Banking Exchange Magazine Logo

When blockchain, cryptocurrencies, and AML meet

Banks must begin rethinking BSA/AML for a blockchain age

Bitcoin serves as the compliance profession's introduction to the broader world of blockchain technology challenges. Bitcoin serves as the compliance profession's introduction to the broader world of blockchain technology challenges.

As we begin to reflect on the year that was 2016, it would be difficult to identify its single most defining topic. Surely, the U.S. presidential election, ISIS, Syria, and Zika would all be contenders for top spot.

There’s one topic that would almost certainly fail to crack the top ten. Yet it is touted to have a much larger long-term impact on day-to-day life than many of the aforementioned frontrunners: blockchain technology.

Over the past year, blockchain has become the buzzword for major financial institutions, and while its capabilities and purpose continue to evolve, its basic concept of a shared ledger has become mainstream.

But there are ramifications beyond technology and new ways of doing business. There are compliance implications. However, first let’s get everyone on the same page.

Understanding blockchain

Blockchain is a technology platform that enables multiple parties to view and update an immutable shared ledger. The ledger can be decentralized or distributed, meaning that it can be open or closed, with a similar comparison being the internet versus a private intranet.

In concept this seems simple enough. But blockchain has excited peoples’ imaginations and advocates for the technology suggest endless possible applications that reach far beyond the financial services industry.

Need to lease a car? Blockchain can help. Looking to ID tens of thousands of undocumented migrants? Try leveraging blockchain. Independently thinking machines threatening humankind with nuclear war? Release the blockchain.

That last one was in jest, but you get the point.

The jury is still out on whether or not blockchain technology can live up to all of its high expectations. However, this uncertain future has proven to be one of its most valuable marketing points, with nearly every major financial institution pledging allegiance to a blockchain-inspired consortium aimed at tapping into its potential.

At the same time, the uncertainty that lingers also acts as somewhat of an Achilles heel, providing ample fodder for skeptics.

Regardless of which camp one belongs to—if one has chosen a camp yet—one thing for certain as 2017 approaches is that the technology does work and is already being used on a daily basis by thousands of people around the world via decentralized cryptocurrencies, such as Bitcoin.

This rise in cryptocurrency usage, along with the exploration of blockchain solutions for traditional banking services, puts anti-money laundering (AML) professionals on the front lines of a possible major tipping point event. One which requires a revaluation of traditional AML methodologies that will not only allow regulatory adherence but technological innovation and marketplace growth.

“Big bad Bitcoin” and banking’s compliance challenges

While 2016 was blockchain’s year, it definitely was not the year of its largest proof of concept, the cryptocurrency network known as Bitcoin.

Understandably, referring to Bitcoin as a proof of concept can be viewed by many as a major understatement. However, when it comes to blockchain technology’s adoption by international financial institutions, Bitcoin’s approximate $10 billion (USD) market cap and limited transaction execution rate, relegate it to the level of a science project in the eyes of many within the financial services industry.

This dismissive attitude towards Bitcoin occasionally still spills over onto blockchain, although this has decreased over the past year due to increased focus on the technology as a whole.

AML professionals do not have the luxury of brushing aside any aspect of blockchain, especially cryptocurrencies. This is primarily due to the continuous year-over-year increase in cryptocurrency usage.

According to Crypto-Currency Market Capitalizations, there are currently 645 cryptocurrencies in the world with a combined market cap of $12.5 billion (USD.) While this does not seem like much when compared to the total value of American dollars or British pounds in circulation, it is impressive that currencies issued virtually, devoid of any central bank, have attained this level of valuation.

Note that although decentralized cryptocurrency is created outside of a central bank, it does not operate entirely in a vacuum. Cryptocurrency is being exchanged for traditional fiat currency daily, with many of these transactions being facilitated through traditional financial institutions.

Furthermore, a significant amount of transactional cryptocurrency activity has been tied to criminality worldwide, including money laundering.

Two varieties of crypto transactions

Cryptocurrencies transactions have been observed to operate largely within two distinct separate environments: contained and interactive. This concept has been discussed in depth by international AML professional, Peter Warrack, and indirectly builds on the research completed by Vivian Shum at the University of Toronto in 2014.

