Why Do We Need AML?

Why Do We Need AML?

Within the crypto community, many people express negativity toward KYC (Know Your Customer) and AML (Anti-Money Laundering) procedures. There are a variety of reasons for this, but much of this stems from the underlying reality that the results of Suspicious Activity Reports (SARs) are never publicized.

The existing legal framework does not allow for the release of SAR details, leading some people to believe that the system fails at its task of reducing financial crime. Unauthorized disclosure of a SAR is a federal crime with significant penalties.

These confidentiality rules apply to financial institutions as well as their current and former directors, officers, employees, agents, and contractors. Beyond financial institutions, SAR confidentiality also applies to government agencies.  

Why all the confidentiality?

“Unauthorized disclosure of SARs could undermine ongoing and future investigations by tipping off suspects, deterring financial institutions from filing SARs, and threatening the safety and security of institutions and individuals who file such reports.”

This is very similar to whistleblower rules and anonymous tips. To encourage individuals and entities to report illegal activities, they must be ensured of protections from those they are reporting. Without those protections, reporters may be too fearful to report, causing significant harm to investigations.

This poses a formidable challenge: how do financial intelligence units (FIUs) like FinCEN encourage reporting while being able to protect the reporters? The answer today is a combination of requirements for reporting along with penalties for failure to report.

Unfortunately, many in emerging financial markets see this government black box as suspicious. FinCEN’s success stories are vague—remember, the purpose for this is confidentiality—and do not show a clear path from the SAR through law enforcement agencies to indictment.

What, then, happens with the more than 2 million SARs filed each year with FinCEN?  

FinCEN provides both direct and indirect access to law enforcement throughout the United States and with countries of the Egmont Group. These law enforcement agencies use the FinCEN data to help build existing cases or open new cases against financial criminals and criminals engaged in crimes with financial benefit as listed in the BSA (Bank Secrecy Act), the USA PATRIOT Act, and by FATF (Financial Action Task Force).

These crimes include terrorism and terrorist financing, insider trading, money laundering, tax crimes, human trafficking, sexual exploitation of women and children, extortion, counterfeiting, bribery and corruption, organized crime, drug trafficking, and many others.

The data submitted by a financial institution through a SAR is unlikely to be an entire case, but might be a key piece of evidence in bringing charges against these sophisticated criminals. Without the support of financial institutions in reporting this data, many of these crimes would go undetected or unprosecuted.

Financial institutions play a key role in assisting law enforcement in identifying and prosecuting financial and terror-related crimes. Without the efforts of AML and KYC professionals around the world, identifying and preventing such crimes would not be possible.

About iComply Investor Services Inc.
iComply Investor Services Inc. (iComply) is an award-winning software company focused on reducing regulatory friction in the capital markets. With powerful data, verification, tokenization solutions, iComply helps companies overcome the cost and complexity of multi-jurisdictional compliance to effectively access new markets. Learn more: iComplyIS.com

Seven Myths About Security Tokens

Seven Myths About Security Tokens

As blockchain technology continues to mature, issuers today can launch a security token more efficiently than ever. However, while there are many tools on the market that can help you issue a token as a security, most of these tools fall short, leaving issuers to handle the liability and token compliance on their own once the asset has been sold.

This article should not be considered legal advice, but will hopefully shed light on a few important questions as well as examine seven key myths that we see persist among management teams planning to issue a token.  

1. Securities Legislation Targets Issuers

Securities legislation doesn’t exist to make the life of an issuer difficult—tokenized security or otherwise. Regulators have a duty to ensure market stability and, more importantly, investor protection. This means that what matters to regulators is not whether the issuing business is headquartered in the U.S., Singapore, Switzerland or anywhere else, but rather whether a U.S. citizen is able to own the asset. The responsibility falls on the issuer, as well as their advisors, to ensure that their tokens are not held by U.S. investors.

2. Compliance Continues After The Sale

Compliance is not about checking off boxes—it isn’t a form or application that can be filled out, submitted, and later tossed into the trash never to be seen again. Compliance is an active and stringent regulatory mechanism that is favourable to both issuers and investors.

