Virtual Asset Mining

The rise in digital assets’ popularity over the last decade has attracted its fair share of illicit actors. Prized for their ease of use and perceived relative anonymity, digital assets such as Bitcoin have become targets for sanctions evaders, criminal enterprises, narcotraffickers and terrorist networks. North Korea, for example, has stolen billions of dollars’ worth of cryptocurrency in the past five years, in part to fund its WMD programme. Consequently, regulatory, monitoring and enforcement agencies have had to set their sights on addressing the often overlooked space between traditional finance and cryptocurrency. Despite modest progress addressing key vulnerabilities that cryptocurrency creates for global finance, the dynamic and rapidly changing nature of digital assets requires new thought about risk and sources of risk.

One increasingly difficult problem for regulatory and monitoring authorities is how to address and mitigate risks associated with cryptocurrency mining (the processes used to verify transactions). Unlike traditional cryptocurrency exchanges, mining typically falls outside the scope of anti-money-laundering (AML) regulatory authorities and can provide illicit actors with a stream of nearly anonymous – and possibly unlimited – revenue. Unfortunately, discussions on how to best mitigate these risks is largely absent from broader policy discussions on regulating and monitoring digital assets.

This paper, intended for policymakers and those with compliance obligations, seeks to broaden the discussions of risk around cryptocurrency by providing a typology of risks related to cryptocurrency mining. The objective is not to provide an all-encompassing snapshot of cryptocurrency mining activities, but to offer a general framework for policymakers to consider and mitigate a range of risks that may not be immediately apparent. The paper also places the described typologies within the context of recent or emerging regulatory and enforcement actions, to highlight gaps and challenges.

The paper concludes with a series of recommendations aimed at mitigating risks and addressing regulatory and monitoring shortfalls in relation to cryptocurrency mining, consistent with global AML standards. These include, for example, modifying registration requirements for commercial and remote mining enterprises so that they fall under the purview of regulatory frameworks, despite outstanding questions over custody of cryptocurrency.

It is abundantly clear that illicit actors have focused in on the usefulness of cryptocurrency, and it is quite likely that cryptocurrency will feature in financial crime for decades to come. Given the uniqueness, novelty and rapidly evolving nature of the digital assets industry, however, it is critically important that policymakers continue to think outside the box, re-examine previously held assumptions about the nature of risks associated with cryptocurrency – including mining – and continuously adapt regulatory and monitoring frameworks in response to emerging risks.

INTRODUCTION

What was once considered a fringe, novel technology, virtual assets – that is, cryptocurrencies such as Bitcoin – now have a global market capitalisation of more than $1 trillion. The sheer scale and scope of the cryptocurrency industry, paired with regulation and monitoring challenges, have created, over the past decade, opportunities for illicit state and non-state actors to facilitate financial crimes, including sanctions evasion, money laundering and terrorist financing, among others, using cryptocurrencies.

In 2018, the Financial Action Task Force (FATF), the international organisation responsible for setting anti-money-laundering (AML) and counterterrorist-finance (CTF) standards, set about addressing threats posed by digital assets to the international financial system. However, despite the introduction of several new requirements, including a requirement for virtual asset service providers (VASPs) to be “regulated for (anti-money laundering and countering the financing of terrorism) AML/CTF purposes, and licensed or registered, and subject to effective systems for monitoring … or supervision”, key vulnerabilities and gaps remain.

One of these gaps is cryptocurrency mining, which is generally not covered by AML rules and regulations. Mining cryptocurrency is the process by which users verify the accuracy of transactions on a blockchain and are subsequently rewarded for their efforts with newly minted cryptocurrency. Due to the fundamental design of this decentralised process, little in the way of information is available to national authorities on who has “mined” cryptocurrency.

Because there is very little in the way of transparency on miners, mining has attracted illicit actors ranging from narcotics traffickers to sanctions evaders such as North Korea. In 2019, for example, a report by the UN Panel of Experts on North Korea found that the country engaged in mining cryptocurrencies to generate revenue for its military programmes.

