Follow the Crypto Part 1: Why Fraud Teams Should Investigate Crypto Transactions
Nowadays, cryptocurrency is a buzzword in society. It’s mostly seen as a high-risk investment or associated with fast profit-making schemes. Despite this, its adoption has surged in recent years, and according to crypto.com, the number of cryptocurrency holders has now hit 580 million.
Unfortunately, not all of them hold it for legitimate reasons. We are at a juncture where criminals have the knowledge, services, and tools to channel their illicit profits through cryptocurrencies.
This poses many challenges to investigators who, until recently, considered tracing and recovering cryptocurrency to be next to impossible. However, it is now understood that conducting proficient cryptocurrency investigations is not only possible but imperative.
The Growing Use of Cryptocurrency in Crime
Cryptocurrency has evolved from a niche digital payment system to a near-mainstream financial tool. It uses blockchain technology to verify transactions without the need for traditional banking systems, enabling swift, borderless financial interactions.
Due to these inherent features, it has also become attractive for those conducting illegal activities. According to Chainalysis, illicit addresses received $24.2 billion in 2023. A significant portion of these transactions were linked to the sale of illegal goods and services on underground marketplaces.
There are three key reasons why criminals exploit cryptocurrency:
Perceived Anonymity
Whilst cryptocurrency transactions are recorded on a public ledger, they are anonymous – the only identifiable information recorded is the addresses of the wallets involved. In addition, services like mixers and unregulated exchanges offer criminals opportunities to further obfuscate their transactions (more on this later in the blog).
Cross-border Transactions
Cryptocurrency transactions are fast, global, and relatively easy to initiate. This gives criminals the ability to quickly transfer funds across international borders, with no checks in place.
Lack of Central Authority
Cryptocurrencies operate on blockchain technology, with no central authority governing transactions. This makes it more difficult for law enforcement to shut down illicit transactions.
This has led to an increase in both cryptocurrency-enabled crime, such as cryptojacking or cryptocurrency scams, and the use of cryptocurrencies as an illicit payment or money laundering vehicle by criminals.
Challenges in Cryptocurrency Investigations
Unsurprisingly, the same characteristics that make cryptocurrency attractive for criminals – for example, perceived anonymity – present major challenges for those seeking to investigate their crimes. In a traditional financial crime case, investigators looking to “follow the money” often must trace funds through a maze of shell companies, offshore accounts or creative accounting tricks. Now, enter cryptocurrency – and with it, multiple new dimensions to this maze.
Let’s explore a few key challenges in conducting cryptocurrency investigations:
Data Complexity
Cryptocurrency investigations introduce vast blockchain datasets, alongside Open-Source Intelligence (OSINT) and traditional financial records, significantly expanding the volume and variety of data investigators must process and analyze.
Technical Complexity
The cryptocurrency landscape is rapidly evolving. At any given time, there may be new coins being released and new protocols being developed. Criminals are also constantly improving their laundering processes. This requires investigators to continually update their own knowledge and tooling to reflect this.
Resource Limitations
Specialist knowledge is often required to perform cryptocurrency investigations. In addition, the commercial tooling available for conducting these investigations, whilst good, tends to be pricey. The good news is there are heaps of free sources and open-source tools available that lowers the barrier to entry to perform investigations.
Mixing Services
Also known as ‘tumblers’, these function like communal washing machines for cryptocurrency. They blend coins from numerous users, then return equivalent values, breaking the transaction trail and hampering investigators’ ability to trace funds through the blockchain.
Privacy-Focused Cryptocurrencies
Privacy-enhanced coins such as Monero are designed to obscure transaction details, making it difficult to associate transactions with specific wallets. Criminals exploit these features to further conceal their illicit activities. Techniques like ring signatures and stealth addresses create a highly obfuscated ledger. This presents a level of financial privacy that surpasses anything we’ve ever seen, creating significant hurdles for investigators.
Unregulated Exchanges
The rise of unregulated, underground exchanges provides criminals with the mechanisms to either covert their illicit earnings, or transfer funds easily and anonymously. These exchanges often operate on the dark web or in jurisdictions with relaxed governance regulations, allowing users to bypass Anti-Money Laundering (AML) and Know Your Customer (KYC) enforced by regulated exchanges.
Why Cryptocurrency Investigations Are Crucial
The challenges of cryptocurrency investigations can be especially daunting for a business. As a result, many may forego conducting these investigations at all. However, doing so deprives them of powerful insights into threat actors and their methods. The usefulness of cryptocurrency investigation goes far beyond just solving the case at hand – it equips fraud teams with the skills and insights to strengthen prevention and detection capabilities.
Let’s explore why, despite their complexity, cryptocurrency investigations have become so important in modern fraud prevention:
Identifying Criminals
Cryptocurrency investigations can be used to deanonymise the criminal hiding behind a wallet address. If a criminal launders their cryptocurrency through any exchanges which implement KYC, there is the chance that they could be identified by working with law enforcement.
Criminal Network Mapping
In addition to individual wallet attribution, cryptocurrency investigations can assist in uncovering networks of criminals and their activities. Transaction patterns recorded on the blockchain could highlight hidden relationships between adversaries.
Evidence Gathering
As an immutable public ledger, blockchain data can be used as evidence in legal proceedings to show the exact amounts, times and parties involved in the proceeds of criminal activity.
Proactive Fraud Prevention
By keeping up to date with the ever-evolving tricks used by criminals, investigators can predict and act against similar methods used by other threat actors.
Recovery of Stolen Funds
If a cryptocurrency has been involved in theft or fraud, transaction analysis could help to recover stolen assets. The key is to trace the funds to licensed exchanges and work with law enforcement.
While the success of each cryptocurrency investigation depends on various factors, including the timing of the investigation, the speed at which criminals move funds, and the complexity of their laundering techniques – skilled investigators can achieve results.
The following use case demonstrates how, despite challenges, well executed investigations can lead to fund recovery and important insights to support legal proceedings.
Cryptocurrency Investigations in Action
Can you even imagine the chaos if one of the biggest fuel pipeline operators in the U.S. suddenly came to a screeching a halt? Well, that’s exactly what we witnessed in 2021 when Colonial Pipeline fell victim to a ransomware attack. The hackers demanded a ransom of 75 bitcoins (worth roughly $4.3 million at the time) to unlock the data and systems.
Fortunately, the US Department of Justice (DOJ) was able to trace and recover 63.7 of those bitcoins. Less fortunately, the recovered bitcoin was worth only $2.3 million at the time it was retrieved. And because Bitcoin’s prices swing up and down like a yo-yo, that same amount could well be worth $10 million … or a measly $100,000 by the time you read this!
This landmark case, alongside others, disproved one of the greatest myths about cryptocurrency: that it’s untraceable. The success of the DOJ’s operation also showcased clear proof of value in cryptocurrency investigations, from unmasking criminal perpetrators to recovering illicit funds.
Coming Up Next – The Process of Cryptocurrency Investigations
But exactly how do cryptocurrency investigators achieve favorable investigative outcomes? Each case is entirely unique, and although there are some common steps, the intricacy and depth of the investigative process deserves a thorough explanation.
In our next blog post, we will dive into the details of conducting cryptocurrency investigations. We will cover the datasets and workflows that comprise an investigation, the tools investigators can use, and techniques that can make or break an investigation.
Join us in part two to learn how investigators track and unravel the complex web of cryptocurrency transactions.