This is easier to manage when assets are controlled by broker-dealers or other centralized entities but becomes increasingly difficult to manage when these assets are decentralized, moving peer-to-peer or being exchanged on one of dozens of crypto exchanges. Research shows that $2.5 billion of dirty Bitcoin alone has been laundered through these platforms.

The token launch market has had an especially hard time with this concept, as many ICO and STO platforms claim to help you with launching your token or coin, often brazenly plastering “compliant” across their sites and messaging without following these regulations themselves. Once your project has created and issued a digital asset, it is your responsibility and liability to ensure it stays compliant with regulations in perpetuity.

iComply offers compliance solutions for token issuers, including KYC/AML,
audited smart contracts, and access to leading legal, tax, and
business development support for over 150 countries.

3. The Reach of A Regulator Stops at the Border

While issuers have free rein on where they plan to launch their token, even more critical is where the investor is located and whether or not the token is considered a security by the standards of the regulatory bodies in question. (It is not based on whether the issuer decides to name it an ICO, TGE, STO, or otherwise.)

If the SEC determines the token is indeed a security, very likely action will be taken sooner or later to protect U.S. investors. Potential steps towards remediation may include rescission offers, forking or burning problematic tokens, and self-reporting to the SEC. The tokens created in traditional coin offerings are simply not capable of meeting these requirements and may need to be replaced or rehabilitated before they can continue to be traded without regulatory action.

Did you launch a token that is now facing regulatory action?
iComply offers compliance rehabilitation software to transform previously issued tokens into compliant security tokens.

Interestingly, the SEC’s very first investigation into blockchain finance was of The DAO, an entity situated outside U.S. borders. As such, issuers should have a strong understanding of jurisdictional boundaries and the movement of tokens on peer-to-peer networks (including secondary trading); once a token has been issued to an investor, the responsibility of that token remains with the issuer.

4. I Have a Legal Opinion Letter

The Howey Test, developed in 1948, is the standard the SEC uses to determine what is considered a security and what is not. Certain metrics of the Howey Test, such as ‘the expectation of profit’, are centered on the expectations of investors rather than those of the issuers. Some of the critical factors with the potential to create an expectation of profit are:

  • selling the token at a discount (i.e.: during the presale),
  • using a fungible token, such as an ERC20, versus the non-fungible ERC721, and
  • listing the token on an exchange for secondary trading.

The hard reality is that a simple opinion letter stating why your lawyer thinks your token is not a security bears little weight when (not if) your token or coin is audited by regulators. While regulators in various markets may use slightly different tests, the fundamentals are often quite similar. It doesn’t matter what you call it . . . as the saying goes, if it looks like a duck and quacks like a duck, it just might be a security token.

5. The Best Advisors are Credentialed Experts, Gurus, and Influencers

While experts, gurus, influencers, and advisors abound in the blockchain industry, many of the best resources available tread much more carefully. Top securities lawyers have struggled with the nuances of structuring sound offerings, and experienced accountants have only recently begun to achieve clarification on FIFO vs LIFO (First In First Out vs Last In First Out).

In a market this young, there are few players who can provide the extensive legal knowledge required to navigate the space. This does not mean consultants aren’t available, but rather that due diligence is critical, and it is imperative that the team you build around your offering have the resources and experience to make your token offering successful.

Despite this uncertainty, many of these service providers have been taking on clients in droves, not because they have the expertise but because of a booming market and the opportunity to make good money. Unfortunately, an opinion letter from your lawyer will not protect you; issuers are still liable, and a lawyer will (often) be more than willing to continue collecting legal fees in order to represent that same client, should things go awry. 

6. We Can Wait for the Regulators to Catch Up

As we saw when Mark Zuckerberg, in his testimony to Congress, explained some of the most basic elements of Facebook to a perplexed room of lawmakers, technology clearly has the ability to advance far faster than the laws that govern it. So it is unsurprising that new laws and regulations have not yet been created to solve these problems. Lawmakers and regulators must navigate this uncharted territory with caution.

There have been countless demands for regulators to define a new global framework for tokens—alas, it seems unlikely that a consensus will be reached anytime soon. Fortunately, technology can be used today to achieve the same result by enabling decentralized assets to adhere to current regulations.

