If it's crypto it's not money laundering

It appears to be official now. According to the U.S. Department of Justice, when illicit activity is routed via crypto infrastructure, then it no longer qualifies as money laundering.

Earlier this week the Department of Justice's deputy attorney general Todd Blanche sent out an internal staff memo saying that the digital asset industry (read: crypto) is "critical to the nation’s economic development." (Editor's note: it's not.) As such, staff have been instructed to stop targeting crypto platforms such as exchanges, mixers like Tornado Cash and ChipMixer, and offline wallets for the "acts of their end users." 

What does "the acts of their end users" mean? Further clarity arrives deeper into Blanche's memo. It helpfully draws attention to how cartels operating in the fentanyl trade often use digital assets. This is well known. Tether, for instance, is a popular payments platform in the fentanyl trade. (See here, here, and here). And yet, the Department goes on to explain that while it will continue to pursue cartels, terrorist organizations, and other illicit enterprises for their financial crimes, it "will not pursue actions against the platforms that these enterprises utilize to conduct their illegal activities."

This marks a radical departure from long-established financial law on Planet Earth, where financial institutions are generally held responsible for the "acts of their end users," and are pursued when criminals use them to "conduct their illegal activities." It's what's known in law as money laundering.

Money laundering is a two-sided crime. There's the first leg: a criminal who has dirty money. And there is the second leg: the criminal's counterparty, a financial intermediary (a bank, crypto exchange, remittance platform, money courier, or helpful individual) who processes the dirty funds. Both legs are prosecutable. That's precisely what happened to both TD Bank and its cartel-linked customers when they were charged last year. Financial providers are held liable for the crimes of their users.

The same two-sidedness goes for sanctions evasion. There is the sanctioned party and there is the financial platform that facilitates their evasion. Both are indictable.  

If, as Blanche suggests, digital asset platforms are no longer to be targeted for the "acts of their end users," that's effectively saying that the second leg of a money laundering or sanctions violation is no longer a violation, at least not when a crypto platform is involved. So if cartel deposits dirty money at an exchange like Binance which facilitates their crypto transactions, the exchange won't be pursued. Only the cartel will be.

In effect the entire technology has been handed a get-out-of-money-laundering-jail-free card. A detached observer could safely assume that crypto platforms will respond by easing up on their compliance measures—they won't be indicted, after all—which, in turn, will allow more bad actors to make use of their services.

The memo provides more details. It's quite likely that both the ongoing Tornado Cash case (which I've written about extensively) and the ChipMixer case will be dropped, as the memo explicitly states that the Department will no longer target mixing and tumbling services. Tornado Cash, a smart-contract based mixer, operates with a large proportion of its infrastructure running through automated code, whereas first-generation mixers like ChipMixer are entirely human-operated. The latter had mostly disappeared thanks to a series of successful criminal convictions, but will spring back into action as the threat of indictment recedes—leading to more anonymity for the entire system, including for criminals.

The memo's prohibition against Department lawyers targeting "offline wallets" likely refers to "unhosted wallets," which presumably applies to stablecoins—a highly popular type of crypto token pegged to national currencies. Stablecoin users can either hold balances of a stablecoin like Tether or USDC in unhosted format, within their personal crypto wallets, or hold them with the issuer for redemption into actual dollars, in which case they become "hosted." The implication seems to be that if unhosted stablecoins are used by bad actors, the issuers themselves won't be targeted. It's a fantastic policy—if your goal is to encourage fentanyl cartels to use stablecoins.

This decriminalization of crypto money laundering is a ratification of how much of the crypto ecosystem already operates. Just last week, for example, I wrote about stablecoin issuers like Tether and Circle allowing Garantex, a sanctioned Russian exchange, to hold balances of their stablecoins. The issuers seem to believe that providing access to illicit end users like Garantex is legal. And now, it seems, the government has confirmed their view by no longer targeting unhosted wallets for the "acts of their end users."

Now that we've explored some of the immediate legal and technical consequences of this decision, it's worth asking: who on earth benefits from this sudden shift in policy? Because clearly most people will be made worse off. 

