If it's crypto it's not money laundering

It appears to be official now. According to the U.S. Department of Justice, when illicit activity is routed via crypto infrastructure, then it no longer qualifies as money laundering.

Earlier this week the Department of Justice's deputy attorney general Todd Blanche sent out an internal staff memo saying that the digital asset industry (read: crypto) is "critical to the nation’s economic development." (Editor's note: it's not.) As such, staff have been instructed to stop targeting crypto platforms such as exchanges, mixers like Tornado Cash and ChipMixer, and offline wallets for the "acts of their end users." 

What does "the acts of their end users" mean? Further clarity arrives deeper into Blanche's memo. It helpfully draws attention to how cartels operating in the fentanyl trade often use digital assets. This is well known. Tether, for instance, is a popular payments platform in the fentanyl trade. (See here, here, and here). And yet, the Department goes on to explain that while it will continue to pursue cartels, terrorist organizations, and other illicit enterprises for their financial crimes, it "will not pursue actions against the platforms that these enterprises utilize to conduct their illegal activities."

This marks a radical departure from long-established financial law on Planet Earth, where financial institutions are generally held responsible for the "acts of their end users," and are pursued when criminals use them to "conduct their illegal activities." It's what's known in law as money laundering.

Money laundering is a two-sided crime. There's the first leg: a criminal who has dirty money. And there is the second leg: the criminal's counterparty, a financial intermediary (a bank, crypto exchange, remittance platform, money courier, or helpful individual) who processes the dirty funds. Both legs are prosecutable. That's precisely what happened to both TD Bank and its cartel-linked customers when they were charged last year. Financial providers are held liable for the crimes of their users.

The same two-sidedness goes for sanctions evasion. There is the sanctioned party and there is the financial platform that facilitates their evasion. Both are indictable.  

If, as Blanche suggests, digital asset platforms are no longer to be targeted for the "acts of their end users," that's effectively saying that the second leg of a money laundering or sanctions violation is no longer a violation, at least not when a crypto platform is involved. So if cartel deposits dirty money at an exchange like Binance which facilitates their crypto transactions, the exchange won't be pursued. Only the cartel will be.

In effect the entire technology has been handed a get-out-of-money-laundering-jail-free card. A detached observer could safely assume that crypto platforms will respond by easing up on their compliance measures—they won't be indicted, after all—which, in turn, will allow more bad actors to make use of their services.

The memo provides more details. It's quite likely that both the ongoing Tornado Cash case (which I've written about extensively) and the ChipMixer case will be dropped, as the memo explicitly states that the Department will no longer target mixing and tumbling services. Tornado Cash, a smart-contract based mixer, operates with a large proportion of its infrastructure running through automated code, whereas first-generation mixers like ChipMixer are entirely human-operated. The latter had mostly disappeared thanks to a series of successful criminal convictions, but will spring back into action as the threat of indictment recedes—leading to more anonymity for the entire system, including for criminals.

The memo's prohibition against Department lawyers targeting "offline wallets" likely refers to "unhosted wallets," which presumably applies to stablecoins—a highly popular type of crypto token pegged to national currencies. Stablecoin users can either hold balances of a stablecoin like Tether or USDC in unhosted format, within their personal crypto wallets, or hold them with the issuer for redemption into actual dollars, in which case they become "hosted." The implication seems to be that if unhosted stablecoins are used by bad actors, the issuers themselves won't be targeted. It's a fantastic policy—if your goal is to encourage fentanyl cartels to use stablecoins.

This decriminalization of crypto money laundering is a ratification of how much of the crypto ecosystem already operates. Just last week, for example, I wrote about stablecoin issuers like Tether and Circle allowing Garantex, a sanctioned Russian exchange, to hold balances of their stablecoins. The issuers seem to believe that providing access to illicit end users like Garantex is legal. And now, it seems, the government has confirmed their view by no longer targeting unhosted wallets for the "acts of their end users."

Now that we've explored some of the immediate legal and technical consequences of this decision, it's worth asking: who on earth benefits from this sudden shift in policy? Because clearly most people will be made worse off. 

I'm only speculating, but here's who this policy may be designed to appease and/or reward:

• Trump-voting libertarians who have arrived at the odd belief that money laundering shouldn't be a crime.
• San Francisco crypto entrepreneurs who want to create financial platforms on the cheap, without the burden of building expensive compliance programs to prevent criminals usage. These entrepreneurs also want their crypto platforms to have access to bank accounts, but banks have been hesitant due to the high risk of crypto-based money laundering. Now that crypto has immunity, banks no longer have to worry. Crypto entrepreneurs voted for Trump, funded him, and are a big part of his administration. This is their payback.
• Trump himself who seems intent on building a murky authoritarian system of bribery and patronage à la Putin or Orban. This system requires money laundering-friendly financial infrastructure, and the Department's memo may be an early step to creating it. (The Trump family, with its many crypto-based entrepreneurial efforts, is also part of the second group.)

In the long term, banks and other traditional providers may benefit, too. With crypto-based finance now unburdened of a major law, every single financial provider operating outside of this crypto-friendly zone, such as traditional banks and fintechs, will be incentivized to switch their database infrastructure over to crypto in order to qualify for this loophole. That means shifting your Wells Fargo U.S. dollar savings account over to a blockchain-based dollar saving account. Doing so will allow banks and fintechs to cut compliance costs and increase their profits.

Once the entire financial sector has migrated through the loophole, it will no longer be a crime to launder funds for criminals. And with mixers no longer being charged by the Department of Justice, that means blanket anonymity for everyone.

As far as the public's welfare goes, the memo is awful. Like theft and fraud, money laundering is immoral and should be punished. Giving one stratum of society a free pass from any law, whether that be money laundering or theft or murder, erodes trust in government and the financial-legal system.

More broadly, society's money laundering laws are a key defence against all types of other crimes. The so-called predicate offences to money laundering such as robbery, human smuggling, and corruption become much more tricky to carry out when, thanks to money laundering laws, the financial system does its best to shut them out. The dissuasive effect engendered by this effort stops many would-be criminals from ever leaving the licit economy. Take away those laws and the case for becoming a criminal becomes much more persuasive.

Why sanctions didn’t stop Russia's Garantex from using stablecoins

Stablecoins, a new type of financial institution, are unique in two ways. First, they use decentralized databases like Ethereum and Tron to run their platforms. Secondly, and more important for the purposes of this article, they grant access to almost anyone, no questions asked. 

I'm going to illustrate this openness by showing how Garantex, a sanctioned Russian exchange that laundered ransomware and darknet payments, has enjoyed almost continual access to financial services offered by stablecoin platforms like Tether and USDC throughout its six year existence, despite a well-known reputation as a bad actor. 

Last month, law enforcement seizures combined with an indictment and arrest of Garantex's operators appear to have finally severed Garantex's stablecoin connection... or not. Evidence shows that Garantex simply rebranded and slipped right back onto stablecoin platforms.  

Stablecoins' no-vetting model is a stark departure from the finance industry's default due diligence model, adhered to by banks (such as Wells Fargo) and fintechs (such as PayPal). We all know the drill—provide two pieces of ID to open a payments account. Requirements for businesses will probably be more onerous. Anyone on a sanctions list will be left at the door. Banks and fintechs must identify who they let on their platforms because the law requires it.

By contrast, to access the Tether or USDC platforms, the two leading U.S. dollar stablecoins, no ID is required. Anyone can start using stablecoin payments services without having to pass through a due diligence process. Sanctioned customers won't get kicked off, as Garantex's long-uninterrupted access shows. Regulators seem to tolerate this arrangement—so far, no stablecoin operators have faced penalties for money laundering or sanctions evasion.

A quick history of the Tether-Garantex nexus

Garantex became notorious early on for its role in laundering ransomware payments. Russian ransomware gangs hacked Western firms, extorted them for bitcoin ransoms, and cashed out at Moscow-based exchanges like Garantex. Garantex also became a popular venue for laundering darknet-related proceeds, particularly Hydra, once the largest darknet market. Reports allege that the exchange's shareholders have Kremlin links and that terror groups Hezbollah and Quds Force have used it.