In summary, both individuals report that cryptocurrencies operate within separate environments that either interact with traditional financial institutions and fiat currency, or operate independently. This observation is a crucial one for AML professionals when establishing the parameters of an investigation.

For the purpose of this article, the environments proposed by Peter Warrack in a recent treatment in ACAMS Today magazine will be used to further understand how they operate in relation to money laundering. Below are two examples of each environment with a drug dealer facilitating transactions through the two differing scenarios.


Cryptocurrency is transferred through different virtual “wallets” and is eventually utilized for purchase at an online retailer. There is no nexus with traditional financial institutions such as a bank.


Cryptocurrency is transferred through different virtual “wallets” and is eventually converted to fiat currency and wired to traditional financial institutions.

New technologies need new compliance approach

Blockchain and cryptocurrencies present AML professionals with several new challenges that require an evolved approach. This approach needs to utilize existing transaction monitoring, risk rating, and Know Your Customer (KYC) documentation methodologies, and modify them for inclusion of the advances blockchain technology introduces.

Additionally, institutional ledger sharing and transmission of funds between entities without a traditional financial institution nexus requires a realignment of resources to focus on the entities themselves, as opposed to trying to determine the entire lifecycle of a cryptocurrency transaction.

To some, this proposal may be controversial. However the rapid evolution of blockchain and cryptocurrency technology is forcing AML professionals to become increasingly creative when devising adequate and effective controls.

Zero hour approaches

An example of a technological advancement that has been recently introduced is referred to as “zero-proof.”

Zero-proof technology removes any identifying information (sender, recipient, and amount of a transaction) from a blockchain’s ledger, essentially eliminating one of blockchain technology’s most celebrated features when it comes to AML—the ability to trace transactions.

The first cryptocurrency to implement this technology is referred to as Zcash and the Zcash motto is “all coins are created equal.” This slogan undoubtedly refers to the hotly debated issue surrounding the fungibility of cryptocurrency.

From the Zcash FAQ: “If Bitcoin is like http for money, Zcash is https. Zcash offers total payment confidentiality, while still maintaining a decentralized network using a public blockchain. Unlike Bitcoin, Zcash transactions can be shielded to hide the sender, recipient, and value of all transactions on the blockchain. Only those with the correct view key can see the contents. Users have complete control and can opt-in to provide others with their view key at their discretion.”

Since Bitcoin’s inception, the concept of a decentralized international open ledger has enticed many to attempt to regulate or monitor its activity. This has led some to attempt to mark specific coins that have been determined to be related to criminal activity and render them either less valuable or valueless due to their involvement in a suspicious transaction.

The notion of marking cryptocurrency has irked many in the decentralized blockchain space as they believe cryptocurrencies, such as Bitcoin, should be equally as fungible, or interchangeable, as any fiat currency.

Recently, the debate on fungibility appears to be tipping in the favor of those who believe in universal fungibility for cryptocurrency. This is due to the advent of seemingly anonymous blockchain transactions made possible through zero-proof technology.

Fully anonymous cryptocurrency transactions represent a concept that many AML professionals will struggle to come to terms with.

Having only been in existence since late October 2016, it is uncertain whether Zcash will succeed in maintaining a sustainable anonymous blockchain. However, there are several cryptocurrencies currently available that offer less advanced forms of anonymity. Monero and Dash are the names of just two of many cryptocurrencies that offer “anonymous transactions.” Neither utilizes zero-proof technology.

AML professionals must begin to envision a future where cryptocurrencies are exchanged anonymously and operate similarly to physical fiat cash transactions. Furthermore, it would be prudent to take this concept one step further and visualize what it would take to effectively monitor existing banking products on a blockchain that utilizes zero-proof technology. International wire payments, trade finance, and trading product settlement are just a few of the many products that may incorporate blockchain and zero-proof technology in the near future.

Staying ahead of the curve

AML professionals must begin to prepare to address the imminent threat of cryptocurrency misuse. Preparation will contribute towards the creation of a new framework for more complex uses of blockchain technology on a larger institutional scale.

