Thread
I read through the Bitzlato FinCen Order and it's a pretty crazy read.

There could be more to this action than originally expected.

FinCen labels Bitzlato as a convertible virtual currency (CVC) exchanger with operations in Russia that provides Peer-to-Peer (P2P) services. 🧵
A CVC exchanger is a type of Virtual Asset Service Provider (VASP).

It's jargon for a P2P exchange, but remember these acronyms.

This FinCen order is all about Russian ransomware groups like Conti using Bitzlato for illicit purposes and money laundering.
"The application of FinCEN’s authorities in this order is specific only to section 9714 of the Combating Russian Money Laundering Act."

This isn't about applying the Bank Secrecy Act or implementing regulations. It's about Russian cybercrime.
Conti is a Russian hacker group that's leaked stolen data of >150 companies.

Conti infilitrates an organization's system, finds valuable data, steals it, & encrypts it. They then blackmail the organization and demand a ransom, sometimes leaking the data regardless if they pay.
Conti has hacked, stolen from, and blackmailed both Ireland's Public Health Care System and the Costa Rican Government.

When war broke out, Conti threatened that "war activities" against Russia would be met with cyberattacks on critical infrastructure.
flashpoint.io/blog/history-of-conti-ransomware/
Why this is key is since it's through The Combating Russian Money Laundering Act, it gives the Treasury Secretary "Special Measures" since it's a matter of money laundering in connection with Russian illicit finance.

Yellen authorizes FinCen to carry out these Special Measures.
But FinCen has a problem...

Bitzlato is a P2P exchange, allowing users to exchange Bitcoin (BTC), Ether (ETH), Bitcoin Cash (BCH), Litecoin (LTC), Dash (DASH), Tether (USDT), Monolith Ruble (MCR) and Dogecoin (DOGE) without intermediaries.

How does FinCen stop a P2P exchange?
What FinCen decides to do here is give itself "Alternative Special Measures," prohibiting all movement of funds that even touch Bitzlato.

It reads, "prohibiting the transmittal of funds involving Bitzlato is the only means of adequately addressing the threat Bitzlato poses."
Normally, FinCen would impose restrictive conditions on transmittal of funds instead of outright prohibiting it because prohibition could result in "unduly harm to legitimate economic activity," and could hurt institutions that provide services for legitimate business.
But not with Bitzlato, it's P2P. No intermediaries.

So FinCen decides to prohibit it despite there being legitimate activity occurring on Bitzlato. They don't care.

"any legitimate activity is outweighed by the significant proportion of illicit financial activity identified."👇
It explains how prohibiting Bitzlato users from opening US bank accounts would also not be enough..."it is inadequate to address the risks of a P2P VASP such as Bitzlato."

This has brought P2P exchanges and the US Government on a collision course. It reads like an attack on P2P.
So here's the case in a nutshell:

"FinCEN assesses that Bitzlato serves as a P2P VASP that ultimately enables the profitability of ransomware attacks and, at least in the case of Conti, advances the political and economic destabilization interests of the Government of Russia."
The order denominates the illicit activity of the ransomware groups that use Bitzlato specifically in BTC.

"76 Bitzlato deposit addresses received BTC worth over $300k attributed to Chatex"

Another 76 Bitzlato addresses "received funds representing 414.84 BTC worth approx $3M"
FinCen says "approximately two-thirds of Bitzlato’s top receiving and sending counterparties are associated with darknet markets or scams."

Yikes! They name Binance, explicity stating it's associated with darknet markets or an outright scam.

🚨Withdraw your funds from Binance🚨
The order also names LocalBitcoins, one the oldest Peer-to-Peer Bitcoin marketplaces in the world, founded in June 2012.
FinCen states Bitzlato processed over 1.46 million direct transfers with the Hydra darknet marketplace, representing tx flows of nearly 20,000 BTC sent.

It's a little strange how they keep denominating the criminal activity in BTC despite there being other assets on Bitzlato.🤔
In the order, FinCen defines Bitcoin as a Convertible Virtual Currency (CVC), a "medium of exchange that has equal value as a currency or act as a currency substitute, but lacks legal tender status."

They had to say "despite at least one jurisdiction" cuz of El Salvador. 🇸🇻
Since Bitcoin is defined as a CVC, this is saying any P2P users that buy or sell BTC on Bitzlato, or receive BTC in an address through Bitzlato, is breaking the law.

The order prohibits the transmittal of funds and defines it as the sending and receiving of funds, including BTC.
When I read this order, I had a lot of thoughts going through my head around FinCen:

- giving itself special measures to stop P2P exchanges
- highlighting how BTC is being used by Russian cybercriminals
- labeling Binance & LocalBitcoins as having ties to the darknet or as scams
My takeaway is this order could be more than a no-name Russian exchange getting punished. It could also be a blueprint for stopping P2P exchanges with legitimate user activity, and be used as an opportuntity to frame BTC as money used by criminals.

DYOR.
www.fincen.gov/sites/default/files/shared/Order_Bitzlato_FINAL%20508.pdf
Mentions
See All
Troy Cross @thetrocro · Jan 19, 2023
  • Post
  • From Twitter
Great thread, Sam!