I'm only speculating, but here's who this policy may be designed to appease and/or reward:

• Trump-voting libertarians who have arrived at the odd belief that money laundering shouldn't be a crime.
• San Francisco crypto entrepreneurs who want to create financial platforms on the cheap, without the burden of building expensive compliance programs to prevent criminals usage. These entrepreneurs also want their crypto platforms to have access to bank accounts, but banks have been hesitant due to the high risk of crypto-based money laundering. Now that crypto has immunity, banks no longer have to worry. Crypto entrepreneurs voted for Trump, funded him, and are a big part of his administration. This is their payback.
• Trump himself who seems intent on building a murky authoritarian system of bribery and patronage à la Putin or Orban. This system requires money laundering-friendly financial infrastructure, and the Department's memo may be an early step to creating it. (The Trump family, with its many crypto-based entrepreneurial efforts, is also part of the second group.)

In the long term, banks and other traditional providers may benefit, too. With crypto-based finance now unburdened of a major law, every single financial provider operating outside of this crypto-friendly zone, such as traditional banks and fintechs, will be incentivized to switch their database infrastructure over to crypto in order to qualify for this loophole. That means shifting your Wells Fargo U.S. dollar savings account over to a blockchain-based dollar saving account. Doing so will allow banks and fintechs to cut compliance costs and increase their profits.

Once the entire financial sector has migrated through the loophole, it will no longer be a crime to launder funds for criminals. And with mixers no longer being charged by the Department of Justice, that means blanket anonymity for everyone.

As far as the public's welfare goes, the memo is awful. Like theft and fraud, money laundering is immoral and should be punished. Giving one stratum of society a free pass from any law, whether that be money laundering or theft or murder, erodes trust in government and the financial-legal system.

More broadly, society's money laundering laws are a key defence against all types of other crimes. The so-called predicate offences to money laundering such as robbery, human smuggling, and corruption become much more tricky to carry out when, thanks to money laundering laws, the financial system does its best to shut them out. The dissuasive effect engendered by this effort stops many would-be criminals from ever leaving the licit economy. Take away those laws and the case for becoming a criminal becomes much more persuasive.

Why sanctions didn’t stop Russia's Garantex from using stablecoins

Stablecoins, a new type of financial institution, are unique in two ways. First, they use decentralized databases like Ethereum and Tron to run their platforms. Secondly, and more important for the purposes of this article, they grant access to almost anyone, no questions asked. 

I'm going to illustrate this openness by showing how Garantex, a sanctioned Russian exchange that laundered ransomware and darknet payments, has enjoyed almost continual access to financial services offered by stablecoin platforms like Tether and USDC throughout its six year existence, despite a well-known reputation as a bad actor. 

Last month, law enforcement seizures combined with an indictment and arrest of Garantex's operators appear to have finally severed Garantex's stablecoin connection... or not. Evidence shows that Garantex simply rebranded and slipped right back onto stablecoin platforms.  

Stablecoins' no-vetting model is a stark departure from the finance industry's default due diligence model, adhered to by banks (such as Wells Fargo) and fintechs (such as PayPal). We all know the drill—provide two pieces of ID to open a payments account. Requirements for businesses will probably be more onerous. Anyone on a sanctions list will be left at the door. Banks and fintechs must identify who they let on their platforms because the law requires it.

By contrast, to access the Tether or USDC platforms, the two leading U.S. dollar stablecoins, no ID is required. Anyone can start using stablecoin payments services without having to pass through a due diligence process. Sanctioned customers won't get kicked off, as Garantex's long-uninterrupted access shows. Regulators seem to tolerate this arrangement—so far, no stablecoin operators have faced penalties for money laundering or sanctions evasion.

A quick history of the Tether-Garantex nexus

Garantex became notorious early on for its role in laundering ransomware payments. Russian ransomware gangs hacked Western firms, extorted them for bitcoin ransoms, and cashed out at Moscow-based exchanges like Garantex. Garantex also became a popular venue for laundering darknet-related proceeds, particularly Hydra, once the largest darknet market. Reports allege that the exchange's shareholders have Kremlin links and that terror groups Hezbollah and Quds Force have used it.

