Russian OTC crypto swap services are faking AML policies: research

Analysts say suspicious coin swap services are trying to maintain “an aura of legitimacy” by requiring clients to agree to fake AML policies.

Russian coin swap services are posing “significant” sanctions and anti-money laundering (AML) risks as they do not rely on real AML policies, although they are trying to convince their clients otherwise, a recent research paper says.

In a blog report published on Monday, Oct. 2, Elliptic’s senior crypto threat analyst, Arda Akartuna, said that many Russian OTC services are actually copy-and-paste a standard template of AML policies instead of developing their own.

Analysts at Elliptic discovered at least eight Russian coin swap services that have “almost word-for-word” AML policies.

“Since none of these services require any KYC information to use, the inclusion of a “policy” on their website is a mere token attempt to maintain an aura of legitimacy.”

Arda Akartuna

Although Elliptic did not reveal the names of these OTC websites, the firm said many of them are offering money-laundering services on Russian cybercrime forums. Akartuna highlighted that these web services also pose high sanctions risk given that they work with many of Russia’s banks, which have been placed under sanctions.

In mid-September, analysts at Chainalysis warned that North Korean hacker groups have started “increasing their use of Russia-based exchanges” to launder crypto stolen from centralized exchanges or decentralized finance protocols.

The New York-based firm added that almost $22 million in crypto stolen from Harmony Protocol — a blockchain protocol exploited for roughly $100 million in crypto in June 2022 — was transferred to a Russia-based exchange “known for processing illicit transactions.” Although Chainalysis did not name the exchange, it said it has evidence that North Korea has been using Russian services to launder crypto for two years now.