The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned the cryptocurrency mixer service Blender.io, on account of it being used in a heist backed by the Democratic People’s Republic of Korea (DPRK) to fund the country’s nuclear weapons and missile programs. It marks the first time a virtual currency mixer has been sanctioned by the United States.
The announcement comes as part of a larger US effort to suppress North Korea’s practice of using hackers to steal money for the state. Pursuant to Executive Order 13694, which was signed into law on April 1 2015 with an intention of limiting the proliferation of malicious cyber activities, Blender.io has been found to have “materially assisted… a cyber-enabled activity originating from… outside the United States… and [having] the purpose or effect of causing a significant misappropriation of funds or economic resources.”
Considered to be the largest virtual currency heist to date, in March 2022 a DPRK state-sponsored cyber hacking group, known as the Lazarus Group, stole $620 million from the online game Axie Infinity. Over $20.5 million of the stolen funds are purported to have been handled by Blender.io.
Further, OFAC claims to have evidence that Blender.io facilitated money laundering activities for other malicious actors, including Russian-aligned ransomware groups, Trickbot and Sodinokibi.
North Korea exploiting DNFBPs to evade sanctions
North Korea has also exploited designated non-financial businesses and professions (DNFBPs) to evade global sanctions. Limited resources in DNFBP compliance teams, alongside insufficient controls, have converged to create opportunities North Korea is able to exploit.
In a report on North Korea sanctions evasion and proliferation financing, the Royal United Services Institute (RUSI) says gaps in guidance available for this sector need to be urgently addressed. Among other recommendations, the report suggests equipping certain sectors with better knowledge of the types of precious materials being valued and sourced by North Korea, defining luxury goods in domestic legislation, and extending the definition of DNFBPs to the high-value goods dealers (HVGD) sector.
Blockchain analysis for mixing services
While mixer services are not illegal, analysts say they have become a vital tool for cybercriminals looking to obfuscate the trail of illicit funds. In an attempt to better comply with government financial regulations, one of the largest Ethereum mixing services, Tornado Cash, announced in April that it had hired Chainalysis for its blockchain transaction analysis software. Tornado Cash stated, “Maintaining financial privacy is essential to preserving our freedom, however, it should not come at the cost of non-compliance.”
Concerns about sanctions evasion are increasingly focused on the crypto sphere. As a result, mixing services should consider implementing blockchain analysis technology into their anti-money laundering and counter-terrorism financing (AML/CTF) programs, enabling them to assess risk and identify illicit activity proactively.
Compliance teams should ensure they are implementing these new sanctions from OFAC and adjust their AML/CTF controls accordingly, keeping in mind that cryptocurrency mixing is a growing area of high-risk activity.
While Blender.io is the first crypto mixing service to be sanctioned, it is not expected to be the last. Similar to the increasing number of crypto wallets being sanctioned – with over 100 bitcoin wallets added to OFAC’s list in April 2022 in addition to the sanctioned Lazurus Group Wallet referenced in the OFAC mixer notice – as long as mixing services pose a high money laundering risk, further mixer sanctions can be expected.
Originally published May 13, 2022, updated May 13, 2022
Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.
Copyright © 2022 IVXS UK Limited (trading as ComplyAdvantage).