SYDNEY: 11 March 2014 - The surge in interest in crypto-currencies has caused technological surveillance to once again come to the forefront among financial intelligence units and anti-money laundering regulators around the world. In Australia's case, the AML/CTF regulator is quietly attempting to fuse together its new analytical platform, an enormous database of international funds transfer instructions and sophisticated analysis of crypto-currency "blockchains" to monitor illicit transactions using digital currencies. The word from researchers and financial intelligence units, however, is that Bitcoin is not nearly as anonymous as some criminals and crypto-launderers had been led to believe.

Bitcoin is the poster child of crypto-currencies and virtual currencies. It was the first open-source digital currency to embody the concept of a blockchain: a decentralised register of all transactions conducted on the network. The blockchain's primary function is to prevent the double-spending of coins but it also provides an unprecedented record of transactions; one which is publicly available to download and scrutinise. The blockchain is maintained by "miners": computers that verify the legitimacy of transactions and effectively maintain the crypto-currency's peer-to-peer network infrastructure. In doing so, these computers compete for units of currency ("coins") which are awarded in return for solving the complex mathematical challenges that power Bitcoin. 

One of the greatest misapprehensions about crypto-currencies is that they provide anonymity for their users. The medium initially shot to popularity as the currency of the "deep web", an underground part of the internet that that uses the Tor network to anonymise connections and disguise IP addresses. Sites such as Silk Road thrived on the apparent anonymity offered by the combination of Tor and an ostensibly anonymous currency.

After the crackdown on Silk Road and the arrest of its alleged founder, Ross William Ulbricht, internet users have been forced to rethink the anonymity provided by the deep web, and in particular the extent to which anonymity is offered by crypto-currencies. As several academic studies have demonstrated, crypto-currencies are better described as offering "pseudonymity". In other words, they offer users the ability to transact under a concealed identity (their public key) but all of their transactions are available for full public viewing, and for law enforcement scrutiny.

For AML/CTF regulators, financial intelligence units (FIUs) and law enforcement agencies, the emergence of crypto-currencies offers a tantalising opportunity. If the anonymity provided by these networks is in fact over-stated, they could prove to be an extremely useful law enforcement tool. Using sophisticated intelligence software and techniques such as heuristic clustering to "crack the blockchain" could yield a treasure trove of information on potentially illicit money flows.

Anatomy of an AML/CTF threat

The Australian Transaction Reports and Analysis Centre (AUSTRAC) has spent A$24 million on an overhaul of its intelligence platform. The system, known internally as the Enhanced Analytical Capability (EAC) platform, will enable it to be one of the first regulators in the world to conduct "near-real-time" transaction monitoring. As transactions cross borders in seconds, this automated intelligent monitoring of transactions has been identified as crucial in the fight against money laundering and transnational organised crime.

In a recent appearance before the Senate, AUSTRAC said that it was looking closely into the AML/CTF threat posed by digital currencies, such as Bitcoin. John Schmidt, chief executive, told a panel of senators that the AML regulator and financial intelligence unit has been following Bitcoin and other virtual currencies for a number of years, and that its research had found that crypto-currencies could be a double-edged sword when it came to money laundering.

AUSTRAC's own typologies report revealed back in 2012 that it was exploring the use of currencies such as Bitcoin and Linden dollars (an online gaming currency) in money laundering cases. AUSTRAC said digital currencies presented new opportunities for criminals to launder money due to their global reach, lack of face-to-face transactions and the convenience of using electronic commerce. 

"While the nature and extent of money laundering through digital currencies and virtual worlds are unknown, it is important to recognise their potential for criminal exploitation, particularly in response to tighter regulation of established or traditional financial channels," the report said.

AUSTRAC has found its rules on international funds transfer instructions (IFTIs) to be invaluable in the surveillance of crypto-currencies. Back in 1989, long before the arrival of a successful virtual currency, Neil Jensen, the then-chief executive of AUSTRAC,  said that FIUs needed to keep a record of all inbound and outbound IFTIs (wire transfers) from financial institutions and other remitters. The government ultimately agreed and passed IFTI reporting laws in 1991.

"The Australian approach provides a very simple answer to the problem," Jensen said in a recent article for Thomson Reuters Accelus. "Put all of the information in one place so that it can be monitored effectively, where it can be readily linked to other highly relevant financial intelligence and from where appropriate investigative action can be quickly commenced. One of the major benefits of the reporting of cross-border funds transfers to AUSTRAC has been the ability of its analysts to identify criminals not previously identified by law enforcement agencies."

AUSTRAC's IFTI reporting data is now being used in ways that were unthinkable given the technological landscape back in 1991.

