AML and Sanctions Compliance Issues Facing Digital Currency and Blockchain Companies

The United States Department of Justice convened an unprecedented Summit on Digital Currency and the Blockchain on November 9, 2015. The reported goal of the Summit was to promote a dialogue between the government and industry to identify and examine effective strategies for reducing criminal activity on digital currency platforms. The timeliness of the DOJ initiative was underscored by the Paris terrorist attacks later that week and subsequent reports that the terrorists had a “wallet” with $3 million of bitcoin.

Carol Van Cleef, a Manatt partner who represented the Chamber of Digital Commerce at the Summit, also moderated a panel at the recent Money 2020. Her panel focused on anti-money laundering and sanctions compliance in emerging payments and the panel included Kathryn Haun, the Assistant United States Attorney in the Northern District of California, who was widely reported as an organizer of the Summit, and Catherine Alden Pelker, a key FBI analyst focused on digital currencies. We asked Carol about her panel’s conversation at Money 2020 and her reflections on the necessity for strong public/private coordination in the world of digital currencies.

What types of criminal activity is the U.S. law enforcement community focusing on?

CVC: Although pending investigations were off-limits for discussion, several trends were noted. Our speakers agreed that digital currencies are just another means of making payments in a long list of payment methods used by criminals and terrorists. The law enforcement community is seeing particular use of digital currencies for paying ransoms – not only in kidnappings, but also to regain access to encrypted computer files.

Is state licensing required?

CVC: Federal law prohibits anyone requiring a state money transmission license from operating without the necessary state licenses. Panelists noted seeming industry confusion in several areas: (1) getting a NY BitLicense takes care of licensing requirements in 49 other states and the District of Columbia and (2) registration as a money services business eliminates liability for not having the necessary state licenses. Part of this confusion is due to the fact that most prosecutions to date have focused on failure to be registered as an MSB.

Does a digital currency company need an AML compliance program?

CVC: A company registered as a MSB is required by law to have a program. Other companies should consider putting such an AML program in place as a matter of best practices. The purpose of the program is in part to comply with certain specified reporting requirements and in part to protect the company from criminal abuse. A company is most vulnerable to prosecution if it is implicated in illegal activity, whether it is aware or unaware of such activity. In the absence of an effective AML compliance program it is even more vulnerable.

What should an AML compliance program look like for a company in this industry, especially if it does not have extensive resources like a bank?

CVC: Our panelists agreed that even the smallest company should have an AML compliance program. The smallest company is as vulnerable to criminal abuse and in some cases more vulnerable than larger companies because they lack basic controls. The program should be risk-based and appropriate to the size and nature of the business. Terrorist financing is always a concern. The government isn’t insisting on perfection. However, the program should be effective, appropriately reflecting the company’s level of risk.

What is the BlockChain Alliance and why is it important?

CVC: The BlockChain Alliance, whose founding members are the Chamber of Digital Commerce and the CoinCenter, seems to be a welcomed development on multiple levels. It is a private-public forum to facilitate a dialogue between industry, law enforcement and regulatory agencies in an effort to combat criminal use of the blockchain. The organizers recognize that such an initiative is critical to making the blockchain ecosphere more secure and promoting further development of the technology. According to various publications, it has already engaged with a number of government agencies, including the DOJ, the FBI and the CFTC and U.S. Secret Service.

What about OFAC? Is this an issue for digital currencies?

CVC: Again, the panelists all agreed that digital currency companies are covered by OFAC-administered sanctions like any other U.S. company. Moreover, there is no de minimis exemption for transactions. This is a major issue of concern because the technology makes it easy to transfer value across borders very rapidly and often without enough details about the receiver. My sense: Stay tuned for developments on this front, especially after the Paris attacks.