemic, because of the difficulty in meeting people and exchanging value, and because of the attractiveness of crypto due to its opacity when compared with traditional banking services or credit cards.”
Many crypto-related frauds are not necessarily novel variations on more traditional frauds with the substitution of virtual for fiat currencies. Rather than devising new schemes, criminals are therefore capitalising on the novelty of the asset class itself, and the technology underlying it, which renders it both poorly understood and, to date, on the fringes of regulatory scrutiny. Notable crypto frauds in 2020 have included:
Due to the hype surrounding crypto, and the promise of significant returns, many unsophisticated or first-time investors have been lured into investing in such schemes. Although crypto investment fraud predates COVID, it is conceivable that the pandemic (which has simultaneously seen returns falter on many traditional investment products at the same time as individuals have come under increased financial strain) may have exacerbated the problem, driving vulnerable investors to seek returns that are, literally, too good to be true. Examples of frauds involving crypto investment include:
One notable trend has seen celebrities or businesspeople charged with promoting ICOs on social media without disclosing that they had been paid to do so. Most recently, “US federal prosecutors are pushing for a heavy prison sentence to be levied against one of the founders of Centra Tech – the company behind a notorious initial coin offering in 2017 that was promoted by professional boxer Floyd Mayweather and musician DJ Khaled”.
As an aside, the potential for the combination of celebrity endorsement and social media to lure unwary investors was further demonstrated when the Twitter accounts of several high-profile figures were hacked and used to post fraudulent Bitcoin ‘give-aways’.
Ponzi schemes – significant recent examples being the billion dollar Wotoken scheme in China, and a $722m crypto mining fraud scheme that “solicited money from investors in exchange for shares of pooled investments in cryptocurrency mining and that rewarded existing investors for recruiting new investors”.
As alluded to above, regulation has largely been playing ‘catch up’ in this rapidly-developing space. However, the FATF has been instrumental in building momentum towards the development of global standards. Indeed, speaking at the ICA’s BIG Compliance Festival, FATF President, Dr Marcus Pleyer, highlighted crypto as a potential “weak link” in the financial system and stressed that the FATF will continue its efforts in this area.
Key to these efforts has been the FATF’s 2015 Guidance for a Risk-based approach to Virtual Currencies, which focused on “points where virtual currency activities intersect with and provide gateways to and from (i.e. the on and off ramps to) the traditional regulated financial system”. Its 2019 publication – Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers – expanded the 2015 Guidance, and was instrumental in helping to develop understanding of the risk-based approach to virtual assets and virtual asset service providers (VASPs).
“The FATF’s definition of crypto as a ‘virtual asset’, and its definition of VASPs, was a seismic evolution for the whole sector, providing regulators with clarity,” suggests James Wood-Rickett, AML/Financial Crime Prevention Course Director, ICA. “At the European level, a further significant development came with the Fifth Money Laundering Directive (AMLD5), transposed earlier this year, which applies to crypto exchanges. This has provoked a lot more awareness of VASPs in the industry. Banks have been wary of dealing with VASPs, but that is now becoming easier as they now fall under similar controls.”
Significant further regulatory developments include:
• The European Commission’s adoption on 24 September 2020 of the Digital Finance Package (DFP). This includes “The European Commission's proposed Regulation on Markets in Crypto-assets (MICA) [which] will bring within the scope of regulation all crypto-assets not already covered by EU financial services legislation.”
• In the US at the start of the year, the Crypto-Currency Act of 2020 was drafted “to add clarity to the cryptocurrency industry and provide a clear framework for crypto regulations in the US.”
There is some early evidence of the effects of this increased regulatory attention. According to the CipherTrace report:
“The global average of direct criminal funds received by exchanges dropped 60% from 2017 to 2019, most of which occurred in the last year with a 47% drop from 2018 to 2019 … As more crypto AML regulations are implemented around the world (including AMLD5 in Europe), many criminals are finding it harder to offload their illict funds directly to cryptocurrency exchanges – the most common crypto-to-fiat offramp.”
