Daily Brief: OFAC sanctions Venezuela’s PDVSA, crypto scams hit nearly $2 billion in 2018, and more
Tuesday, February 5, 2019
Posted by: Brian Monroe
By Brian Monroe
February 4, 2019
In today’s Fincrime brief, the U.S. sanctions Venezuela’s PDVSA, crypto scams soar to record highs, new AML bill, and more.
As Venezuela spasms in tug of war over true leader, OFAC sanctions beleaguered PDVSA, a ‘vehicle of corruption’
The sanctions arm of the U.S. Treasury has designated Venezuela’s state-owned oil company in a bid to prevent corruption-tinged dollars from fleeing the country – a formerly rich and prosperous nation now in full revolt as the current leadership fights to keep control in the face of rising opposition calling for a return to democracy and the rule of law.
The Office of Foreign Assets Control (OFAC) last week designated Petroleos de Venezuela, S.A. (PdVSA) pursuant to Executive Order (E.O.) 13850 for operating in the oil sector of the Venezuelan economy. PdVSA is a Venezuelan state-owned oil company and a key source of domestic income and foreign currency, including U.S. dollars and euros.
PdVSA has “long been a vehicle for corruption,” according to OFAC. Various politically-exposed persons and business people have engaged in a plethora of schemes to corruptly “embezzle billions of dollars from PdVSA,” including a currency exchange scam in 2014 that pilfered and laundered more than half a billion dollars.
By May 2015, the conspiracy, fraud and bribery scheme had allegedly doubled in amount, to $1.2 billion. OFAC is attempting to put additional pressure on the Maduro regime to give up power.
“The United States is holding accountable those responsible for Venezuela’s tragic decline, and will continue to use the full suite of its diplomatic and economic tools to support Interim President Juan Guaidó, the National Assembly, and the Venezuelan people’s efforts to restore their democracy,” said Secretary of the Treasury Steven T. Mnuchin.
“Today’s designation of PdVSA will help prevent further diverting of Venezuela’s assets by Maduro and preserve these assets for the people of Venezuela. The path to sanctions relief for PdVSA is through the expeditious transfer of control to the Interim President or a subsequent, democratically elected government,” (via OFAC).
This is a smart, precognitive move by OFAC, realizing that if regime strongman Maduro is forced out, he will likely attempt to loot as much of the state coffers as he can directly or through proxies.
But the U.S. is attempting to make any such moves that much more difficult as any U.S. or international bank with strong American ties will now be that much more attuned to anything related to PDVSA, and be more wary of large transactions with regime cronies or shell companies attempting to corruptly enrich themselves as they abscond from power.
Cryptocurrency thefts, scams hit nearly $2 billion in 2018, soars more than 400 percent: report
Cryptocurrencies stolen from exchanges and scammed from investors surged more than 400 percent in 2018 to around $1.7 billion, according to a report from U.S.-based cyber security firm CipherTrace released last week.
Of the $1.7 billion, the report, which looks at criminal activity in the digital currency market, said $950 million constituted thefts from cryptocurrency exchanges and infrastructure services such as wallets, up nearly 260 percent from $266 million in 2017. Korea and Japan were home to most of the thefts from exchanges, or 58 percent, throughout 2018.
The numbers on crypto theft surprised many observers given the price declines in digital currencies in 2018. The market capitalization with more than 1,600 digital currencies was $112 billion in January, 2019, down more than 80 percent from its peak a year earlier. In addition to those thefts, the research found that investors and exchange users lost about $725 million in cryptocurrency in 2018 to exit scams such as fraudulent initial coin offerings, phony exchange hacks, and Ponzi schemes.
In 2017, the exit scams totaled just $56 million, according to CipherTrace. In all likelihood, the bulk of the $1.7 billion in stolen and scammed cryptocurrencies has already been laundered, with illicit actors actively seeking our regions with weak anti-money laundering rules, including lax know-your-customer provisions, (via Reuters). To read the full report, click here.