Founded in 2019, Garantex was connected to Tether's platform by August 2020. We know this because an archived version of Garantex's website from that month show trading and payment services being offered using Tether's token, USDT.

Archived Garantex.org trading page from March 2024 with USDT-to-ruble, Dai-ruble, and USDC-ruble markets [link]

This connection to Tether allowed Garantex's customers to transfer their Tether balances to Garantex's Tether wallet, in the same way that a shopper might use their U.S. dollar account at PayPal to make payments to a business with a PayPal account. This allowed Garantex's users to trade U.S. dollars (in the form of Tether) on its platform for bitcoins or ether, two volatile cryptocurrencies, and vice versa. The Tether linkage also meant that Garantex could offer a market for trading ruble-USD.

By April 2022, Garantex's bad behaviour had caught up to it: the exchange was sanctioned by the U.S. Treasury's Office of Foreign Asset Control (OFAC). U.S. individual and entities were now prohibited from doing business with Garantex. Out of fear of being penalized, most non-Russian financial institutions would have quickly severed ties with it. Yet Tether, based in the British Virgin Islands at the time, permitted its relationship with Garantex to continue without interruption. Archived copies of Garantex's trading page from mid-2022 and 2023 show that Tether-denominated services were still being offered.

The Wall Street Journal reported in 2023 that around 80% of the exchange’s trading involved Tether, despite sanctions being in place. The net amounts were not small. According to Bloomberg, an alleged $20 billion worth of Tether had been transacted via Garantex post-sanctions. A 2024 Wall Street Journal report revealed that sanctions-evading middlemen used Tether to "break up the connection" between buyers like Kalashnikov and sellers in Hong Kong, with Garantex serving as their venue for acquiring Tether balances. 

Finally, analysis from Elliptic, a blockchain analytics firm, alleges that Garantex offered USDT trading services to North Korean hacking group Lazarus in June 2023. This transaction flow is illustrated below:

The Garantex/Tether nexus in 2023: Elliptic alleges that North Korean hackers stole ether from Atomic Wallet, converted it to Tether using a decentralized exchange 1inch, and then sent Tether to Garantex to trade for bitcoin. (Click to enlarge.) Source: Twitter, Elliptic

Tether's excuse for not off-boarding sanctioned entities such as Garantex? A supposed lack of government clarity. 

When Tornado Cash was sanctioned in 2022, for instance, the company said that it would "hold firm" and not comply because the U.S. Treasury had "not indicated" whether stablecoin issuers were required to ban sanctioned entities from using what Tether refers to as "secondary market addresses." Translating, Tether was saying that if bad actors wanted to use Tether's platform to transact with other Tether users (i.e. in the "secondary market"), it would let them do so. Tether's only obligation, the company believed, was to stop sanctioned users from asking Tether itself to directly cash them out of the platform into U.S. dollars (i.e. the "primary market").

This is quite the statement. Imagine if PayPal allowed everyone—including sanctioned actors—to open an account without ID and send funds freely within its system, only intervening when bad actors asked PayPal to cash them out into regular dollars. That was Tether's stance. Or if Wells Fargo let sanctioned actors make payments with other Wells Fargo customers, but only stopped them from withdrawing at ATM. Banks and fintechs can't get away with such a bare bones compliance strategy; they must do due diligence on all their users. But Tether seemed to believe that a different set of rules applied to it.

In December 2023, Tether reversed course. It would now initiate a new "voluntary" policy of freezing out all OFAC-listed actors using its platform, not just "primary market" sanctioned users seeking direct cash-outs. This brought Tether into what it described as "alignment" with the U.S. Treasury. Soon after, Tether froze three wallets linked by OFAC in 2022 to Garantex.

However, this action was largely symbolic. By the time Tether froze those wallets, Garantex had already abandoned them and opened new ones, thus allowing the exchange to maintain access to Tether's platform. Tether's no-vetting model permitted this pivot. Archived versions of Garantex's trading page show that it continued offering Tether services throughout 2024 and early 2025.

The U.S. Department of Justice recently confirmed Garantex's tactic of replacing wallets in its March 2025 indictment of the exchange's operators. It alleges that Garantex frequently cycled through new Tether wallet addresses—sometimes on a daily basis—to evade detection by U.S.-based crypto exchanges like Coinbase and Kraken, which are legally required to block customer payments made to sanctioned entities.

That the relationship between Tether and Garantex continued even after Tether's supposed 180 degree turn to "align" itself with the U.S. government is backed up by several reports from blockchain analytics firm Chainalysis. The first, published in August 2024, found that a large purchaser of Russian drones used Garantex to process more than $100 million in Tether transactions. The second describes how Russian disinformation campaigners received $200,000 worth of Tether balances in 2023 and 2024, much of it directly from Garantex. In a March 2024 podcast, Chainalysis executives allege that "a majority" of activity on Garantex continued to be in stablecoins.

After years of regular access to Tether's stablecoin platform, a rupture finally occurred earlier this month when Tether froze $23 million worth of Garantex's USDT balances at the request of law enforcement authorities. The move came in conjunction with a seizure by law enforcement of Garantex's website and servers. 

Garantex's website was seized in March 2025 by a collection of law enforcement agencies.

In a press release, Tether claimed that its actions against Garantex illustrated its ability to "track transactions and freeze USDt." But if Tether was so good at tracking its users, why did it connect a sanctioned party like Garantex in the first place, and continue to service it for over four years? Something doesn't add up.

Not just Tether: other stablecoins offered Garantex access, too

Tether doesn't appear to have been the only stablecoin platform to provide Garantex with access to its platform. MakerDAO (recently rebranded as Sky) and Circle Internet may have done so, too.

Circle, based in Boston, manages the second-largest stablecoin, USDC. When OFAC put Garantex on its sanctions list in April 2022, Circle was quick to freeze one of the designated addresses. It did no hold any USDC balances. However, like Tether, Circle's no-vetting policy means that it doesn't do due diligence on users (sanctioned or not) who open new wallets, hold USDC in those wallets, and use them to make payments within the USDC system. Circle only checks the ID of users who ask it to cash them out. Thus, it would have been a cinch for Garantex to dodge Circle's initial freeze: just open up a new access point to the USDC platform. Which is exactly what appears to have happened.

On March 30, 2022, Garantex used its Twitter/X account to announce that it was offering USDC-denominated services. Beginning at some point in the first half of 2022, close to the time that the U.S. Treasury's sanctions were announced, Garantex began to list USDC on its trading page (see screenshot at top). The exchange's trading page continued to advertise USDC-denominated financial services through 2023, 2024, and 2025 until its website was seized last month. 

Tether, Circle's competitor, proceeded to freeze $23 million worth of USDT on behalf of law enforcement authorities, as already outlined. However, respected blockchain sleuth ZachXBT says that Circle did not itself interdict Garantex's access to the USDC payments platform, alleging that "a few Garantex addresses" holding USDC had not been blacklisted.

MakerDAO is a geography-free financial institution that maintains and governs the Dai stablecoin, pegged to the U.S. dollar. Archived screenshots show that Garantex added Dai to its trading list by September 2020, not long after the exchange had enabled Tether connectivity. According to blockchain analytics firm Elliptic, Russian ransomware group Conti has used Garantex to get Dai-denominated financial services. Garantex is able to access the Dai platform because MakerDAO uses the same no-vetting model as Tether. In fact, MakerDAO takes an even more hands-off approach than the other stablecoin platforms: it didn't seize any of the original 2022 addresses emphasized by OFAC. That's because Dai was designed without freezing functionality.

Not vetting users is lucrative

Providing financial services to a sanctioned Garantex would have been profitable for Tether and competing stablecoin platforms managed by Circle and MakerDAO. 

All stablecoins hold assets—typically treasury bills and other short term assets—to "back" the U.S. dollar tokens they have issued. They get to keep all the interest these assets generate for themselves rather than paying it to customers like Garantex. If we assume an average interest rate of 5% and that Garantex maintained a consistent $23 million in Tether balances over the 34 months from April 2022 (when it was sanctioned) to March 2025 (when it was finally frozen out), Tether could have earned approximately $3.2 million in interest courtesy of its relationship. 