We created the iComplyICO platform and Prefacto™ technology to meet this need, to automate and decentralize these processes, providing efficiency and a global reach of decentralized finance while maintaining the compliance standards of traditional finance. If you are looking to launch a token, you can use the iComply platform to manage an unlimited number of offerings, access professional advisors, and connect with investment partners.

7. If It is Not a Security, It is Not Regulated

This may be one of the most prevalent myths about token offerings today. The truth is that the SEC’s jurisdiction is securities. If it is not a security, then what is it? A smart contract could represent rights—or be the actual asset itself—to a security, commodity, or consumer good. Each of these comes with their own regulatory restrictions.

However, regulatory oversight and legislation are only a small piece of the legal puzzle. In the U.S., multiple law firms have filed class action lawsuits on behalf of investors for violations of the Securities Act, and the SEC has begun taking action on those issuers selling unregistered securities, committing fraud, false advertising, and more. While companies that issued their tokens in the early days of the craze did not have decentralized compliance solutions available to them, issuers today do.

Looking Forward

While this list is far from exhaustive — and should not be construed as legal opinion or advice — it details some of the aspects of token issuance that you should be mindful of as you consider this exciting new technology as a way to raise capital, engage your community, and reach new markets.

For these new and future issuers, we are likely to see more and more tokens issued in compliance with current regulations, unlocking the doors to institutional investment, larger raises, and more innovative ideas reaching fruition worldwide. Onwards!

Looking for an end-to-end token management studio?

iComply’s token compliance platform, Prefacto enables issuers to capture the value of blockchain asset management with multi-jurisdictional compliance automation for over 150 countries.

Book a demo with one of our specialists to learn more.

About iComply Investor Services Inc.
iComply Investor Services Inc. (iComply) is an award-winning software company focused on reducing regulatory friction in the capital markets. With powerful data, verification, tokenization solutions, iComply helps companies overcome the cost and complexity of multi-jurisdictional compliance to effectively access new markets. Learn more: iComplyIS.com

5 Takeaways from the SEC Statement on Digital Asset Securities Issuance and Trading

5 Takeaways from the SEC Statement on Digital Asset Securities Issuance and Trading

Recently the U.S. SEC’s Division of Corporation Finance, Division of Investment Management and Division of Trading and Markets released a statement following the enforcement actions against companies Airfox, Paragon, CryptoAsset Management, TokenLot, and the founder of EtherDelta.

The statement began with a clause emphasizing that while it encourages such advancements, these individuals and companies must still adhere to the federal securities laws that govern the nation when they are applicable.

The issues touched on in the statement fall into the below categories:

  • Initial offers and sales of digital asset securities
  • Those who advise others about investing in digital asset securities
  • Investment vehicles investing in digital asset securities
  • Secondary market trading of digital asset securities
  • Reporting standards for issuers of digital assets

Here are five key takeaways from the Commission’s statement:

  1. Read, Repeat and Remember these Two Questions

When is a digital asset a security for purposes of the federal securities laws?
If a digital asset is a security, what commission registration requirements apply?

Under the first category, Initial Offers and Sales of Digital Asset Securities, the Commission states all of their actions to date have focused on these two questions, and both AirFox and Paragon received settled orders from the Commission due to lack of compliance with federal securities laws relating to these questions.

The Result? Their unregistered offerings of tokens have resulted in both companies:

  • Paying penalties
  • Receiving requirements to register the tokens as securities under Section 12(g) of the Securities Exchange Act of 1934
  • Being required to file periodic reports to the Commission
  • Being required to compensate investors who purchased tokens if they choose to make a claim
  1. The Crypto Asset Management Order

The Crypto Asset Management order was given to a hedge fund manager for failing to comply with federal securities law. Not only did the hedge fund manager fail to properly register the fund as an investment company but also knowingly made misleading statements to investors in the fund, violating anti-fraud provisions of the Investment Advisers Act of 1940.

The statement moves on to address the facilitation of electronic trading due to the advancements in blockchain and distributed ledger technology.

  1. Exchanges

“Any platform that promotes trading of digital asset securities between two parties” is an “exchange” and must register with the Commission as a national securities exchange or be exempt from registration.

