The explosive report that banks have been laundering money for the most nefarious characters for decades, is both shocking and unsurprising, and paves the way for the rise of decentralized finance.
Peeking out from behind his food cart, Miguel Sanchez has been selling some of the best tasting burritos this side of the Hudson River for the past twenty years.
A neighborhood staple, fanatics for Sanchez’s burritos have been known to drive for hours just for a taste.
But Sanchez’s burritos are not for the squeamish.
With his hygiene standards somewhere between biohazard and non-existent, Sanchez’s customers know that they’re playing the laxative lottery with his burritos, but that flavor keeps them rolling the dice anyway.
Yet somehow Sanchez is able to give health inspectors the run, always staying one step ahead of the authorities, as his customers have made him an Instagram star.
When asked why he doesn’t just clean up his act, he shrugs and says,
“It’s easier to say sorry, than it is to ask for permission.”
Sanchez has been fined multiple times, each time pledging to clean up his act, which he does for a period, before reverting back to his old habits.
And perhaps Sanchez may have picked up those habits from some of his best customers who travel all the way from lower Manhattan to sample his wares.
Sorry It Won’t Happen Again
While it’s no big secret that banks have facilitated money laundering for decades, the sheer scale and scope of such activities as revealed by a recent report dubbed the “FinCEN files” (named after the Financial Crimes Enforcement Network) is shocking.
Released by the International Consortium of Investigative Journalists, the FinCEN files reveal that banks moved illicit funds even after receiving warnings from U.S. officials.
Despite even the bank’s own compliance officers flagging transactions as suspicious, over US$2 trillion was moved between 2011 and 2017, with the FinCEN files implicating over 90 financial institutions, including some of the world’s biggest banks.
By law, banks are required to file what’s known in the industry as “Suspicious Activity Reports” or SARs, with federal authorities, within 30 to 60 days of learning of a questionable transaction — which can, and often happens after the transactions has already been completed.
And while the reports aren’t necessarily indicative of criminal conduct or any wrongdoing, they reflect the concerns of banks’ compliance officers.
Between 2011 and 2017, over 12 million SARs were filed with the U.S. Treasury Department’s Financial Crimes Enforcement Network or FinCEN, yet somehow, trillions of dollars of illicit funds still made their way through the financial system.
And while some banks paid hefty fines for their lapses, behind the scenes, they continued to process illicit funds, all while simultaneously ramping up their SARs reporting.
After record fines levied on HSBC and Standard Chartered spooked the banks in 2012, SARs reports spiked from an average of 60,000 that year, to about 2 million annually since.
These days, banks’ compliance departments are like squirrels, easily startled by sudden movements or any transaction over certain thresholds— but it’s not for the reasons you’d think.
Please Sir, May I Report Some More?
Reporting actually helps banks to “disavow” some responsibility for illicit fund transfers— by saying that they at least raised their hands, but that regulators had done nothing more.
The strategy makes sense.
With budgets slashed, even well before the Trump administration, the U.S. Treasury Department has faced a massive manpower shortage, as have all the other three-letter agencies that police not just the American financial system, but the global one as well.
Whereas the United States used to be a global watchdog on illicit fund transfers, these days, manpower cuts at key agencies have meant that the dog does more watching than dogging.
And banks have taken advantage of the diminished capacity of regulators to, well, regulate, by inundating them with paper work, expanding their inhouse legal capabilities to literally drown government officials in bureaucracy of their own creation.
The irony is so cruel it’s not even funny.
Banks have been quick to stress that the FinCEN files show that their screening and monitoring systems are working precisely as intended.
In a statement in response to the FinCEN files, banking giant (and cryptocurrency JPM Coin issuer) JPMorgan Chase wrote,
“We report suspicious activity to the government so that law enforcement can combat financial crime.”
Basically what the banks are saying is that they’ve done their part by reporting — now it’s up to law enforcement to finish the job — but can they?
Sort of like pointing to someone drowning in the pool but not throwing to them the life preserver that’s lying on the ground next to you.
And while many are quick to point the finger at the Trump administration, as far back as 2011, during the Obama administration, successive budget cuts to FinCEN had made it not only increasingly difficult for federal authorities to police illicit fund transfers, but virtually impossible for law enforcement at the state and local level to conduct investigations.