Two recommendations:

1. Review any previously reported Suspicious Activity Reports (SARs) that involve cryptocurrencies. Determine what similar characteristics they displayed.

When overarching trends are noted, compile them for distribution throughout the bank’s investigative group or groups. Identifying common traits will assist in minimizing false positives while increasing investigative efficiency.

2. Think about cryptocurrency compliance collaboration.

AML groups need to follow in the footsteps of other departments within financial institutions and begin to leverage the advantages of collaborative approaches, such as the R3 Cev and Digital Asset Group consortiums.

Group ventures or consortiums can be challenging for competing businesses. However, when coming together to discuss emerging AML trends or typologies for the purpose of increased regulatory adherence, the outcome is usually quite positive.

A unified approach can assist in establishing a stronger knowledge base and standardized terminology. This approach can also help to form critical partnerships that can be leveraged to explore additional AML possibilities.

An example of an AML consortium approach would be the Blockchain, Cryptocurrency, and Anti-Money Laundering event held this past August in Toronto, Canada. This conference was attended by over 100 individuals from major financial institutions, law enforcement, regulatory bodies, and the blockchain industry. Speakers included Michael Perklin of LedgerLabs, a blockchain consulting forensic investigation company hired to investigate the $70 million (USD) Bitfinex hack, and former White House Deputy Press Secretary Spokesperson Jamie Smith, of Bitcoin infrastructure provider, BitFury. 

Additionally, also at the event was Alan Cohn of the Blockchain Alliance. Cohn previously served in senior policy positions at the U.S. Department of Homeland Security (DHS) for almost a decade.

The Blockchain Alliance is a U.S.-based public private forum consisting of a broad coalition of companies and organizations that have come together with a common goal— to make the blockchain ecosystem more secure and to promote further development of this transformative technology. The alliance aims to increase blockchain and cryptocurrency knowledge, in the hopes of increasing investigative effectiveness amongst law enforcement agencies. 

Looking ahead

This year saw blockchain, and to a lesser degree cryptocurrencies, emerge from the shadows of the internet with one being more celebrated than the other. However, while the excitement of blockchain technology trickles through banking and non-banking institutions alike, AML professionals continue to be directly affected by both.

The financial crisis of 2008, and its increased focus on regulatory requirements, have transformed AML professionals into the metaphorical gatekeepers of growth and opportunity for international financial institutions.

Successful regulatory AML adherence allows for any proposed changes, by way of blockchain technology, to be responsibility realized. This heightened sense of responsibility requires AML professionals to be thinking ahead, and critically, as they will be on the first line of the blockchain revolution, should it take hold.

However, the role of an AML professional, with respect to blockchain technology, does not stop at being a thought leader.

AML professionals have actually faced the task of mitigating material risks posed by blockchain technology for the better part of the past five years, as the rise of blockchain technology’s first use case, cryptocurrency, continually intersected with traditional financial institutions.

The AML community will be able to build on the cryptocurrency experience to find ways to accommodate compliance necessities to the broader blockchain risk management framework to accommodate new technologies.

About the author

Joseph Mari is Senior Manager of Major Investigations in the Anti-Money Laundering Financial Intelligence Unit (AML FIU) at Bank of Montreal. He is responsible for coordinating complex cross-compliance investigations on an international client base, as well as leading risk intelligence initiatives associated with money laundering and terrorist financing. Additionally, Mari is an in-house subject matter expert on blockchain and cryptocurrency, with particular focus on regulatory issues.

If you found this valuable, check out our other Compliance and Blockchain articles on

Joseph Mari

Joseph Mari is the senior manager of major investigations in the Anti-Money Laundering Financial Intelligence Unit (AML FIU) at Bank of Montreal. He is responsible for coordinating complex cross-compliance investigations on an international client base, as well as leading risk intelligence initiatives associated with money laundering and terrorist financing. Additionally, Mari is an in-house subject matter expert on blockchain and cryptocurrency, with particular focus on regulatory issues.

back to top


About Us

Connect With Us