EtherDelta’s founder received an order for failing to register the platform as an exchange. In the Commission’s eyes, EtherDelta served as a hub (or marketplace) for buyers and sellers of digital asset securities.

In this case, the Commission stated this was a CLEAR violation. EtherDelta’s choice to represent themselves through distributed ledger technology does not eliminate the fact that they essentially operate as an exchange.

  1. Even Though You May Not Be an Exchange, Broker-Dealer Registrations Are Still Required

The Commission’s order to TokenLot stated that the company was a self-described “ICO Superstore” which legally exemplifies as a broker-dealer relationship. Though not necessarily an exchange, TokenLot facilitates transactions in digital asset securities and under the Exchange Act is required to register as such.

  1. Legal Counsel Concerning the Application of Federal Securities Laws is Recommended

The statement concludes with encouraging words to the community about their support of innovation but also highly recommends that any entity employing new technologies seek legal counsel around the area of federal securities laws, and contact Commission staff, as necessary, for assistance.

Ultimately, what can be gained from this statement is that the U.S. SEC has taken proactive steps toward correcting the current Token landscape to ensure that Tokens are functioning legally and ensuring investor protection. Security token offerings (STOs), exchanges, broker-dealer relationship platforms and investment vehicles investing in digital asset securities should make registration and compliance a priority to avoid strong penalties similar to those faced by Airfox, Paragon, CryptoAsset Management, TokenLot, and the founder of EtherDelta.

Learn how iComply can help you adhere to global compliance, securities, AML, and privacy regulations in over 150 countries.

About iComply Investor Services Inc.
iComply Investor Services Inc. (iComply) is an award-winning software company focused on reducing regulatory friction in the capital markets. With powerful data, verification, tokenization solutions, iComply helps companies overcome the cost and complexity of multi-jurisdictional compliance to effectively access new markets. Learn more: iComplyIS.com

iComply Releases OFAC Screening For 6 Major Cryptocurrencies

iComply Releases OFAC Screening For 6 Major Cryptocurrencies

iComply Offers OFAC Screening for Sanctioned Bitcoin and Crypto Addresses

On November 28, 2018, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) added its first bitcoin addresses to its public list of sanctioned individuals and entities. iComply is capable of screening these addresses to ensure compliance for decentralized finance and assets

Vancouver, B.C. – November 29, 2018 – iComply Investor Services (“iComply”), a leading RegTech platform for global digital finance and cryptocurrencies offers comprehensive blockchain forensic screening to address risks related to blockchain addresses, including sanctions screening, fraud, theft, and cyber-security.

On November 28, 2018, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) added multiple Iranians and their bitcoin addresses to the Specially Designated Nationals (SDN List) for laundering the bitcoin proceeds from the infamous SamSam ransomware scheme. This is the first instance of OFAC adding a cryptocurrency address to their public list of sanctioned individuals and entities.

“Agencies such as OFAC protect the integrity of financial markets, warning companies about individuals or companies that may pose a risk to their business. We developed our RegTech software, iComply, to make it possible to screen for these kinds of threats in both centralized and decentralized finance to address the unique risks when financial assets are traded using public blockchains. Currently, our solution supports Bitcoin, Ethereum, Ethereum Classic, Litecoin, Dash and Bitcoin Cash,” said Qayyum Rajan, Chief Data Officer, of iComply Investor Services Inc.

iComply’s solution addresses risks related to blockchain addresses and the trading of financial assets using public blockchains, this is an integral process that is complementary to traditional AML/KYC for fiat. Institutions can query addresses to achieve financial grade compliance around the individuals and entities that it transacts with.

“As blockchain is increasingly used for mainstream finance, it is integral to enforce regulatory compliance not just for the individual and entity but also for the transactions themselves,’ added Rajan. “While there has been a lot of talk about the Howey test to determine whether a token is subject to securities laws, institutions such as OFAC are now also enforcing criminal liabilities once these assets are trading.”

-##-

Looking for financial grade KYC and AML in an enterprise ready API?

iComply offers global screening for humans, corporations, and blockchain transactions in a single REST API.

Book a demo with one of our specialists to learn more.