This paper offers jurisdictions a typology of laundering through cryptocurrency mining. The objective is to increase overall awareness of money-laundering and proliferation-finance risks posed by mining, as well as guidance on how to best address these threats from a legal and regulatory perspective. Although this paper is not meant to be comprehensive, it aims to expand on these identified threats so that jurisdictions can detect vulnerabilities in their financial systems and form risk mitigation strategies.

The paper first outlines general financial crime risks associated with cryptocurrency mining that have occurred since Bitcoin’s start. Next, it presents a typology of cryptocurrency mining risks, designed to illustrate how illicit actors can take advantage of existing and emerging mining to facilitate money laundering and proliferation financing. Finally, the paper concludes with an analysis of the legal and regulatory challenges to responding to mining risks, and their implications.

Mining has attracted illicit actors ranging from narcotics traffickers to sanctions evaders

METHODOLOGY

The typologies outlined in this paper are based on a series of semi-structured interviews with public and private stakeholders, including representatives of VASPs, blockchain analytics companies, compliance specialists and academics.

These interviews, along with a review of relevant news articles, guidance released by international organisations and other law enforcement and regulatory actions, have helped to inform case studies and risk mitigation strategies.

UNDERSTANDING CRYPTOCURRENCY MINING RISKS

The FATF defines virtual assets as “a digital representation of value that can be digitally traded, or transferred, and can be used for payment or investment purposes”. Bitcoin, for example, one of the most recognised and earliest virtual assets, was first conceptualised in 2008 as a decentralised currency – that is, free of a central monetary authority.

A decentralised digital currency, however, faces a significant hurdle: without a central authority, how can users be assured that the record of transactions is complete and accurate? To solve this problem, Bitcoin and other similar types of cryptocurrencies use a “proof-of-work” model to validate and record transactions on a blockchain.

The blockchain, or ledger, consists of blocks of transactions linked together. In a proof-of-work model, a user, referred to as a cryptocurrency miner, employs computer processing power (or “work”) to solve a computationally complex mathematical problem that effectively ensures transactions are accurate and in the correct order – that is, that each new block is linked to the previous one.

This work, however, is not free. To incentivise users to keep the ledger accurate, miners are rewarded with cryptocurrency (such as Bitcoin). Miners compete against other miners to be the first to solve the complex problem and the first miner to do so is permitted to record the next block of transactions. Figure 1 illustrates how new blocks of transactions are added to a given blockchain that uses a “proof-of-work” model.

▲ Figure 1: Proof-of-Work Model. Note: An individual uses their computer processing power to solve complex mathematical problems, resulting in transaction verification on the blockchain. Source: Author generated.

Importantly, mining increases the overall supply of cryptocurrency. Minting new cryptocurrency through mining, however, creates several pernicious problems from a financial crime perspective. Namely, newly minted cryptocurrency is not easily linked to an individual. Because of this, mining cryptocurrency is an attractive target for enterprising criminal organisations, sanctions evaders and those looking to avoid law enforcement and intelligence agencies.

In 2019, for example, an investigation by Brazil’s Department of Narcotics uncovered a cryptocurrency mining operation as part of a drug enforcement investigation, shining a light on how criminal organisations are adapting to digital currencies. Similarly, in Argentina, there have been reports of crime associated with illicitly obtaining cryptocurrency mining equipment, either to launder funds or to make money from reselling the equipment at a lower price.

North Korea’s brazen cyber attacks against cryptocurrency businesses and applications, which have netted the country billions of dollars in cryptocurrency, are now well known. According to a 2019 UN report, North Korea has also been involved in mining cryptocurrency since at least May 2017. In February 2020, a cyber-security firm found that North Korea’s mining activity had increased at least tenfold since May 2019, based on an analysis of a North Korea-linked IP address.

While converting stolen cryptocurrency to fiat currency requires a multi-step laundering process that runs the risk of detection, mining, on the other hand, has the potential to generate a nearly anonymous revenue stream. The ability to generate practically decoupled revenue is an enticing lure to illicit activity. Indeed, as illustrated in the next section, there has been a significant increase in the scale and scope of illicit activity targeting the cryptocurrency mining process.

