DOJ Law Enforcement’s New Crypto Reports


On September 15, 2022, the Ministry of Justice published its report “The role of law enforcement in detecting, investigating and prosecuting criminal activity related to digital assets” (66 pages). The first of nine reports ordered by President Biden’s Executive Order 14067 “Ensuring the Responsible Development of Digital Assets” was also released by the DOJ on JUNE 06, 2022, “How to strengthen international law enforcement cooperation to detect, investigate and prosecute criminal activities related to digital assets” (58 pages).


Since then, we have seen the Treasury Department release three reports:

Treasury also provided the White House in July with a “International Engagement Framework on Digital Assets” which is described in their press release, but not provided to the public.

Earlier this month, the Department of Commerce released its report:
Responsibly Advancing U.S. Competitiveness in Digital Assets” (19 pages).

The Office of Science and Technology Policy also released three reports:

In this blog post, we will focus on the two DOJ reports, which we will discuss in reverse order of their publication, because it appears that there is a need to define the role of law enforcement in the area of digital assets before tackling international cooperation. would search in this area.

The role of law enforcement in the field of digital assets

  Despite the executive order, it is important to note that the Justice Department did not need urging from the White House to establish procedures to combat cryptocurrency. The department established the Attorney General’s Digital Cyber Task Force in 2018, which produced its original report, released in October 2020, titled Framework for applying cryptocurrencies (83 pages). This original report characterized illicit uses of cryptocurrency into three broad categories of crime:

  1. financial transactions associated with the commission of crimes, such as buying and selling drugs or weapons, renting servers used to commit cyber crimes, soliciting funds to support terrorist activities, or ransoms , blackmail and extortion.
  2. money laundering and protecting legitimate activities from taxes, reporting, sanctions or other legal requirements, including operating unlicensed, unregistered or non-compliant exchanges.
  3. crimes, such as theft, directly involving the cryptocurrency market itself, such as stealing cryptocurrencies from exchanges or defrauding unwitting investors.

The original report listed numerous case studies involving indictments, seizures and arrests in the above scenarios, including SamSam ransomware, Welcome to Video and DarkScandals, child sexual abuse services, terrorist financing at both through direct donations and through the sale of fake medical equipment (PPE during the COVID-19 pandemic). ), the Bitcoin Maven case (Theresa Tetley), BTC-e, Operation DisrupTOR (Wall Street Market), DeepDotWeb, DreamMarket, Lazarus Group hacks, HeroCoin ATMs, Helix mixer, and others.

The new report highlights something I also mentioned recently. Bitcoin and other blockchain-based cryptocurrencies are neither the first digital currency nor the first to have facilitated numerous criminal exchanges. The report mentions E-Gold (1996) and Liberty Reserve (2006) as “pre-crypto” examples of digital currencies, but could just as easily have mentioned Webmoney (1998) or PerfectMoney (2007). Many points in the new report echo those of the previous one, although cases have been updated, such as Bitfinex, Helix and Hydra Market, estimated at one point to carry out 80% of all transactions on the darknet market, and Garantex. , the Estonian-based exchange that laundered more than $100 million in funds associated with darknet markets. The Colonial Pipeline ransomware and use of Bitcoin by the indicted GRU agents, the theft of $600 million by the Lazarus Group hackers in March 2022 are all used to update the original report.

Two important additions are the section on the growth of decentralized finance (DeFi) and non-fungible tokens (NFT). In this area, the discussion of “decentralized autonomous organizations” as opposed to a traditional corporate structure, as well as the insider trading, money laundering and tax evasion aspects of NFT trading are addressed. (Examples from Nathaniel Chastain of OpenSea and Ishan Wahi of Coinbase are provided as prime examples.)Section II of the report discusses DOJ efforts such as the National Crypto Enforcement Team (NCET) and its predecessors such as the Section’s Digital Currency Initiative on Money Laundering and Asset Recovery and the international virtual currency initiative. Some interesting statistics from the FBI, including that as of July 2022, the FBI has conducted 1,100 separate investigations across 100 investigative program categories involving a nexus to digital assets. Since its first digital asset seizure in 2014, the FBI has seized $427 million in virtual assets (valued at the time of seizure). In February 2022, the FBI established the Virtual Assets Unit. The Department of Justice has also created a Digital Asset Coordinator Network comprised of designated prosecutors in U.S. Attorneys’ Offices across the country who work closely with CCIPS, MLARS, and NCET. The program is based on the successful CHIP (Computer Hacking and Intellectual Property) Network and the National Cybersecurity Specialist Network (NSCS), which each designates prosecutors in each field office who will be specially trained and equipped to handle the types of business relevant to their office.