Not only does their no-vetting model mean that stablecoin platforms get to earn ongoing income from bad actors like Garantex, this model also seems... not illegal? Stablecoin legal teams have signed off on the setup, both those in the U.S. and overseas. Government licensing bodies like the New York Department of Financial Services don't seem to care that licensed stablecoins don't ask for ID, or at least they turn a blind eye. (Perhaps these government agencies are simply unaware?) Nor has the U.S. Department of Justice indicted a single stablecoin platform for money laundering, sanctions violations, or failing to have a compliance program, despite it being eleven years now since Tether's no-vetting model first appeared. The model seem to have legal chops. Or not?

Banks and fintechs are no doubt looking on jealously at the no-vetting model. Had either PayPal or Wells Fargo allowed Garantex to get access to their payments services, the punishment would have been a large fine or even criminal charges. Sanctions violations are a strict liability offence, meaning that U.S. financial institutions can be held liable even if they only accidentally engage in sanctioned transactions. But more than a decade without punishment suggests stablecoins may be exempt.

This hands-off approach benefits stablecoins not only on the revenue side (i.e they can earn ongoing revenues from sanctioned actors). It also reduces their costs: they can hire far fewer sanctions and anti-money laundering compliance staff than an equivalent bank or fintech platform. Tether earned $13 billion in last year with just 100 or so employees. That's more profits than Citigroup, the U.S.'s fourth largest bank with 229,000 employees, a gap due in no small part to Tether's no-vetting access model. 

The coming financial migration?

Zooming out from Garantex's stablecoin experience, what is the bigger picture? 

I suspect that a great financial migration is likely upon us. Financial institutions can now seemingly provide services to the Garantex's of the world as long as the deliver them on a new type of substrate: decentralized databases. If so, banks and fintechs will very quickly shift their existing services over from centralized databases to decentralized ones in order to take advantage of their superior revenue opportunities and drastically lower compliance costs. 

This impending shift isn't from an inferior technology to a superior one, but from an older rule-bound technology to a rule-free one. PayPal recently launching its own stablecoin is evidence that this migration is afoot.

The argument many stablecoins advocates make to justify the replacement of full due diligence with a no-vetting access model is one based on financial inclusion. Consumers and legal businesses in places such as Turkey or Latin America, which suffer from high inflation, may want to hold digital dollars but don't necessarily have access to U.S. dollar accounts provided by local banks, perhaps because they don't qualify or lack trust in the domestic banking system. An open access model without vetting solves their problem.      

What about the American voting public? Do they agree with this migration? The last few decades have been characterized by a policy whereby the government requires financial institutions to screen out dangerous actors like Garantex in order to protect the public. Forced to the fringes of the financial system, criminals encounter extra operating dangers and costs. The effort to sneak back in serves as an additional choke point to catch them. To boot, the additional complexity created by bank due diligence serves to dissuade many would-be criminals from engaging in crime. Is the public ready to let the Garantexes back in by default? I'm not so sure it is.

Tether is available at Grinex, a Garantex reboot. [link]

Garantex's stablecoin story didn't end with last month's seizures and indictment. According to blockchain analytics firm Global Ledger, the exchange has been renamed Grinex and continues to operate. Tether services are already available on this new look-alike exchange, as the screenshot above reveals. Global Ledger says that $29.6 million worth of Tether have already been moved to Grinex as of March 14, 2025. 

This is the reality of an open-access, no-vetting financial system: bad actors slip in, eventually get cut off, and re-enter minutes later—an endless game of whack-a-mole that seems, for now at least, to be tolerated. It will only get larger as more financial institutions, eager to cut costs, gravitate to it.

How my views on financial privacy have evolved over a decade

I began exploring the topic of financial privacy and payment anonymity in the early days of this blog. Over the past decade, my views have shifted significantly—here's how and why.

Rereading my earliest mentions of financial privacy, they now seem a bit... idealistic? extreme? For instance, in my 2014 post entitled Fedcoin, a central-bank issued digital currency, I suggested that the product should be 100% anonymous, like coins and banknotes.

Criminals would undoubtedly exploit unlimited anonymous digital currency, as I acknowledged in a 2018 article entitled Anonymous digital cash. But I figured that the bad guys would find their own ways to transact anyways, say through their own mafia-created payments system, so central banks may as well go forward with anonymous digital currency, the benefits to civil society of unlimited e-cash ultimately outweighing the cost.

I wouldn't support these same ideas today, or would at least modify them, as I'll show further down.

But idealistic and extreme aren't quite the right words. I think that I was right, at least when looking at things from a certain vantage point, but it was still early in my blogging career and I hadn't yet explored other vantage points

To be clear, financial privacy, or the ability to make transactions anonymously or near-anonymously, isn't just something that criminals require. It's crucial for regular folks, too, and in my earlier blog posts I spent a lot of time detailing why this is so. After a cashier dropped my card behind the counter (and potentially skimmed it?), I wrote that cash provides buyers with a "shield from everyone else involved in a transaction" in my 2016 post In praise of anonymous money. And I still agree with that, and to this day always pay with cash when the store I'm at feels a bit sketchy. I worry that this shield will disappear as cash usage continues to decline.

Civil society's need for private transactions isn't just a weird fringe view. In a 2018 entitled Money is privacy, I described the work being done on privacy and payments by Federal Reserve researchers Charles Kahn, James McAndrews, and William Roberds. Licit transactions can unintentionally evolve into a long-term relationship, they write, including clawbacks, extraterritorial rulings, and new forms of product liability. To boot, personal information linked to digital transactions can be stolen in data breaches.
 
According to the three Fed researchers, the ability to transact anonymously converts a potentially thorny transaction into a one-and-done relationship. Licit payments that might have otherwise been deemed too dangerous can proceed, the extra trade making the world better off. (See also my 2020 article Central banks are privacy providers of last resort.)

As for crypto, I've described blockchains as dystopian hellscapes or panopticons, because every single transaction is mapped out for all to see. That makes blockchains just awful places to carry out conventional business. Firms require a degree of secrecy in order to hide their corporate strategies and tactics from competitors—but the medium doesn't permit secrets. Blockchains need more privacy. (See my 2022 post DeFi needs more secrecy, but not too much secrecy, and the right sort of secrecy). 

So what changed?

Starting in 2018, I focused more on studying fraud, including ransomware, tax evasion, and gift card schemes. I found gift card fraud particularly intriguing: semi-anonymous payment systems linked to Google Play and Apple iTunes have enabled an entire industry of scammers, including IRS and tech support fraudsters, to launder stolen funds. Network operators like Google and Apple, as well as major retailers such as Target and Walmart, quietly profit from all of this fraud. (See Gift Cards: When Good Products Do Bad Things [2021] and In-game virtual items as a form of criminal money [2019].)

Which led me to my next big truth: if privacy is crucial, so is the necessity of criminalizing money laundering.

Money launderers are the financial intermediaries who, knowing full well that a customer's funds are dirty, conduct transactions with them anyways, in a way designed to disguise its source.

The willful laundering of a criminal's money is an extension of the original crime, making a launderer just as morally and ethically culpable as the criminal they are helping. By facilitating the final release of illicit funds, the money launderer enables the crime to fulfill its purpose, completing the damage caused by the initial offense—be it theft, extortion, or human smuggling. This is why the launderer's actions deserve to be criminalized. (See A short and lukewarm defence of anti-money laundering standards from 2021).

The crime of money laundering bears a striking resemblance to the centuries-old crime of fencing—the art of accepting and redistributing stolen property. (See my 2024 post "I didn't launder the cash, your honor. The robot did") In earlier times, thieves were responsible for reselling their stolen goods themselves. However, by the 17th century, this task was often outsourced to specialized intermediaries, or 'fences.' At first, there was no legal term for this crime, but in 1692, England formally criminalized fencing, and deservedly so.