About iComply Investor Services Inc.
iComply Investor Services Inc. (iComply) is an award-winning software company focused on reducing regulatory friction in the capital markets. With powerful data, verification, tokenization solutions, iComply helps companies overcome the cost and complexity of multi-jurisdictional compliance to effectively access new markets. Learn more: iComplyIS.com

U.S. Justice Department Uses Blockchain Forensics In 13-Year Jail Sentence

U.S. Justice Department Uses Blockchain Forensics In 13-Year Jail Sentence

U.S. Justice Department Uses Blockchain Forensics In 13-Year Jail Sentence

A woman in New York was sentenced for funding ISIS through a virtual asset payment processor.

What Happened?

November 26, 2018: Zoobia Shahnaz, from Long Island, was caught providing material support of over US$150,000 to known ISIS-fronts in the countries of Pakistan, China, and Turkey.

Zoobia fraudulently acquired credit card numbers and used them online to purchase over $60,000 worth of bitcoin (BTC) and other cryptocurrencies between March and June 2017. The funds were transmitted via wire transfer.

Zoobia was apprehended at John F. Kennedy airport in July 2017 while attempting to board a flight to Istanbul. Authorities suspect she was trying to find a backdoor into Syria to join ISIS.

Source: https://www.justice.gov/opa/pr/new-york-woman-pleads-guilty-providing-material-support-isis

Who Is Impacted?

Payment processors facilitating virtual asset transactions.

Why This Matters?

Authorities today are using blockchain analysis tools to trace the origin and transfer history of blockchain assets, including cryptocurrencies like bitcoin. These tools, when used to identify the source of funds, are capable of fighting fraud and the financing of terrorism, like in the case of Zoobia Shahnaz from New York.

Anyone participating in the value-chain of digital assets plays a role in combatting this kind of online fraud. Trading Platforms, Payment Processors, OTC Brokers, and Money Services Businesses bear the responsibility of identifying their customers, monitoring their transactions, and reporting suspicious activity.

What’s Next?

With the appropriate KYC and AML tools in place, fraud by stolen credit card can be prevented in the future. Had a live face match been performed on Zoobia when she tried to use someone else’s stolen personal credit information, it is unlikely she would have able to acquire the cryptocurrency she used in her scheme.

learn more

Is your AML compliance too expensive, time-consuming, or ineffective?

iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.

Request a demo today.

Special Report: The Compliance Trilemma for Digital Assets

Special Report: The Compliance Trilemma for Digital Assets

A cross-disciplinary research team from the University of British Columbia (UBC) conducted an industry study spanning the compliance, assurance, and technology requirements that financial institutions, legal and accounting firms need to see in place before digital assets can be used at scale in their sectors. Hundred of hours of interviews with industry experts across 13 leading financial jurisdictions explored the past, present, and future state expectations that are blocking the industry adoption of digital assets, security tokens, tokenized payments, and digital identity from diverse perspectives.

iComply Investor Services Inc, in partnership with the Government of Canada, Mitacs, and the University of British Columbia commissioned the study in order to better understand the challenges that token issuers face to meet the regulatory standards for issuing and tracking digital assets. Currently, these projects face significant barriers that result in trade-offs – hindering the true potential of blockchain managed assets. The research collaboration was supported by Mitacs’s Accelerate Program.

The Findings:

The use of blockchain technology allows token issuers to efficiently gain access to global customers, partners, and capital.

Key Challenge: The burden of the cost of regulation

Challenges broadly stem from the cost of complying with regulation. In 2017 there was significant ambiguity surrounding whether and how digital assets were regulated, and many issuers neglected this dimension altogether. While a large number of issuers were well-intentioned, others could not resist exploiting the prospect of unlimited access to global investors. Early offerings could often raise more with savvy marketing than a well-reasoned project plan, and a large number of early token offerings were little more than Ponzi schemes. Today, regulatory clarity and enforcement are essential if tokenized securities are to become a safe and legitimate fundraising mechanism.

The study found that issuers currently face a compliance trilemma, whereby they can realize only two of the following three goals in their token offerings:

  • Cost-effectiveness
  • Widely distributed investors
  • Regulatory compliance

While we focus here on ICOs, the compliance trilemma also holds more generally for other decentralized finance practices involving cryptoassets including ICOs, STOs, TGEs, and IEOs.