The mining industry, however, is not static. Much like virtual currency, mining encompasses rapidly changing and dynamic technologies. To better understand how illicit actors can exploit mining, the next section provides a series of typologies and case studies.

KEY CRYPTOCURRENCY MINING TYPOLOGIES

This section describes a range of available cryptocurrency mining typologies, which includes cryptojacking and remote mining. These methods pose a challenge to law enforcement and regulatory authorities because they involve an individual receiving newly minted cryptocurrency that is not tied to previous transactions, thus making user identification more difficult. Such coins can then be converted to fiat currency without detection of a criminal link on the blockchain. The fourth typology in this section focuses on cryptocurrencies that use a “proof-of-stake” transaction verification model. Although this model does not provide a viable laundering mechanism, it is a method that illicit actors can use to generate revenue.

TYPOLOGY 1: CRYPTOJACKING

Due to the steep costs of specialised equipment, or sometimes a lack of access to stable internet or power grids, criminals have turned to cryptojacking – the process of hijacking another user’s computer processing power to mine cryptocurrency without their knowledge.

In 2014, for example, a researcher used supercomputers funded by the US National Science Foundation (NSF – an independent federal government agency) to mine Bitcoin, resulting in his suspension from working with the US government. According to an audit report, “the researcher misused over $150,000 in NSF-supported computer usage at two universities to generate Bitcoins valued between $8,000 and $10,000”. Later, from 2017 to 2021, this illicit revenue generation method grew in popularity as demand and price for cryptocurrency increased.

Browser-based cryptojacking, or “drive-by mining”, likewise grew in popularity. The process involves embedding malicious code in a website, which allows the website owner to use visitors’ computer processing power to mine cryptocurrency. While there are legitimate reasons a website owner may include web-based mining on a website – such as generating revenue for a charity – criminal enterprises, extremists or even sanctions evaders can exploit the same method to generate revenue.

In 2018, for example, a neo-Nazi militant group known as the Order of Dawn allowed supporters to mine Monero to generate revenue for its volunteer army. The group’s website is shown in Figure 2.

▲ Figure 2: Order of Dawn and Cryptocurrency Mining. Source: Counter Extremism Project, “Far-Right European Terrorist Group Crowdfunding Cryptocurrency”, 28 April 2018.

Cryptojacking can also occur on a larger scale by rerouting unwitting users’ computer processing power to a mining “pool”, which functions as an aggregator for computer processing power. This method has the potential to create a nearly anonymous revenue stream for an illicit actor. Alternatively, it is also possible to target and hijack resources from cryptocurrency mining pools. In 2014, a hacker gained access to a Canadian internet provider and rerouted traffic from a legitimate pool to a malicious pool, which netted nearly US$84,000 worth of Bitcoin.

Cryptojacking has similarly caught the attention of North Korea. One of the first reported cases of North Korea-linked criminal activity associated with cryptojacking occurred in 2017, when cyber-criminals hacked a South Korean company’s server to illicitly mine Monero. North Korea was able to mine nearly 70 Monero coins, worth approximately $25,000 at the time.

North Korea is also alleged to have employed malware to infect computers to mine Monero. According to a 2019 UN report, analysts were able to trace the mined Monero back to servers located at Kim Il Sung University.

TYPOLOGY 2: COMMERCIAL MINING FACILITIES

Large-scale mining operations have become a lucrative business in recent years, and although the exact number of commercial mining facilities worldwide is unknown, the scale and scope of the industry can be estimated by the demand that such facilities place on power grids. A 2022 report by the US Office of Science and Technology Policy, which coordinates interagency science and technology policy efforts, found that commercial mining facilities are on the rise, estimating that the “total global estimated electricity usage for blockchains that support crypto-assets in 2022 falls into a range of 120 to 240 billion kWh per year”. While such estimates can fluctuate considerably according to demand within cryptocurrency markets, this nonetheless highlights the sheer magnitude of such operations, which at times has accounted for nearly 1% of global energy consumption.