Thinking more about the crime of money laundering led me to become more critical of stablecoins, for instance. From 2014-2018 my articles on stablecoins were mostly neutral or positive, but now my posts focus on the fact that stablecoin issuers, by turning a blind eye to those using their platform, have allowed themselves to become launderers for all types of criminals. (Among others, see my 2019 post From unknown wallet to unknown wallet and my 2023 post Why do sanctioned entities use Tether?)

At this point, you may be able to see my conundrum.    

If, like fencing, money laundering should be criminalized (and indeed it is illegal in most parts of the world), that collides with my prior belief in the importance of financial privacy. After all, the only way for a banker, money transfer agent, or stablecoin issuer to be safe from a money laundering charge is to show that they did a good faith job collecting enough personal information to ensure that they weren't dealing with criminals. And giving up personal information is necessarily privacy-reducing.

One way to resolve my conundrum would have been to pick a side and advocate for it, but I think both sides are important, so I've generally tried to find a compromise. Most of my writing on the topic over the last five or six years has been trying to wrestle with where to draw the line between financial privacy and the crime of money laundering. 

My compromise position has generally advocated a privacy safe harbour for small day-to-day transactions. But anything above a certain monetary ceiling needs to be identified in order to avoid a money laundering charge.

Here are some examples of my often clumsy attempts to balance the two ideals:

• The purchasing power of the $100 note has been eaten away by inflation. Let's improve basic payments anonymity by re-introducing $500 notes, but burden those notes with a tax in order to make up for the benefits accruing to criminals. See my posts A tax, not a ban, on high denomination banknotes and Pricing the anonymity of banknotes from 2018, and Supernotes from 2019.
• If we’re going to issue a central bank digital currency, it shouldn’t be fully anonymous or fully surveilled. Instead, it should provide a limited, rationed degree of anonymity. See The dematerialization of cash (2017) and Anonymity vouchers (2019).
• Below a certain monetary threshold, cash transaction reports (CTRs) and suspicious activity. reports (SARs) needn't be filed, which means small transactions enjoy a degree of privacy. However, these thresholds are not adjusted for inflation. To preserve the small privacy safe harbour, those thresholds should rise over time in-step with the general price level. New financial products should enjoy the same shield. (See my 2020 article Why Aren’t Anti-Money-Laundering Regulations Adjusted for Inflation? and my 2023 posts In praise of anti-money laundering thresholds and Even crypto mixing deserves a threshold).
• While the crypto privacy bot Tornado Cash makes blockchain transactions private, it is also a money laundering machine, a point I made multiple times beginning in 2021 with Tornado Cash and money laundering. The proper way to build a privacy bot is to take a balanced approach that begins with screening out bad actors, and only then provides privacy, thus ensuring that the tool isn't used for laundering money. (I explore this balanced approach in my 2022 post Crypto’s privacy/commingling dilemma , my 2024 post "I didn't launder the cash, your honor. The robot did" and my 2023 article Thoughts on Privacy Pools and the law.)
  

Balancing the two ideals rather than taking an either/or approach has led me to adopt a more comparative approach to thinking about financial privacy. I've begun to analyze cross-country differences in the intensity of financial surveillance as conducted by national financial intelligence units. Canada, for instance, has chosen a balancing point that is far more in favor of financial privacy (and accordingly more accepting of money laundering) than the U.S. has, as illustrated in my 2024 post Your finances are being snooped on. Here's how.

So that's where I've landed after ten years of writing about privacy. Hard-core privacy advocates and civil libertarians would probably describe me as a sell-out or a wishy-washy centrist because I'm willing to compromise on financial privacy. Fair enough. But I do wonder how many privacy advocates would go so far as to call for an all-out decriminalization of money laundering. Doing so would maximize privacy, but surely no privacy advocate thinks that bankers who clean money for the mob should by allowed to walk free. We are probably closer than they think.

I look forward to seeing how my opinions evolve over the next ten years, as I'm sure they will. Thoughts or comments?

How should money laundering laws apply to DeFi?

Everyone agrees that money laundering laws apply to DeFi. The question is: how to apply them?

DeFi, or decentralized finance, is an emerging segment of the broader financial industry that delivers traditional financial services, say like trading or lending, using a novel type of database—blockchains.

These blockchains allow people to create financial robots, or bots, that the public can engage with in order to get financial services. And not just any sort of bot. These are autonomous, unstoppable, non-upgradeable financial bots. They operate independently of humans; once its creator sets it free, the bot never needs the intervention of its creator—or anyone else—ever again. The bot is unstoppable; once its code is live, it can't be erased, upgraded, or altered. The bot is incapable of deviating from its original code; it is forever locked in place.

(Most financial services provided on blockchains don't quite meet the strict standard described above. These "fake" DeFi bots are upgradeable and are driven by a human operator or team behind the scenes. The application of money laundering laws to fake DeFi bots is straight-forward. What I'm addressing in this post is the true DeFi bots, the ones that are autonomous, unstoppable, and non-upgradeable.)

Historically we haven't received our financial services from autonomous, unstoppable non-upgradeable agents. We've always gotten them from brick and mortar institutions like banks and brokerages. These institutions are run by human executives and employees who rely on a fairly malleable set of machine aids, like websites and Excel spreadsheets and SQL databases.

The application of money laundering law to banks and other financial institutions is well understood. If a bank consciously allows dirty money onto its platform, we punish the bank and the folks who run it. This follows from 18 U.S. Code § 1956, which says that anyone who knowingly conducts a transaction involving dirty money, and does so in a way to conceal its origin or disguise its control, can be punished with up to twenty years in jail for money laundering.

Here's the question: when financial services are provided through the mediation of autonomous, unstoppable, non-upgradeable bots, and not human-operated banks and brokerages, who does society punish when dirty funds are processed? What DeFi party is liable under 18 U.S. Code § 1956?

The bot itself is nonpunishable. It simply keeps on ticking. It's not a human and can't learn from punishment. So that's a dead-end.

There is no human operator or governor to punish (at least, not in the case of pure DeFi bots). The bot is 100% autonomous, operating without the aid of a human behind the scenes.

What about the creator? I've argued in a previous post on a particular DeFi bot, Tornado Cash, that it makes a lot of sense to hold the creators of unstoppable non-upgradeable financial bots accountable for money laundering, even if those creators are no longer involved with the bot in any way. To protect themselves from being charged with money laundering, creators will choose at the very outset to equip their financial bots with a means for screening out dirty funds, thus complying with the law. I'll let you read that post yourself.

There's another option. In a recent exchange with a member of congress, a DeFi lobbyist suggests that the users of unstoppable non-upgradeable financial bots—not the creators—be held liable for their own bad conduct. Here's the clip:

How should money laundering laws apply to DeFi? If users—not developers—are liable, as the clip suggests, that renders DeFi radioactive, since any user that commingles their licit funds in a tool along with criminal funds is now a potential money launderer. https://t.co/rbhtrQyi9h

— John Paul Koning (@jp_koning) September 11, 2024

This is an interesting solution. Let's work out how money laundering law spreads into DeFi if a user-pays-the-price strategy is adopted.

Say that criminals regularly place dirty funds with a certain DeFi bot, perhaps a decentralized exchange (like Uniswap), in order to clean them, and this is a widely-known fact. Next, let's look at what happens when a user with licit crypto submits their funds to the same bot. By consciously allowing their clean funds to be commingled with dirty funds and swapped for them, these licit users have themselves become bad actors. After all, helping criminally-derived funds make a getaway is a crime: we call it money laundering.

Under this user-pays-the-price scenario, DeFi becomes radioactive. Anyone interacting with an unstoppable, non-upgradeable financial bot is playing with fire, since a potential money laundering charge is just around the corner.

In an effort to reduce the odds that they face a money laundering charge, users may try to shop around for bots that have been coded with filters for screening out bad actors. Creators may try to compete with each other to attract users by providing genuinely compliant bots.

The upshot is that whether society decides to makes creators of financial bots liable for money laundering, or users liable, the end result may very well be the same. Bots will be built with anti-crime devices, thus falling in line with society's money laundering laws. That's a good result.

