Praescient Analytics utilizes advanced software platforms and sophisticated workflows to help our clients investigate money laundering and fight back against illicit finance. Bitcoins, a form of digital currency, have recently been at the center of many high-profile financial fraud events. But what are the real challenges with this currency? And what other forms of illicit finance are on the rise? I spoke with Praescient Analyst Consultant Norm Vujevic, currently supporting our clients investigating money laundering activities, to find out more.
Charlotte: How has the use of money laundering with Bitcoin tarnished its reputation? What are some of the positive aspects of this digital currency?
Norm: Bitcoin is a digital cryptocurrency and because of that it is not associated with the federal government. So there is definitely a fear that it is used primarily for illicit finances – which is not the case.
For starters, there is a cap on Bitcoins. Theoretically, there can only be 21 million Bitcoins. In the world of big data that’s not too shabby; you can envision a situation where those can easily be fully monitored. Currently there are 14 million Bitcoins, so it has almost grown to where it is capped out. Right now, there are only about 130,000 Bitcoin transactions per day. It is really just a tiny drop in the bucket, I don’t know that it even makes a splash in the financial world.
Another thing to keep in mind is that Bitcoin doesn’t use trusted third parties to make transactions. With traditional money you use a trusted third party like a bank or an agency to store, ledger the money, and transport it for you. But with trusted third parties there is a lot of room to modify the ledger – “cooking the books” as you might hear in the movies. With Bitcoin, it isn’t tied to any trusted third party source. It is actually linked to something called Blockchain, which is basically a public bookkeeping ledger that anybody can see at any time. The fact that it is open and public like that makes it less favorable for illicit finance. But ultimately, where you have people you are going to have them doing illicit things. So Bitcoin might be ideal for some criminal networks, but it is not for others.
C: How do fraudsters get around the fact that all Bitcoin transactions are public?
N: There are a lot of techniques for laundering. Maybe one of the neatest ones, although it is probably not used very often, is called a Bitcoin blender. Here is how traditional money laundering works: let’s say I want to send you $100 and we’re laundering this money for a particular reason. Instead of sending the money directly to you, I am going to try to “smurf” it – breaking it up into small (smurf size) increments. That’ll allow me to send it to a bunch of different sources and try to make it not look like a pattern. There are many different ways of smurfing. I could go to ten different banks on the same day and deposit chunks of money. Or I could break up those deposits over time. Eventually, that money will coalesce and end up back into your wallet.
In the blender world, what you can imagine happening is that there is a group of people who want to hide their money and all send it to a universal pool. So that $100 that I want to send you goes into the Bitcoin blender and now it is in this pot of money that, in theory, 10s of thousands of people might be using. Then, on a date and time that I set into my blender software that money will pop out and land in your account. It will have touched all those thousands of people on the way from to you, so it looks like tons and tons of transactions.
C: How does the decentralized nature of Bitcoin complicate things for investigators? What kind of opportunities are there for investigations given that the accounts and software need to be housed on servers and other individual machines?
N: If you already have a target, that de-anonymizes that target’s interaction in the beginning. So if I know that on one end Norm transmitted that $100, I can use the Blockchain to find every one of those transactions to get all the way to you. I might not know who you are because you are represented by some alphanumeric number, but it is de-anonymized by one link so it is almost like dominoes at that point.
Many users of Bitcoin aren’t aware that every transaction that happens digitally is going to be in that Blockchain. Anyone can check out the website, it is blockchain.info. You can literally live-fire watch every Bitcoin transaction that takes place. So some users who are savvy to this feature could get around this in a few ways. They could put Bitcoins on a hard drive, unplug that from the network, and put it in a truck and drive down the street and physically hand you the hard drive.
The other big challenge of Bitcoin is translating the digital currency to something useful in the real world. If you “hand me” .003 Bitcoins can I go down to Burger King to spend it? Probably not. So somewhere along the line, someone is going to want their money in a form that they can spend it. This end point of the transaction can also be an opportunity for anti-money laundering investigations.
Another problem with blenders that exists is that, to help anonymize the transactions, sometimes there will be requirements like fees. But the original amount of money will be sent at the other end of the transaction. That makes it so that the transactions don’t add up. Mr. Cartel Leader who wants my $100 wants that $100 and no less. That structure almost eliminates the purpose of using this currency to launder money because it establishes a really clear pattern.
C: We know underground sites can be havens for money laundering and other forms of illicit finance, but what are some normally legitimate venues that can be subverted for this purpose?
N: I really haven’t heard of too many at this point, unlike the Greendot preloaded debit card scam which we can talk about in a moment. You’re pretty safe with using Bitcoin. Say you’re a car dealership and you wanted to accept Bitcoin – that’d be no problem. But really the problem for legitimate buyers and sellers happens when the Bitcoins they use were at one point involved in illicit finance.
With cash, even if the bills themselves were involved in some kind of illicit transaction in the past, the government won’t come and take the money away. They might take those specific bills for evidence, but they will give you back an equal amount of money. But with Bitcoin, since it is not considered a currency by the government, it can be treated the same as any other physical good that is bought or sold. It’s similar to how a firearm used in a robbery can be seized from an individual who purchased the weapon from a pawn shop down the line. So if an illegal Bitcoin goes into a blender there could be a precedent from the government to go in and take that entire network down. So even a totally innocent user could get rolled up in a case where you and everyone else lose their Bitcoins. But that could change in the future if there is a court case that says “hey, you took my Bitcoins, it wasn’t my fault, that’s my currency and I want my money back.”
C: Fraudsters are increasingly taking advantage of reloadable debit cards like Greendot. Can you tell me more about how these work – and what some of the methods are for detecting this type of fraud?
N: Greendot is a little tougher, because it is a physical entity. Let’s imagine a scenario: you’re a prisoner and you’re not able to transfer money from inside a corrections facility. So you might have a proxy do that for you. Maybe you’re trying to buy some cigarettes from another prisoner and they cost $100. But you can’t actually exchange money, because prisoners aren’t allowed to carry it. So we have our proxies on the outside do the exchange. If one of those people takes the money and preloads it onto a Greendot debit card, the other party can cash that out at an ATM whenever they feel like it. This characteristic makes investigation difficult because it breaks away from time and geospatial patterns. So with this method someone could take those cards, or load money onto other cards, and fly them over to another country and cash them out there. This makes things more difficult to trace.
C: What type of workflows have you and other Praescient Analyst Consultants enabled to fight these kinds of fraud?
N: We take large chunks of data with the software that we have available and import it into our analysis platform. With the case of Bitcoin, we can see that entire transaction chain. We can then bring in more data from other target sources and build networks. You can then evaluate the strength of each connection in the network. We use mathematics and different metrics to support that analysis, which leads to you the the right questions. So maybe it’d lead you to the right phone numbers to investigate, which person to subpoena, which doors to knock on. This is how Praescient augments the abilities of our clients when it comes to fighting fraud.
Praescient Analytics is a Veteran-Owned Small Business that delivers training, data integration, platform customization, and embedded analytical services in partnership with leading technology providers. Praescient’s teams of analysts and engineers provide comprehensive solutions to federal and commercial clients engaged in critical defense, law enforcement, intelligence, cyber security, financial, investigative, and legal analytics missions.
Charlotte Stasio is Praescient’s Communications Specialist.