Cybercrime investigators are investigating the oligarch’s use of crypto to avoid sanctions

As feared by Western governments, Russian oligarchs have started using cryptocurrency to avoid sanctions stemming from the war in Ukraine.

Bitcoin Russian flag“It’s clear that oligarchs are using digital assets to avoid sanctions,” says Rich Sanders. (Photo: Jernej Furman, Flickr, License)Rich Sanders, founder of cybercrime investigation firm CipherBlade, told OCCRP that blockchain analysts are currently investigating the financial interests of wealthy Russian citizens recently targeted by restrictive financial measures.

“A lot of this affects ongoing investigations — whether they’re government investigations or criminal investigations, or compliance investigations initiated as a result of alerts from transaction analysis tools,” he said. “But what I can say is that it is common for oligarchs to use digital assets to avoid sanctions.”

Earlier in July, the Joint Money Laundering Intelligence Taskforce (JMLIT), a collaboration between law enforcement and the financial sector in the UK, issued a red alert that it was “likely” designated individuals would explore alternative payment methods, “including the use of crypto-assets” to reduce reduced access to the global financial system.

The group’s warning came after several US representatives, including Senator Elizabeth Warren, introduced a bill in March proposing measures specifically aimed at the use of crypto assets by designated Russian nationals.

“No one can argue that Russia can avoid all sanctions by moving its assets into crypto,” Warren said at the time. “But for Putin’s oligarchs trying to hide, you know, a billion or two of their wealth, crypto looks like a pretty good option.”

Previously, there had been little confirmation that targeted individuals used digital assets to evade financial restrictions imposed in response to the Russian invasion. Sanders told OCCRP about some of the methods firms like CipherBlade, as well as cryptocurrency exchanges that perform blockchain analytics, have seen used in recent months.

“People have it in their heads that these oligarchs are going to use shady brokers to trade millions or tens of millions of dollars worth of Bitcoin or stablecoins at once,” he said. Instead, targeted individuals may turn to semi-professional money laundering networks to manage often complex series of transfers on their behalf.

This is not without precedent. “Russian money launderers have increasingly been observed in UK intelligence and operational activity providing cash for crypto-asset services, with the ability to move significant amounts of funds,” according to JMLIT’s July statement.

Sanders explains that members of these networks may start by breaking up the original amount into smaller packages to avoid attracting too much attention — similar to “smurfing” in traditional finance, which refers to breaking up large transactions to keep them under the reporting limits.

They can then use a technique called chain hopping ─ which often involves the use of instant exchanges, platforms that allow the transfer of value from one virtual coin to another ─ to move money between cryptocurrencies hosted on different blockchains.

“Basically, they do a whole bunch of layering and structuring, which makes it incredibly difficult to follow the money,” Sanders said. “They realize that the resources required to fight money laundering a few thousand dollars at a time are almost not worth it, and that’s how they get away with it.”

Another method widely favored by crypto-launderers is the use of virtual currency mixers, which hide the path to funds by mixing together data about origin, destination and parties in different transactions.

The US has sanctioned two such platforms since the beginning of this year for allegedly laundering virtual assets stolen by Pyongyang-backed hackers, most recently the Ethereum mixer Tornado Cash.

Since its launch in August 2019, Tornado Cash has mixed more than USD 7.6 billion worth of Ether. Nearly 30% of those funds have been tied back to illegal actors, according to blockchain analytics firm Chainalysis, while Bloomberg recently reported that around 52% of all proceeds from NFT fraud passed through the mixer before being sanctioned.

“Tornado Cash actually enabled literally hundreds of millions of dollars to go through to North Korea’s nuclear weapons,” Sanders said. “It’s a huge problem and shouldn’t have gone on as long as it did.”

Still, the Treasury Department’s decision to designate the platform has created a degree of confusion in the broader cryptocurrency community. “There’s a lot of commotion in the crypto space right now,” explains Yaya Fanusie, a former CIA analyst and founder of Cryptocurrency AML Strategies.

“The complication has arisen: can you sanction computer code? And what about the innocent people who have used the mixer? Is your crypto now also sanctioned?” he added.

One of Tornado cash’s developers has reportedly been arrested by Dutch authorities, sparking debate over the culpability of the mixer’s decentralized development team for the way authorities claim the platform was abused.

Meanwhile, an anonymous user has taken advantage of the lack of regulatory clarity to troll a number of US brands and celebrities by implicating them in potential sanctions violations. In the wake of the designation, a number of Tornado Cash transactions were allegedly sent to wallets controlled by clothing brand Puma, as well as TV host Jimmy Fallon and comedian Dave Chappelle.

Sanders speculates that increased scrutiny could see crypto-launderers move away from the use of mixers, relying more on chain hopping facilitated by instant exchanges, and that this would be reflected in the pattern of transactions linked to sanctioned Russian actors.

“You’re going to see even more illegal money, including oligarch money, going through platforms like KuCoin, OKX and Huobi. I mention them in particular because historically they are the worst offenders,” he said. “Their background checks can be defeated, and their anti- money laundering programs have proven nothing more than virtue signaling.”

“I’m not making this up, I’ve dressed up as Osama bin Laden, Borat and Taylor Swift and participated in these exchanges,” he added.

KuCoin, OKX and Huobi did not respond to requests for comment on their procedures for conducting background checks on users.

Overall, Sanders says, it disrupts how easily crypto networks can move money on behalf of individuals and entities subject to international sanctions.

“As someone who investigates this for a living, I could (but obviously won’t) hypothetically put this together and tell you how you can launder hundreds of millions of dollars worth of assets for an oligarch and not get caught,” he said.

“It’s terrifying to me. I shouldn’t be able to say it so confidently and easily, but that’s where we are now, he added.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *