Last month, the U.S. Department of Justice announced the publication of a Cryptocurrency Enforcement Framework penned by the Attorney General’s Cyber-Digital Task Force. The new framework reviews the successes and challenges of agencies tasked with managing the threats posed by terrorist and various criminal users of cryptocurrencies. While the report paints a promising picture of the benefits cryptocurrencies can offer societies, it nonetheless offers sobering assessments of past, current, and possible future threats.
Within the report’s concluding pages is an important warning on future terrorist use of cryptocurrencies: “Current terrorist use of cryptocurrency may represent the first raindrops of an oncoming storm of expanded use that could challenge the ability of the United States and its allies to disrupt financial resources that would enable terrorist organizations to more successfully execute their deadly missions or to expand their influence.” The DOJ’s new framework presents a more assertive and international approach that will be vital to preempt that oncoming storm.
Those working outside government can appreciate the enormous task the DOJ and its partners face in combating cryptocurrency-based threats. Terrorists may use cryptocurrencies to deadly ends, but in terms of general ability and value exchanged they pale in comparison to other bad actors. Alongside terrorists, law enforcement agencies grapple with advanced cyber extortion operations, drug trafficking, child exploitation markets, rogue state activities, and other forms of criminal activity that rely on cryptocurrencies as a way to exchange value. These activities can inflict massive human and infrastructural damage and steal value in the hundreds of millions of dollars.
In this context, current terrorist use of cryptocurrencies appears marginal. In the U.S., some supporters of Islamic State have expressed preliminary interest in helping one another use cryptocurrencies to send donations to the group. One was even able to defraud American financial institutions of tens of thousands of dollars by laundering fiat currency through cryptocurrencies and out of the country to Islamic State facilitators overseas. Right-wing extremists in the U.S. are also starting to pick up interest, including through extremist sites that maintain crypto-wallets of up to the low hundreds of thousands of dollars. Still, against the theft of nearly $250 million from virtual currency exchanges or the multi-million dollar seizure of funds from a busted fentanyl distribution operation, terrorist use is pebble-sized and tends not to exceed the savings and/or incomes of the individuals involved.
Many of these cases also tend to result in prison sentences and terrorist assets being seized. As a number of dismantled terrorism financing campaigns from this summer show, the DOJ and its partners in the Treasury, Homeland Security, and others can keep pace with the times, even as terrorist actors seek to exploit the COVID-19 pandemic for online fundraising opportunities. Their counterparts in independent U.S. financial watchdog agencies like the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC), as well as intergovernmental organisations like Financial Action Task Force (FATF), are similarly prepared. These organisations have already garnered successes in holding online platforms like Telegram accountable to the same set of regulations that govern all virtual asset service providers and traditional financial institutions.
However, until the publication of the new Cryptocurrency Enforcement Framework, the DOJ and its partners have not benefited from a cohering stance that addresses cryptocurrencies on an international scale. This framework fills that gap. Not only does it provide a common approach to understand and categorise legitimate and illicit use of cryptocurrencies and darknet markets in general, it also includes a comprehensive review of existing laws and regulatory authorities both within the U.S. and internationally. These contents play a vital role in both clarifying the broader U.S. legal stance vis-à-vis cryptocurrencies globally, and in posturing the DOJ and its partners against current and future threats.
And that posture means a more assertive American stance in the international arena. The release of the new DOJ framework arrives on the heels of a major breakthrough in U.S. global regulation and enforcement of cryptocurrency exchanges. During the U.S. tenure as president of the FATF from 2018-2019, the organisation released its landmark Guidance for a Risk-Based Approach: Virtual Assets and Virtual Asset Service Providers. This report advised that countries should extend the “Travel Rule” (a set of requirements that exchanges hold or be able to access Know-Your-Customer (KYC) data) to all virtual exchanges regardless of where they operated. Implementation of that guidance to date has varied across countries. Now, with the release of its own framework, the DOJ is taking the front foot on international regulation of cryptocurrency exchanges.
A More Assertive Regulatory Approach With Global Ambition
In one sense, the U.S.’s invigorated approach can be seen as a warning shot at cryptocurrency exchanges worldwide to comply with U.S. standards of regulation. And they seem to have made an example out of BitMEX—the largest cryptocurrency derivatives platform in the world—which received more than $11 billion in Bitcoin deposits and garnered over $1 billion in user fees from its base in the Seychelles. On 1 October, the CFTC announced that it had filed a civil enforcement action accusing the crypto giant of operating an unregistered trading platform and violating multiple CFTC regulations. In another sense, the new framework can also be seen as an international rallying effort led by the U.S. The report doesn’t shy away from declaring the DOJ’s stance on related regulatory frameworks in the EU and other jurisdictions, and offers a number of case examples to show where the Department will fall on specific issues going forward.
Between firing warning shots and issuing rallying cries, the framework’s biggest strength is its assertiveness. It extends a clear U.S. regulatory approach with global reach, and draws hard lines in the sand for virtual exchanges outside the U.S. and for implementing partner countries. Not only does this approach seek to preempt certain issues like widespread terrorist adoption and exploitation of cryptocurrencies, it also sets both the conditions for compliance and the tone for partnership. And those components—compliance and partnerships—are critical to bring to the table right now specifically when it comes to terrorism financing.
As the framework notes, current terrorist use of cryptocurrencies “may represent the first raindrops of an oncoming storm of expanded use.” Although that use remains minor and isolated to the individual-level at least in the U.S., terrorist groups like Hamas, Al-Qaeda, and IS are all starting to experiment with cryptocurrency-based fundraising at the organisational-level in the Levant and elsewhere. Enforcement frameworks like this one will always struggle to completely stem terrorism financing at the individual-level, but neither they nor the regulation they enforce are necessarily designed with isolated individuals in mind. Instead, they are meant to counteract terrorism financing at the organisational-level, and that is precisely the threat that the DOJ’s new enforcement framework addresses.
At the end of the day, the authors of the framework recognise that cryptocurrencies and similar peer-to-peer technologies can, at their best, yield tremendous benefits for societies around the world. At their worst, they can endanger national security and jeopardise decades of progress in countering the financing of terrorism and other public safety efforts. Having clear regulatory positions, assertive enforcement frameworks, and globally-minded agencies at the helm is the best way to ensure that we see more of the former and less of the latter in the coming years.