The Bitcoin whitepaper published on October 31, 2008, has altered the landscape of financial transactions for good. While the paper’s primary intent was to introduce a peer-to-peer (P2P) electronic cash system, its tenets have far-reaching implications that are still relevant today, especially when it comes to transactional transparency and accountability.
Bitcoin: decentralized, transparent, pseudonymous
- One of the document’s foundational principles is decentralization. Bitcoin operates on a decentralized network of computers. Unlike traditional currencies, it is not controlled by any single entity or government, aiming to reduce the risk of censorship and central points of failure. Instead, Bitcoin enables direct (P2P) transactions between users, where intermediaries like payment systems or banks are not needed.
- Another key idea is the concept of a transparent immutable ledger (what we now commonly refer to as the blockchain.)* Unlike traditional banking systems, where transaction details are known only to the participating parties and the institutions, Bitcoin’s transactions are viewable by anyone. Once confirmed, transactions can’t be altered or deleted.
*Interesting fact: The whitepaper doesn’t contain the word ‘blockchain.’ The term was coined later to describe the underlying architecture of Bitcoin.
- At the same time, this transparency doesn’t contradict user privacy. Satoshi’s design ingeniously used cryptographic methods to ensure that while transactions are public, the identities behind those transactions could be pseudonymous. It means the true identity of a person is not revealed: each user has a public address (string of characters, e.g., 14L11zwChHRYBk58KLdxD6LKWD8ZGuv7Hb) that acts as a pseudonym. Thus, we can’t say Bitcoin offers true anonymity.
Privacy models. Source: bitcoin.org
Thus, crypto is built on the pillars of decentralization and pseudonymity that create considerable hurdles for traditional AML procedures:
- Crypto allows transactions to occur without an intermediary.
- The semi-anonymous nature of many cryptocurrencies can further cloak transactions, making it harder to discern the flow of illicit funds.
- Blockchain technology can enable quick cross-border movements of assets, outpacing traditional AML controls.
Pseudonymity vs. traceability: An issue of alignment rather than a gap that can’t be breached
At first glance, Bitcoin’s decentralized pseudonymous nature might seem fundamentally at odds with the centralized nature of AML regulations. The latter were primarily designed for traditional financial systems, where parties are clearly identifiable and activities are well-monitored. But upon closer examination, this seeming conflict is more of a challenge in harmonization rather than an irreconcilable difference:
- Blockchain analytics firms have developed solutions that can trace suspicious transaction patterns without necessarily revealing the identity of the involved parties. It doesn’t mean these services don’t label risky address owners. The point is detecting specific identities is not a must for revealing illicit activities.
Here is how it works in real life. The Garantex exchange was sanctioned in 2022 but managed to sustain its operations. It funneled its funds through intermediary, or “proxy” clusters (groups of wallets that have a single owner). Here, assets were merged with clean funds to make them less risky in the eyes of exchanges. The exchange had to create new clusters, since others were known to law enforcement and blocked. There was no need for the Global Ledger team to unveil specific identities behind the newly created addresses, as they were able to identify and trace suspicious patterns anyway.
Screenshot from GL Vision showing the scheme of how Garantex, a sanctioned exchange, “blurs” the AML risk score with the last activity of the “proxy” cluster (06.07.2023)
- AML solutions also adopt risk-based approaches, where the level of scrutiny varies depending on the nature and amount of transactions. This flexibility aligns with Bitcoin’s ethos, allowing for freer low-risk transactions while focusing compliance efforts on high-risk activities more likely to be associated with financial crimes.
The image illustrating the GL risk score approach, where the higher the score, the higher the risk of cooperation with an entity
How GL fosters collaborative synergy
Let’s take a look at this screenshot from GL Vision.
Screenshot from GL Vision showing ETH and ERC-20 transactions.
