Late last week, the Financial Action Task Force (FATF), an intergovernmental body that sets standards for combating money laundering, terrorist financing and other threats to the integrity of the international financial system, released landmark Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers). The 57-page guidance document provides examples of risk indicators for virtual assets (VAs), discusses the type of activities that will be deemed virtual asset service providers (VASPs) and clarifies that VASPs have the same level of anti-money laundering obligations as do financial institutions. One of the more notable requirements in the guidance is the obligation for VASPs "to obtain, hold, and transmit required originator and beneficiary information, immediately and securely, when conducting VA transfers." Some other notable requirements include those related to automated transaction monitoring, risk assessments, information sharing procedures and requirements related to new products such as anonymity-enhanced cryptocurrencies. FATF member countries are expected to use the new guidance to design and implement their own regulations, which will eventually be assessed through FATF's mutual evaluation process.

In enforcement news, this week, U.K. and Dutch law enforcement, together with Europol and Eurojust, arrested six individuals in Europe after a 14-month investigation into a €24 million cryptocurrency theft. The six individuals allegedly cloned a well-known online cryptocurrency exchange to access the victims' Bitcoin wallets, and then stole their funds and login details. The theft reportedly affected at least 4,000 victims in 12 countries. Last week, Israeli police arrested two brothers, Eli and Assaf Gigi, for a similar type of crime. The brothers allegedly created credential-stealing clones of major online cryptocurrency exchanges and wallets, and sent links to phishing sites enabling them to steal victims' funds. Reports of how much money was stolen ranges from tens of millions of dollars to nearly $100 million. According to reports, the two may also be responsible for the 2016 Bitfinex hack, in which 120,000 bitcoins were stolen.

Finally, late last week, Patrick McDonnell pleaded guilty in Brooklyn to wire fraud in connection with a cryptocurrency investment scheme. For more than three years, McDonnell used social media to solicit investors, promising to invest their money on their behalf, but instead used the funds for his own purposes. At least 10 victims were purportedly defrauded of about $194,000 worth of various cryptocurrencies. McDonnell faces up to 20 years in prison plus forfeiture of his illicit gains.

For more information, please refer to the following links:

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.