Founded in 2019, Garantex was connected to Tether's platform by August 2020. We know this because an archived version of Garantex's website from that month show trading and payment services being offered using Tether's token, USDT.

Archived Garantex.org trading page from March 2024 with USDT-to-ruble, Dai-ruble, and USDC-ruble markets [link]

This connection to Tether allowed Garantex's customers to transfer their Tether balances to Garantex's Tether wallet, in the same way that a shopper might use their U.S. dollar account at PayPal to make payments to a business with a PayPal account. This allowed Garantex's users to trade U.S. dollars (in the form of Tether) on its platform for bitcoins or ether, two volatile cryptocurrencies, and vice versa. The Tether linkage also meant that Garantex could offer a market for trading ruble-USD.

By April 2022, Garantex's bad behaviour had caught up to it: the exchange was sanctioned by the U.S. Treasury's Office of Foreign Asset Control (OFAC). U.S. individual and entities were now prohibited from doing business with Garantex. Out of fear of being penalized, most non-Russian financial institutions would have quickly severed ties with it. Yet Tether, based in the British Virgin Islands at the time, permitted its relationship with Garantex to continue without interruption. Archived copies of Garantex's trading page from mid-2022 and 2023 show that Tether-denominated services were still being offered.

The Wall Street Journal reported in 2023 that around 80% of the exchange’s trading involved Tether, despite sanctions being in place. The net amounts were not small. According to Bloomberg, an alleged $20 billion worth of Tether had been transacted via Garantex post-sanctions. A 2024 Wall Street Journal report revealed that sanctions-evading middlemen used Tether to "break up the connection" between buyers like Kalashnikov and sellers in Hong Kong, with Garantex serving as their venue for acquiring Tether balances. 

Finally, analysis from Elliptic, a blockchain analytics firm, alleges that Garantex offered USDT trading services to North Korean hacking group Lazarus in June 2023. This transaction flow is illustrated below:

The Garantex/Tether nexus in 2023: Elliptic alleges that North Korean hackers stole ether from Atomic Wallet, converted it to Tether using a decentralized exchange 1inch, and then sent Tether to Garantex to trade for bitcoin. (Click to enlarge.) Source: Twitter, Elliptic

Tether's excuse for not off-boarding sanctioned entities such as Garantex? A supposed lack of government clarity. 

When Tornado Cash was sanctioned in 2022, for instance, the company said that it would "hold firm" and not comply because the U.S. Treasury had "not indicated" whether stablecoin issuers were required to ban sanctioned entities from using what Tether refers to as "secondary market addresses." Translating, Tether was saying that if bad actors wanted to use Tether's platform to transact with other Tether users (i.e. in the "secondary market"), it would let them do so. Tether's only obligation, the company believed, was to stop sanctioned users from asking Tether itself to directly cash them out of the platform into U.S. dollars (i.e. the "primary market").

This is quite the statement. Imagine if PayPal allowed everyone—including sanctioned actors—to open an account without ID and send funds freely within its system, only intervening when bad actors asked PayPal to cash them out into regular dollars. That was Tether's stance. Or if Wells Fargo let sanctioned actors make payments with other Wells Fargo customers, but only stopped them from withdrawing at ATM. Banks and fintechs can't get away with such a bare bones compliance strategy; they must do due diligence on all their users. But Tether seemed to believe that a different set of rules applied to it.

In December 2023, Tether reversed course. It would now initiate a new "voluntary" policy of freezing out all OFAC-listed actors using its platform, not just "primary market" sanctioned users seeking direct cash-outs. This brought Tether into what it described as "alignment" with the U.S. Treasury. Soon after, Tether froze three wallets linked by OFAC in 2022 to Garantex.

However, this action was largely symbolic. By the time Tether froze those wallets, Garantex had already abandoned them and opened new ones, thus allowing the exchange to maintain access to Tether's platform. Tether's no-vetting model permitted this pivot. Archived versions of Garantex's trading page show that it continued offering Tether services throughout 2024 and early 2025.