To date, issuers have adopted various approaches to address the trilemma:

  • Sacrificing compliance by directly defying regulators and hoping to fly under the radar
  • sacrificing the scope of investment by restricting token sales to a limited group of investors
  • Compromising on all three dimensions in a hybrid approach
  • Forgoing a token offering entirely until this becomes more cost-effective

However, each of these current approaches is sub-optimal, and a solution is needed to the compliance trilemma.

The study also explored how industry experts expected the compliance trilemma to be resolved and found that the majority tended to advocate new regulatory rules and definitions that could relax what they see as the “burden” of compliance on issuers. Such an approach places the onus squarely on regulators, who would need to coordinate within and across jurisdictions to reach a coherent regulatory framework that appeases the challenges and costs of compliance for issuers. However, we argue that holding regulators solely accountable for the compliance trilemma is incomplete and misguided, and that other approaches are needed to reduce the costs and uncertainties of regulatory compliance.

 

Read the research by downloading the report here

 

About iComply Investor Services Inc.
iComply Investor Services Inc. (iComply) is an award-winning software company focused on reducing regulatory friction in the capital markets. With powerful data, verification, tokenization solutions, iComply helps companies overcome the cost and complexity of multi-jurisdictional compliance to effectively access new markets. Learn more: iComplyIS.com

Vaidyanathan Chandrashekhar

Vaidyanathan Chandrashekhar

Advisors

“Chandy,” is a technology and risk expert with executive experience at Boston Consulting Group, Citi, and PwC. With over two decades in financial services, digital transformation, and enterprise risk, he advises iComply on scalable compliance infrastructure for global markets.
Thomas Linder

Thomas Linder

Advisors

Thomas is a global tax and compliance expert with deep specialization in digital assets, blockchain, and tokenization. As a partner at MME Legal | Tax | Compliance, he advises iComply on regulatory strategy, cross-border compliance, and digital finance innovation.
Thomas Hardjono

Thomas Hardjono

Advisors

Thomas is a renowned identity and cybersecurity expert, serving as CTO of Connection Science at MIT. With deep expertise in decentralized identity, zero trust, and secure data exchange, he advises iComply on cutting-edge technology and privacy-first compliance architecture.
Rodney Dobson

Rodney Dobson

Advisors

Rodney is the former President of ADP Canada and international executive with over two decades of leadership in global HR and enterprise technology. He advises iComply with deep expertise in international service delivery, M&A, and scaling high-growth operations across regulated markets.
Praveen Mandal

Praveen Mandal

Advisors

Praveen is a serial entrepreneur and technology innovator, known for leadership roles at Lucent Bell Labs, ChargePoint, and the Stanford Linear Accelerator. He advises iComply on advanced computing, scalable infrastructure, and the intersection of AI, energy, and compliance tech.
Paul Childerhose

Paul Childerhose

Advisors

Paul is a Canadian RegTech leader and founder of Maple Peak Group, with extensive experience in financial services compliance, AML, and digital transformation. He advises iComply on regulatory alignment, operational strategy, and scaling compliance programs in complex markets.
John Engle

John Engle

Advisors

John is a seasoned business executive with senior leadership experience at CIBC, UBS, and Accenture. With deep expertise in investment banking, private equity, and digital transformation, he advises iComply on strategic growth, partnerships, and global market expansion.
Jeff Bandman

Jeff Bandman

Advisors

Jeff is a former CFTC official and globally recognized expert in financial regulation, fintech, and digital assets. As founder of Bandman Advisors, he brings deep insight into regulatory policy, market infrastructure, and innovation to guide iComply’s global compliance strategy.
Greg Pearlman

Greg Pearlman

Advisors

Greg is a seasoned investment banker with over 35 years of experience, including leadership roles at BMO Capital Markets, Morgan Stanley, and Citigroup. Greg brings deep expertise in financial strategy and growth to support iComply's expansion in the RegTech sector.
Deven Sharma

Deven Sharma

Advisors

Deven is the former President of S&P and a globally respected authority in risk, data, and capital markets. With decades of leadership across financial services and tech, he advises iComply on strategic growth, governance, and the future of trusted data in AML compliance.