However, for pragmatic reasons my preference is to hold creators liable rather than users. My mental model of a prototypical retail user of financial services is a frazzled individual who doesn't have the bandwidth or knowledge to grasp exactly what they are doing with their money, because their time is divided between their family, jobs, education, church, hobbies, and other important things. What an awful burden to put on these people: "Oh, by the way, be careful where you get your financial services online, because you might be caught laundering money for the mob." Indeed, one of the advantages of dealing with a traditional bank is that a licit user needn't worry about this hazard.

Creators, on the other hand, are far fewer in number than users, are likely to be financially savvy, and probably have far more time to devote to the intricacies of financial law. And so the creator class will be better able to bear the burden of being targeted with the burden of a potential money laundering charge, and instigating the necessary compliance.

So if we had to choose who to be liable for the bad conduct flowing through unstoppable non-upgradeable financial bots, I say target creators, if possible, and not users. We all agree that money laundering laws apply to DeFi—the end goal being bots that exclude criminals—but placing the liability on users is an an inefficient and unfair way of extracting compliance.

Stablecoins – a digital version of Swiss bearer savings books

Before anti-money laundering laws arrived in Switzerland, anyone could walk into a Swiss bank and open an account without showing any ID. The bank would then issue you something called a bearer savings book, otherwise known as inhabersparheften or livrets d'épargne au porteur. Ownership of the savings book was considered by the bank to be proof of ownership of the underlying funds in the account. The person who opened the account could keep the book or, if they wanted to, pass it on to someone else without notifying the bank, at which point this second person was now entitled to the underlying funds, who could pass the book on to a third person, etc.

In essence, Swiss banks were issuing their very own version of cash.

As time passed and society's awareness of money laundering grew, usage of Swiss bearer savings books accounts was circumscribed by law. In 1977, banks were required for the first time to identify the initial customer to open the account. Also, anyone who wanted to withdraw over CHF 25,000 had to be identified by the bank. But the savings books still enjoyed a significant degree of anonymity. After account opening and prior to withdrawal, books could continue to circulate without identity checks.

In 2003, the issuance of new bearer savings books was prohibited by the Swiss government. Banks were now required to cancel existing savings books when they were presented to a bank's physical desk. Existing bearer savings books could continue to circulate anonymously from hand to hand, like cash, but thanks to steady cancellations they represented just 0.002% of the total assets held in Swiss bank accounts by 2019.

And so ended the Swiss bearer savings book. In the meantime, however, a similar financial instrument has arrived: the stablecoin.

To get some stablecoins, you need to deposit funds with the issuer, which will identify you upon deposit, but after that the stablecoins are free to circulate in the wild without any sort of checks. You can send them to a friend, and she can send them to a relative overseas, and that relative can transfer them to a drug dealer, and none of these subsequent owners need to show their IDs to the issuer. Stablecoin issuers, much like Swiss banks that once issued bearer savings books, often have no idea who they are dealing with.

So if Swiss bearer savings books have long been prohibited, why are stablecoins allowed to proliferate?

This is exactly the point made last month by FINMA, Switzerland's financial regulator, when it indicated that it will no longer tolerate the anonymous transfer of stablecoins. New guidance states that the identity of anyone holding a stablecoin must be "adequately verified by the issuing institution." So not only yourself, but your friend, her relative, and the drug dealer in the above transaction chain will be required to provide their ID.

To justify its new policy, FINMA appeals to the idea of technological neutrality. My take on technological neutrality is that just because a financial product—in this case a payments product—appears on a novel medium, or substrate (i.e. a blockchain) doesn't mean it is exempt from the same rules that already apply to equivalent products like bank savings books, which are issued on older substrates. Same function, same regulations.

Up till now, stablecoin issuers like Tether have tried to dodge these identification requirements with the legal fiction that only primary holders of stablecoins (i.e. those who originally deposited funds to get stablecoins) are their customers, and so it is only to this batch of holders that they have a due diligence obligation. Secondary, tertiary, and subsequent holders are not "customers", and so the issuers say they don't need to identify them.

But FINMA isn't buying this argument, and rightly so. All holders, not just primary ones, have a "permanent business relationship" with the issuer, says FINMA, and so everyone must be identified. You can certainly understand why FINMA wants to get ahead of this problem. If regular Swiss banks all see that stablecoins are enjoying special treatment, then they'll all join in on the party by switching over to the new substrate.

FINMA's guidance may not seem like a big deal. There are only two Swiss franc stablecoins to which it applies, and they are both tiny. Bitcoin Suisse's XCHF has under 1 million CHF in circulation, and Centi's CCHF doesn't appear to have much more. (Facebook may have run into an earlier informal version of this rule when FINMA assessed initial versions of its Libra stablecoin.)

But as a respected part of the global regulatory fabric, FINMA could very well be copied by other regulators. More importantly, FINMA is a member of the  Financial Action Task Force, or FATF, an umbrella organization representing the anti-money laundering authorities of 38 major nations. FATF promotes global anti-money laundering standards by blacklisting countries that fail to adopt them. If FINMA's policy on stablecoins is indicative of an emerging FATF approach to stablecoins, then expect it to spread.

The shocking thing to me is that it has taken this long for a major global regulator to issue a concrete ruling on the issue of stablecoin anonymity. It's about time. Standard anti-money laundering practice requires financial institutions to verify who is using their platform. Stablecoin issuers shouldn't get a free ride.

Your finances are being snooped on. Here's how

We all have a pretty good idea that our finances are being snooped on, but most of us aren't quite able to articulate how. We know that we're being snooped on by two groups, corporations and the government. This post will focus on how the government surveils our transactions, because democratic governments generally (but certainly not always!) tell us ahead of time what information they will gather, and how the data will be used.

Governments snoop on law abiding citizens' financial data for good reasons – they are trying to trace the money in order to catch bad guys. The government has been given the power to collect this information without having to ask a judge for approval, say by requesting a search warrant. 

I think there is a degree of acceptance among citizens that some amount of warrantless financial snooping is okay, because it reduces crime. But as the intensity of surveillance increases it eventually reaches creepy territory, at which point most of us would prefer the brakes be applied.

Where is this line? I'm a committed comparativist. To get a good sense of how one is snooped on, and whether it has passed over the line to being creepy, one needs a reference point. So in this blog post, I'll compare how two groups of citizens – Americans and Canadians – are being surveiled by their respective governments, so that both groups can better understand, by reference to each other, where they stand.

The first section focuses on the inflows of personal financial data from citizens to the government. The second section will focus on the outflows of data from the government to law enforcement.

***How citizens' personal financial data flows into the government***

Both the U.S and Canadian governments collect large amounts of financial data about their citizens. They do so by requiring banks and other financial institutions to record information about their customers and submit reports to the government about their customers' transactions when certain triggers have been met.

First, let's touch on the total amount of data being hoovered up. On this count, Canada far exceeds the U.S. In the 2022-23 reporting period, Canadian financial institutions submitted a total of 36 million reports to the government containing information about Canadians' financial transactions. That's almost one report per Canadian every year. 

Meanwhile, U.S. institutions sent 27.5 million reports to their government about Americans' financial dealings in 2023, a rate of around 0.1 report for every American, which is ten-times less intensive than in Canada. So based purely on the quantity of data collected, Canada seems to be closer to the "it's getting uncomfortable" level than the U.S. (See table below).

What accounts for this big difference in reporting intensity? In short, it's due entirely to cross-border wire transfers. In Canada, every electronic fund transfer leaving or arriving in Canada must be reported by banks to the government if it sums up to $10,000 or more. So if you've sent an $11,500 wire transfer from your Bank of Montreal account to your son or daughter who lives in London or Paris, congratulations, your name is in a Canadian government database. Or if you run a business and have received a $15,000 digital payment from a U.S. company for services rendered, your corporate data is sitting somewhere in an Ottawa government server.

If you're an American making a foreign wire transfer, your information will not get sent to a government database. The U.S. authorities do not require financial institutions to submit personal information on digital cross-border flows. (Mind you, they have been trying for some time to get the ability to collect this data.)

In the 2022-23 financial year, 27 million of these cross-border wire reports were submitted by Canadian banks, accounting for the lion's share of all 36 million reports submitted to the Canadian government that year.