Schmidt said that IFTIs had proved critical in monitoring virtual currencies such as Bitcoin. He said that in a large-scale laundering operation the operators would inevitably need to interface with the financial sector, either by converting dollars to Bitcoin, or vice versa. When these funds are transferred out of Australia to Bitcoin exchanges or bank accounts in other jurisdictions, or returned in the form of cash, AUSTRAC is able to monitor the transactions. Using other forms of intelligence, it can potentially even link international funds transfers to transactions on the Bitcoin blockchain.

AUSTRAC takes the view that the crypto-currency ecosystem is still too young to be able to form a "closed loop" economy. As such, in large-scale laundering operations the funds will always need to interface with the "real" economy.

"Because Bitcoin has limited usage at the moment, at some point it will almost inevitably have to intersect with the normal market. At some point a person will be purchasing Bitcoins using, for example, Australian dollars and then, if they are dealing in [illicit] substances or services, they will want to convert those Bitcoins back into the legitimate currencies, wherever they are. So that they can gain the benefit of them," Schmidt said.

Uncovering the blockchain's secrets

AUSTRAC's behind-closed-doors work in this area has been complemented by some ground-breaking academic studies. Researchers from Cornell University have demonstrated that by using high-tech analytical tools, such as heuristic clustering, they can reveal a considerable amount about transactions on the Bitcoin blockchain. When combined with other data sources, this is sufficient to identify not only individual users but also their transaction histories. 

Martin Harrigan, a researcher with the Clique Research Cluster at University College Dublin, wrote recently that his team had been able to "de-anonymise considerable portions of the Bitcoin network" during investigations into a Bitcoin theft. 

"We can use tools from network analysis to visualise egocentric networks and to follow the flow of Bitcoins. This can help us identify several centralised services that may have even more details about interesting users. We can also apply techniques such as community finding, block modelling, network flow algorithms, etc., to better understand the network," Harrigan said.

Harrigan and his research associates said they had not been trying to "de-anonymise" any individual users in the course of their work. Instead they wanted to demonstrate that there were limits to the level of anonymity Bitcoin could offer its users. 

"We are excited about the Bitcoin project and consider it a remarkable milestone in the evolution of electronic currencies," Harrigan said. "[But] it is important that users do not have false expectations of anonymity."

Sophisticated analytics

In his appearance before the Senate, Schmidt said that AUSTRAC was undertaking similar types of sophisticated surveillance into Bitcoin transactions. This included comparing blockchain data with many other sources of information that AUSTRAC had at its disposal; AUSTRAC's access to personal transaction data goes far beyond the information that the University College Dublin researchers had at their disposal.

As Schmidt said: "Because we get the international funds transfers instructions, it is possible, using other intelligence sources, to identify transactions where people are purchasing Bitcoins. Most other countries in the world do not have that capability."

In this context, AUSTRAC appears to take the view that Bitcoin is just another commodity, such as precious metals or diamonds, that can be used to store and transfer value. The big advantage that Bitcoin presents, from a surveillance perspective, is of course the blockchain; while this is essentially Bitcoin's defining feature, it is also its Achilles' heel.

Of course, sophisticated Bitcoin users, and dedicated criminals, will have ways of making crypto-currency transactions extremely difficult to monitor. Some service providers have offered "mixing" services, which essentially tumble Bitcoin transactions so that there is a break in the chain of ownership. If a mixer does its job properly, it is very difficult to trace a single transaction across the Bitcoin network as the ownership of a particular coin changes during the "mixing" process. 

In practice, however, mixers have a mixed reputation among the Bitcoin community.  Some have been known to abscond with coins, while others have such a low volume of customers that users have complained of getting their own coins back on the other side of the alleged anonymising or coin mixing  service.

In one recent study, researchers from the University of California, San Diego and George Mason University found that Bitcoin's potential for large-scale laundering had been greatly over-stated, including by some enforcement agencies. They also demonstrated that mixers were less than effective at securing anonymity. This was compromised by the "increasing dominance of a small number of Bitcoin institutions ... most notably services that perform currency exchange".

The researchers concluded that the consolidation of Bitcoin infrastructure, coupled with the public nature of transactions and the ability to link money flows to major institutions, made Bitcoin "unattractive today for high-volume illicit use such as money laundering".

Bitcoin's Achilles' heel ... for launderers

Raymond Choo, senior lecturer in the School of Information Technology and Mathematical Sciences at the University of South Australia, said this research was consistent with his own findings on virtual currencies and money laundering. 

