A new association of solicitors and
barristers (aka lawyers) has opened shop in Hong Kong and Singapore to help the
crypto industry work out sensible regulations, protections, and law-enforcement
mechanisms.
The Crypto Fraud and Asset Recovery Network (CFAAR) was first established in London in 2021. Its expansion was delayed due to Covid-related hassles, but it is now active in Asia as well as New York.
“We deal with fraud and asset recovery in traditional finance,” said Jonathan Crompton, a partner at RPC and one of the Hong Kong chapter’s members. “We want to discuss this and promote best practices within the crypto industry.”
How much fraud?
The group is targeting major financial
centers because they are also the primary conduits of illicit funds.
Hong Kong has more than its share. Its
position as a gateway in and out of China has made it a traditional conduit of
fraudulently reported funds, plus it has a vibrant retail investor market – and
therefore a lot of people easy to scam.
The CFAAR lawyers are hesitant to suggest crypto has increased the volumes of fraud, however. “It’s shifted with the technology, but I don’t think the tech is necessarily a multiplier of fraud,” said Calvin Koo, a disputes and investigations lawyer at Kobre & Kim.
The lawyers can’t say for certain because
it’s difficult to quantify losses in their business. Not every victim reports
being defrauded, and law enforcement agencies don’t discuss it. That’s true for
TradFi too, but crypto brings extra uncertainty because asset valuations are
volatile, there is a great deal of wash trading, and there are even fewer
standards for reporting.
For crypto, they use Chainalysis and other industry
data sources – which suggest crypot-related hacks have risen, from an annual
figure of $1.2 billion reported in June 2021, to $1.9 billion as of June 2022.
Those figures do not include bitcoin or other crypto being used in ransomware attacks.
Adult conversations
The CFAAR legal eagles say their group has three priorities.
First is to launch a dialogue with regulators, law enforcement, and the crypto industry. “We want to have an adult conversation to make this work, and build mutual trust,” Crompton said.
For a variety of reasons it is in the industry’s best interest to do so, added Koo: “Gone are the days when crypto exchanges could act with impunity because regulators didn’t know what to do.”
Secondly, CFAAR wants to educate businesses and retail investors about what to do if they suffer a crypto-related fraud. This includes notifying the police, and the FBI should there be a US connection.
Thirdly, the group wants to work with the industry to respond to new regulation and oversight. In the case of Hong Kong, this is an impending amendment to anti-money laws that will change its “Virtual Asset Service Provider” regime – likely to include extending VASP regulation to include retail investors.
Transparency and traceability
One of the conundrums of crypto is to determine
just how transparent it is – and therefore how easy or hard it is to trace stolen
assets. The blockchain is transparent in that any address reveals its tokens.
But matching an address – a hash – to a
company or person can be difficult. There are mixers, services that create complex
trades to obfuscate a coin’s provenance. And the relative lack of arrests suggests
that the resources required for law enforcement to seize those assets or arrest
criminals are too high for most cases.
“The techniques are the same in traditional finance,” Crompton said. “We use the same fraud-asset recovery techniques and legal processes. It’s time consuming, we’re always working to catch up. With crypto, if you use the right software, you can follow the flows almost in real time.”
The goal is to identify a centralized exchange or other third party. If the assets are still there, lawyers can obtain a court injunction where that exchange is domiciled. A court can order the exchange to disclose the wallet owner.
CEX versus DEX
As more centralized exchanges get
regulatory licenses and adhere to know-your-customer rules, it is becoming
easier to obtain this information, says Koo. A growing body of court cases
involving crypto fraud is also creating precedents, particularly in common-law
countries.
This brings clarity about how to define
crypto. For example, consensus is building that says crypto is property. This development
may not please some people in the space who want to think of it as money, but
at least this gives courts a better idea of how to proceed with fraud cases.
Decentralized exchanges may be another story: they don’t come with a jurisdiction. “The added complexities with DeFi make it harder to trace funds for regulators, and therefore for lawyers and victims,” Koo said. “DeFi is a challenge.”
But regulators are taking a closer look at the
decentralized world, and the Financial Action Taskforce (a group of
international regulators focused on preventing money laundering) is keen to
develop global standards.
CFAAR wants to find the balance between responsible enforcement and a regulatory environment that remains pro-innovation. Blockchain’s immutability and real-time processing brings advantages that TradFi lacks. AML efforts in TradFi are woeful, with banks able to identify very few illicit funds in their systems.
It would be ironic but also very positive
if the crypto community, by working proactively with regulators and law enforcement,
created standards that the traditional world could then embrace.