Apart from cross-border transaction reporting, the nature of Canadian and U.S. eavesdropping is broadly similar.

Let's start with cash transaction reports, or CTRs. When a Canadian goes to their bank and deposits $10,000 or more in cash, the bank will generate a report that it sends to the Canadian government. U.S. banks report deposits and withdrawals of $10,000 in cash to the US government.

So if you're selling a used car and the buyer pays you $12,000 in banknotes, and you deposit that to your bank account, you're now in a government database, whether that be in Canada or the U.S.

Canadian banks generated 8 million CTRs in 2022-23 whereas U.S. banks generated 20.8 million in 2023. Pound for pound, Canadian banks submit more cash transaction reports to their government than U.S. banks, around 0.21 per Canadian compared to 0.06 per American. I'm not sure why. The threshold for reporting a cash transaction in Canada is lower in the U.S. (CAD$10,000 is worth around US$7,300) which may explain some of the difference? Dunno.

With CTRs and cross-border wire transfers, the invasiveness is kept relatively low thanks to the objective criteria that triggers a filing. Exceed the $10,000 threshold and at least you know ahead of time that your information is going to be recorded. A law-abiding citizen who is uncomfortable having their finances being collected by the government can choose to avoid sending cross-border payments or dealing in large amounts of cash. But this objectivity doesn't exist with the next type of report: those related to suspicious activities. 

On both sides of the border, financial institutions must submit reports about transactions deemed suspicious to their respective governments. If you've made a transaction that a bank deems to be suspicious, you'll never know that you've landed in a government database. That's because banks are prohibited from notifying their customers that their activity has been snitched on.  

The determination of what qualifies as suspicious involves a fair amount of subjectivity. Canada requires that financial institutions have a reasonable grounds to suspect that a transactions is linked to terrorism or money laundering before reporting it. That means that mere hunch won't cut it – a Canadian banker must be able to articulate a clear reason for suspicion. Mind you, there's no penalty for banks that fail to attach a specific reason to a report, so the reasonable grounds to suspect standard is often ignored. 

We know that many of these hunch-based reports end up in the government's database. Over the years the Office of the Privacy Commissioner of Canada has collected a list of reports that failed to reach the reasonable grounds to suspect standard, including one case in which some individuals were suspected simply because they had Middle Eastern passports:

From the Office of the Privacy Commissioner's 2017 audit of FINTRAC [source]

My reading of the U.S. requirements for reporting a suspicious transaction suggest a looser standard than in Canada. While U.S. bankers are encouraged to provide a specific red flag in their CTRs, the implementing regulations say they can still file a report if they merely "suspect" a transaction to be associated with money laundering or terrorism, which is a lower standard then the requirement to have a "reason to suspect."

In Canada, there is no size threshold for suspicious activity reporting: even a $50 payment can be reported by a bank. By contrast, the U.S. has set a $5,000 threshold before a suspicious action report must be filed. (When suspicious activity reports were first introduced to the U.S. in 1994, the government floated the idea of not including a threshold at all, as Canada would later do in 2001, but retreated because this would impose a "burden of reporting.")

This difference in thresholds suggests Canada should have a much higher intensity of suspicious transaction reporting than the U.S. Not so. Canadian banks generated 560,858 suspicious transaction reports in 2022-23, around 1.4 reports for every 100 Canadians. Compare this to the 4.6 million reports filed by U.S. banks in 2023, which also comes out to 1.4 reports per 100 Americans. So even though bankers in the U.S. are required to ignore small suspicious transactions below $5,000, they more than make up for it by reporting a larger proportion of transactions than Canadian bankers do. I can only guess why, but this may be due to the looser standard for suspicion, discussed above.

There are several other types of transactions that must be reported to the government, including large virtual currency reports in Canada and foreign bank and financial accounts reports (FBAR) in the U.S., but the volume of this sort of reporting isn't as significant as the other types already discussed, so I won't touch on them.

So to briefly sum up, pound for pound a Canadian is more likely to appear in their government's financial database than an American is. This is because Canadian financial institutions collect personal information linked to cross-border wire transfers – the U.S. doesn't. The most privacy-invasive reports are suspicious ones. Compared to Canadian banks, U.S. banks are more trigger-happy when it comes to deeming a given transaction as suspicious, but the US$5,000 floor on reporting suspicious transactions somewhat mitigates this eagerness. 

Having dealt with what sorts of data flow in to the government, let's talk about what happens next with the data.    

***How personal financial data flows from the government to law enforcement***

The personal financial data accumulated by the two governments are managed by each nation's respective financial intelligent unit, or FIU. In Canada, this institution is known as the Financial Transactions and Reports Analysis Centre of Canada, or FINTRAC. In the U.S., the body that collects personal financial data is known as the Financial Crime Enforcement Network, or FinCEN.

It's here with the management of harvested financial data that the policies of the two countries really start to diverge.

To begin with, let's start with the length of time that data can be kept. In the U.S., FinCEN holds data indefinitely, so its database is forever growing. Canada allows FINTRAC to keep data for at least ten years and up to fifteen years, but after that FINTRAC must destroy any identifying information if it was not disclosed to law enforcement. Since most of FINTRAC's data is not disclosed, that means large amounts of data fall out of FINTRAC's database every year, and thus the amount of personal information collected grows at a slower rate than FinCEN's data hoard.

The differences between the two countries grows even wider when it comes to the question of who has access to citizens' financial data. In brief, U.S. law enforcement is granted broad access to the raw data whereas Canadian law enforcement's ability to see the data is strictly limited.

472 different U.S. law enforcement agencies at the Federal, state, and local levels have the ability to directly query FinCEN's database of CTRs, suspicious activity reports, and more. This amounts to around 14,000 law enforcement officers who can search through the personal financial data of American citizens. In 2023, these 14,000 users conducted 2.3 million searches using FinCEN's query tool.

FinCEN's data can also be downloaded in bulk form to the in-house servers of eleven different federal agencies, including the FBI, ICE, and the IRS. Bulk access (also known as Agency Integrated Access) means that the FBI, ICE, IRS, and eight other agencies don't need to use FinCEN's query tool. This bulk data can be access by another 35,000 agents. Alas, FinCEN doesn't track how many in-house searches were conducted by these agents in 2023, but I'd guess it's in the tens if not hundreds of millions.

By contrast, Canadian law enforcement agencies do not get direct access to FINTRAC's financial data trove. Instead, FINTRAC employs an internal force of a few hundred data analysts to parse the database for clues that suggest participation in money laundering or terrorist financing. Only when FINTRAC employees have attained a reasonable grounds to suspect that a pattern of transactions has crossed the line can they pass a report on to a Canadian law enforcement body, such as the RCMP or municipal police. This report is known as a financial intelligence disclosure and includes information like the name of the transactor, their address, telephone number, criminal record, and more.

FINTRAC submitted 2,085 of these disclosures to law enforcement in 2022-2023.

So to step back for a moment, tens of thousands of U.S. law enforcement officials conduct tens of millions of searches through Americans' personal financial data to get leads. In Canada, this same database can only be accessed a small number of FinCEN FINTRAC analysts, who selectively push a few thousand reports out to Canadian law enforcement each year. 

That's quite the contrast. Put differently, unlike their U.S. equivalents the RCMP, Sûreté du Québec, Ontario Police Police, and other policy agencies do not have the power to pull personal financial data willy-nilly from the government's database. This means far fewer eyeballs on Canadian financial records. As far as protecting the financial privacy of citizens, the Canadian access model does a better job. The U.S. access model is friendlier to law enforcement and stopping crime.

A disadvantage (or advantage, depending on your tolerance for being watched) of the American system is it allows the 11 agencies with bulk access to create "data cocktails" – personal financial data downloaded from FinCEN spiked with their own data sources – in order to better investigate suspects. For instance, according to a 2009 report from the Government Accountability Office, the FBI incorporates bulk FinCEN suspicious activity reports into its Investigative Data Warehouse along with 50 other data sets from different sources. The IRS's Reveal System, portrayed below, ingests FinCEN reports along with tax data to conduct more complex investigations.

