Topic: CipherTrace Enters Race to Solve Crypto's FATF Compliance Headache (Read 339 times)

I know a few companies are working to aid in compliance. Although I find Ciphertrace's to make the most sense in regards to privacy

Yeah, it's nice that someone is trying to make it possible to comply with the requirements using cryptocurrencies. I think it what CipherTrace does can be very useful to exchanges and other businesses that don't won't troubles with the authorities. If we look at it from the user's standpoint, however, this is not a good thing, because there aren't many sponsors of terrorists or financial scammers among us, but we are required to give away so much data about us nevertheless. This is just not fair and also impractical to fight crimes. It would make more sense to come up with certain requirements, based on the analysis of the known cases of crimes, under which the travel rule should apply. Otherwise the investigators will just drown is data and be too tempted to use it for other purposes.

Even I've never went through these services except HitBTC that wanted me to do KYC for no freaking reasons and being the shittiest of all exchanges, but I needed to give out my details just to get my money moved.



The best advantage in our hands here - I try to find reliable traders with broader background in the field of trading Bitcoins and trade with them only (directly) rather than transferring my coins to an exchange, waiting for the deposit to confirm, waiting for a trader to buy my coins (and that takes a lot of time because it's all done partially and not in one shot) and finally, the hassle of releasing them, all with the so-called KYC regulations to be abide by as there's "No KYC, No Trading allowed" policy here.


I'm afraid I can't get a debit card to use in my country knowing that the heat to stopping crypto here has taken an enormous form, but all I do for nominal things like buying groceries online to doing recharges and even paying my bills, I simply sell my BTC to the trader, give the bill details and/or number to recharge upon and get it done almost immediately without any issues.


Exchanges are dominating because they've got volumes (whether real or fake) and that's why they've taken over the OTC deals at a higher pace these days. I wouldn't prefer giving my details to any shady exchange (even the most reputed one) just because they won't let me withdraw my money, but would rather prefer going out of the box and remain private (not so safe if the trader turns out bad).

I've long fucked off Bitstamp and not for one second did I ever entertain those other services mentioned.

I plan on only two routes back to fiat should I ever require it.

The first is OTC for significant amounts. Why anyone would use a bog standard exchange for a decent sum is beyond me. I do not intend to wind up as a ticket number with no way of accessing money. A competent OTC deal will sort any question marks before the exchange proceeds. That's the way ALL crypto to fiat services should operate with no exceptions.

For the day to day fripperies I'll stick with crypto debit cards. They may cost a little more but if they croak it's no big deal, they never go anywhere near my bank and nothing more than piddling sums is placed on them.

I find it weird that exchanges dominate everyone's thinking when they're the shittest and most dangerous option by a country mile.

After what Bitstamp, HitBTC, Changelly, Freewallet and others have done it's only common sense. Lots of services already employ selective KYC scams under the guise of similar AML regulations. We can only expect things to get worse as the regulatory burdens pile on.

In this environment, people should obviously avoid third parties wherever possible. Otherwise, they should at least be aware that every satoshi they've deposited might be put under a microscope, with proof of source of funds demanded for every bit.

So people are going to self-police themselves even without legal pressure?


I am not. It most likely depends on the mixer used and on each individual case.

That's possible to an extent, particularly mixers that are using outdated and broken algorithms. However, if companies like Ciphertrace could conclusively break all mixers, governments would simply surveil mixers rather than trying to shut them down.

Either way, this is irrelevant to the larger point, which is: Governments can't shut down mixers. They can only shut down domains and seize servers. These are small, temporary setbacks.

Of course, nobody was arrested in the Bestmixer case. They just disappeared with everyone's money. Same with Bitblender. These were exit scams.

I am almost positive Ciphertrace's technology can still trace movements of transactions even after they've gone through a mixer

It sounds more like Ciphertrace's proposed TRISA is in place for exchanges to align with their KYC?

I don't think the BTC-e seizure went at all like the US government was hoping. In many ways, it was an embarrassment. They weren't able to seize any funds up front, arresting Vinnik netted absolutely nothing, and BTC-e reemerged a month or so later. That experience probably showed the DOJ how difficult it is to target crypto services who are scattered across many borders, and who employ proper operational security. I believe the US government has wanted to take down Bitfinex for years -- the DOJ and CFTC have been investigating them since at least 2017 and probably earlier. That they haven't suggests that they can't, at least not yet.

Targeting mixers (who don't even touch fiat money) is even more problematic for governments. An honest mixer can easily recover from authorities shutting down clearnet domains or seizing servers. New infrastructure can be built within days and proper encryption would protect all customer funds in the meantime.

