Anti-Money Laundering (AML) , Blockchain & Cryptocurrency , Business Continuity Management / Disaster Recovery

US Officials Push Collaboration, AML Controls for Crypto

Treasury, NSC Leaders Look to Curb Russian Sanctions Evasion
US Officials Push Collaboration, AML Controls for Crypto
The Russian ruble in an image courtesy of Paolinio via Pixabay

High-ranking U.S. officials say that while it would be nearly impossible for Russia to "flip the switch" and convert to cryptocurrency to stabilize its sanctioned economy, they caution that Russian elites and entities may yet try to skirt the measures by transferring and obfuscating funds across the blockchain.

See Also: Splunk Named a 10-Time Leader in Gartner® Magic Quadrant™ for SIEM

In an event hosted by the blockchain analytics firm TRM Labs on Friday, Todd Conklin, counselor to the deputy secretary of the U.S. Treasury Department, and Carole House, director of cybersecurity and secure digital innovation for the White House National Security Council, outlined the unprecedented federal activity over the past week that has hobbled Moscow and aims to choke Russia's economy as it continues its military campaign in Ukraine.

The experts discussed the growing threat of eventual cyber escalation in the conflict, with the sanctioned Russian President Vladimir Putin potentially lashing out at the U.S. or its Western allies by infiltrating critical infrastructure or government agencies. To allow Russia to make such maneuvers, and as its currency - the ruble - falters, foreign policy experts have suggested the Russians may resort to bulk cryptocurrency transactions.

This aligns with previous reports of North Korea allegedly using ill-gotten crypto gains to fund its ballistic missile program, or Iran reportedly mining bitcoin to skirt sanctions and infuse its economy with hundreds of millions of dollars in cash (see: US Senators Express Concern Over Russian Use of Crypto).

'Can't Flip a Switch'

Treasury's Conklin, however, said that to make such a pivot work, Russia would have been forced to build up related infrastructure years ago.

"Russia is a G20, fiat-based economy, and now the ruble is at a record low," Conklin told TRM Labs' moderator, Ari Redbord, the firm's head of legal and government affairs and a current ISMG contributor. "Russia has not focused on building the rails needed to support crypto or DeFi [decentralized finance] innovation. In fact, they've shown signs of being reticent to move in that direction over the last two years, while they've built up their own internal reserves. So point being, you can't flip a switch overnight and run a G20 economy on cryptocurrency."

He added: "So for the Central Bank of Russia to use crypto assets in this way, it would've had to develop a large stock of crypto assets or the ability to use its reserves to buy crypto assets. And we did not see an uptick that one would expect in the crypto market in the lead-up to the sanctions actions last week."

Conklin said the department tracked an uptick in the markets this week, although it was timed with the Russian government banning foreign currency conversion. And Russian citizens were likely looking for an alternative to the ruble, he said.

AML Controls

The National Security Council's House told Redbord, himself a former senior adviser to the deputy secretary of the Treasury Department, that Russia's actions were, plainly put, an "egregious violation of international law." As such, holding bad actors accountable, she said, "requires a really coordinated and comprehensive approach."

So far, according to House, the Biden administration has had international buy-in - sanctioning Russian financial institutions, implementing stringent export controls on crucial technologies, zeroing in on Russian oligarchs, partially excluding Russian institutions from the SWIFT international bank messaging system, and targeting Russian oil refining.

She praised the administration's partnership with countries such as Australia, Canada, Japan, the U.K. and other EU member states, which have taken similar actions.

But a top concern for the National Security Council, House said, remains ensuring that proper anti-money laundering controls exist across the crypto community, thus guaranteeing the efficacy of recent designations.

Speaking largely to TRM's crypto client base, House said: "The greatest vulnerability in the cryptocurrency ecosystem right now is the absence of sufficient implementation of AML controls internationally, usually due to the absence of sufficient AML regulatory and enforcement regimes."

'TRM Talks' event held on March 4, 2022, with Treasury and NSC officials (Source: TRM Labs)

Kremlin's Financial Tactics?

According to Conklin, the Treasury Department has for a decade targeted the assets of Russian elites - dating back to the country's first invasion of Crimea in 2014.

"So we do know a little bit about how this regime likes to evade sanctions and move money, and we have a significant toolkit at our disposal now to tackle that," he said. "The regime does like to layer its assets and move money. They have a long and extensive playbook to launder money, and at the center of their playbook is their web of international corporate registration and the use of foreign companies and foreign persons. They're also really adept at conversion to other assets, including gold and foreign currencies."

And so, asked whether crypto will be a part of its workaround, Conklin said: "Certainly, there's going to be an element. That's part of the playbook, but it frankly isn't at the top of their list."

He also referenced Treasury's sanctioning of the Russian crypto exchange Suex in September 2021 as an example of "how sanctions can work in the crypto ecosystem" (see: US Treasury Blacklists Russia-Based Crypto Exchange).

Calling the Moscow platform a "criminal exchange," Conklin said Treasury's actions immediately hit its liquidity rates. In fact, he said, in the year and a half leading up to the sanctions designation, Suex moved $1.6 billion in assets. The month it was designated by Treasury's Office of Foreign Assets Control, it moved $13,000, and "now they don't move anything."

Heightened Cyber Alert

Both federal officials on Friday also discussed general fears that a hobbled Moscow could activate its hackers to inflict damage on the West. Such moves, officials have warned in recent days, including the targeting of critical infrastructure, could potentially trigger Article 5 obligations under NATO's member treaty, thus dramatically escalating the conflict.

"From SolarWinds in late 2020 and Log4j over the holidays, the [cybersecurity] sector has really been in a state of heightened demand for some time now, and I do worry about burnout, not only for Treasury's own security operations center staffing, but the whole sector," said Conklin. "We've just gone through a lot of significant vulnerabilities over the last year and a half, and now we're facing this particular challenge."

He said Treasury's role leading the sanctions effort also makes the department, or the U.S. financial sector, a target for cyberattacks. To counteract that, he said Treasury has increased the pacing of its intelligence sharing and remains "in complete lockstep" with the Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency, the FBI and the Secret Service.

NSC's House added: "For the [crypto] sector, which I know has faced challenges with cybersecurity over many years, there's a lot of resources out there. [I] definitely encourage [exploring them] and looking at places where best practices [are outlined], including the executive order [that President Biden] issued last summer that listed a lot of key actions that agencies are taking to prevent significant cyberattacks, [which can apply] to your institutions and exchanges."

She told the community, "You guys are on the front lines of this activity. … These actors are looking for places that are easy to exploit in order to facilitate movement, and you are the people that are best positioned to detect and then report this activity."

About the Author

Dan Gunderman

Dan Gunderman

Former News Desk Staff Writer

As staff writer on the news desk at Information Security Media Group, Gunderman covered governmental/geopolitical cybersecurity updates from across the globe. Previously, he was the editor of Cyber Security Hub, or, covering enterprise security news and strategy for CISOs, CIOs and top decision-makers. He also formerly was a reporter for the New York Daily News, where he covered breaking news, politics, technology and more. Gunderman has also written and edited for such news publications as, and

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.