The IRS's Reveal System, which ingests FinCEN CTRs along with other non-FinCEN data [source]

I don't know if the FBI and IRS data cocktails still exist, and in what form, but they certainly give a flavor of what sorts of broad access law enforcement can get to personal financial records in the U.S.

By contrast, Canadian law doesn't allow for U.S.-style data cocktails. An agency like the RCMP can't mix FINTRAC's store of personal financial data with their own bespoke data sources because the RCMP is prohibited from pulling raw CTRs, cross-border wire transfer reports, and suspicious transaction reports out of FINTRAC. Only FINTRAC gets to determine what information gets pushed out to the RCMP.

This firewall isn't accidental. As Horst Intscher, a former director of FINTRAC explains, a degree of privacy protection was purposefully built into FINTRAC's original design: "Because of the very broad range of information that the [Proceeds of Crime (Money Laundering) and Terrorist Financing Act] makes it possible for us to receive from reporting entities, it was determined at the original passage of the legislation that protections had to be built, so it would not be construed that there was a flow-through of massive amounts of personal information directed to law enforcement agencies."

In other words, FINTRAC was designed to prevent the likes of the RCMP from creating an FBI-style Investigative Data Warehouse. 

However, the wall imposed between Canadian law enforcement and FINTRAC does have a degree of porosity, enough to provide law enforcement with an indirect way for pulling data out of FINTRAC. If the RCMP is investigating a suspected money launderer, it can submit information about the suspect to FINTRAC in the form of a voluntary information record. For example, it might say that "Joe Blow and his sister-in-law Martha are the subjects of an investigation for drug trafficking and money laundering, and we just thought you should know that." This new data becomes part of FINTRAC's database, against which FINTRAC's agents will check all other data. If the agents spot a match, and it meets the bar for a "reasonable grounds for suspicion", then they must send the RCMP a disclosure containing the relevant personal financial information.  

In 2022-23 FINTRAC received 2,550 voluntary information records from Canada’s law enforcement and national security agencies (including from members of the public), a large number of these eventually boomeranging back to law enforcement in the form of a disclosure. How many? The head of FINTRAC once claimed that "65% to 70%" of FINTRAC's ultimate disclosures to law enforcement are triggered by voluntary information submitted by law enforcement, which hints at how porous the wall is.

----

That sums up my comparison of the inflows and outflows of personal financial data to the U.S. and Canadian governments. This is just a cursory analysis. There are all sorts of other vectors across which to compare the scope of the two nations' data collection efforts that I haven't explored. I've focused on the factors that I think are the most important.

Readers from other countries may be curious to find out about their own FIUs to determine where they stand relative to Canada and the U.S. If so, leave your findings in the comments. My Australian readers, for instance, may be interested to note that their government collects far more private information than the U.S. and Canada combined. AUSTRAC, the Australian FIU, collected 192 million transaction reports in 2023, an astonishing 7 reports per Australian!  This is because AUSTRAC receives information on all cross-border wires, with no lower threshold.

At the outset of this article I suggested that many of us would tolerate some loss of privacy in order to make it easier for the police to catch criminals. A few of us will accept a large loss. Others will not tolerate even the smallest infringement on privacy. An individual's line in the sand is very much a personal matter. I'm going to leave it to the reader to decide which country (if either) approaches the right balance. Is Canada too lax relative to the U.S.? Does the firewall we've erected between the cops and the trove of financial information give criminals free rein? Or does the U.S. not sufficiently respect privacy? Should the FBI and its sister agencies lose some of their unfettered access to Americans' personal financial data?

"I didn't launder the cash, your honor. The robot did."

Crypto enthusiasts protest the trial of Alexey Pertsev

As the multiple Tornado Cash legal cases wend their way through courts in the Netherlands and the U.S., we continue to learn how society's money laundering laws will be applied to some of the more unique financial entities being created on the new technological medium of blockchains.

Last month Alexey Pertsev, a co-creator and co-administrator of privacy platform Tornado Cash, was found guilty of money laundering by a Dutch court. (The full decision translated into English is here). Meanwhile, Roman Storm and Roman Semenov, Pertsev's colleagues, are under indictment in the U.S. for engaging in money laundering, among other charges. Separately, Tornado Cash continues to be sanctioned by the U.S. Treasury.

In general, I think a guilty verdict is the right decision. It would have been dangerous to find Pertsev innocent, since to do so would have given all sorts of hardened money launderers – the mob, drug lords, and terrorist networks – the perfect techno-legal loophole for avoiding future money laundering charge. Shifts in the underlying technology used for disguising dirty money should not be enough to turn a crime into a non-crime.

Before I get into my reasoning, here's some context for people who are new to the issue of Tornado Cash.

Tornado Cash was introduced by Pertsev, Storm, and Semenov in 2019 as a means for crypto users to enjoy privacy, but it wasn't long before thieves and hackers began to regularly deposit large amounts of stolen crypto into the utility to be obfuscated. This was plain as day to anyone who was watching. Blockchains are radically transparent (that's why privacy tools like Tornado are needed) which meant that everyone could watch in real-time as criminal trails converged on Tornado Cash. 

Court cases in both the U.S. and the Netherlands reveal that Pertsev and his colleagues were well-aware that illicit activity passing through Tornado, yet they continued to work on the utility anyways. This is important because possessing a "knowing" state-of-mind is a key ingredient to being found guilty of money laundering. If he had had no idea that the money being disguised was dirty, Pertsev could not have been charged in the first place.

Criminals were not the only users of Tornado. Licit actors who wanted privacy also deposited funds into the entity, including Ethereum co-creator Vitalik Buterin. But the presence of good transactions amongst the bad ones doesn't dilute the seriousness of the alleged crime. All it takes to trigger a money laundering charge is a few dirty transactions. "C'mon! 82% of the money was licit!" is no alibi.

Tornado Cash is by no means the crypto economy's first privacy platform. The original generation of privacy tools, so called "mixers" or "tumblers," began to emerge in the early 2010s with the likes of ChipMixer, Helix, Bitcoin Fog, Sinbad, and Blender. Anyone who required anonymity could send their bitcoins to the platform owner, who would proceed to commingle, or "mix," all incoming bitcoins in a single address under their control, thus rendering them untraceable. After some time had passed, the platform owner manually re-sent the now obfuscated bitcoins to their original sender, less a fee.

Like Tornado Cash, the first generation of privacy utilities was used by both criminals and regular folks seeking privacy. None of these original mixers have had happy endings. The owners of Bitcoin Fog and Helix, Roman Sterlingov and Larry Harmon, were both found guilty of money laundering and are currently serving jail sentences. Minh Nguyen, the administrator of ChipMixer, has been indicted for money laundering and is on the FBI's most wanted cyber list. Blender and Sinbad have both been sanctioned by the U.S. government.

Source

By any legal standard, these bad endings were well-deserved. They may have been technological novelties, but ChipMixer, Helix, Bitcoin Fog, Sinbad, and Blender were very much text-book examples of money laundering. The owners of these entities knew that some of the transactions they were participating in involved proceeds derived from criminal sources, yet despite this knowledge they proceeded to disguise them anyways. The only thing new about Helix and the other first generation mixers was the medium they were disguising – bitcoin instead of cash or deposits.

And so professional mixers like Harmon and Nguyen join a long line of traditional money launderers – dirty bankers, drug cash couriers, crooked remittance shop owners, and hawala operators. The law shouldn't be fooled by technological novelty, and in the case of the first generation of mixers, it wasn't.

That these were textbook cases of money laundering isn't disputed by the crypto community. Crypto advocates are a vocal bunch, and while they have loudly voiced their complaints about the legal action taken against Tornado Cash, they have for the most part quietly accepted the punishments meted out to the first generation privacy platforms. A legal fundraiser to support the Tornado Cash accused, for instance, has raised hundreds of thousands of dollars; there have been no equivalent efforts to raise a legal defence for Harmon, Sterlingov, or Nguyen. Crypto lobbyists have gone to war for Tornado Cash by launching court appeals and filing amicus briefs in its support. But when it comes to defending the Bitcoin Fog or Helix operators, or challenging the government's sanctioning of Sinbad and Blender – crickets.

