KYC, Bitcoin, and the failed hopes of AML policies: Tracking funds on-chain

The basis of modern approaches to money laundering is to prevent illicit funds from entering the financial system. I understand the rationale. Once a criminal has no money to spend, they will eventually have to quit whatever they are doing and find a 9-to-5 job.

But even as AML regulations have tightened and become more expensive over the past two decades, levels of organized crime, tax evasion and drug use show no sign of abating. At the same time, the fundamental right to privacy is routinely and unapologetically violated, and each financial transaction, no matter how small, is subject to extensive scrutiny and reams of paperwork. See Part 1 of this story for more details and numbers.

This raises the question of whether you need to reconsider your approach to your AML strategy.

Two years ago, fintech author David GW Birch wrote a paper that said: article Forbes reflects a key principle of AML: gatekeeping. The key idea can be rephrased as: “Instead of trying to stop criminals from getting into your system, let them in and watch what they do.”

Why install expensive AML gates and force bad guys to rely on untraceable cash or artefacts when, in fact, we can simply let them in and hunt them down after the money? Is not it? To do this, both existing reporting systems within traditional finance and on-chain analytics within blockchain can be used. However, while the former is more or less understandable, the latter is still a mystery to most people. Moreover, politicians and bankers regularly denounce cryptocurrencies as tools of criminals, tax evaders, and satanists of all kinds, making the misconception even worse.

To further elucidate this issue, we need a deeper understanding of how on-chain analytics works. However, this is not an obvious task. Blockchain analysis methods are often proprietary, and analytics companies that share them risk losing their business advantage. However, some companies, like Chainaracy, have published fairly detailed documentation, and the Luxembourg company Scorechain agreed to share some of its transaction details for this article. Combining this data gives us a good idea of ​​the possibilities and limitations of on-chain analytics.

How does on-chain analytics work?

Blockchain is transparent and can be audited by anyone. However, not everyone can draw meaningful conclusions from the myriad datasets that make up it. Collecting data, identifying entities, and converting conclusions into a readable format is the specialty of on-chain analytics companies.

It all starts with getting a copy of the ledger. In other words, it synchronizes the internal software with the blockchain.

Next comes the tedious mapping stage. How do we know that this address belongs to an exchange and this address belongs to a darknet marketplace? Analysts are using their creativity and resourcefulness to explore the blockchain as much as possible. attempts to de-anonymize. Any technique is fine as long as it works. Collecting open source data from law enforcement agencies, scraping websites, manipulating Twitter-X and other social media, retrieving data from professional blockchain explorers like Etherscan, and stealing at the request of lawyers. such as tracking the funds received. … Some services are identified by interacting with them. This means sending your funds to a centralized exchange to identify your address. Data is often cross-checked with various sources to reduce errors.

Once the address is as specific as possible, the maze of transaction hashes can be seen a little more clearly. However, that image is still far from complete. On account-based blockchains like Ethereum, funds can be tracked in a fairly simple way by identifying the address, but on UTXO blockchains like Bitcoin, the situation is less clear.

In fact, unlike Ethereum, which tracks addresses, the Bitcoin blockchain tracks unspent transaction outputs (UTXOs). Each transaction always sends all coins associated with the address. If the user only wants to spend a portion of the coin, the unspent portion, also known as change, is allocated to a newly created address controlled by the sender.

It is the job of on-chain analytics companies to understand these movements and identify clusters of UTXOs related to the same entity.

Can on-chain analytics be trusted?

On-chain analytics is not an exact science. Both UTXO mapping and clustering rely on experience and a carefully tuned set of heuristics developed independently by each company.

The issue came to light last July during a court hearing involving Chainalysis, which provided forensic expertise in the United States v. Starlingoff case.Office representative Admitted Not only was the method not peer-reviewed or scientifically validated, it also did not track false positives. In defense of chainalysis, the first point is understandable. The methods each company uses to analyze blockchain are closely guarded trade secrets. However, the issue of false positives needs to be better tackled, especially when it could potentially send someone to prison.

Scorechain uses a different approach, choosing only methods that err on the side of caution and do not generate false positives in clustering processes such as multiple-input heuristics (all input addresses in a single transaction are from one entity). ). . Unlike Chainaosis, it does not use modification heuristics that generate many false positives. In some cases, if the human operator has good reason to do so, the team can manually track his UTXOs, but overall this approach allows for blind spots and allows for additional information to fill in the blind spots in the future. I’m counting on you.

The very concept of a heuristic, a strategy that takes a practical but not necessarily scientifically proven approach to problem solving, means that it cannot be guaranteed to be 100% reliable. The measure of effectiveness is the results. That the FBI says Chainalysis’ methods are “generally reliable” could serve as proof of quality, but only if all on-chain analytics companies started measuring and sharing their false positive and false negative rates. It would be better.

see through the fog

There are ways to obscure the trail of funds and make them harder to find. Crypto hackers and scammers are known to use all sorts of techniques, including chain hopping, privacy blockchains, and mixers.

Some, such as asset swapping and bridging, can be tracked by on-chain analytics companies. Others, such as the privacy chain Monero and various mixers and tumblers, often cannot. however, instance When Chainalysis claimed to be separating transactions that passed through its mixer, and more recently when Finnish authorities announced The company is reportedly tracking Monero transactions as part of its investigation.

In any case, the very fact that these masking techniques were used is highly visible and can act as a red flag for AML purposes. One example is when the U.S. Treasury added the Tornado Cash mixer’s smart contract address to the OFAC list last year. Now, if we trace the history of the coin back to this mixer, we suspect that the funds belong to illegal actors. While this isn’t great news for privacy advocates, it’s actually encouraging for crypto AML.

One might wonder, what’s the point in flagging mixed coins and tracking them across the blockchain if there’s no concrete person anchoring them, like a banking system? not. Fortunately, criminals need to interact with the non-criminal world, and sooner or later the tainted money ends up in a product or service provider, or in a bank account, and law enforcement can only identify the real person. Here it is.This is how the FBI obtained the largest amount of money in history. Bitcoin worth $4.5 billion seized (at 2022 prices) following Bitfinex hack. This also works in reverse. If law enforcement gains access to a criminal’s private keys, they can trace back the history of the blockchain and determine which addresses interacted with the blockchain at any given time. This is how the Metropolitan Police uncovered an entire drug trafficking network from her single arrest (Source: Chainaracy’s Crypto Crime 2023 report).

Crime has existed since the dawn of humanity and will continue to haunt us, perhaps until the end of humanity, using ever-evolving camouflage techniques. Fortunately, crime detection methods are following suit, making blockchain an ideal environment to deploy digital forensic tools. After all, it is transparent and accessible to everyone (by the way, this cannot be said about the banking sector).

Some argue that current on-chain analytics methods need to be improved, and that is true. However, it is clear that even in this imperfect form it is already an efficient tool for tracking bad actors on-chain. Perhaps it is time to rethink our approach to AML and let criminals infiltrate the blockchain?

Special thanks to the Scorechain team for sharing their knowledge.

This is a guest post Marie Potelieva. The opinions expressed are entirely their own and do not necessarily reflect the opinions of his BTC Inc or Bitcoin Magazine.

Related Article

1 Comment

lehterä April 11, 2024 at 1:34 pm

32. “Blekingen koulupiirin johtajan tunnustukset [useista lapsiin kohdistuneista rikoksista]( ovat syvästi häiritseviä. Tämä tapaus korostaa, kuinka tärkeää on lasten suojelu ja tehokkaiden valvontamekanismien ylläpito.”

Leave a Comment