Illicit Activity and Software Solutions: Identifying Illegal Activity with Software Solutions

Posted in Crypto Asset Compliance on February 16, 2024
Illicit Activity And Software Solutions

Illicit activity and software solutions. The mechanics that software solutions, tools, and systems use to identify illicit activity in cryptocurrency transactions is not only fascinating to learn. It is also helpful from a day-to-day anti-financial crime perspective because it teaches where and how criminals can be caught even if they think that they might not be vulnerable.

Illicit Activity And Software Solutions

Illicit Activity and Software Solutions

The first step in how software solutions may identify illicit activity is by collecting vast amounts of data.

Therefore, this can be referred to as data collection. The data collection depends on the underlying transparency of the cryptocurrency blockchains, considering that these are essentially the ledgers that record information about individual transactions.

Important to note is that the blockchains are public for many cryptocurrencies, including Bitcoin, so they are fully available and open to be viewed by anyone who wants to view them. With these cryptocurrency blockchains, you can get a complete picture of all transactions that have ever taken place in a particular cryptocurrency ecosystem. By these means, the individual cryptocurrency blockchains are wealthy sources of information regarding understanding the illicit activity.

The second step is called data processing.

Here, some cryptocurrency transactions monitoring software takes all this information from blockchains and turns it into digestible information with two major components.

  • The first component of data processing is attributing identities to blockchain identities, which means understanding which of those alphanumeric addresses belongs to who.
  • The second component of data processing is understanding the relationships between those addresses and their transactions. When it comes to the attribution of those addresses, there are several ways to undertake that. These include various forms of data collection and analysis, web scraping, and teams of data analysts who spend their time scouring the internet like the dark web to understand who is using Bitcoin or other crypto assets. Similarly, they can look at things like Ransomware attacks. When criminals post a Bitcoin address they want to receive, it becomes a very obvious clue that this is an address being used by illicit actors. This address can then be mapped against other addresses in the dataset to understand if these actors are also using other addresses. It can be done in real-time and as new crimes are being committed. 

Now with regards to cryptocurrency exchanges, it is indeed possible to collect information about exchanges that are involved in scams and frauds. Other information is also available about legitimate exchanges that are major players in the ecosystem. Once you’ve gone through that incredibly rigorous process of collecting data about who’s using which crypto asset addresses, you start to get a more coherent picture of what’s happening.

This information helps define clusters comprised of previously pseudonymous numbers and random wallet addresses that didn’t make much sense. Clusters are groups of addresses known to be controlled by the same entity. Clusters can involve anywhere from just a few addresses to potentially tens of thousands, hundreds of thousands, or even millions of wallets. After that, it brings us to the mechanics of how software solutions make sense of these millions of wallets engaging with one another.

Illicit Activity And Software Solutions

The third step is applying data analytics to the collected and pre-processed data.

The software solutions would commonly apply advanced heuristics to understand the relationship between those millions of wallet addresses. Once the software, based on algorithms, understands those relationships and can attribute identities to those addresses, you can get a clearer picture of where regulated exchanges sit behind one group of wallets and where unregulated exchanges sit behind another group of wallets. In the next consecutive step, sanctioned entities, scammers, or dark web marketplaces can be associated with other groups of addresses.

If you now consider that the data is recorded live on the blockchain, you can see who’s transacting with whom effectively and in real-time. This level of traceability isn’t possible for almost all the other forms of payment and transactions because this isn’t real-time and is across the boundaries of one organization. Subsequently, these cryptocurrency tools can conduct very powerful analyses of illicit activity in real-time. 

Lastly, as a financial crime professional, you want to use all the data collection, processing, and analytics.

As the funds go through the different cryptocurrency ecosystems, they might arrive at a regulated exchange or an organization that collects KYC information. It then becomes possible to make connections between the real identities of individuals and the actual scammers.

Harnessing all this information, the financial crime prevention or compliance analyst can start to come to really powerful understandings of who’s transacting with whom, who the illicit actors are, and where their funds are going. Once this human analytical kind of work is done, you start to build your risk-based solutions around regulated exchanges and businesses and ensure you and your customers are not engaging with unregulated exchanges or organizations.

Final Thoughts

Surprisingly, many of the digital currencies studied by Elliptic and the Center on Sanctions and Illicit Finance could be traced back to the perpetrators. It was discovered, for example, that 95% of all laundered coins tracked came from nine dark-web marketplaces, including Silk Road, Silk Road 2.0, Agora, and AlphaBay.

Companies focused on combating cryptocurrency-related crimes can identify accounts that appear to belong to the same Bitcoin wallet and are controlled by the same entity by closely examining blockchain activity.