Tracing cryptocurrency transactions has emerged as a necessity this year, as tax and law enforcement authorities have realized that this is the only way to stop money laundering and hinder the funding of criminal activities. Although it's clear that this isn't simple or easy, there are specialized entities dedicated to training agents on the best methods to follow for tracing suspicious cryptocurrency transactions and also offer tools to do it.
One of these is the Blockchain Intelligence Group (BIG), a Vancouver-based specialist and a very dynamic entity in the field. We have talked with their Director of Government and Strategic Affairs, William Callahan, who also has a professional background in dark web crime investigation for the U.S. DEA, and we discussed crypto anonymity, transaction tracing, and the common pitfalls of not being careful or knowledgeable.
Can you give us a summary of all the reasons why you have decided to join BIG?
Blockchain Intelligence Group (BIG) is a blockchain and cryptocurrency intelligence company. We believe that the future of crypto is a safe, compliant, and regulated environment. Therefore, we invest and develop products to support this vision. Our Blockchain-agnostic search and analytics engine, QLUETM, enables Law Enforcement, RegTech, Regulators, and Government Agencies to visually track, trace and monitor cryptocurrency transactions at a forensic level. It is particularly relevant in the context of the Colonial Pipeline hack and the ransomware recovered by Government agencies because we can visualize the cryptocurrency transactions and identify the single transaction from crypto to fiat.
Our second offering, BitRank Verified®, creates a risk score for cryptocurrency wallets and
transactions, enabling RegTech, banks, ATMs, exchanges, and retailers to meet traditional
regulatory/compliance requirements. I joined BIG because cryptocurrency and blockchain technology will result in greater financial opportunities for developing countries and underbanked populations. With this will also come opportunities for criminal actors, and BIG is well-positioned to work with global law enforcement and regulatory agencies to root out these actors and bring them to justice.
You are directly involved in blockchain intelligence, helping government and law enforcement agencies to track illegal money-laundering transactions. How big of a problem is this currently in terms of volume of transactions?
As Special Agent in Charge (ret.), I was responsible for the DEA St. Louis Division, covering
Missouri, Kansas, and Southern Illinois offices. My primary job was to oversee criminal and regulatory investigations regarding violations of the Drug Control Act. Additionally, during my 20-year career, I specialized in complex money-laundering investigations involving cryptocurrency and the dark web.
I joined BIG as the Director of Government and Strategic Affairs. Here, I am responsible for
developing relationships with law enforcement, regulators, and government agencies globally. It is a global problem and requires cross-border cooperation from government agencies. Due to the nature of cryptocurrency, a perpetrator sitting in one country can carry out illicit activities in any part of the world. The volume of transactions is nearly not as massive as it is in fiat, but as cryptocurrency adoption increases, this too is expected to increase.
Is it easy or always possible to flag cryptocurrency transactions as illegal, trace them, and find out who’s hiding behind them?
All Bitcoin transactions are public, traceable, and permanently recorded on the Bitcoin blockchain. Bitcoin addresses and amounts are the only information used to identify where bitcoins are allocated and where they are sent. These addresses are created privately by each user's wallets. However, once addresses are used, they become connected (“tainted”) by the history of all transactions. Anyone can see the balance and all transactions of any address.
On the other hand, privacy coins like Monero, Zcash, and Dash are difficult to track and trace because the transactions are obfuscated. Privacy coins are a class of cryptocurrencies that power private and anonymous blockchain transactions by obscuring their origin and destination. Some of the techniques used include hiding a user's real wallet balance and address and mixing multiple transactions to elude analysis. Some organizations claim that they can trace privacy coins, but they can only trace unshielded transactions, so essentially, either unsophisticated users or transactions that are broadcasted publicly.
We like to say that the blockchain never forgets. By that metric, every transaction ever recorded can be traced to a particular wallet and trade. To fulfill our mission of helping track and trace bad actors, the blockchain is undoubtedly trackable but not flawless. Even though most blockchains are public, the information they hold does not have specific identifying information such as personal identifying information (PII) or business names. Our solutions help identify the most common wallet addresses affiliated with dark markets, exchanges, mixers, and tumblers, and this aids our customers to determine the endpoints so they can track the criminals after they have traded their crypto for fiat currency. KYC at endpoints helps catch these criminals and should be enforced by Money services businesses that deal in cryptocurrency.
