Australian financial compliance enforcement agency AUSTRAC has delivered two new guide lines to help entities to spot when clients are utilising crypto for illegal means, or when they are being compelled to pay the makers of ransomware.
The two guide stated by AUSTRAC:
“Where possible, encourage your customers to report ransomware incidents to the ACSC’s ReportCyber service and law enforcement.”
“The conversion to and from government-issued currency is the point where a criminal is most exposed and identifiable.”
Notably, the guide urged traditional financial institutions to avoid debanking customers, citing that this has been a major issue in the local crypto sector and could have serious consequences if a lawful person is mistakenly identified as a criminal.
However, it warned that debanking customers based solely on suspicion of such activity was a harmful practice with serious consequences.
“Debanking legitimate and legal businesses can have a negative impact on both individuals and businesses.” It may also increase the risks of money laundering and terrorism financing, as well as have a negative impact on Australia’s economy, the guide warns.
AUSTRAC stated in an announcement earlier today that the growing acceptance, value, and adoption of crypto and blockchain technology has been accompanied by an increase in cybercrime.
AUSTRAC stated that:
“Cyber-enabled crime is becoming a growing threat to Australians.” The Australian Cyber Security Centre (ACSC) reported 500 ransomware attacks in the 2020-21 fiscal year, a nearly 15% increase over the previous year.”
The ransomware and “criminal abuse of digital currencies ” guides are intended to spot the malicious people, yet in addition to make it more straightforward to report suspicious movement to AUSTRAC — something which a firm should do after reporting the matter to the police.
AUSTRAC outlined several indicators in the ransomware guide that a customer may be rushing to pay a ransom. Restless with transaction speed, instantly large amounts of transactions from newly onboarded businesses, and transfers of one’s entire holdings with no subsequent account activity were all on the list.
While the indicators may appear obvious, AUSTRAC stated that most “victims are often reluctant to report” because they want to get their businesses out of the hands of attackers and back up and running as soon as possible.
In the illegal crypto use- focused guide, AUSTRAC makes a list of activities, for example, tax avoidance, tax evasion, tricks and buying the illegal items on the darknet. The regulator gave the most consideration to money laundry as it gave a rundown of its key parts which include “position, layering and coordination”.
Following the purchase of digital assets with fiat (placement), the criminal will attempt to convert the assets across different accounts and platforms (layering) in order to “distance the funds from the source”.
Decentralised finance (DeFi) platforms, mixers, and privacy coins were mentioned as possible solutions. Finally, the bad actor will reintroduce the capital into traditional financial services or products using the final variant of the funds (integration).
