DOJ and FinCEN Take Coordinated Action Against Bitzlato Cryptocurrency Exchange and Its Owner

On January 18, 2023, federal authorities in Miami arrested Anatoly Legkdymov, founder and majority owner of Bitzlato Ltd, a peer-to-peer, global cryptocurrency exchange registered in Hong Kong. Bitzlato had processed approximately $4.58 billion worth of cryptocurrency transactions since May 3, 2018.[1] Legkdymov was charged by a complaint in the Eastern District of New York (“EDNY”) with knowingly conducting a money transmitting business that transmitted illicit funds for ransomware actors in Russia and failing to implement an effective anti-money-laundering (“AML”) program. On the same day, the U.S. Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) issued an order pursuant to Section 9714(a) of the Combating Russian Money Laundering Act[2]—the first one of its kind—identifying Bitzlato as a “primary money laundering concern” and prohibiting U.S. financial institutions from transacting with Bitzlato, effective on February 1, 2023 (the “Bitzlato Order”).[3] Concurrently, law enforcement authorities in Europe shut down Bitzlato’s digital platform, hosted on servers in France, seized $19.5 million of its cryptocurrency assets and arrested four more Bitzlato executives in Cyprus and Spain.[4]

In announcing the charges, the Deputy Attorney General stated: “Today’s actions send the clear message: whether you break our laws from China or Europe—or abuse our financial system from a tropical island [apparently a reference to recent prosecutions of FTX executives]—you can expect to answer for your crimes inside a United States courtroom.”[5] 

The coordinated actions against Bitzlato reflect heightened scrutiny by the U.S. government of cryptocurrency exchanges and related businesses. Most notably, FinCEN’s first use of the new authority granted to it in Section 9714(a) shows that the government will take an aggressive stance against cryptocurrency exchanges and related institutions that facilitate money laundering and other financial crimes. FinCEN’s use of this authority against Bitzlato follows in the footsteps of OFAC’s sanctioning of Chattex, Suex, Hydra, Tornado Cash, and Grantex for facilitating illicit activity. As a result, cryptocurrency exchanges and other companies operating in the virtual asset space should review and, where needed, strengthen their AML policies and procedures—and ensure that controls are in place to prohibit transactions with prohibited entities—as enforcement agencies increasingly focus on money laundering issues related to cryptocurrency.

The Bitzlato Enforcement Actions

The Criminal Complaint

The EDNY complaint charges Legkdymov with violating Title 18, United States Code, Section 1960, which imposes criminal penalties on anyone who “knowingly conducts, controls, manages, supervises, directs, or owns all or part of an unlicensed money transmitting business.” A cryptocurrency exchange has been deemed to be a type of “money transmitting business.”[6] An “unlicensed money transmitting business” refers to a money transmitting business that, among other things, fails to comply with the FinCEN registration requirements under Tile 31, United States Code, Section 5330, and the regulations prescribed thereunder; or involves the transmission of funds known to be illicit.[7] The complaint alleges that Bitzlato violated both prohibitions.

According to the complaint, as a money transmitting business, Bitzlato was required to register with FinCEN and comply with certain requirements under the Bank Secrecy Act, including filing reports of suspicious transactions and implementing an effective AML program.[8] The complaint notes that Bitzlato had a significant U.S. user base.[9] In fact, the U.S. ranks fourth among the most common source of internet traffic for Bitzlato, with 264 million visits from U.S.-based IP addresses in July 2022.[10] Moreover, Bitzlato used U.S. vendors for core aspects of its service, including its corporate email, customer serviced platform, and cybersecurity vendor.[11] Until his arrest, Legkdymov also managed the business from his residence in Florida.[12] The complaint alleges that Bitzlato failed to establish an effective AML program; indeed, according to the complaint, Bitzlato’s whole value proposition was based on its lack of compliance with KYC obligations. For example, Bitzlato’s website advertised for years that it offered “Simple Registration without KYC. Neither selfies nor passports required. Only your email needed.”[13]

The complaint alleges that the lack of an effective AML program at Bitzlato facilitated its use by criminals to launder the proceeds of crime. The complaint highlights Bitzlato’s reciprocal relationship with Hydra Marketplace (“Hydra”), which was the largest darknet market place in the world before it was shut down by U.S. and German law enforcement in April 2022. Hydra facilitated the sale of illegal drugs, stolen financial information, fraudulent identification documents, and money laundering services such as cryptocurrency mixing. The complaint alleges that, between May 2018 and April 2022, more than $703 million in cryptocurrency were transmitted between Hydra and Bitzlato accounts, and that accounts at Bitzlato received more than $15 million in cryptocurrency proceeds from ransomware attacks.[14]

Finally, the complaint alleged that Legkdymov and other senior Bitzlato executives were well aware of the illicit exchanges taking place on Bitzlato. For example, Legkdymov himself wrote to a fellow colleague that: “All traders are known to be crooks . . You do realize that they all (I think 90%) do not trade on their [identity] cards.”[15] Bitzlato’s Marketing Director, when comparing Bitzlato with competitor sites, wrote “No KYC” as one of the “positives” of the site.[16]