However, the report warns that this “does not necessarily mean exchanges are actually receiving fewer criminal funds”. It may simply be that, in the face of stronger controls, criminals are working harder to disguise the origins of these illicit funds
The UK’s National Crime Agency’s recently-published Suspicious Activity Reports Annual Report 2020, provides some additional indication of the greater scrutiny being placed on the virtual asset space, from within the FinTech industry itself. It notes that: “The most significant growth in SARs [suspicious activity reports] was seen from financial technology (FinTech) companies. Such firms submitted 83,609 SARs in 2019-20 – up 263.94% from 2018- 19 (22,973)”. NB: ‘FinTech’ here refers to “companies enabling payments or transfers of value by using new or emerging technologies”.
With regulation gathering momentum, the onus is therefore on compliance to continue to develop its knowledge of this burgeoning field. Indeed, crypto is not going away but is expected to become increasingly mainstream, with some predicting that its use in financial services will mature rapidly. For example, in August Fidelity launched a crypto fund for wealthy investors. As customers become increasingly fluent in these virtual assets, the requirement for CDD analysts, for example, to be familiar with crypto will only increase.
Finally, with greater understanding of crypto and its underlying technology, will emerge opportunities to improve compliance processes. Indeed, there is growing discussion amongst regulators, central banks and governments regarding the potential presented by blockchain technology to improve efficiencies in all areas of the economy. Again, some of this discussion has been inspired by challenges witnessed during the pandemic, for example: “Medical supply, pharmaceutical and other industries may look more closely at how distributed ledger technology can fix some of the problems we’ve seen in supply chains and distribution of critical goods.”
More specifically, in the field of financial services regulation and compliance “blockchain technology could become a useful tool in reducing complications associated with financial regulatory compliance and transparency”. Indeed, FATF’s President Dr Marcus Pleyer has made it clear that the FATF will pursue technological initiatives aimed at improved effectiveness and efficiency in fighting financial crime, while balancing these against data protection requirements.
As ICA’s Tim Tyler concludes: “The heart of this is that the blockchain offers a public, and potentially transparent, ledger that records activity. The Bitcoin ledger is public and transparent, the information is there and you and I, if we had the right tools, could look at it. The difficulty is that it doesn’t show real peoples’ details: it doesn’t show name and address, it just uses unique identification numbers. But the blockchain could require you to enter your details before permitting a transaction or another record to go ahead. So, on the one hand, blockchain is currently being used by criminals because it is opaque, but on the other hand it has the potential to be used as part of the solution. It could be used in conducting due diligence, it could be used to identify source of funds, it could be used as a way of tracking activity in a supply chain, for instance.”
 Cipher Trace, Cryptocurrency Anti-Money Laundering and Crime Report, Spring 2020, 2 March 2020, https://ciphertrace.com/cryptocurrency-anti-money-laundering-and-crime-report-spring-2020/, Last accessed - 4 January 2021
 Europol, 'HOW COVID-19-RELATED CRIME INFECTED EUROPE DURING 2020', 12 November 2020, https://www.europol.europa.eu/publications-documents/how-covid-19-related-crime-infected-europe-during-2020, Last accessed - 4 January 2021
 Europol, 'BEYOND THE PANDEMIC - HOW COVID-19 WILL SHAPE THE SERIOUS AND ORGANISED CRIME LANDSCAPE IN THE EU' 30 April 2020, https://www.europol.europa.eu/publications-documents/beyond-pandemic-how-covid-19-will-shape-serious-and-organised-crime-landscape-in-eu, Last accessed - 4 January 2021
 The Independent, 'Has Covid finally killed off the UK’s love of cash?', 23 June 2020, https://www.independent.co.uk/money/coronavirus-cash-notes-coins-virus-clean-dirty-cards-contactless-rural-elderly-cashless-a9580626.html, Last accessed - 4 January 2021
 Europol, 'CASH IS STILL KING: CRIMINALS PREFER CASH FOR MONEY LAUNDERING', 8 July 2015, Link, Last accessed- 4 January 2021
Thank you. Your comment is awaiting moderation and should appear on the site shortly.
Required fields are not completed, please ensure all required fields (*) have been filled in properly.
You can leave the name empty should you wish to remain Anonymous.
Help and support
Alternatively contact us on: +44(0)121 362 7534 / email@example.com (Course information)
or +44(0)121 362 7533 / firstname.lastname@example.org (Enrolled learners)
or +44(0)121 362 7747 / email@example.com (Membership)
or +44 (0) 121 362 7503 / firstname.lastname@example.org (End Point Assessment)