The DEA’s Cyber Support section is described as conducting cryptocurrency analysis related to the use of cryptocurrency to facilitate drug trafficking, while the US Marshals Service is the group that manages and liquidates the funds cryptographic data entered. HSI has been a key player in many crypto cases, with at least 500 investigations currently active, including through its financial crimes unit, cybercrime center, and asset forfeiture unit. The U.S. Secret Service is also involved, with 302 cases involving digital assets and at least 535 seizures of digital assets valued at more than $113 million at the time of seizure. The United States Secret Service is also one of the premier trainers for state and local law enforcement through the National Computer Forensics Institute (NCFI) headquartered here in Hoover, Alabama! They also operate a Digital Asset Awareness Center to educate the public about crypto risks.Regulatory agencies also play their role, with FinCEN working to enforce Bank Secrecy Act (BSA) guidelines and regulations related to anti-money laundering and anti-terrorism financing requirements ( AML/CFT). Treasury manages the OFAC office, which includes sanctions mixers and state-sponsored crypto hackers. The SEC regulates crypto scams structured as “investment contracts, such as BlockFi Lending LLC or the DeFi Money Market.” The Commodity Futures Trading Commission (CFTC) regulates the trading of commodities in interstate commerce. She has initiated more than 50 enforcement actions against organizations. such as Coinbase, Payward Ventures (Kraken), Blockratize (Polymarket). BitMEX is a cryptocurrency derivatives exchange targeted by CFTC enforcement, after $209 million in darknet market transactions were taken through BitMEX, which paid a $100 million fine, three co-founders pleading guilty of criminal charges and paying a $10 million fine.

One final organization of note is IVAN, the Illicit Virtual Asset Notification platform, built by FinCEN and the FBI’s National Cyber Investigative Joint Task Force. The goal of IVAN is to be a public-private information exchange to enable the industry to collaborate on the rapid detection and interruption of the use of virtual assets in illicit activities .

Requests for legislation

The Justice report makes several requests for additional legislation, classified into five categories:

  1. extend the ban on disclosing subpoenas (currently in effect for financial institutions) to VASPs (Virtual Asset Service Providers), strengthen laws prohibiting operating an unlicensed money transfer business and extend deadlines limitation period of 5 to 10 years for certain offenses.
  2. support for initiatives that would help investigators collect evidence
  3. strengthen sentencing guidelines for certain BSA violations
  4. extend BSA recordkeeping rules to VASPs
  5. ensure law enforcement has the resources necessary to conduct and manage sophisticated investigations related to digital assets.

International considerations

One of the main observations of the report on international law enforcement cooperation is the usual complaint that mutual legal assistance treaties are too slow and that faster methods of international law enforcement cooperation legislation, such as the “24/7 network”, often have no effect. a standard way to share requests regarding virtual asset service providers. (VASP).

Then, while countries friendly to the West have largely standardized their laws on cybercrime as part of the Budapest Convention on Cybercrime, the way nations around the world define, regulate, and enforce actions against VASPs is varied and inconsistent. Under the concept of dual criminality, where one country can only require another to enforce similar laws in both countries, much crypto-crime enforcement lacks such standards.

Although cybercrime laws may not have caught up, the international anti-money laundering body, the FATF or the Financial Action Task Force, are undisputed thought leaders on the matter. guidelines on virtual assets. (We wrote about the FATF in 2019, please see: Money laundering and terrorist financing: what is the FATF? ) Unfortunately, as of July 2021, only 35 participating countries have implemented the FATF’s suggestions regarding virtual assets and VASPs into their national laws.

My favorite part of the “Strengthening Enforcement of International Law” report is Annex B: “Examples of Successful Cross-Border Collaboration in Digital Asset Investigations.”

Liberty Reserve


Silk Road

Operation Bayonet (AlphaBay and Hansa)

Dream market

Wall Street Market


Welcome to the video

Operation DisruptTOR

Hydra Market

Twitter hack

Sodinokibi/REvil ransomware

NetWalker ransomware


For each example above, details are shared about which international law enforcement agencies partnered with which U.S. agencies in order to achieve a successful resolution. Inspiring reading!

Leave a comment