https://www.caseware.com/alessa/webinars/what-fis-need-know-cryptos/
Facebook’s Libra announcement once again sparked a fury of discussions around the role of digital currencies in the banking system. The reality is, cryptocurrencies are here to stay and financial institutions need to apply the same risk management activities as with any other product. So what does this entail?
In this presentation, Dan Peak, Board Advisor at CaseWare RCM and former CEO for World-Check and Greg Pinn, Head of Product Strategy at iComply Investor Services will walk the audience through a systematic process that every financial institution should go through when evaluating the risks associated with cryptocurrencies and effective mitigation strategies.
About Alessa, a CaseWare RCM product:
Alessa is a financial crime detection, prevention and management solution offered by CaseWare RCM Inc. With deployments in more than 20 countries in banking, insurance, FinTech, gaming, manufacturing, retail and more, Alessa is the only platform organizations need to identify high-risk activities and stay ahead of compliance. To learn more about how Alessa can help your organization ensure compliance, detect complex fraud schemes, and prevent waste, abuse and misuse, visit us at caseware.com/alessa.
Connect with us online:
Visit the Alessa WEBSITE: https://www.caseware.com/alessa/
Follow Alessa on LINKEDIN: https://www.linkedin.com/caseware-alessa
Follow Alessa on TWITTER: https://twitter.com/casewarealessa
SUBSCRIBE to Alessa on YouTube: http://tiny.cc/Alessa
2. https://www.alessa.caseware.com/ https://icomplyis.com/
Housekeeping
Enter your questions here
Webinar Tips
• If you are experiencing issues with audio quality, switch to Chrome as
your web browser
• If you are still experiencing issues, send us a message and we will
provide a link to the GoToWebinar support line. There is a also a link at
the bottom of the chat box.
• Let us know if you are experiencing any other issues.
3. https://www.alessa.caseware.com/ https://icomplyis.com/
About Presenters
Daniel Peak
Daniel Peak is an advisor at CaseWare RCM. He has advised and managed many
organizations and has expertise in risk intelligence, online risk, cybercrime as well as
compliance with the Foreign Account Tax Compliance Act (FATCA) and the Common
Reporting Standard (CRS) for international tax reporting. He is also the former CEO for
World-Check, now Refinitiv, and led the company to a successful sale to Thomson Reuters.
Greg Pinn, Head of Product Strategy at iComply Investor Services, has over a decade of
experience leading global best practices in the anti-money laundering (AML) and know-
your-customer (KYC) industry. Greg specializes in building industry leading products to
help financial institutions, both traditional and crypto, scale operations, reduce risk and
ensure compliance with global regulations. At iComply, Greg works with industry leading
virtual asset service providers to develop, build, and maintain best-in-class compliance
programs.
Greg Pinn
4. https://www.alessa.caseware.com/ https://icomplyis.com/
Agenda
4
1. Overview of cryptocurrency and cryptocurrency
regulated businesses
2. High-level view of the current regulatory landscape
3. Differences between risks associated with fiat and
cryptos
4. How to manage onboarding, screening, transaction
monitoring and regulatory reporting with
cryptocurrencies
5. https://www.alessa.caseware.com/ https://icomplyis.com/
cryp·to·cur·ren·cy
/ˈkriptōˌkərənsē/
noun
5
a math-based, decentralized, convertible,
virtual currency that is protected by cryptography
does not have a single
administering authority.
has an equivalent value in real (fiat)
currency and can be exchanged back-
and-forth for real currency.
a digital representation of value that can be digitally
traded and functions as
a medium of exchange; and/or
a unit of account; and/or
a store of value,
The conversion (encryption) of
data for secure transmission over
a public network
6. https://www.alessa.caseware.com/ https://icomplyis.com/
FinCEN released first guidance
on Virtual Currencies
6
A brief history
2008 2009 2010 2011
Satoshi Nakamoto White Paper published
First Bitcoin block mined
First Bitcoin exchange, Bitcoinmarket.com, opens
First organizations accept Bitcoin
2012 2013 2014 2015
Canada’s FINTRAC announces intention to address
Virtual Currencies as part of its AML efforts
Mt. Gox shuts down after loss of 850,000 BTC
(Worth approx. USD $8 billion today)
Ethereum released
2016 2017 2018 2019
119,756 Bitcoin stolen from
Bitfinex (worth $113M today)
Bitcoin Cash forks from Bitcoin
QuadrigaCX CEO dies, causing
loss of $145M
G20 commitment to implement
FATF standards for crypto assets
FATF releases Guidance for a Risk-Based Approach
to Virtual Assets and Virtual Asset Service Providers
FinCEN released updated guidance on Virtual
Currencies
9. https://www.alessa.caseware.com/ https://icomplyis.com/
• Fiat-to-Crypto VASPs vs Crypto-to-Crypto VASPs.
• Centralized vs. Decentralized Virtual Assets and VASPs.