Mining facilities also have the capability to provide illicit actors with a substantial and relatively anonymous revenue stream. Mined cryptocurrency can be moved across jurisdictions through peer-to-peer transactions and potentially converted to fiat currency at cryptocurrency businesses worldwide.

The capital costs of such ventures can, however, be high. Specialised equipment, such as application-specific integrated circuits (ASICs), can cost anywhere from thousands to tens of thousands of US dollars. In at least one case, illicit actors have used the crypto-mining process to launder other ill-gotten gains, as shown in the following case study.

Box 1: Case Study: Bitcoin Mining Centres and Crime

In 2016, Spanish police and tax authorities arrested 30 individuals suspected of laundering illicit proceeds via Bitcoin mining centres. The authorities seized Bitcoin mining centres that they suspected were being used by a large criminal network to launder funds. The amount of funds laundered through the operation is unknown.

Sources: Dev Odedra and Chris Gschwend, “On the Periphery: Financial Crime Risks in Cryptocurrency Mining”, KYC360, 13 July 2020; Reuters, “Spain Arrests 30 Suspected of Laundering Money in Bitcoin Centres”, 25 May 2016.

State actors have also focused on large-scale mining facilities

Figure 3 provides a notional summary of how criminal networks could feasibly invest in mining equipment that can ultimately provide revenue that is decoupled from any illicit activity.

▲ Figure 3: Mining as a Laundry Service. Note: A criminal uses illicit funds to purchase or rent a mining “rig”. In return, they receive clean cryptocurrency and can transfer funds across jurisdictions or convert them to fiat currency at exchanges with limited detection. By contrast, on regulated cryptocurrency exchanges, the criminal in question would still face the need to surpass controls during the customer onboarding procedure. Source: Author generated.

In addition to criminal networks, state actors have also focused on large-scale mining facilities, requesting that the proceeds be sold to a central bank. Iran, for example, used this technique to generate revenue while under sanctions, according to several blockchain analytics firms. Furthermore, the head of Iran’s Trade Promotion Organization has said that the country’s central bank had made a proposal for how Iran can “use the cryptocurrencies produced internally or cryptocurrencies purchased by companies such as the private sector” for the import of goods. Similarly, although the full extent of North Korea’s mining operations is unknown, its 2020 efforts to mine Monero demonstrate, at a minimum, an interest in conducting mining operations on a larger scale.

Of course, there are several elements necessary for a successful commercial operation and, therefore, the extent of this financial crime risk will vary among jurisdictions. First and foremost is whether there is access to stable and cheap power. According to the Cambridge Centre for Alternative Finance, mining farm operators generally choose locations with lower electricity costs to optimise profit. In addition to cheap power, commercial facilities also require stable access to the internet that can accommodate transferring data at high speeds. Climate can also play a role. Mining is preferred in regions with low temperatures, which can help operators avoid substantial cooling costs.

As demand for cryptocurrency has increased, many states have considered and enacted policies to attract the crypto-mining industry. One such example is Transnistria, an unrecognised republic situated between Ukraine and Moldova. The unrecognised breakaway state adopted legislation in 2018 to legalise cryptocurrency mining and created incentives to attract parts of the industry. In addition to offering cheap, stable energy, Transnistria also allows entrepreneurs to set up a mining facility without needing to register as a local company.

TYPOLOGY 3: REMOTE MINING

The rising costs of specialised mining equipment, as well as the need for cheap power and stable internet infrastructure, have prompted the formation of businesses that host mining equipment on behalf of customers.

Remote mining presents a particularly thorny problem when it comes to combating financial crime. Operators of remote mining services may be unaware of their client’s identity or whether they are acting on behalf of a third party, as they are often located in different jurisdictions. This could mean that a remote mining service could unwittingly facilitate sanctions evasion or other types of illicit activity.

