Get this content in your inbox each week

(You can unsubscribe at any time).

Weekly Roundup
Your source for updates on regulatory, compliance and law enforcement developments in crypto
Treasury Department sanctions decentralized mixing service Tornado Cash

On Monday, the U.S. Treasury Department’s Office of Foreign Asset Control (OFAC), pursuant to its cyber-related authorities, sanctioned cryptocurrency mixing service Tornado Cash, which has been used by North Korean cyber criminals, such as state sponsored Lazarus Group, to support cyber activities and launder the stolen proceeds of hacks against cryptocurrency businesses.

In a series of exploits including the March 23, 2022 attack on the Ronin bridge — a blockchain project associated with the popular play-to-earn game Axie Infinity — North Korea has used Tornado Cash to move illicit funds in an attempt to obfuscate transactions. According to an announcement by Treasury, Tornado Cash “has been used to launder more than $7 billion worth of virtual currency since its creation in 2019.”

According to analysis by TRM, North Korean actors have used Tornado Cash to launder just under $1 billion of stolen funds, including in the $620 million Ronin Bridge hack in March 2022, and North Korean cyber actors used Tornado Cash in all ten of their most recent cryptocurrency heists.

Tornado Cash has helped North Korea more easily “cash out” to traditional currencies, which its government uses to fund weapons proliferation and other destabilizing activity. Since its launch, has received 3.5M ETH in deposits, worth approximately $7.6B USD. Across all tokens, it has received $8.5B in total deposits.

OFAC’s designation of Tornado Cash is a watershed moment not only for the crypto industry but also for financial sanctions overall, as it targets a widely used mixing service, potentially answering the question of whether or not mixing services writ large will be allowed to operate as long as they remain susceptible to illicit actors.

Read TRM Insights full in-depth report into Monday’s sanctions and what they mean for the crypto industry. ​Listen to TRM’s Ari Redbord break down the action on CNBC’s Crypto World here.

Panel of experts joins TRM Talks hours after OFAC sanctions Tornado Cash

On Monday, hours after the the U.S. Treasury Department’s Office of Foreign Asset Control (OFAC) sanctioned cryptocurrency mixing service Tornado Cash for its use in laundering $7 billion in illicit proceeds, a team of experts joined a special TRM Talks to break down the events of the day.

In our latest panel, we explore the events of the day. 

watch now
An OFAC best practices refresher for cryptocurrency businesses
In the wake of Monday’s sanctions against Tornado Cash, it's worth revisiting OFAC's 2021 guidance issued to cryptocurrency businesses.

The guidance focuses on best practices for crypto businesses, setting out five essential components of a compliance program:

  1. Management commitment
  2. Risk assessment
  3. Internal controls
  4. Testing and auditing
  5. Training

These best practices become more important than ever when dealing with designated entities the size of Tornado Cash.

OFAC outlines how crypto businesses should tailor their sanctions’ compliance programs to meet their own unique risk-based approach. Under the third category of internal controls, OFAC provides additional guidance on the use of blockchain intelligence and other risk mitigation measures including:

  • Transaction Monitoring and Investigation: According to OFAC, transaction monitoring and investigation software should be to identify transactions involving virtual currency wallet addresses associated with sanctioned individuals or entities located in sanctioned jurisdictions. Crypto businesses should also employ transaction monitoring and investigation tools to continually review historical information for such addresses or other identifying information to better understand their exposure to sanctions risks and identify sanctions compliance program deficiencies.
  • Geolocation Tools: OFAC makes clear that it expects the use of geolocation tools and IP address blocking tools in order to ensure that a business is not transacting with sanctioned jurisdictions.
  • Screen Relevant Data: OFAC expects that companies will screen customer and transactional data available to them against the SDN list and account for updates to user information.
  • Know-Your-Customer Procedures: OFAC expects businesses to obtain KYC information from customers during onboarding and throughout the lifecycle of the customer relationship and use this information to conduct due diligence sufficient to mitigate the customer’s potential sanctions-related risk. Heightened due diligence, including examining customer transactional history, should be implemented for higher risks customers.

Upon the release of the guidance, Senior Treasury Officials— Counselor to the Deputy Secretary Todd Conklin and OFAC Associate Director of Compliance and Enforcement Lawrence Scheinert — joined TRM Talks to break down the guidance. Check it out here.

TRM Talks Investigations, episode 1— delving into the latest trends, typologies and cases in crypto
With headlines about crypto scams and hacks as well as new designations in the crypto space dominating recent headlines, TRM launched a timely new webinar series titled TRM Talks Investigations, exploring the latest cases, trends and typologies in crypto investigations.

In its inaugural episode, Ari Redbord, TRM’s Head of Legal and Government Affairs, sat down with some of TRM’s Global Investigations Team, former FBI investigators Jennifer Vander Veer, Taylor Windemuth and Lisa Wolk; former United States Secret Service Agent Rita Martin, and threat intelligence expert Monika Laird.

Read the full summary, looking at bridges, pig butchering scams and their investigations, NFT Discord hacks and subsequent investigations, and wash trading.

Iran makes first import order using crypto to bypass US sanctions
On Tuesday, Reuters (citing the Tasnim agency) reported that Iran made its first official import order using cryptocurrency this week, in a move intended to bypass U.S. sanctions and the almost-complete embargo on Iran.

According to to the article, "The order, worth $10 million, was a first step towards allowing the country to trade through digital assets that bypass the dollar-dominated global financial system and to trade with other countries similarly limited by U.S. sanctions, such as Russia."

According to a Tweet from Iran's Ministry of Industry, Mine and Trade, "By the end of September, the use of cryptocurrencies and smart contracts will be widely used in foreign trade with target countries.

In January, the Central Bank of Iran (CBI) reached an agreement with the Ministry to allow the use of cryptocurrencies in settlements with foreign partners. The CBI, which has been sanctioned by OFAC since 2019, is also essentially building a system to allow cryptocurrencies to be used in lieu of the U.S. dollar and evade U.S. and international sanctions.

Meet TRM at upcoming events
1LoD Financial Crime Summit
September 7th
London, UK
Learn More
Blockworks DAS NYC
September 13th-14th
New York, NY
Learn More
TRM Labs provides blockchain intelligence to organizations who need to monitor, detect and investigate fraud and financial crime in crypto.

Our risk management platform is trusted by leading banks, crypto businesses and governments around the world. Together, we're building a safer financial system for billions of people.