Not many realize just how small FinCEN actually is.
The FY2019 budget for FinCEN called for 332 people and a budget of just US$115 million, while the FY2020 budget proposed an increase to 359 people and a budget of just US$124.7 million.
The size and budget of some the legal teams at the bigger banks already exceeds that amount by orders of magnitude.
And imagine a team of that size at FinCEN having to sift through 2 million SARs a year — is it any surprise then that some reports have fallen through the cracks?
More Problems Not Enough Police
With regulators already struggling to deal with typical financial transactions, the rise of decentralized finance or DeFi has just added to their headache.
DeFi allows anonymous operators to borrow, lend and trade cryptocurrencies on the blockchain, typically the Ethereum blockchain, without any of the typical disclosure requirements demanded from financial institutions.
Got some spare Ethereum you’d like to earn a handsome yield off of? Just plug it into an Ethereum-based smart contract and you could be well on your way to thousands of percent yield per annum.
Want to take out a loan? No paper work required. It’s all on the blockchain.
But just as social media was never intended to be a weapon of mass destruction — it has been used in ways that its inventors had never fully considered.
Whether it was the disruption of elections, the spread of fake news or the incitement of hate crimes, social media’s raison d’être, to bring the world together, was co-opted in ways that even its creators could not have imagined.
While social media has allowed humans from all over the world to connect, interact and share, in ways which had not hitherto been thought possible, it’s also brought forth some of the worst excesses from some of the darkest corners of society.
DeFi has the potential to do so as well.
With billions around the world unbanked, the potential of blockchain, to not just provide financial services, but to also afford people the opportunity to save and invest in the future, has the power to dramatically alter the economic fortunes for entire populations.
But it also has the potential to facilitate money laundering, bad actors, and the nefarious activities that have so far been forced to route through the legacy financial system.
At least with banks, regulators (where available) were able to identify and target systemic weaknesses and lapses, with DeFi, who will the subpoenas be sent to?
Which Ethereum addresses will be summoned before Congress?
And because not all DeFi protocols have a centralized team that can be targeted either, regulatory oversight of the nascent space may be like trying to decapitate a hydra.
Many DeFi creators remain anonymous, with a community of creators and developers supporting the protocol of their choice, in a decentralized, autonomous and sometimes anonymous manner.
And for all the good intentions behind DeFi, the lack of centralized accountability means that if you can’t pin it on someone, you can’t pin it on anyone.
DeFi’s rise has also dovetailed with the increased popularity and usage of dollar-based stablecoins, adding to the challenge faced by regulators trying to stem the illicit crossborder flow of funds.
In August, the U.S. Department of Justice announced that it had frozen the cryptocurrency accounts of three terrorist organizations, one of which included Al-Qaeda, responsible for the 9/11 attacks in the U.S.
In a statement regarding the seizure, U.S. Attorney General William Barr said at the time,
“It should not surprise anyone that our enemies use modern technology, social media platforms and cryptocurrency to facilitate their evil and violent agendas.”
DeFi will just make Barr and his colleague’s jobs even harder.
The intergovernmental Financial Action Task Force (FATF), which is tasked with formulating policies to combat money laundering, is particularly concerned with the rising use of stablecoins.
Since their value is backed by assets such as the dollar, the FATF is concerned that that these stablecoins could be used in illicit crossborder transactions.
In the first three quarters of 2020, the amount of transacted Tether, a dollar-backed stablecoin, hit US$40 billion, more than the transactions carried out in the Thai baht or Indonesian rupiah.
And while rules to regulate cryptocurrencies are decided by individual countries, in 2019, the FATF recommended harmonizing those rules to make the flow of cryptocurrencies more transparent.
The problem of course is that DeFi is permissionless — being decentralized, anyone can come and go, deposit, withdraw, trade or borrow as they please and no one would be the wiser.
As banks come under increased scrutiny and pressure after the release of the FinCEN files, the rise of DeFi will provide an opportunity for nefarious actors to utilize rapidly evolving technology to carry on their activities, this time beyond the banking system and out of the reach of regulators.
At least with banks, they said “sorry,” but when your counterparty is a string of letters and numbers, who do you even demand an apology from?