Skip to main content

Cryptoassets and financial crime – Understanding the implications for financial institutions

Since the inception of Bitcoin in 2008 through Satoshi Nakamoto’s white paper1, the nature and application of cryptoassets has grown exponentially. Having moved beyond the original proposition of creating a new form of peer-to-peer electronic cash, the landscape now includes a range of applications from payments, investments and insurance to more novel applications such as non-fungible tokens (‘NFTs’) and smart contracts. The growth of cryptoassets and their appeal, particularly amongst retail consumers, can be attributed to many factors: from the disintermediation of financial institutions and the reduction of third-party costs; accessibility and financial inclusion considerations; and the tempting potential for higher returns in the wake of the many stories of overnight millionaires created through cannily timed investments in Bitcoin and other digital assets.

These factors have made cryptoassets an appealing prospect for consumers seeking new ways of using and making money. Coupled with other factors, such as the level of anonymity this asset class offers and, until recently, relatively limited regulatory oversight, cryptoassets have also become an appealing prospect for criminals seeking to facilitate financial crime. The illicit use of cryptoassets by criminals is largely understood to pose a direct threat to cryptoasset market participants such as cryptoasset exchanges, custodians and investors (as seen with the FTX scandal2). However, the less direct, but very real threat, to traditional financial services is often less discussed.

In this three-part series we want to shed some light on this by exploring the following areas:

  • The features of cryptoassets that make them appealing to criminals and what this means for financial institutions;
  • The financial crime risks associated with cryptoassets and some key control enhancements that financial institutions should consider to better manage these risks; and
  • The potential benefits that novel technologies (e.g. blockchain analytics) can have in further enhancing the financial crime risk management frameworks of financial services institutions (FSIs).

In this blog we touch upon the features that make cryptoassets appealing to financial criminals, exploring the scale of the problem, and considering the implications for financial institutions.

What are the key features of cryptoassets that makes them appealing to criminals?

In general terms, there are four key factors that attract criminals to the use of cryptoassets. These are:

  1. Inconsistent Global Regulation – Many regulators have brought certain Cryptoasset Service Providers (CASPs) under existing Anti-Money Laundering (AML) regulation. However, the lack of a standardised global approach to AML regulation continues to provide opportunities for criminals to exploit the gaps to circumvent the rules.
  2. Pseudonymity – Refers to the fact that the real-world identity of a given owner of a cryptoasset is not directly attributed to a given transaction (unless the user is operating in a regulated exchange/custody provider). Instead, they are represented by the alpha-numeric address associated with their wallet. Whilst it is possible to forensically match transactions to/from a wallet to the underlying user, this is not an easy undertaking, and it remains the case that pseudonymity increases the complexity of identifying the (ab)users of cryptoassets.
  3. Novel applications – In addition to the growth of both the volume and variety of cryptoassets, the development of associated blockchain applications has also continued at pace, be they smart contracts, cross-chain bridges, or tumblers/mixers. Whilst some of these have been developed for the purpose of operational efficiency (e.g. cross-chain bridges provide a faster and more efficient means of swapping asset types) they have also offered opportunities to criminals. An example of this is “chain hopping”, in which a criminal utilises cross-chain bridges to “hop” between blockchains and their associated cryptoassets in order to complicate the transaction chain in an attempt to conceal the origin of assets.
  4. Borderless and disintermediated – Removing the need for intermediaries (like regulated FIs) to facilitate key financial activities (e.g. cross border payments) offers further opportunities for criminals to evade AML and broader anti-financial crime measures, allowing them to rapidly move funds overseas without the need to engage with regulated third parties.

"In the UK, The NCA’s National Assessment Centre estimates over £1 billion of illicit cash is transferred overseas and hundreds of millions are laundered using cryptoassets3."

The scale of the problem

Statistics like the one above illustrate the scale of the threat that cryptoassets pose to financial institutions, and this threat is further highlighted by reports such as the recent Crypto Crime report by Chainalysis, which noted that illicit cryptoasset transaction volumes globally hit $20.6 billion4 in 2023.

While significant, it is currently difficult to validate whether this estimate is the totality of illicit cryptoasset activity, or just the tip of the iceberg.

When the illicit uses of cryptoassets, such as their theft through exchange hacks, crypto frauds and scandals such as the collapse of FTX dominate media headlines, it is easy to see how, when coupled with statistics like those above, the concerns of those who already view cryptoassets as risky are only heightened. For financial institutions, this has led to many adopting a risk averse stance to cryptoassets and, in some instances, actively seeking to restrict their exposure, whether that be through restricting their customers’ ability to transact with CASPs, or by refusing to onboard cryptoasset firms for the provision of banking services.

What does this mean for financial institutions?

While the financial crime risks associated with cryptoassets typically pose a direct risk to firms operating within the cryptoasset environment, they also pose an indirect risk to many financial institutions who form part of the “off-ramp” between the crypto and fiat worlds. As a gateway to the fiat world, traditional financial institutions are typically indirectly exposed to cryptoassets through their customer base. Therefore, the challenge for FSIs is to understand the threats and their exposure to them, rather than seeking to distance themselves from something that their customers continue to be drawn to.

Identifying, quantifying and ultimately understanding a firm’s exposure to cryptoassets can be difficult to do, but is nevertheless important. Failure to do so can lead to firms either underestimating or overestimating their exposure to cryptoassets. In the first case, firms may fail to adopt appropriate and proportionate measures to mitigate the relevant risks. Conversely, overestimation of a firm’s exposure can result in the implementation of disproportionate and costly control environments. Striking a balance can therefore be difficult. However, by establishing a sound understanding of cryptoasset risks and how they manifest through their products, services and customers, FSIs as well as other types of institutions can start to navigate this space more effectively and explore potential new market opportunities.

In our next blog, we dive deeper into some of the novel money laundering and wider financial crime risks associated with cryptoassets and explore how they manifest for established financial institutions. We will then consider control enhancements that can assist firms in effectively identifying and mitigating the risks, and potentially enable them to actively explore opportunities in this fast-moving sector.


1 Bitcoin: A Peer-to-Peer Electronic Cash System

2 FTX’s collapse underscores the need for regulating crypto | Financial Times

3 Factsheet: Cryptoassets technical (January 18, 2023)

4 The Chainalysis 2023 Crypto Crime Report