On May 9, 2019, the U.S. Financial Crimes Enforcement Network (FinCEN) issued guidance on the application of Bank Secrecy Act (BSA) regulations, specifically those regulations applicable to money services businesses (MSBs), to certain business models involving the transmission of convertible virtual currencies (CVCs) (the “Guidance”). The Guidance follows previous interpretive guidance issued by FinCEN in 2013 relating to transactions involving the acceptance of currency or funds and the transmission of CVC. Also on May 9, 2019, FinCEN issued an “Advisory on Illicit Activity Involving Convertible Virtual Currency.”
FinCEN’s BSA regulations at 31 C.F.R. Part 1022 prescribe anti-money laundering (AML) program and other requirements applicable to persons operating as a “money services business.” FinCEN defines “money service business” as “a person, wherever located doing business, whether or not on a regular basis or as an organized or licensed business concern, wholly or in substantial part in the United States,” who functions as, among other things, a “money transmitter,” or a person engaged in “money transmission services”. The Guidance notes that “money transmission services” include the acceptance of “value that substitutes for currency” from one person and the transmission of “value that substitutes for currency” to another location or person by any means. CVC is a type of “value that substitutes for currency” as that term is used in the FinCEN regulations at 31 C.F.R. Part 1022. Accordingly, a person who engages in CVC transmission services could be subject to the BSA regulations applicable to MSBs, including AML program, recordkeeping, monitoring, and reporting requirements that include the filing of suspicious activity reports and currency transaction reports.
The Guidance describes a number of common business models involving the transmission of CVC and the application of the BSA regulations for MSBs to each of the specific models. These models include: (i) peer-to-peer (P2P) exchangers engaged in the business of buying and selling CVCs; (ii) CVC wallets, including hosted and unhosted wallet providers and multiple signature wallet providers; (iii) CVC money transmission services provided through electronic terminals (CVC kiosks); (iv) CVC money transmission services provided through decentralized applications (DApps); (v) anonymity-enhanced CVC transactions; (vi) payment processing services involving CVC money transmission; and (vii) CVC money transmission performed by internet casinos.
The “Advisory on Illicit Activity Involving Convertible Virtual Currency” (the “Advisory”) identifies risks posed by virtual currencies and sets out a number of virtual currency abuse typologies utilized by criminals in the United States and abroad in furtherance of illicit schemes. These typologies are typically executed through: (i) darknet marketplaces, websites that are accessed only through anonymized overlay networks; (ii) unregistered P2P exchangers; (iii) unregistered foreign-located MSBs; and (iv) CVC kiosks. In addition to describing the various typologies, the Advisory identifies a number of red flags indicative of virtual currency abuse.
The Advisory also provides financial institutions with guidance on suspicious activity reporting relating to CVCs and details the types of information that will be helpful to law enforcement and should be included in suspicious activity reports filed with FinCEN, including virtual currency wallet addresses, available login information (including IP addresses), and mobile device information (such as device IMEI). The Advisory also requests that financial institutions filing suspicious activity reports reference the Advisory (CVC FIN-2019-A003) in the SAR form where there is a connection between the suspicious activity reported and possible illicit activity involving CVC.