U.S. AML modernization bill ‘long overdue,’ with key provisions to raise SAR, CTR thresholds, CUNA says in letter of support
The Credit Union National Association (CUNA) wrote in support of a bill Thursday that would update certain reporting thresholds contained in the Bank Secrecy Act (BSA). The bill, H.R. 388, was introduced by Rep. Barry Loudermilk (R-Ga.), and would raise reporting thresholds for institutions filing Currency Transaction Reports (CTRs) and Suspicious Activity Reports (SARs).
“The dollar amount reporting thresholds contained in the Bank Secrecy Act have not been updated since the law was first enacted in 1970,” the letter reads. “In the nearly fifty years that have since passed, the $10,000 established as a reporting threshold under the law has become the buying power equivalent of more than $66,000—according to the Consumer Pricing Index’s Inflation Calculator provided by the Bureau of Labor and Statistics.”
H.R. 388 would increase the threshold for filing a CTR to $30,000 (up from the current $10,000) and for filing a SAR to $10,000 and $3,000 (up from $5,000 and $2,000, respectively).
“CUNA appreciates the goal of this legislation to narrowly tailor when and how reports of suspicious financial activity are triggered to reduce low-value reporting while maintaining financial inclusion,” the letter reads. “While CUNA supports the objectives of laws and regulations to combat illicit financing, the current regime negatively impedes the ability of credit unions to engage in ordinary lending and consumer finance, while also serving to inundate law enforcement with informational paperwork on transactions that credit union employees know to be legitimate, but for the legal requirement to file reports,” (via CUNA).
This bill is just one of many related to updating AML rules that have cropped up in Congress and typically gotten wide, bipartisan support, only to get stuck in committee. CUNA has been joined by other powerful banking groups as well, like the American Bankers Association, Clearing House Association and others.
At the heart of these initiatives is a desire to raise the various thresholds that banks use related to filings for cash deposits and other transactions and reporting on aberrant activities, a move that would save many banks potentially millions of dollars a year in terms of financial crime compliance resources. Surprisingly, the main opposition isn’t regulators, it’s law enforcement. Who say such a move would result in them losing out on too much valuable intelligence. To read ACFCS coverage of the issue, click here.
DOJ, international partners shut down the xDedic Marketplace, a dark web site selling hacked servers, ID info
U.S. and European authorities have shut down a dark net marketplace selling the stolen and hacked credentials to servers, companies and individuals that was part of an illicit network that defrauded victims of nearly $70 million.
The U.S. Department of Justice, working with Europol and other member state authorities shut down xDedic Marketplace, a website that operated for years and was used to sell access to compromised computers worldwide and to personally identifiable information of U.S. residents. The xDedic administrators strategically maintained servers all over the world to facilitate the operation of the website.
The international operation to dismantle and seize this infrastructure is the result of close cooperation with law enforcement authorities in Belgium and Ukraine, as well as the European law enforcement agency Europol. On January 24, 2019, seizure orders were executed against the domain names of the xDedic Marketplace, effectively ceasing the website’s operation.
The xDedic Marketplace operated across a widely distributed network and utilized bitcoin in order to hide the locations of its underlying servers and the identities of its administrators, buyers, and sellers.
Buyers could search for compromised computer credentials on xDedic by desired criteria, such as price, geographic location, and operating system. Based on evidence obtained during the investigation, authorities believe the website facilitated more than $68 million in fraud.
The victims span the globe and all industries, including local, state, and federal government infrastructure, hospitals, 911 and emergency services, call centers, major metropolitan transit authorities, accounting and law firms, pension funds, and universities, (via DOJ).
While online scammers are not in short supply, this kind of case sends a message to fraudsters, hackers and digital brigands that they are not as safe as they think, puncturing networks and selling their illicit hauls to criminal groups – or monetizing the data themselves through seemingly untraceable virtual currencies.
Look for more global investigations where authorities in the U.S. and other countries seek to coordinate, cooperate and triangulate where are the hubs in the real world facilitating cyber attacks and hacks and how can these agencies put the various pieces together to see the full picture. Eastern Europe is a breeding ground for these groups, so consider this an opening salvo for the good guys, with future fusillades to come.