The U.S. Department of Justice recently confirmed Garantex's tactic of replacing wallets in its March 2025 indictment of the exchange's operators. It alleges that Garantex frequently cycled through new Tether wallet addresses—sometimes on a daily basis—to evade detection by U.S.-based crypto exchanges like Coinbase and Kraken, which are legally required to block customer payments made to sanctioned entities.

That the relationship between Tether and Garantex continued even after Tether's supposed 180 degree turn to "align" itself with the U.S. government is backed up by several reports from blockchain analytics firm Chainalysis. The first, published in August 2024, found that a large purchaser of Russian drones used Garantex to process more than $100 million in Tether transactions. The second describes how Russian disinformation campaigners received $200,000 worth of Tether balances in 2023 and 2024, much of it directly from Garantex. In a March 2024 podcast, Chainalysis executives allege that "a majority" of activity on Garantex continued to be in stablecoins.

After years of regular access to Tether's stablecoin platform, a rupture finally occurred earlier this month when Tether froze $23 million worth of Garantex's USDT balances at the request of law enforcement authorities. The move came in conjunction with a seizure by law enforcement of Garantex's website and servers. 

Garantex's website was seized in March 2025 by a collection of law enforcement agencies.

In a press release, Tether claimed that its actions against Garantex illustrated its ability to "track transactions and freeze USDt." But if Tether was so good at tracking its users, why did it connect a sanctioned party like Garantex in the first place, and continue to service it for over four years? Something doesn't add up.

Not just Tether: other stablecoins offered Garantex access, too

Tether doesn't appear to have been the only stablecoin platform to provide Garantex with access to its platform. MakerDAO (recently rebranded as Sky) and Circle Internet may have done so, too.

Circle, based in Boston, manages the second-largest stablecoin, USDC. When OFAC put Garantex on its sanctions list in April 2022, Circle was quick to freeze one of the designated addresses. It did no hold any USDC balances. However, like Tether, Circle's no-vetting policy means that it doesn't do due diligence on users (sanctioned or not) who open new wallets, hold USDC in those wallets, and use them to make payments within the USDC system. Circle only checks the ID of users who ask it to cash them out. Thus, it would have been a cinch for Garantex to dodge Circle's initial freeze: just open up a new access point to the USDC platform. Which is exactly what appears to have happened.

On March 30, 2022, Garantex used its Twitter/X account to announce that it was offering USDC-denominated services. Beginning at some point in the first half of 2022, close to the time that the U.S. Treasury's sanctions were announced, Garantex began to list USDC on its trading page (see screenshot at top). The exchange's trading page continued to advertise USDC-denominated financial services through 2023, 2024, and 2025 until its website was seized last month. 

Tether, Circle's competitor, proceeded to freeze $23 million worth of USDT on behalf of law enforcement authorities, as already outlined. However, respected blockchain sleuth ZachXBT says that Circle did not itself interdict Garantex's access to the USDC payments platform, alleging that "a few Garantex addresses" holding USDC had not been blacklisted.

MakerDAO is a geography-free financial institution that maintains and governs the Dai stablecoin, pegged to the U.S. dollar. Archived screenshots show that Garantex added Dai to its trading list by September 2020, not long after the exchange had enabled Tether connectivity. According to blockchain analytics firm Elliptic, Russian ransomware group Conti has used Garantex to get Dai-denominated financial services. Garantex is able to access the Dai platform because MakerDAO uses the same no-vetting model as Tether. In fact, MakerDAO takes an even more hands-off approach than the other stablecoin platforms: it didn't seize any of the original 2022 addresses emphasized by OFAC. That's because Dai was designed without freezing functionality.

Not vetting users is lucrative

Providing financial services to a sanctioned Garantex would have been profitable for Tether and competing stablecoin platforms managed by Circle and MakerDAO. 

