FinCEN - the U.S. Department of the Treasury's Financial Crimes Enforcement Network - has issued an order that identifies the virtual currency exchange Bitzlato Limited (Bitzlato) as a "primary money laundering concern" in connection with Russian illicit finance.
Bitzlato is a virtual currency exchange that offers exchange and Peer-to-Peer (P2P) services. Bitzlato maintains significant connected to Russia and facilitates deposits and funds transfers by Russia-affiliated ransomware groups or affiliates, and transactions with Russia-connected darknet markets, according to FinCEN's order. FinCEN claims that its investigation found that Bitzlato facilitated deposits, funds transfers, and transactions involving Conti, the Russia-connected darknet market Hydra, and other sanctioned entities.
FinCEN claims that Bitzlato continued to facilitate transactions for growing Russia-connected darknet markets, including BlackSprut, OMG!OMG!, and Mega, even after Hydra was closed in April 2022.
FinCEN Acting Director Himamauli Das said, "Bitzlato poses a global threat by allowing Russian cybercriminals and ransomware actors to launder the proceeds of their theft. As criminals and criminal facilitators evolve, so too does our ability to disrupt these networks. We will continue to leverage the full range of our authorities to prohibit these institutions from gaining access to the U.S. financial system and using it to support Russian illicit finance."
FinCEN's order is the first issued by FinCEN pursuant to section 9714(a) of the Combating Russian Money Laundering Act. The action demonstrates FinCEN's commitment to combatting money laundering with an emphasis on illicit funds transfers out of Russian. The order prohibits funds transfers involving Bitzlato by any covered financial institution regulated by FinCEN.
FinCEN claims that Bitzlato did not take meaningful steps to identify and disrupt illicit use and abuse of its services. FinCEN stated that Bitzlato's continued facilitation of Russia-connected darknet markets, even after public action targeting darknet markets, evidenced its ongoing engagement with illicit actors and lack of adequate controls. As described in the order, effective February 1, 2023, covered financial institutions are prohibited from engaging in a transmittal of funds from or to Bitzlato, or from or to any account or CVC address administered by or on behalf of Bitzlato.
Today's action aims to enhance U.S. national security and the integrity of the U.S. financial system through increased transparency and facilitates the detection of illicit financial activity involving digital assets, including CVC. This action is an example of Treasury using its available tools to target Russian illicit financial activity and counter the ransomware threat. Russia is a haven for cybercriminals, where the government often enlists cybercriminals for its own malicious purposes. The majority of ransomware incidents reported to FinCEN in the second half of 2021 were conducted by Russia-related ransomware variants, indicating that Bitzlato is part of a larger ecosystem of Russian cybercriminals that are allowed to operate with impunity in Russia.
About The Author
Jonathan Wilson is the co-founder of FinCEN Report Company with 31 years of experience in corporate, M&A and securities matters. He is the author of The Corporate Transparency Act Compliance Guide (to be published by Lexis Nexis in the summer of 2023) and the Lexis Practical Guidance Practice Note on the Corporate Transparency Act.