skip to main content


Title: SoK: Money Laundering in Cryptocurrencies
Money laundering using cryptocurrencies has become increasingly prevalent, and global and national regulatory authorities have announced plans to implement stringent anti-money laundering regulations. In this paper, we examine current anti-money laundering (AML) mechanisms in cryptocurrencies and payment networks from a technical and policy perspective, and point out practical challenges in implementing and enforcing them. We first discuss blacklisting, a recently proposed technique to combat money laundering, which seems appealing, but leaves several unanswered questions and challenges with regard to its enforcement. We then discuss payment networks and find that there are unique problems in the payment network domain that might require custom-designed AML solutions, as opposed to general cryptocurrency AML techniques. Finally, we examine the regulatory guidelines and recommendations as laid out by the global Financial Action Task Force (FATF), and the U.S. based Financial Crimes Enforcement Network (FinCEN), and find that there are several ambiguities in their interpretation and implementation. To quantify the effects of money laundering, we conduct experiments on real-world transaction datasets. Our goal in this paper is to survey the landscape of existing AML mechanisms, and focus the attention of the research community on this issue. Our findings indicate the community must endeavor to treat AML regulations and technical methods as an integral part of the systems they build and must strive to design solutions from the ground up that respect AML regulatory frameworks. We hope that this paper will serve as a point of reference for researchers that wish to build systems with AML mechanisms, and will help them understand the challenges that lie ahead.  more » « less
Award ID(s):
1800088 1914635
NSF-PAR ID:
10300442
Author(s) / Creator(s):
; ; ;
Date Published:
Journal Name:
ARES 2021: The 16th International Conference on Availability, Reliability and Security
Page Range / eLocation ID:
1 to 10
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. null (Ed.)
    Blockchain is the technology used by developers of cryptocurrencies, like Bitcoin, to enable exchange of financial “coins” between participants in the absence of a trusted third party to ensure the transaction, such as is typically done by governments. Blockchain has evolved to become a generic approach to store and process data in a highly decentralized and secure way. In this article, we review blockchain concepts and use cases, and discuss the challenges in using them from a governmental viewpoint. We begin with reviewing the categories of blockchains, the underlying mechanisms, and why blockchains can achieve their security goals. We then review existing known governmental use cases by regions. To show both technical and deployment details of blockchain adoption, we study a few representative use cases in the domains of healthcare and energy infrastructures. Finally, the review of both technical details and use cases helps us summarize the adoption and technical challenges of blockchains. 
    more » « less
  2. Near-field communication (NFC) is one of the essential technologies in the Internet of Things (IoT) that has facilitated mobile payment across different services. The technology has become increasingly popular, as cryptocurrencies like Bitcoin have revolutionized how payment systems can be designed. However, this technology is subject to security problems, such as man-in-the-middle attacks, double-spending, and replay attacks, raising the need to incorporate other solutions such as blockchain technology. Concerns about the security and privacy of payments using NFC technology raise the need to adopt blockchain-based cryptocurrency payment. For instance, NFC payment has been criticized for a lack of measures to counter potential attacks, such as brute force or double-spending. Thus, incorporating blockchain technology is expected to improve the security features of the NFC mobile payment protocol and improve user experience. Blockchain technology has been praised for enabling fair payment, as it permits direct transactions without engaging a third party. Therefore, integrating blockchain cryptocurrency in IoT devices will revolutionize the NFC payment method and provide value transfer using IoT devices. Combining NFC with blockchain technology and cryptocurrencies is necessary to address security and privacy problems. The purpose of this paper is to explore the potential behind incorporating blockchain technology and cryptocurrencies like Bitcoin in the NFC payment protocol. 
    more » « less
  3. Munteanu, Ionela (Ed.)
    Rule enforcement is critical in democratic, self-governing societies. Many political disputes occur when citizens do not understand the fundamental rationales for enforcement (e.g., COVID-19 pandemic). We examined how naïve groups learn and develop wise enforcement systems. Based on theories from behavioral economics, political science, psychology, and education, we predicted that groups need to experience failure of an enforcement system, but be guided on restorative justice principles to collectively learn from this failure. Undergraduate students (N= 288) from a Midwestern U.S. metropolitan university self-governed a simulated common-pool resource with real financial payoffs. Groups began with one of three conditions designed to create different experiences with enforcement and regulatory failure: (a) no enforcement (no communication or peer sanctioning), (b) lax enforcement (communication with peer-sanctioning), or (c) regulatory abuse (peer sanctioning without communication). Half then received facilitated guidance on restorative justice principles (e.g., discuss whether/why to use sanctions). To examine cooperation, we measured how well participants maintained the resource. To examine group learning, we created a novel coding system, which tracked groups’ constitutional decisions about conservation agreements and enforcement, conceptual understanding, and the enforcement systems they created. The no-enforcement and lax-enforcement conditions quickly yielded moderate cooperation via voluntary agreements. However, such agreements prevented groups from discovering how and why to use enforcement (peer sanctioning) to improve performance. Initial exposure to regulatory failure had different effects depending on facilitation. Unfacilitated groups fixated on initial misconceptions, causing them to abandon or create less sophisticated enforcement systems, hindering cooperation. Facilitated groups learned from prior failure—discovering principles of wise enforcement (e.g., collective efficiency, self-restraint)—and created more sophisticated enforcement systems (e.g., coordinated sanctions) that improved cooperation. Guidance on restorative justice principles and experience with regulatory abuse may be necessary preconditions for naïve individuals to understand and develop wiser collective enforcement systems. 
    more » « less
  4. Software systems are increasingly expected to address a broad range of stakeholder values representing both personal and societal values as well as values ensconced as laws and regulations. Whereas laws and regulations must be fully addressed, other human values need to be carefully analyzed and prioritized within the context of candidate architectural designs. The majority of prior work has investigated requirements engineering techniques for either regulatory compliance or for human-values, we take an integrated approach which simultaneously considers laws and regulations as well as societal and personal human values throughout the system analysis, specification, and design process. We illustrate our approach through detailed examples drawn from a multi-drone system regulated by the USA Federal Aviation Authority (FAA) and operating in a domain rich with human and societal values. We then discuss requirements engineering challenges and solutions unique to identifying analyzing, and prioritizing human, societal, and regulatory requirements, and ultimately for designing accountable software systems. 
    more » « less
  5. Bitcoin, Ethereum and other blockchain-based cryptocurrencies, as deployed today, cannot support more than several transactions per second. Off-chain payment channels, a “layer 2” solution, are a leading approach for cryptocurrency scaling. They enable two mutually distrustful parties to rapidly send payments between each other and can be linked together to form a payment network, such that payments between any two parties can be routed through the network along a path that connects them. We propose a novel payment channel protocol, called Sprites. The main advantage of Sprites compared with earlier protocols is a reduced “collateral cost,” meaning the amount of money × time that must be locked up before disputes are settled. In the Lightning Network and Raiden, a payment across a path of ` channels requires locking up collateral for Θ(`∆) time, where ∆ is the time to commit an on-chain transaction; every additional node on the path forces an increase in lock time. The Sprites construction provides a constant lock time, reducing the overall collateral cost to Θ(` + ∆). Our presentation of the Sprites protocol is also modular, making use of a generic state channel abstraction. Finally, Sprites improves on prior payment channel constructions by supporting partial withdrawals and deposits without any on-chain transactions. 
    more » « less