AUSTRAC released guides on ransomware and criminal use of cryptocurrencies

Today, AUSTRAC, Australia’s AML/CFT regulator, released two guides to help companies identify ransomware and prevent criminal uses of cryptocurrencies.

Cryptocurrencies in Australia

On one side, AUSTRAC reports that cryptocurrency adoption is rapidly growing in Australia. According to Gemini’s 2022 Global State of Crypto, 18% of Australians own cryptocurrency. Australians’ interest in cryptocurrencies is growing along with the development of crypto markets worldwide.

On the other side, the regulator also reports that cyber-crime is on the rise in the country. For instance, the Australian Cyber Security Centre (ASCS) has reported a 15% increase in ransomware attacks cases in one year, with 500 ransomware attack cases for the 2020-21 financial year.

As cryptocurrencies are growing in value and get increasingly adopted, it leads criminals to rely on crypto for their illegal activities.

AUSTRAC’s guides on ransomware and criminal use of cryptocurrencies

Today, AUSTRAC released two guides to help businesses distinguish licit uses of cryptocurrencies from illicit uses such as ransomware, money laundering (ML), etc. AUSTRAC also states that the guides will help businesses to better understand the risks associated with the cryptocurrency industry

These guides provide information and indicators of potential criminal crypto activity like ransomware, ML, terrorism financing (TF), etc. Companies should use the indicators provided by those guides and their own monitoring systems to spot criminal activity and report them to AUSTRAC.

Download the guides:

• Detecting and stopping ransomware financial crime guide
• Preventing the criminal abuse of digital currencies financial crime guide

How can you implement AUSTRAC guidance?

In the guides, AUSTRAC identifies different types of financial crimes through digital currencies: ML, TF, dark web marketplace transactions, scams, tax evasion, and ransomware. The regulator also provides financial and behavioral indicators that companies should look for to spot these types of financial crimes. When it comes to analyzing blockchain transactions, blockchain analytics software, such as Scorechain, can help companies better monitor their cryptocurrency transactions and identify potential criminal activities.

Scorechain’s software deanonymizes blockchain data and flags crypto addresses and entities related to scams, ransomware, ML/TF, hacks, sanctions lists, etc. The team is constantly updating the database with high risks/criminal addresses to give users the best data quality possible.

Here are some of the indicators you can spot with Scorechain Blockchain Analytics:

A crypto address is directly or indirectly linked to a ransomware address

Scorechain red flags addresses related to ransomware activity. Users can then easily spot if an address received funds from or sent funds to a ransomware address. The software gives information about the incoming and outgoing funds with a detailed risk analysis.

Links with known illicit activity

Since our Analytics platform red flags illicit crypto activity, users can easily spot them with incoming and outgoing funds analysis. In the case of more complicated cases, users can also push their investigation further with the Exploration Tool and uncover links with specific types of criminal/high-risk activities.

In the example below, we can see that the Exploration Tool found links to Silk Road, a dark web marketplace, with the investigated address. The funds have been sent using a peel chain.

A large amount of crypto funds is sent to an unrelated address and then a mixing service

Scorechain users can get details about transactions such as amount, date, sender, and receiver. Besides, users can use the Exploration Tool to spot links with specific entity types, including mixing services. This tool helps them to easily follow the funds and visualize the trail of transactions.

Crypto addresses with high exposure to high-risk addresses, mixing services, P2P exchanges, scams and fraud, gambling

On one side, Scorechain assesses the level of risk for addresses, transactions, and entities. On the other side, the risk indicators let users know to what kind of risks an address, a transaction, or an entity is exposed to. The software thus promptly notifies users in case of exposure to high-risk activities so they can take appropriate actions.

In the example below, we can see that the address checked has triggered several high-risk indicators and that it sent funds to and received funds from dark web marketplaces and a gambling service for instance. As a result, both incoming and outgoing funds have a low score meaning higher risks.

Links with high-risk exchanges

The Entity Directory scores the level of risk associated with 700+ exchange platforms. It gathers insights on the level of risks according to their level of regulation, their compliance processes, and their security policies. Compliance teams can thus perform counterparty risk analysis and spot which exchange they should consider high-risk.

Reporting suspicious activity to AUSTRAC

The guides stress that any suspicious crypto activity whether it is related to ransomware or another criminal activity should be reported to AUSTRAC through Suspicious Matter Reporting (SMR). SMRs should contain information on transactional, behavioral, and non-financial indicators.

Collecting proper information to file an SMR can be difficult and takes time. Scorechain’s reports can help compliance teams gather information on crypto transactions and addresses and their associated risk levels and indicators. This information can then be included in the SMR.

Learn more: KYA KYT report – 5 reasons why our customers love them

Today, more and more countries are targeting illicit uses of cryptocurrencies. This means that there are increasing requirements that companies should comply with. However, ensuring crypto compliance can be difficult for companies without the proper tools and is usually time-consuming. Would like to see how Scorechain can help you with your compliance issues? Don’t hesitate to contact us.

About Scorechain

Scorechain is a Risk-AML software provider for cryptocurrencies and digital assets. As a leader in crypto compliance, the Luxembourgish company has helped more than 200 customers in 45 countries since 2015, ranging from cryptocurrency businesses to financial institutions with crypto trading, custody branch, digital assets, customers onboarding, audit and law firms, and some LEAs.

Scorechain solution supports Bitcoin analytics with Lightning Network detection, Ethereum analytics with all ERC20 tokens and stablecoins, Litecoin, Bitcoin Cash, Dash, XRP Ledger, Tezos, Tron with TRC10 and TRC20 tokens, and BSC with BEP20 tokens. The software can de-anonymize the Blockchain data and connect with sanction lists to provide risk scoring on digital assets, transactions, addresses, and entities. The risk assessment methodology applied by Scorechain has been verified and can be fully customizable to fit all jurisdictions. 300+ risk-AML scenarios are provided to its customers with a wide range of risk indicators so businesses under the scope of the crypto regulation can report suspicious activity to authorities with enhanced due diligence.