The Tornado Cash legal cases have been more controversial than those of the first generation mixers thanks to a technical innovation in Tornado's construction. Most of us would consider this to be a relatively obscure change, but crypto enthusiasts see it as a defining one.

Harmon and his counterparts controlled their platforms outright, taking possession of the dirty crypto before manually sending it back to criminals in disguised form. Not so Tornado Cash. When it was built, a layer of automation was inserted between Tornado Cash's users and Pertsev and his colleagues.

Instead of sending their crypto to wallets controlled by the trio, as users did with Helix, crypto was now deposited by users into a set of automated pools. These pools were not managed on an ongoing basis by Pertsev and his colleagues. Rather, they were built using fully automated code on the Ethereum blockchain. Originally co-created by Pertsev in 2019, this code was frozen in time by the designers in early 2020, at which point it could no longer be upgraded or changed by anyone, even Pertsev. To this day the pools continue to operate, even though the Tornado Cash creators are either jailed or under indictment.
 
Other parts of the Tornado Cash platform are not so set-in-stone and remained under the control of Pertsev and his colleagues throughout. This includes the main website by which users accessed the automated pools, which was regularly upgraded over time, as well as the relayer service. (A relayer is a way to guarantee the privacy of Tornado Cash users). Pertsev and his colleagues profited from their ongoing control over the website and relayers.

The lawyers for Pertsev, Storm, and Semenov have argued that this layer of automated code exonerates the trio of money laundering. After all, if they no longer control what the utility is doing, then how can they be said to be operating a money laundering enterprise? The lawyers also argue that as writers of code, Pertsev, Storm, and Semenov are protected by speech laws, much like an author who has written a book. It is the code-is-speech claim that has particularity riled up the crypto community.

I don't like the idea of someone being sent to jail, but I think it's a good thing that the Dutch court chose not to accept these arguments.

Using go-betweens is a time-tested criminal strategy for distancing oneself from the crime. In more conventional money laundering operations, this strategy might involve separating the leader of a cash laundering operation from the actual dirty cash with a layer of underlings. In the age of crypto, no need to use living human underlings; just insert a buffer of unliving code.  

But the law shouldn't be fooled by artificial distances between a launderer and dirty money, whether those intervening layers be living people or code.

Allowing a buffer of automated code to absolve folks like Pertsev of money laundering would make it much easier to be a professional money launderer. Bad actors like Harmon and Sterlingov who have already been deemed by the courts to be criminals would suddenly have the perfect techno-legal loophole at their disposal if they decide to reengage in crypto laundering once their jail terms are up. Instead of manually running their operations as before, Harmon an Sterlingov could insert a mute layer of automated code between them and their illicit clients, their criminal mixing no longer being a crime.

But this would be an absurd state of affairs. A simple technological change to the way a criminal mixer administers their back office shouldn't convert them into a non-criminal.

The danger of the "it was the code that did it" defence extends beyond the crypto economy. In the much-larger traditional economy, laundering physical cash is a relatively common criminal profession. Take the fictional example of Marty Byrde, the star of Ozark. If the Tornado Cash defence were to be accepted in a court of law, then Byrde need only program a set of self-operating cash-handling robots to do most of his tasks for him, and he can get away scot-free. "I don't exercise any control over the packages of cash, your honor. The robots did!"

Or take the example of drug cash couriers, who run the risk of being convicted for money laundering when they move cash across the U.S.-Mexico border. Taking a cue from Tornado Cash, if a courier were to deploy an autonomous fleet of AI-powered drones instead, then when charged with a money laundering offence he or she need only invoke the now-standard defence: "it was the drones who controlled the cash, not me."

Taken to an extreme, the Tornado Cash defence means that money laundering effectively ceases to exist as a crime. All the culpability shifts onto the undead intermediaries, which can't be punished. This eclipsing of money laundering laws would be unfortunate. Professional money laundering is a key sector within the broader criminal economy, greasing the wheels for the entire enterprise. Without any legal defences against launderers, we are all much more vulnerable to crime-in-general.

In what follows, I want to provide a historical example of how the law should act when confronted with the changing tactics and technologies of money launderers.

Money laundering is a relatively new crime, but it has a much older predecessor in the crime of fencing, also known as receiving. The laws against fencing and money laundering are similar, the idea being to punish not the original criminals but the third-parties who knowingly participate in the crime by accepting dirty proceeds.

Any thief runs a big risk of being caught with stolen goods. At some point in the middle ages, specialized intermediaries, or fences, emerged to absorb this risk by accepting stolen property from professional thieves and redistributing it. Thieves could now offload their goods much quicker, thereby achieving a degree of safe harbor. For their part the fences themselves were safe from prosecution. After all, they hadn't committed the original theft, and accepting stolen property was not a crime.

The addition of specialized wholesalers to the thievery production process helped drive a rise in the incidence of theft, according to historian Rictor Norton. To close this loophole, fencing was criminalized in England in 1692. For the first time, a third-party who knowingly accepted stolen goods could be punished as an accessory to the original theft. The business of reselling hot property, risk-free until then, suddenly became much more dangerous.

The illegal fencing market quickly evolved new tactics. Enter Jonathan Wild, an incredibly successful launderer of stolen goods who, by the mid 1710s, is said to have been the "undisputed leader in the fencing business of London," according to marketing professor Ronald Hill. Wild evaded the 1692 anti-fencing law by never himself handling stolen property. Instead, he acted as an early version of Craigslist, but for stolen objects. He arm-twisted all of London's thieves to secretly report any robbery immediately to him, asking them to retain possession until he contacted them. At the same time, the unfortunate victims of those thefts were encouraged to approach Wild with requests to help locate their missing property.

Once Wild knew who was at both ends of a theft, he would pay the thief and tell him to return the goods to the victim using an anonymous porter. The happy victim got their stolen goods back, paying Wild a large reward for his troubles.

With Wild running circles around the law, Parliament passed an additional anti-fencing law in 1718 that punished anyone who took a reward under the pretence of helping a victim of theft, without actually prosecuting the original felon. In 1725, Wild was apprehended, tried, and condemned to death on the basis of this statute. 

A gallows ticket to view the hanging of Jonathan Wild (Wikipedia)

Now, a death sentence is extreme. But this is a good example of the law staying hip to both the changing technology of theft and its evolving division of labour. As the profession began to be subdivided into specialist thieves and an emerging class of allied wholesalers of stolen goods, lawmakers recognized that wholesaling was really just an appendage of theft, and thus fencing was criminalized. Later on, when fences like Wild adapted with new methods, the law kept up by finding additional means to reach fencing operations.

With Tornado Cash, we are at a "Jonathan Wild" stage of the modern money laundering profession's development. Control of dirty proceeds is being shifted to autonomous intermediaries so that the perpetrators can avoid prosecution. Much like how the law adapted in the 1700s to encompass Wild's tactics of distancing himself from dirty property, it will have to do the same with money launderers who use crypto code, autonomous robots, or AI drones to dissociate themselves. While I don't enjoy the idea of anyone spending time in jail, finding Pertsev guilty is part of that process.

Unlike Jonathan Wild, who was a criminal mastermind, Alexey Pertsev and colleagues seem to have bungled into the crime partly out of an ideological commitment to crypto ethics, the wider community unhelpfully egging him on. That doesn't mean he's not guilty, but it does suggest a lighter sentence than the 64-month one he received might be appropriate.

I've been arguing throughout this article that money laundering law should extend to innovative financial entities created on blockchains, such as Tornado Cash. I want to close by pushing back on this a bit.

A guilty verdict for Pertsev and his colleagues should not be tantamount to a ban the creation of autonomous financial institutions, particularly those focused on privacy. If a coder wants to create an open privacy mechanism for crypto, promote it, and financially profit from it, I think that he or she should have the right to do so, subject to the following condition. The code needs to include a component that screens out dirty crypto – and this filter shouldn't be a sham attempt, it has to be a genuine effort.  

While I think the law got it right in this instance, shame on lawmakers and law enforcement if they don't accommodate future generations of code-based entities (and their creators) that actually do make good faith efforts to freeze out dirty money.