Around ten years ago, the dark web started to thrive as a marketplace for various illicit activities. And many criminals used this as an opportunity to gain anonymity. Dark web forums became a space dedicated to producing and exchanging child sexual abuse material (CSAM). To date, they are full of advice, with criminals sharing insights on online grooming and travelling to exploit children.
A few years ago, we could have also observed two trends: a significant rise in the popularity of virtual assets, the digital representation of value only available in electronic form; and cryptocurrency, a subset of virtual assets using cryptography, to secure financial transactions. The volume of cryptocurrency transactions grew to $15.8 trillion in 2021, up 567% from 2020, proving that virtual assets are becoming increasingly mainstream.
As another consequence, virtual assets became the second-most commonly accepted payment method (credit and debit cards being the first) on 40 platforms in the online commercial sex market facilitating sex trafficking. Dark web transactions account for just over half of all illicit Bitcoin transactions.
In a report published last year, EUROPOL found that digital services and infrastructure (servers, virtual private networks and hosting services) used for criminal purposes are also mostly purchased with cryptocurrencies.
Despite crypto assets not being fully anonymous, certain characteristics make them appealing to many criminals. Blockchain transactions are linked to addresses that correspond to public keys derived by user-held private keys, not by username or password, which makes them pseudo-anonymous.
How can criminals obfuscate their identity using cryptocurrencies?
Criminals can become anonymous simply by using non-compliant or unlicensed exchanges, especially in high-risk jurisdictions, or P2P exchanges. Within these, customer accounts require only basic information, such as an email address and a password.
Regulation is pushing many criminals away from licensed exchanges. They are adapting, however, and switching to countries where crypto asset laws remain relatively lenient. Certain countries still have not implemented the Financial Action Task Force’s (FATF) cryptocurrency standards, which means there are still plenty of non-compliant VASPs (Virtual Asset Service Providers) operating with no oversight.
Poor oversight, it turns out, is a common denominator. Exchanges with poor AML practices receive approximately tenfold the volume of illicit funds than those with strong compliance controls. There has also been a steady transition to exchanges that do not require KYC information from users in recent years.
Another obfuscator is Bitcoin mixers. This process breaks funds down into smaller sets and subsequently mixes it with other transactions, for only a small fee (around 3%). The recipient gets the same value in Bitcoin, but receives it as a set of different coins, making tracing more difficult and breaking the link between transacting parties. The benefits for criminals far outweigh the 3% fee.
In one of its reports, the FATF highlighted unlicensed and non-compliant exchanges that offer privacy coins as one significant risk. Cryptocurrencies such as Monero, Dash and Zcash even have a mixing feature built in! Nowadays, Monero is the ultimate niche privacy coin. , as it was designed to conceal the sender and receiver, as well as the amount exchanged. An increasing number of darknet markets have stopped accepting Bitcoin and only accept Monero.
The next attractive element for criminals is Bitcoin Teller Machines (BTMs). These provide reliable, rapid transfers of cryptocurrencies into fiat, or vice versa, as well as moving illicit proceeds across criminal networks. There are more than 11,600 BTMs located around the world, and many provide access to a growing range of altcoins, including privacy coins. In many jurisdictions, BTMs remain unregulated, or their status is muddied.
What share of cryptocurrency transactions volume is illicit?
According to EUROPOL, the scale and share of illicit cryptocurrency use accounting for criminal activities is difficult to estimate. On the one hand, law enforcement’s ability to combat cryptocurrency-based crime is evolving. A record $14 billion of illicit crypto transactions were detected in 2021, accounting for 0.15% of total crypto volume, as reported by Chainalysis. On the other hand, it is impossible to tell how much activity remained undetected. However, we can still see some parts of the puzzle. One academic paper, published by UTS Business School, revealed that about 23% of the total dollar value of Bitcoin transactions is associated with illegal transactions.
As evidence of the surge of illicit cryptocurrency transactions, there was a fivefold increase in the number of suspicious activity reports filed with the Financial Crimes Enforcement Network (FinCEN) that involve virtual currency and drug trafficking. These jumped to almost 1,432 in 2020, from 252 in 2017. Last year FinCEN also called on banks to report child sexual exploitation (CSE) crimes and advised on filing SARs (Suspicious Activity Reports), which has been further explored in one of our earlier blogs.
While cryptocurrencies might seem like the obvious solution for criminals, Carolina Christofoletti, an ATII (Anti Human Trafficking Intelligence Initiative) researcher, presents a different perspective in her article. Some offenders are actually reluctant to use cryptocurrency.
“CSAM criminals seem to trust the publicly published wallets much more than the private ones, puts those CSAM Dark Web forums in an interesting safety paradigm[…]Basically, the principle behind it is that if everyone starts to operate behind the curtains, Law Enforcement Agencies will amplify, significantly, their points of “attack”. But, if those wallets were not proven by someone else, criminals will not trust them either. Here we go: Game Theory applied to CSAM Research.”
Is there a universal truth on cryptocurrency use in the space of online CSE?
Offenders have different modus operandi, and the data currently available are not sufficient to speak with confidence on the value and volume of illegal crypto transactions. However, we are living in a CSAM epidemic and the dark web’s market is booming, no matter what the payment method is. This in itself is worrying and should boost advances on regulating VASPs, implementing relevant controls in traditional banking, and protecting children online.
One of the tools that can help financial institutions in the fight against CSAM is RedCompass Labs’ RedFlag Accelerator Typologies, an open-source set of modern slavery, human trafficking and child sexual exploitation indicators and scenarios. It is based on the consolidation, enrichment and de-codification of over 200 global red flag sources. One of the Typologies is specifically dedicated to online CSE and outlines five persona-based scenarios supplemented with financial activity red flags, which help financial institutions accelerate the search and improve the accuracy of identifying and CSE traces in their data. The Typologies are available to financial institutions as a free download to demonstrate how their data can help in the fight against these heinous crimes.
What do you think? Would these crimes worth of $14 billion still happen in the fiat world if cryptocurrency did not exist?
Share this post
Resources