Choo said he was "not entirely convinced" that virtual currencies such as Bitcoin could be used to launder large amounts of money and said it was more likely that laundering syndicates were using other techniques. Bitcoin could be more effective as a way of storing and transferring flight capital, he said. 

"In terms of laundering, it would be too troublesome to get the money in and out of the financial system. Bulk cash smuggling — carrying cash across borders — would be a much easier and potentially cheaper option," he said.

Choo said there was little doubt that Bitcoin was part of the money laundering arsenal, but said the anonymity it provided had been over-played, especially given the sophisticated tools available to agencies such as AUSTRAC. He said Bitcoin was of more concern from a terrorist finance perspective, however, as value could cross borders instantly without the need for any identifying documents.

"Open -source prepaid cards would be a better laundering option than virtual currencies such as Bitcoins. However, both instruments — prepaid cards and virtual currencies — are viable tools for terrorism financing as the latter typically requires very little funding," he said.

IFTIs and monitoring

Choo said that Bitcoin data from wire transfer reports would be "useful" but would only form one part of the forensic puzzle. He said AUSTRAC would need to use a range of tools to get around the fact that individuals could buy coins in person, with cash, or send funds to an overseas bank account, rather than directly to a virtual currency exchange. He said it would be difficult for the FIU to determine whether funds were destined for an overseas digital currency exchange.

"For starters, most individuals will send cash overseas and convert to U.S. dollars before making a transaction via an exchange. This is a good way to layer transactions," he said. 

Choo said the main challenge for AUSTRAC and other FIUs would be to take advantage of "true big data analytics". AUSTRAC and its partner agencies would need to use technology  to bring together quickly and then analyse all types of data from a range of data sources. These might include IFTIs and other forms of transaction data or criminal intelligence. An effective monitoring system would need to handle both structured transaction data and semi-structured or unstructured data (such as financial transactions, geo-spatial data and email or mobile telecommunications).

"AUSTRAC would then need to analyse this data to understand and analyse suspect transactions and the suspect's interactions. It would need to find insights that simply are not possible from traditional business intelligence and structured data alone," Choo said.

Given AUSTRAC's investment in leading intelligence systems, however, it seems highly likely that it can already conduct this sort of sophisticated data analysis.

Enhanced capability

Although AUSTRAC remains suitably tight-lipped about its specific capabilities, it has said that its new system permits "near-real-time" monitoring of a range of different data sources and transaction reports.

Schmidt told Accelus Regulatory Intelligence in a recent interview that AUSTRAC had automated a significant part of its intelligence work with the EAC platform. He said this meant the agency could run sophisticated data analytics through its IT infrastructure and then use its team of analysts to undertake high-level analytical follow-up work. The human intervention required had previously made this type of sophisticated near-real-time analysis virtually impossible.

"It's going to be a quantum leap. We get more than 80 million reports a year and that volume is increasing constantly. It's impossible to have human intervention when dealing with that volume [of reports]. Then when you have a stored data set of hundreds of millions of transactions, which we've collected over the years, the capacity to manipulate that data to spot patterns and messages between people, or to analyse past transactions to develop formulas which identify criminal behaviour and then run those in real time against the reports that we're getting, is an extraordinary step forward. I think it's a generational change in capacity," Schmidt said.

International cooperation

In his Senate estimates appearance, Schmidt said that AUSTRAC had appointed analysts to look specifically at the threats posed by currencies — or commodities — such as Bitcoin. He also said this was becoming a significant topic of discussion internationally, at forums such as the Financial Action Task Force (FATF) and the Egmont Group. He said that the Egmont Group had established a working group which was looking at digital currencies from an international perspective.

The main lesson for FIUs, regulators and policymakers worldwide, he said, was the importance of global cooperation in this area. This included sharing technology, sharing intelligence and sharing expertise when surveilling digital currencies. He said this was the only way that law enforcement agencies could keep up with the criminal applications of technology to launder funds, commit crimes or finance terrorism.

"The only way that we, as a financial intelligence unit and a nation, are going to be able to combat these growing threats from crime is international cooperation. They [criminals] will operate on servers in jurisdictions around the world and use very sophisticated methods to move and hide their identities," Schmidt said. "When you have international cooperation — as there was with Liberty Reserve and other matters which have been in the press in recent times — that is the answer to being able to stop that criminal behaviour."

Only time will tell whether the blockchain turns out to be law enforcement's friend or foe in the fight against financial crime, money laundering and the financing of terrorism.

This article was first published by the Regulatory Intelligence service of Thomson Reuters Accelus. Regulatory Intelligence (http://accelus.thomsonreuters.com) provides a single source for regulatory news, analysis, rules and developments, with global coverage of more than 230 regulators and exchanges.