Host mining facilities, for example, allow remote customers to purchase mining rigs hosted on their property. The overhead costs for a hosting service typically comprise electricity and maintenance costs, including the setup of the mining equipment. Once the rig is operating, all earnings are directly transferred to the wallet that the customer has listed – whether their own or a third party’s.

One host mining facility, Bitriver, fell onto the US sanctions list in 2022. BitRiver and its subsidiaries were alleged to have aided Russia in monetising its natural resources by leveraging the country’s cheap energy to mine cryptocurrency. Prior to unilateral sanctions, BitRiver created a cryptocurrency known as the BTR Token. Holders of the coin receive an equivalent amount of electricity power for their hosted mining equipment and can submit tokens once a month to pay up to 10% of the bill.

In a similar manner, host mining facilities typically allow a portion of the electricity costs to be paid in cryptocurrency, which could provide avenues for criminal organisations and sanctions evaders to launder the proceeds of crime. It would be quite feasible for a representative operating on behalf of a sanctioned country to pay for electricity costs with illicit funds, and in return receive mined cryptocurrency decoupled from any criminal link. Notably, if traceable cryptocurrency is used to pay for a portion of the mining fees, investigators can still track the funds to the business that accepted the illicit funds. However, the facility may be based in a jurisdiction that is not cooperative.

Some commercial mining facilities also offer cloud-based mining services, whereby users can lease equipment and computer time. Some of the primary cloud-based mining services allow payment in cryptocurrency and for the receiving cryptocurrency address to be changed after purchase. The benefit of using such services is that it can help reduce long-term costs, including investments in expensive equipment, as well as provide a solution to those in jurisdictions with geographic, energy, legal or other limitations on mining. Like host mining, the user does not need to be physically located in the jurisdiction to reap the rewards of mining.

If information is needed, it is likely that the cloud-based mining service would keep a database of cryptocurrency addresses used by the customer. However, depending on whether the service obtains custody of the funds, it can be unclear to investigators where the funds then move to, when looking at on-chain activity. This form of laundering is outlined in the following case study of a North Korea-linked cyber group.

Box 2: Case Study: North Korea and Cloud Mining Services

In March 2023, Mandiant, a US cyber security firm, released a report on the cryptocurrency laundering methods of APT43, a North Korea-linked cyber group. According to Mandiant, APT43 likely uses hash rental (the rental of a set amount of computing power to mine cryptocurrency) and cloud-based mining services as a method of laundering funds. The process of laundering via hash rental and cloud-based mining services allows for the buyer’s original payments and the mined cryptocurrency to be decoupled.

Source: Fred Plan et al., “APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations”, Mandiant, 29 March 2023, p.7.

The user does not need to be in the jurisdiction to reap the rewards

Another cloud mining model involves peer-to-peer marketplaces that allow payments in cryptocurrency. For these services, the buyer can mine using the seller’s computer processing power. Of course, this can also create problems – especially from a transparency perspective. Operators of cloud mining services such as these generally have, for example, no insights into their users’ activities.

TYPOLOGY 4: PROOF-OF-STAKE MODEL

Whereas a proof-of-work model requires miners to solve computationally complex problems to verify the accuracy of a blockchain and record new transactions, the proof-of-stake model requires validators to “stake” their own cryptocurrency as collateral to verify transactions. To confirm a transaction, the blockchain network randomly selects a validator based on the number of coins the user has staked.

▲ Figure 4: Proof-of-Stake Model. Note: An individual stakes their own funds and, when chosen, will verify transactions on the blockchain. Source: Author generated.

Overall, proof-of-stake mining is less energy- and resource-intensive than a proof-of-work model. For these reasons, it may be more attractive to illicit actors. North Korea, for example, has a large stock of cryptocurrency from its various hacks over the past five years that the country could feasibly stake – effectively allowing it to “earn interest” on its illicit hacking operations.

