Financial Crime World

Laundering and Terrorist Financing Threat Looms Over Digital Ledger Technology Providers

Vulnerability Highlighted in Recent Report

A recent report has brought to light the vulnerability of Digital Ledger Technology (DLT) providers to money laundering and terrorist financing threats. To mitigate these risks, the Gibraltar Financial Services Commission (GFSC) has implemented a regulatory framework for DLT providers.

Compliance with Regulatory Framework

The GFSC’s regulatory framework requires DLT providers to have adequate systems in place to prevent, detect, and disclose financial crime risks such as money laundering and terrorist financing. This includes compliance with the Proceeds of Crime Act 2005 (POCA), which transposes the 4th money laundering EU Directive and international standards set by the Financial Action Task Force (FATF).

Key Concern: Virtual Currencies

One of the key concerns is the use of virtual currencies (VCs) through prepaid credit card operators. VCs can be used to access fiat currency through credit cards, making it easier for criminals to launder money. However, the report notes that the level of capability is lower due to the high technology required.

Regulatory Principles

The GFSC has implemented a supervisory framework based on nine regulatory principles, including:

  • Principle 8: AML/ CFT measures: Requires providers to have systems in place to prevent, detect, and disclose financial crime risks such as money laundering and terrorist financing.
  • Customer Due Diligence (CDD): Reduces the vulnerability caused by VCs being accessible through credit cards.

Recommendations

To mitigate the risk of money laundering and terrorist financing, DLT providers must:

Key Findings

  • DLT providers must comply with the Proceeds of Crime Act 2005 (POCA) and international standards set by FATF.
  • Virtual currencies can be used to access fiat currency through credit cards, making it easier for criminals to launder money.
  • Prepaid card providers have well-established systems for data retrieval and are fully compliant with Law Enforcement Agency (LEA) data requests, reducing the vulnerability caused by VCs being accessible through credit cards.

Conclusion

DLT providers must take adequate measures to prevent money laundering and terrorist financing threats. The GFSC’s regulatory framework provides a strong foundation for mitigating these risks, but providers must also ensure they comply with international standards and regulations.