AML 101: How to Screen a Bitcoin Transaction for Financial Crime Professionals and Law Enforcement Agencies
Introduction
Banking institutions, financial crime professionals and businesses have struggled with the adoption of cryptocurrencies, a permission-less digital asset that has been used in many emerging illicit crimes despite its enormous opportunity at reorienting our existing institutions in society. One of the core challenges with major institutional adoption with cryptocurrencies is the ability to screen wallet addresses so that businesses can comply with existing global Anti-Money Laundering and Countering the Financing of Terrorism (“AML/CFT”) regulation.
Many of the challenges of institutions beyond the technical know-how is having a reliable methodology for screening wallet addresses to ensure that they have not been involved in an illicit activities, ranging from cybercrimes, terrorist financing, sanctions violations, money laundering and child pornography.
Well, it’s 2020 and that is starting to change. In this brief article, I am going to show you how to jump in and get your hands dirty without much technical discussion using a basic OSINT tool that helps you screen a Bitcoin or Ethereum wallet. This is to help institutions, businesses and professionals including law enforcement agencies (“LEAs”) to have a basic minimum level of protection when dealing with cryptocurrencies so that controls can be implemented within the context of a sound risk management strategy. Since all transactions in the blockchain are digitally recorded in a decentralized public transaction ledger, we are able to use tools to provide a network analysis and risk rating.
Also, just as a foreword, I am creating this post out of my enthusiasm for cryptocurrencies as well as financial crime analysis and have no business interest in the company or tools we will be discussing. I just think it’s cool.
Enter the Blockchain
Without further adieu, let’s get our hands dirty.
Step 1. Open your web browser of choice and head over to the following website: https://bitrankverified.com/home to access BitRank Verified, which is a special tool developed by Blockchain Intelligence Group , a leading firm based out of Vancouver, Canada who are pioneers of digital asset investigations.
Step 2. To get a few practice wallets so that we can practice on, let’s head over to the U.S. Treasury’s Office of Foreign Assets Control (“OFAC”) to find some addresses that are listed of: sanctions evaders, terrorists and other SDNs. Since this is open source data, we are going to use one example from the website:
Copy/Paste the following address: 149w62rY42aZBox8fGcmqNsXUzSStKeq8C
..and while you’re at it: 1AjZPMsnmpdK2Rv9KQNfMurTXinscVro9V
Step 3. Enter the wallet address into the bar and click the Search icon, which looks like a little magnifying glass. This will begin to perform a single scan which will provide a safety score between 0 and 100 where higher risk profiles are flagged with a a lower score, whereas lower risk profile wallets will a receive a higher BitRank® score.
Step 4. According to the OFAC website, the two wallet addresses we just searched are Ali Khorashadizadeh and Mohammad Ghorbaniyan, who helped exchange digital currency (bitcoin) ransom payments into Iranian rial on behalf of Iranian malicious cyber actors involved with the SamSam ransomware scheme that targeted over 200 known victims.
Step 5. BitRank Verified returned the following information within seconds and provided a risk score of 0 – remember we stated earlier that the lower the score, the higher the profile rating:
BITCOIN ADDRESS
1AjZPMsnmpdK2Rv9KQNfMurTXinscVro9V
RISK ASSESSMENT
- Input Over 10k (typically the reporting threshold in global financial institutions)
- Bittrex Client Withdrawal
- SANCTIONED OFAC (listed on the OFAC list as mentioned above)
- Cfc Theft
- Cfc Nefarious
- Cfc Fraud
Lastly, BitRank Verified details the category of the SUAs which includes fraud, sanctions and/or other nefarious activities. This simple tool is very helpful in providing a basic level of compliance for those dealing with digital assets like BTC and ETH as part of a solid BSA/AML compliance program.
Conclusion
The information returned by BitRank Verified identifies users that have intersected with the dark web or have been involved with darknet market exchanges and other illicit crimes such as human trafficking or arms dealing. Traditionally, forensic analysts relied on Blockhain Explorer which is another great open source tool but the major problem is having non-technicals to sort through copious amounts of data to make connections between various web addresses. BitRank Verified does all of the analysis with a user-friendly interface that risk rates wallet addresses and identifies suspicious or illicit activities. Have fun!
Please note that this article does not constitute legal or professional advise in any way, you are required to seek legal professionals. Should you have any further questions or wish to get in contact with the owners of the platform, head on over to their website directly since I don’t own any of the rights and I’m also not an expert.
Original source by Robert Miller
https://www.linkedin.com/pulse/aml-101-how-screen-bitcoin-transaction-financial-law-robert/