The proceeds from cryptocurrency thefts and frauds amounted to nearly $2 billion in 2020, according to a report by blockchain analytics firm CipherTrace. But that still represented a sharp decrease compared to 2019.
One reason for that decline is that while the number of incidents of thefts, hacks, and fraud remained largely the same, the take by criminals in 2019 was 160% higher than in 2020.
This indicates growing “maturity in the crypto space as entities continue to harden systems and take precautions against inside and outside threats,” the report said. It added:
“While 2020 did see a large $281 million hack of cryptocurrency exchange KuCoin, the exchange claims to have already recovered 84% of the stolen funds—something almost unheard of in previous years.”
On the other hand, bitcoin addresses associated with crime—such as dark markets, ransomware, hackers, and fraudsters—transferred more than $3.5 billion worth of bitcoin in 2020.
“Most of this bitcoin will ultimately need to be laundered by these criminals, meaning it will make its way to an exchange where it can be converted to fiat currency and transferred to a bank,” the report found.
That said, despite “illicit transactions making up less than 0.5% of Bitcoin’s yearly volume in 2020,” it noted, adding that cryptocurrency may “struggle to ever completely shake its bad reputation.”
CipherTrace noted that in 2020 decentralized finance “was overrun by dozens of DeFi related hacks and scams.”
While these were much smaller than traditional crimes, CipherTrace said DeFi “is the next major threat vector for fraud and money laundering,” noting that half of all thefts of 2020 were DeFi-related attacks — totaling $129 million. Also, nearly 99% of all 2020’s crypto fraud volume originated from DeFi projects carrying out “rug pulls” and exit scams on their users and investors.
CipherTrace notes that global financial regulators are eager to bring regulation on par with traditional finance. One example is the rule proposed in late December by the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN), requiring crypto service operators to collect identifying data about anyone who wants to transfer $3,000 or more to or from an “unhosted” wallet.
As Modern Consensus reported at the beginning of the current month, United States-based cryptocurrency firms expressed outrage over the rule proposed by FinCEN, since it would require them to gather and report personal data from private cryptocurrency wallets. Industry insiders suggested that this rule would only force crypto innovation to move abroad where such rules are not enforced.
On the other hand, CipherTrace said “U.S.-based exchanges sent $41.2 million worth of Bitcoin directly to criminally associated addresses,” with a single exchange accounting for $36.7 million of that—despite having what the blockchain analytics firm called “strong” know-your-customer (KYC) protocols in place. But the company added, “[t]hese transactions could and should have been stopped by adequate AML software.”
The CipherTrace report also cites the revised standards on virtual assets and virtual asset service providers introduced by the Financial Action Task Force’s (FATF) in late June 2020. The new rules are expected to force a reduction of cryptocurrency exchange users’ financial privacy by effectively forcing strict anti-money laundering (AML) requirements with substantial know your customer (KYC) data on cryptocurrencies that attempt to end the anonymity built into their DNA ever since Bitcoin.