A blog post by Nicole Diodati, Junior Associate.

Historically, terrorists have turned to numerous methods of raising money to finance their operations.^[1]  Terrorists have typically needed to raise money for two main purposes: 1) funding specific terrorist operations, and 2) organizational costs to maintain support and promote their ideology.^[2]  Now, terrorists have found that raising money through the use of cryptocurrencies fulfills these two main purposes, and they have increasingly been doing so in recent years.^[3]

For example, there was a recent incident in the United States where a sole individual, Zoobia Shahnaz, a lab technician in New York, attempted to provide material support to ISIS.^[4] Shahnaz defrauded financial institutions of over $150,000, converted the money into cryptocurrencies, and then transferred the funds to ISIS-linked individuals and shell companies. Shanaz faces up to two years in prison, restitution, criminal forfeiture, and a fine.^[5] Unfortunately, the U.S. has yet to take aggressive action against such incidents.

However, the European Union’s newly adopted Fifth Anti-Money Laundering Directive (“AMLD5”) is a strong attempt to curtail terrorists’ efforts. Also, it is perhaps the strongest cryptocurrency regulation to date. Prior to proposing AMLD5, the EU conducted an impact assessment which acknowledged the problem that “suspicious transactions made through virtual currencies are not sufficiently monitored by the authorities, which are unable to link identities and transactions, mainly because of the anonymity surrounding virtual currencies and because of virtual currency schemes and their participants.”^[6] Then, in response to the terrorist attacks in Paris and Brussels, and the Panama Papers scandal, the AMLD5 was passed into law on July 9, 2018.^[7]  AMLD5 required all European Union (“EU”) member states to incorporate it into their legislation by January 20, 2020.^[8] However, in many instances national laws incorporating AMLD5 introduce regulations that are tougher than the Directive requires.^[9] The Directive “provides a minimum standard of care,” leaving member states “free to impose higher compliance burdens when transplanting the Directive into their local legislative practice.”^[10]

The Directive imposes additional requirements on companies with a crypto angle. The Directive “additionally covers virtual currency platforms (exchanges) as well as custodian cryptocurrency wallet providers.”^[11] In other words, crypto providers are now subject to the same recording requirements as other institutions. Also, anonymous transactions on cryptocurrency exchanges are prohibited.^[12] Custodian wallet providers and exchanges are obligated to provide the full user identification, just as banks and other brokerages do.^[13] Similar to anonymous transactions, the use of anonymous bank and savings accounts and safe deposit boxes are prohibited as well.^[14] To implement this, member states will create a central registry that allows the identification of natural or legal persons in possession of the above-mentioned types of accounts.^[15] Finally, the Directive imposes a more stringent due diligence regime in ‘high-risk third world countries,’ which requires customers from these countries to undergo more detailed background checks. Once passing a background check, these customers must obtain an EU bank account before being given permission to take part in cryptocurrency exchanges/providers.^[16] Finally, the Directive imposes a “know your customer” rule,^[17] which “essentially states that every broker-dealer should use reasonable effort[s] when opening and maintaining client accounts.”^[18] The various requirements indicate that the AMLD5 has a “specific focus on ‘questionable’ transactions originating from third parties.”^[19] The Directive clearly “acts as a propellant of the EU’S policy towards the formation of a more transparent financial system.”^[20]

 

^[1] See U.S. Treasury Dep’t, National Terrorist Financing Risk Assessment, (2018) (finding numerous terrorist financing methods such as state sponsors of terrorism through shell companies, extortion and taxation of civilian populations, sale of oil and oil products, recruitment of individuals, donations from supporters, drug trafficking, and exploitation of charitable causes).

^[2] Terrorist Financing, Financial Action Task Force, (Feb. 29, 2008), http://www.fatf-gafi.org/media/fatf/documents/reports/FATF%20Terrorist%20Financing%20Typologies%20Report.pdf.

^[3]  Nathaniel Popper, Terrorists Turn to Bitcoin for Funding, and They’re Learning Fast, N.Y. Times, Aug. 18, 2019,https://www.nytimes.com/2019/08/18/technology/terrorists-bitcoin.html.

^[4] New York Woman Pleads Guilty to Providing Material Support to ISIS, Dep’t of Justice (Nov. 26 2018),https://www.justice.gov/opa/pr/new-york-woman-pleads-guilty-providing-material-support-isis.

^[5] Id.

^[6] Cryptocurrencies and blockchain, Policy Department for Economic, Scientific, and Quality of Life Policies, at 68, TAX3 Committee (July 2018), http://www.europarl.europa.eu/cmsdata/150761/TAX3%20Study%20on%20cryptocurrencies%20and%20blockchain.pdf.

^[7] Lubomir Tassev, EU Members Adopt Tougher Crypto Rules than AML Directive Requires, Bitcoin.com (Aug. 13, 2019),https://news.bitcoin.com/eu-members-adopt-tougher-crypto-rules-than-aml-directive-requires/.

^[8] Id.

^[9] Id.

^[10] Willem-Jan Smits, The 5th Anti-Money Laundering Directive and What It Means for Crypto Businesses, WatsonLaw (Mar. 14, 2019 2:38 PM), https://watsonlaw.nl/en/amld5-aml-crypto-business-eu-dutch-law/.

^[11] Id.

^[12] Id.

^[13] Id.

^[14] Id.

^[15] Id.

^[16] Id.

^[17] Chris Madill, Are KYC and AML Rules Pushing The Crypto Industry In The Right Direction?, Bitrates (Oct. 20, 2019 6:52 PM),https://www.bitrates.com/news/p/are-kyc-and-aml-rules-pushing-the-crypto-industry-in-the-right-direction.

^[18] James Chen, Know Your Client (KYC), Investopedia, (Aug. 28, 2019), https://www.investopedia.com/terms/k/knowyourclient.asp.

^[19] Jan Smits, supra note 10.

^[20] Id.