We also have a team of specialized investigators who use open-source intelligence (OSINT), court records, media reporting, and other data to attribute a risk score to cryptocurrency wallets and transactions.
I understand that you cannot share actual details about BIG’s technical capacity, but can you tell us about whether or not there’s something you analyze during those training sessions to the law enforcement investigators that most crypto-owners and abusers are missing or simply ignore?
Most crypto-owners ignore the need to check wallet addresses before transacting with them. A simple search on Bitrank VerifiedⓇ will alert them of their wallet score; it is like a credit score for cryptocurrency and any flags associated with the receiver’s wallet address to help them make informed decisions while trading crypto. Additionally, using QLUETM, our proprietary technology, you can see coin transfers and any flags associated with wallets related to the dark web, terrorist organizations, and ransomware addresses. All this information helps our customers, Law enforcement, and Virtual Asset Service Providers (VASPs) to determine if there is money laundering, terrorist financing, and involvement of nefarious activities associated with the addresses they are using.
I also highly recommend that before a crypto owner makes a transfer of a large amount of currency, they make a small amount, test to see if they have the rights wallet address and if the person is legitimate. I also emphasize to law enforcement and the public that law enforcement never calls, texts, or emails demanding you make a payment in crypto, wire transfer, or via gift cards, and if you don’t, you will be arrested.
If law enforcement applied more pressure towards coin exchanges on KYC requirements, wouldn’t that push users who want to retain their anonymity to buy from the dark web or use Monero?
Controlling criminal activity is like squeezing a balloon: if you put pressure on one side of the balloon, the air moves to another side. It will take a multi-pronged approach to include regulations, law enforcement, global cooperation, and education. While regulators and law enforcement put pressure on coin exchanges to be compliant with AML and KYC rules, law enforcement must also take advantage of the technology to identify illicit wallets and take action against those that exchange crypto for fiat currency without due diligence.
Right now, ransomware is a huge problem for nations, companies, and large organizations. Do you see a way to tackle it through blockchain intelligence or any other means of investigation that is within the sphere of what’s currently possible?
Yes, ransomware is a problem for governments and the private sector; that is why it is important to governments to bring the private sector along to develop a solution. First and foremost is training and a good cybersecurity defense system. With regards to cryptocurrency, entities that are attacked and a ransom is demanded in a cryptocurrency must be reported to the responsible law enforcement authority. Wallet transactions, IP addresses, and email addresses are all good data points for the investigator to exploit. Blockchain analytics will play an important part in this.
What can you tell us about BIGG's recent launch of 'Netcoins'? What is it exactly, and how does it complement the firm's portfolio?
Netcoins is a subsidiary of BIGG, and it is a Canadian cryptocurrency exchange. Netcoins
develops brokerage and exchange software to make the purchase and sale of cryptocurrency easily accessible to the mass consumer and investor with a focus on compliance and safety. Netcoins utilizes BitRank Verified® software at the heart of its platform and enables crypto transactions via retail locations globally, a self-serve crypto brokerage portal, and an Over-The-Counter (OTC) trading desk.
Until 2020, you worked as a Special Agent in Charge of the Drug Enforcement Administration in St. Louis. What can you tell us about the work of law enforcement investigators on the dark web, and what is the realistic level of penetration the DEA can have on a totally unregulated, private, and oftentimes well-hidden space?
Everyday DEA Special Agents, Task Force Officers, and Analysts, along with other federal and global law enforcement partners, are working to identify, disrupt, and dismantle drug trafficking organizations operating on the dark web. As the drug trafficker utilizes new ways to conduct business, law enforcement develops new ways to stop the flow and catch them. Will law enforcement catch everyone? Obviously not. But with support for law enforcement, good training, and tools like QLUE and drug reduction education, law enforcement will prevent deaths and other crimes associated with drug trafficking.
What would you say to people who are thinking of buying illegal drugs on the dark web or those who are already doing so?
Many of the drugs being sold on the Dark Web are being marketed as prescription drugs. They appear to have the markings of a legitimate product but counterfeit and primarily fentanyl, a deadly opioid that has caused a record number of overdose deaths in America. When I spoke to community groups, I told them a simple rule - if your doctor did not prescribe it, and your pharmacist did not fill it, do not take it, it’s counterfeit and will kill you.