Recently, Ethereum, a blockchain-enabled platform that allows smart contracts, shifted its economic model from proof-of-work to proof-of-stake to reduce environmental impact. For many illicit actors, this move could prove a boost to revenue generation. A recent report by Harvard University’s Belfer Center for Science and International Affairs noted that while North Korea has not previously mined Ether, the shift to a proof-of-stake model may prove more attractive for revenue generation.

Staking coins, along with cryptojacking, commercial mining facilities and remote mining, represent avenues for criminals to circumvent regulations or take advantage of a lack of oversight. Despite the difficulty of identifying users behind the transaction verification process, the public and private sectors can take steps to mitigate potential risks.

REGULATORY RESPONSE, IMPLICATIONS AND SOLUTIONS

The preceding analysis of key crypto-mining typologies – cryptojacking, commercial mining, remote mining and staking – shows that, despite global interest in regulating digital assets, significant risks to the global financial system remain. In most cases, crypto mining does not fall within the purview of financial supervisors or AML frameworks. The following section addresses some of these legal and regulatory challenges, as well as their implications.

Currently, only a handful of countries have addressed cryptocurrency mining within their sectoral risk assessments. Moreover, of those that have attempted to tackle mining, regulatory approaches have varied considerably. In some jurisdictions, for example, legislation explicitly states that cryptocurrency mining activity is outside the scope of AML rules and regulations, while in other jurisdictions, miners are subject to licensing and registration requirements.

REGULATORY APPROACHES

Among the many challenges is the fact that cryptocurrency mining businesses do not generally retain custody of the mined cryptocurrency. This means they do not generally fit into the category of financial institutions that fall under the purview of the FATF.

From the perspective of the FATF, “natural or legal persons that solely engage in the operation of a VA [virtual assets] network and do not engage in or facilitate any of the activities or operations of a VASP on behalf of their customers … are not VASPs”, even if those activities are undertaken as part of their business. Examples provided by the FATF of activities that would not in themselves qualify an entity to be considered a VASP include:

• Offering customers internet network services and infrastructure.

• Providing computing resources (“cloud services and creating, validating, and broadcasting blocks of transactions”).

China banned mining outright in 2021

Similarly, the report notes that those that do not fall under the definition of a VASP include “validators … whose functions are only validating transactions and cloud service providers whose functions are only offering the operation of infrastructure”.

To provide further clarification on these requirements, countries have taken steps to release guidance on crypto mining. However, in the US, for example, little has been done in the way of modernising AML rules and regulations related to crypto mining. Current guidance, put forward by the Financial Crimes Enforcement Network (FinCEN), the key agency responsible for countering money laundering in the US, is now nearly a decade old.

This guidance, unfortunately, does not take into account crypto-mining businesses, noting that “to the extent that a user mines Bitcoin and uses the Bitcoin solely for the user’s own purposes and not for the benefit of another, the user is not an MSB [money service business] under FinCEN’s regulations”. Thus, a crypto-mining company is typically not considered an MSB, and as such is not required to implement AML rules and regulations, such as know-your-customer procedures and record-keeping requirements, which are commonplace at banks.

Some countries have taken drastically different approaches. China, for example, banned mining outright in 2021. Prior to the ban, nearly 50% of global Bitcoin mining occurred in China. In response to the new restrictions, cryptocurrency mining companies relocated to other jurisdictions, including Russia, Kazakhstan, Iran and the US. Despite the ban, however, an analysis of hash rates, which can be a proxy for measuring total levels of mining, indicate that there are still mining operations in mainland China.

The following subsections offer recommendations that countries should consider to restrict abuse of this type of activity.

Consider the Risk

The overall lack of rules around businesses that offer crypto-mining services poses a problem for securing the international financial system against illicit actors. The typologies outlined in this paper detail various methods that criminal networks and sanctions evaders can exploit to generate relatively “clean” streams of revenue – that is, revenue not linked to a specific criminal group or individual or prohibited activity.