• Anonymity or obfuscation of identity
• The specific business model of the VASP
• The potential risks associated with a VASP’s connections and links to several
jurisdictions;
• The nature and scope of the VA account, product, or service
• Security of the Virtual Asset (51% attack potential)
9
Cryptocurrency risks
10. https://www.alessa.caseware.com/ https://icomplyis.com/
“...replacing a traditional corporate interest recorded in a central ledger with an
enterprise interest recorded through a blockchain entry on a distributed ledger may
change the form of the transaction, but it does not change the substance.”
- SEC Chairman Jay Clayton
10
11. https://www.alessa.caseware.com/ https://icomplyis.com/
• Exchanges, whether crypto-to-crypto or fiat-to-crypto, must register as an MSB and comply with
the BSA (including having a complete AML program and SAR/CTR reporting).
• Hosted Wallets must comply fully with BSA requirements. Unhosted Wallet providers, such as
deployed software or hardware wallets, are not required to comply with BSA and FinCEN AML
requirements.
• Cryptocurrency ATM providers must comply with BSA and FinCEN AML requirements.
• DApps (decentralized apps such as Ethereum Smart Contracts) may or may not be required to
comply with the BSA depending on whether the DApp performs money transmission
• Privacy Coins (zCash, Monero, etc.) and anonymization services (such as mixers or tumblers)
must comply with BSA and FinCEN AML requirements.
11
What FinCEN says
12. https://www.alessa.caseware.com/ https://icomplyis.com/
• Cryptocurrency Payment Processors (also known as Fiat Gateways) do not qualify for the BSA
exemptions provided to fiat payment processors as they may process payments from individual
wallets unlike fiat payment processors who only process payments from financial institutions
through credit card payments or bank transfers. Because of this, cryptocurrency payment
processors must comply
• Decentralized Exchanges (DeX) do not need to comply with BSA and FinCEN AML requirements
as long as the DeX does not facilitate the transfer of funds or hold any user funds.
• Mining Pools may have to comply with BSA and FinCEN AML requirements if the pool hosts the
wallets that receive the proceeds of the mining.
• If there is no wallet hosting provided by the mining pool, they most likely do not have to comply
with BSA/AML requirements.
12
What FinCEN says
13. https://www.alessa.caseware.com/ https://icomplyis.com/
• Token Offerings (Initial Coin Offerings, Initial Exchange Offerings, Security Token Offerings, et al)
provide the most complex scenarios for determining AML/BSA requirements. Based on the
organization type of the issuer, intermediary, or investor, the FinCEN obligations may align more
closely with a bank, broker-dealer, futures commission merchant, commodity dealer, or mutual fund.
These types of institutions have different AML/BSA requirements and will differ from those of an
MSB.
13
What FinCEN says
14. https://www.alessa.caseware.com/ https://icomplyis.com/
• Traditional AML/KYC still applies
• Use Blockchain forensics
• Identify risks such as:
• Use of dark web sites
• Use of PunyCode URLs
• Cryptocurrency giveaways
• Pump-and-dumps
• Use of mixing service
14
How to avoid these risks?
15. https://www.alessa.caseware.com/ https://icomplyis.com/
• As regulations across jurisdictions are still evolving, extra attention must be paid on what
regulators require for compliance.
• For those operating in the U.S., FinCEN has issued clarification for VASPs and some types of
businesses need to follow BSA and FinCEN AML requirements while others are exempt under
special cases. Consult legal.
• Risk profile each cryptocurrency as each poses unique risk.
• In addition to traditional transaction monitoring, institutions must monitor the transactions of their
customers and other third parties on the blockchain.
• Ensure all crypto businesses that they transact with meet industry standards for KYC and AML
• Watch for additional risks that are unique to cryptocurrency
• Rely on technology that is designed to analyze blockchain transactions to mitigate risks
15
Recap – Key takeaways
16. https://www.alessa.caseware.com/ https://icomplyis.com/ 16
About Us
Solution that streamlines compliance and
manage risk in online environments such as
• Digital onboarding for people and corporations
• Identity document verification
• Source of wealth
• Proof of address
• Blockchain forensics
• Wallet ownership verification, and more
End-to-end AML compliance platform with:
• Due Diligence
• Sanctions and watch list screening
• Transaction monitoring
• Automated regulatory reporting
• Dashboards, workflows and case
management
You should see something like this in the upper-right corner of your computer desktop.
Using this control panel, you can submit questions to today’s presenter by typing them into the Questions pane. You can send your questions at any time and we will address them during the Q&A session at the end of today’s presentation.
If you are experiencing issues with audio quality, switch to Chrome as your web browser
If you are still experiencing issues, send us a message and we will provide a link to the GoToWebinar support line. There is a also a link at the bottom of the chat box.
Laurie Kelly has a 35-year career spanning the fields of accounting, finance, risk management, and regulatory compliance. Most recently, from 2006 to 2018, she served as the Director of Compliance for CoBank ACB, a 130 billion dollar Farm Credit System institution, where she developed and managed the bank’s anti-money laundering, fraud, and economic sanctions compliance programs.
She holds the Certified Anti-Money Laundering Specialist designation as well as the CAMS-Audit specialization. She helped found the ACAMS Colorado Chapter, serving as its Executive Board Chair from 2016 to 2018, and Programs Director from 2015 to 2016.
Laurie has done an excellent job of putting together a great presentation, and I hope you enjoy it!