Virtual Asset Mining: Typologies, Risks and Responses

Download the Emerging Insights

The rise in digital assets’ popularity over the last decade has attracted its fair share of illicit actors. Prized for their ease of use and perceived relative anonymity, digital assets such as Bitcoin have become targets for sanctions evaders, criminal enterprises, narcotraffickers and terrorist networks. North Korea, for example, has stolen billions of dollars’ worth of cryptocurrency in the past five years, in part to fund its WMD programme. Consequently, regulatory, monitoring and enforcement agencies have had to set their sights on addressing the often overlooked space between traditional finance and cryptocurrency. Despite modest progress addressing key vulnerabilities that cryptocurrency creates for global finance, the dynamic and rapidly changing nature of digital assets requires new thought about risk and sources of risk.

One increasingly difficult problem for regulatory and monitoring authorities is how to address and mitigate risks associated with cryptocurrency mining (the processes used to verify transactions). Unlike traditional cryptocurrency exchanges, mining typically falls outside the scope of anti-money-laundering (AML) regulatory authorities and can provide illicit actors with a stream of nearly anonymous – and possibly unlimited – revenue. Unfortunately, discussions on how to best mitigate these risks is largely absent from broader policy discussions on regulating and monitoring digital assets.

This paper, intended for policymakers and those with compliance obligations, seeks to broaden the discussions of risk around cryptocurrency by providing a typology of risks related to cryptocurrency mining. The objective is not to provide an all-encompassing snapshot of cryptocurrency mining activities, but to offer a general framework for policymakers to consider and mitigate a range of risks that may not be immediately apparent. The paper also places the described typologies within the context of recent or emerging regulatory and enforcement actions, to highlight gaps and challenges.

The paper concludes with a series of recommendations aimed at mitigating risks and addressing regulatory and monitoring shortfalls in relation to cryptocurrency mining, consistent with global AML standards. These include, for example, modifying registration requirements for commercial and remote mining enterprises so that they fall under the purview of regulatory frameworks, despite outstanding questions over custody of cryptocurrency.

It is abundantly clear that illicit actors have focused in on the usefulness of cryptocurrency, and it is quite likely that cryptocurrency will feature in financial crime for decades to come. Given the uniqueness, novelty and rapidly evolving nature of the digital assets industry, however, it is critically important that policymakers continue to think outside the box, re-examine previously held assumptions about the nature of risks associated with cryptocurrency – including mining – and continuously adapt regulatory and monitoring frameworks in response to emerging risks.