Given the risks posed to the international financial system, states should, at a minimum, consider their relative risk exposure to crypto mining from a cyber security standpoint, and identify associated risk with businesses within the industry. This includes understanding the scale and scope of mining-centric businesses within their jurisdiction, which is not always straightforward – especially if there are no registration or licensing requirements. At a minimum, countries should include their crypto-mining industries within national risk assessments.42 To aid with understanding risk and mitigation strategies, operators of crypto-mining enterprises should be included in domestic public–private partnerships centred on cryptocurrency.

Jurisdictions should be especially concerned if sanctions evasion or other types of illicit financial activity have previously been associated with their jurisdiction. It is important to note that countries have an obligation to implement and enforce international sanctions. In the case of North Korea, for example, states are required to prevent the provision of financial services or economic resources to North Korea. While crypto-mining services may not fit neatly within the definition of a “financial service”, they are nonetheless an economic resource that North Korea could exploit to support its nuclear weapons and ballistic missile programme.

Understand Regional Risk

Another factor countries should consider is regional risk exposure. There could be negative spillover effects from neighbouring jurisdictions that incentivise crypto-mining businesses, such as by offering cheap energy or establishing free trade zones with favourable crypto-mining laws. For example, a country with little or no crypto-mining activity but active cryptocurrency exchanges may face significant risks from illicit actors mining in one region and cashing out in another.

Collect and Verify Beneficial Ownership Information

Countries need to identify and verify individuals who have ownership and control of crypto-mining facilities located in their jurisdictions. As shown in the second section, illicit actors can exploit such facilities for laundering or sanctions evasion purposes, so it is critical to identify who is behind operations.

The FATF outlines that countries should take measures to prevent the misuse of corporate vehicles for criminal purposes by:

• Understanding the risk associated with legal arrangements.

• Making legal persons and legal arrangements sufficiently transparent.

• Requiring corporate vehicles to provide accurate and up-to-date basic and beneficial ownership information to competent authorities in a timely fashion.

Furthermore, to detect large-scale mining facilities that are not registered as businesses, law enforcement can look at spikes in energy consumption, as the proof-of-work mining process requires a substantial amount of energy.

Require Customer Identification and Verification

Countries should also consider modifying registration requirements for commercial and remote mining enterprises. At a minimum, regulatory authorities should require these companies to retain customer identifying information for law enforcement purposes.

While most types of crypto-mining activities would not meet the definition of a VASP, and thus not be subject to AML rules and regulations, collection of customer information by remote crypto-mining businesses is highly recommended. By undertaking the following checks on remote clients when establishing business relations these facilities can ensure sanctions compliance:

• Recording the full name, date of birth, nationality and address of the customer.

• Verifying the information provided to ensure the use of official government identification documents.

• Keeping a record of cryptocurrency addresses used by the customer to receive generated funds.

If illicitly obtained funds are linked to the remote crypto-mining business, holding this customer information will aid in law enforcement investigations. Furthermore, these facilities need to ensure they do not accept funds from sanctioned entities by screening customer information against relevant sanctions lists.

CONCLUSION

Criminal networks and state actors have both used crypto mining to generate nearly anonymous streams of revenue. While the scale and scope of these illicit operations is largely unknown, the risk posed to the international financial system is clear.

In a rapidly evolving industry, new innovations also bring new opportunities for illicit actors to exploit, and governments are failing to recognise risks associated with mining. To mitigate the risks that mining can generate, it will be important for governments to think outside traditional AML frameworks. Defining a crypto-mining company as an MSB, for example, may be akin to trying to place a square peg in a round hole. Instead, identification of beneficial ownership and recording client information will likely prove more useful for identifying illicit activity.

Allison Owen is an Associate Fellow at RUSI’s Centre for Financial Crime and Security Studies. Her primary research projects focus on the policy and security dimensions of cryptocurrency and new payment methods. Allison leads RUSI’s work on cryptocurrency and counter-proliferation finance, focusing on North Korea’s use of crypto to evade sanctions, and provides guidance for the private and public sector to understand and mitigate associated threats.

Aaron Arnold is a Senior Associate Fellow with the Centre for Financial Crime and Security Studies at RUSI, where his work focuses on sanctions and proliferation financing.