But the Bestmixer case -- and subsequent disappearance of BitBlender -- highlights the biggest problem for us: Law enforcement temporarily shutting down a mixer creates an opportunity for them to exit scam.

Right, they going to like "flex" their muscle again, maybe ala BTC-E seizure most likely in the future. Interpol/EUROPOL also have this sort of mentality as in the case of Bestmixer.io last May.

I suggest everyone to brace yourself next year about this new regulations and policies. Maybe some exchanges will stay in their ground and try to protect themselves, but which pressures coming at all angle, just a matter of time before they succumb. And it will create a lot of mess, maybe exchanges will run to a supposedly safe haven countries, who knows.

It sure is. I won't lie, this is probably going to end with lots of disgruntled exchange customers, frozen money, closed accounts, unexpected law enforcement investigations, etc. I've always been extremely careful to ensure that anything touching my Coinbase account is unimpeachable. Unfortunately with the way things are headed, we'll need to employ that sort of caution to most services -- maybe even lower tier exchanges registered in random island nations. You just never know.

IMHO I think the technology will be able to track those 1x movements but won't really be alarmed until reoccurances of movements sets it off showing signs of money laundering. I think that's the entire premise behind what Ciphertrace is trying to create. A privacy preserving compliance tool

Dunno. I was hoping you could help me out with that.

Stuff like the story about Coinmama shutting someone down for having a gambling transaction about 10-15 txs back is the type of thing that's worrying. I can get 1-2 tx away stuff that breaks terms and conditions, but if it was months and many wallets ago that's going to wind up nightmarish.

That's the million dollar question. For now, nobody really knows. To my knowledge, Gemini is the only service that specifically prohibits interfacing with mixers in their user agreement. I don't think they'll be the last, though.

Exchanges will likely take a risk-based approach, with a spectrum of different policies. The worst of them will do as Bitstamp already does -- demanding proof of source of funds for every satoshi deposited. Others may only flag accounts that deposit specifically dubious coins that are sent directly from DNMs and things like that.


Well, what's sensible?

the travel rule is not part of american law, so FinCEN does not enforce it.


the $3k threshold is only for "cash purchases of monetary instruments such as money orders, cashier's checks, and traveler's checks". it doesn't apply to cryptocurrency. FinCEN asserting that virtual currency falls under the BSA means that CTR and SAR do apply though. https://en.wikipedia.org/wiki/Bank_Secrecy_Act#Reports


as the DOJ and FinCEN discovered in 2017 when they came after BTC-E, they can't seize cryptocurrency. fiat exchanges are exposed to banking risks, but if the american government targets crypto-only businesses, they can remain as hidden services and/or spin up new clearnet domains, wallets fully intact. coming after mixers this way could be a game of cat and mouse they know they can't win. and three letter agencies hate looking powerless.

i think the american government is more likely to indirectly target mixers by implementing "know your customer's customer" standards like those seen in the FATF travel rule. basically, they'll pressure services to blacklist non-complying services like mixers. anyone who doesn't fall in line is at risk of adverse government action. the exchanges police themselves.

Can't say I'm surprised by that in the slightest.

What I would be interested to know is how an exchange or other service that has to yield to this would treat coins that come either from mixers that ignore this or are mixed crowd style a la Coinjoin. Would they be automatically obligated to reject them? Will there be a point where you need a completely unbroken trail to go anywhere near a centralised service?

It's same old fungibility question. Where does it begin and where does it end? I can see it becoming an impossible mess unless everyone's sensible.

I think to some extent this is just an extension of KYC right? Their technology will only be flagged for movements greater than 3k

@figmentofmyass - I think FATF just made a recommendation about sharing informations across all exchanges. FINCEN is in charge of "enforcing" Travel Rule. BSA (Bank Secrecy Act) of 1996 was amended in 2012 to include all electronic funds transfer. I'm assuming it includes crypto and the threshold is $$3k or more.

I think crypto mixers falls under the definition of VASP (Virtual Asset Service Provider) and also includes exchanges. So I don't know if they are going to comply with this new rules or take the risk of being shutdown.

I guess there will be no privacy here, as the guidelines states that originator and receiver should exchange information. And the thing is, there will be a something to validate everything, a certificate authority (CA) to protect the communications between VASP.


https://ciphertrace.com/wp-content/uploads/2019/08/TRISA-Enabling-FATF-Travel-Rule-V4.pdf

Which kinda defeats the main purpose of mixers IMO. One person mixes his coins because he feels the need to, and so the solution is to go to a service which tumbles and turns coins and ensuring that no one, not even the mixing service themselves, know who he is and why he's doing it. They are really closing in on the privacy that some of these services offer, and that's not good in any way.