All stablecoins hold assets—typically treasury bills and other short term assets—to "back" the U.S. dollar tokens they have issued. They get to keep all the interest these assets generate for themselves rather than paying it to customers like Garantex. If we assume an average interest rate of 5% and that Garantex maintained a consistent $23 million in Tether balances over the 34 months from April 2022 (when it was sanctioned) to March 2025 (when it was finally frozen out), Tether could have earned approximately $3.2 million in interest courtesy of its relationship. 

Not only does their no-vetting model mean that stablecoin platforms get to earn ongoing income from bad actors like Garantex, this model also seems... not illegal? Stablecoin legal teams have signed off on the setup, both those in the U.S. and overseas. Government licensing bodies like the New York Department of Financial Services don't seem to care that licensed stablecoins don't ask for ID, or at least they turn a blind eye. (Perhaps these government agencies are simply unaware?) Nor has the U.S. Department of Justice indicted a single stablecoin platform for money laundering, sanctions violations, or failing to have a compliance program, despite it being eleven years now since Tether's no-vetting model first appeared. The model seem to have legal chops. Or not?

Banks and fintechs are no doubt looking on jealously at the no-vetting model. Had either PayPal or Wells Fargo allowed Garantex to get access to their payments services, the punishment would have been a large fine or even criminal charges. Sanctions violations are a strict liability offence, meaning that U.S. financial institutions can be held liable even if they only accidentally engage in sanctioned transactions. But more than a decade without punishment suggests stablecoins may be exempt.

This hands-off approach benefits stablecoins not only on the revenue side (i.e they can earn ongoing revenues from sanctioned actors). It also reduces their costs: they can hire far fewer sanctions and anti-money laundering compliance staff than an equivalent bank or fintech platform. Tether earned $13 billion in last year with just 100 or so employees. That's more profits than Citigroup, the U.S.'s fourth largest bank with 229,000 employees, a gap due in no small part to Tether's no-vetting access model. 

The coming financial migration?

Zooming out from Garantex's stablecoin experience, what is the bigger picture? 

I suspect that a great financial migration is likely upon us. Financial institutions can now seemingly provide services to the Garantex's of the world as long as the deliver them on a new type of substrate: decentralized databases. If so, banks and fintechs will very quickly shift their existing services over from centralized databases to decentralized ones in order to take advantage of their superior revenue opportunities and drastically lower compliance costs. 

This impending shift isn't from an inferior technology to a superior one, but from an older rule-bound technology to a rule-free one. PayPal recently launching its own stablecoin is evidence that this migration is afoot.

The argument many stablecoins advocates make to justify the replacement of full due diligence with a no-vetting access model is one based on financial inclusion. Consumers and legal businesses in places such as Turkey or Latin America, which suffer from high inflation, may want to hold digital dollars but don't necessarily have access to U.S. dollar accounts provided by local banks, perhaps because they don't qualify or lack trust in the domestic banking system. An open access model without vetting solves their problem.      

What about the American voting public? Do they agree with this migration? The last few decades have been characterized by a policy whereby the government requires financial institutions to screen out dangerous actors like Garantex in order to protect the public. Forced to the fringes of the financial system, criminals encounter extra operating dangers and costs. The effort to sneak back in serves as an additional choke point to catch them. To boot, the additional complexity created by bank due diligence serves to dissuade many would-be criminals from engaging in crime. Is the public ready to let the Garantexes back in by default? I'm not so sure it is.

Tether is available at Grinex, a Garantex reboot. [link]

Garantex's stablecoin story didn't end with last month's seizures and indictment. According to blockchain analytics firm Global Ledger, the exchange has been renamed Grinex and continues to operate. Tether services are already available on this new look-alike exchange, as the screenshot above reveals. Global Ledger says that $29.6 million worth of Tether have already been moved to Grinex as of March 14, 2025. 

This is the reality of an open-access, no-vetting financial system: bad actors slip in, eventually get cut off, and re-enter minutes later—an endless game of whack-a-mole that seems, for now at least, to be tolerated. It will only get larger as more financial institutions, eager to cut costs, gravitate to it.