The blue circle represents a user’s wallet. We have data about their transactions (how much, when, to whom, and from whom funds were sent), but there is no information about their identity. This wallet’s activity poses no risk, and we don’t need to research and identify this user. Thus, the principle of privacy is upheld.
The VASPs, such as 1inch.io or SushiSwap, are labeled for several important reasons:
- Regulatory compliance
- Risk management
- Potential audit.
By labeling VASP-related information, blockchain analytic tools contribute to a more secure, transparent, and compliant ecosystem.
However, it doesn’t mean that our customers’ data is disclosed. At Global Ledger, we store all data on an independent server or cloud to ensure its maximum security.
AML solutions have undergone transformations to meet the challenges presented by crypto
In the first years following the introduction of Bitcoin, there was a lack of regulatory oversight. AML solutions were largely unprepared for the pseudonymous nature of crypto transactions. The early 2010s saw financial watchdogs worldwide begin to take notice as cryptocurrencies were increasingly used for illicit activities.
As early as 2013, pioneers in blockchain analytics began surfacing. These firms were creating tools capable of deanonymizing blockchain transactions for compliance purposes. Their offerings gave regulatory bodies and law enforcement agencies the means to trace illicit transactions back to their source, providing an initial solution to the AML challenges posed by cryptocurrencies.
This year, FinCEN (Financial Crimes Enforcement Network, U.S. Treasury) made a landmark declaration, stating that “administrators or exchangers” of digital currencies fall under the purview of money services businesses as per the Bank Secrecy Act (BSA) and FinCEN’s own regulations. Later, it required money service firms to get licenses and implement AML rules.
About mid 2010s, more crypto monitoring solutions appeared. Around this period, the Financial Action Task Force (FATF) began adding cryptocurrencies to its AML recommendations. FATF’s Recommendation 15 was amended in 2018 to clarify that it applies to virtual assets and virtual asset service providers (VASPs). A year later, FATF clarified its requirements to explain how the regulations pertain to virtual assets and VASPs, including customer due diligence (CDD).
Around the end of the 2010s, compliance solutions offered integrated Know Your Customer (KYC)/Know Your Transaction (KYT) and AML services specifically designed for the crypto industry. By that time, it was clear that KYC only was not enough.
The rise in popularity of DeFi intensified the complexity of AML compliance. To respond, analytic firms expanded their offerings. Updated tools could also analyze smart contracts and token transfers.
Incorporating artificial intelligence (AI) and machine learning (ML) into AML tools enhanced their effectiveness. They can detect complex patterns within large data sets, assess risk levels more accurately, and predict potential threats. AI can process and analyze data at a scale that is impossible for human teams, while ML learns from new data.
With technological and regulatory development, these solutions continue evolving to address the challenges the crypto industry presents.
A future written in collaboration, not conflict
What outcomes might we expect, considering the fundamentals of crypto, AML solutions, and their synergy? Let’s hypothesize about future trends:
- With FATF at the forefront of international AML regulations, we will likely see movement toward global standardization.
- Enhanced machine learning algorithms will make it easier for companies to comply with AML requirements without compromising user privacy.
- Concepts like decentralized identifiers will be advancing, potentially revolutionizing KYC processes by giving more control to the users.
- Zero-knowledge proofs will become more popular, offering a way to prove information without revealing the data itself. This protocol allows one party to prove to another party that some information is true, without disclosing specific details of this information. For example, it enables you to prove someone you know the password to an account, while not telling the password itself. This could be a game-changer in aligning privacy concerns with AML compliance.
- A continuous collaboration of policymakers, crypto businesses, and financial experts will aid in developing a mutually beneficial compliance landscape. The work on the matter has commenced. For example, the synergy of different market participants helped create MiCA (the Markets in Crypto Assets) regulation to establish a standardized set of regulations within the European Union.
The essence lies not in an irreconcilable difference between Bitcoin and AML but in the challenges and opportunities of aligning them. In the future, both technological innovation and regulatory agility will play key roles—not only coexist but thrive together.