Huge Shift in Crypto Firms' Compliance Mindset, Says Elliptic Co-Founder
The US government and global regulatory efforts have had a profound impact on the cryptocurrency industry's compliance mindset over the past few years, according to James Smith, co-founder of Elliptic, a leading crypto compliance firm established in 2013.
In an interview with Cointelegraph at the Token2049 event, Smith noted that the early days of cryptocurrency were marked by a lack of serious attention to compliance. "In the early days, only a few companies approached compliance in a serious way," he said. "Coinbase was our first customer - they knew from the start that they wanted to build their business that way. But for most others, it just wasn't a major priority."
However, this began to shift as regulators, including those in New York State, took a more active interest in the crypto industry. The involvement of traditional financial institutions like Fidelity and DBS Bank also contributed, as they entered the space with established compliance expectations from traditional finance services.
The Rise of Regulatory Compliance
Fidelity, for instance, offered its first crypto service for customers in 2019, while the Asian giant DBS created a digital exchange for accredited and institutional investors in 2020. "We've seen a big change in the last couple of years," Smith said. "Exchanges on the global map all care about compliance now, because they want to be part of a global ecosystem."
The focus on regulatory compliance has become even more pressing due to the rise of decentralized finance (DeFi) and peer-to-peer protocols as key compliance targets for authorities. These firms are seen as critical choke points where Anti-Money Laundering (AML) and broader financial surveillance controls take effect.
The Lazarus Group's Tactics
At the same time, these firms are frequent candidates for sophisticated hacks and laundering operations, as seen in the tactics of the Lazarus Group. The latest example comes from the Bybit hack, where the Lazarus Group engaged in a sophisticated money laundering scheme to funnel funds.
Money Laundering Scheme
The hackers quickly swapped low-liquidity tokens for Ether (ETH), then swapped them for Bitcoin (BTC) using no-KYC (Know Your Customer) decentralized exchanges. "They went through some no KYC exchanges, which probably shouldn't exist, but also through a decentralized protocol where there was lots of liquidity provision that enabled them to get it into Bitcoin," Smith said.
Smith also noted that even after firms flagged the funds as stolen, users continued to trade them through decentralized platforms. "Why was there so much liquidity available to help launder this money?" he asked, arguing that those providing liquidity to such protocols should be subject to basic checks on the source and destination of funds.
Improving Compliance
"Go and look at who's making money," Smith said. "And that's the first place to start putting some controls." The industry must recognize that compliance is not just a matter of adhering to regulations, but also of preventing sophisticated hacks and laundering operations.
By prioritizing compliance and implementing effective AML controls, the crypto industry can attract institutions and build trust with regulators. As Smith put it, "We're making it too easy for them as an industry." It's time for the crypto community to take responsibility for its own compliance and create a safer, more secure ecosystem for all users.