The FinCEN Order

On January 18, 2023, FinCEN issued an order identifying Bitzlato as a “primary money laundering concern” under Section 9714(a) of the Combating Russian Money Laundering Act, and prohibiting U.S. financial institutions from engaging in funds transmittals to or from Bitzlato accounts (the “Bitzlato Order”).[17] The Bitzlato Order is the first order that FinCEN has issued under Section 9714(a), which, through authority delegated by the Treasury Secretary, authorizes FinCEN to prohibit or impose conditions on the transmittal of funds that involve foreign financial institutions found to be of “primary money laundering concern in connection with Russian illicit finance.” FinCEN can impose several “special measures” on such institutions, including requiring recordkeeping and reporting, which are commonly known as Section 311 of the USA Patriot Act;[18] they provide the Treasury Secretary with a range of options that can be adapted to target specific money laundering activities. FinCEN may also, in consultation with the Secretary of State, the Attorney General, and the Chairman of the Board of Governors of the Federal Reserve System, prohibit the creation of correspondent or payable-through accounts for such a foreign financial institution.[19] Because technological limitations may prevent a financial institution from declining transfers originating from Bitzlato, the Bitzlato Order permits financial institutions to “reject” a transfer after funds are received, such as by preventing the recipient from accessing the transferred assets.[20]

FinCEN’s decision to impose the Bitzlato Order was guided by three main considerations:

• Bitzlato’s use in facilitating or promoting money laundering in connection with Russian illicit finance. FinCEN determined that Bitzlato had significant connections to Russia and links to Russian illicit finance, including that the vast majority of its customer base is in Russia, its registered address in Hong Kong is shared by other Russian companies as an address of record, and it facilitated transactions with Russian ransomware groups such as Conti and had a significant transaction history with Russia-connected darknet markets such as Hydra.[21] The fact that Bitzlato is registered in Hong Kong did not affect FinCEN’s analysis, as Section 9714(a) does not require a foreign financial institution to be registered or incorporated in Russia to fall within its scope.
• Bitzlato’s limited use for “legitimate business purposes.” FinCEN found that Bitzlato’s services were used, “to an unusually large extent,” to facilitate illicit finance. FinCEN cited a study performed by a blockchain analysis company, which found that 48% of all known Bitzlato transactions involves Russian illicit finance or other risky sources such as ransomware groups, darknet markets or scams. FinCEN attributed the high percentage of illicit transactions to Bitzlato’s failure to implement a KYC policy—a fact which Bitzlato advertised on its website as of March 2022, stating that it uses “simple registration without KYC.”[22] Although Bitzlato’s services could also be used by licit actors for legitimate purposes, FinCEN found that a broad range of comparable services are available on other platforms with better transparency and more robust AML programs.[23]
• Guarding against international money laundering and other financial crimes. FinCEN found that identifying Bitzlato as a primary money laundering concern would help insulate the U.S. financial system from international money laundering and other financial crimes, further reinforce the importance of AML/CFT compliance in the virtual asset space, help protect the national security of the United States, notify financial institutions around the world of Bitzlato’s illicit activity, and set an example for other international partners to follow.[24]

FinCEN also issued an FAQ[25] contemporaneous with the order. FinCEN stated that it expects covered financial institutions, including convertible virtual currency (CVC) exchangers, to implement procedures reasonably designed to ensure compliance with the order and exercise reasonable due diligence to prevent it from engaging in transmittal of funds involving Bitzlato. The FAQ addresses, among other things, (1) the nature of a Section 9714 action; (2) how it is different from a Section 311 action, which requires notice-and-comment rulemaking; (3) what constitutes a covered financial institution; (4) how institutions should interpret and comply with the order; (5) the penalties for violations; and (6) whether the covered financial institutions are required to file a Suspicious Activity Report (SAR). The FAQ states that the covered financial institutions should incorporate the determination that Bitzlato is of primary money laundering concern into their AML/CFT compliance programs, and continue to implement appropriate procedures and systems, such as traditional compliance screening and blockchain tracing software, to determine whether they are involved in a transmittal of funds involving Bitzlato. If, due to technological constraints, a covered financial institution is unable to decline incoming CVC transfers from Bitzlato, the FAQ states that the financial institution will be deemed not to have violated the order if it “rejects” the transaction by (i) preventing the intended recipient from accessing such CVC; and (ii) returning the CVC to Bitzlato.

Violations of the order may result in civil penalties equal to at least two times the amount of the transaction, not to exceed $1.56 million, and/or criminal penalties equal to at least two times the amount of the transaction, not to exceed $1 million. The FAQ also notes that past transactional exposure to Bitzlato does not violate the order, and that the order does not impose a SAR reporting obligation.

                                                                                              *       *       *

[1]        https://www.justice.gov/usao-edny/pr/founder-and-majority-owner-bitzlato-cryptocurrency-exchange-charged-unlicensed-money; United States v. Legkodymov, 1:23-mj-00017-JRC, Dkt. 3 ¶ 8 (Jan. 14, 2023) (E.D.N.Y.) (“Complaint”); FinCEN Order, RIN 1506-AB42, Imposition of Special Measure Prohibiting the Transmittal of Funds Involving Bitzlato (“FinCEN Order”), https://www.fincen.gov/sites/default/files/shared/Order_Bitzlato_FINAL%20508.pdf.

[2]        Public Law 116-283, as amended by 31 U.S.C. § 5318A.

[3]        https://www.fincen.gov/news/news-releases/fincen-identifies-virtual-currency-exchange-bitzlato-primary-money-laundering.

[4]        https://www.europol.europa.eu/media-press/newsroom/news/bitzlato-senior-management-arrested.

[5]        Supra note 1.

[6]        Dep’t of the Treasury FinCEN Guidance, Application of FinCEN’s Regulations to Persons Administering, Exchanging, or Using Virtual Currencies, FIN-2013-G001 (Mar. 18, 2013); Dep’t of the Treasury FinCEN Guidance, Application of FinCEN’s Regulations to Certain Business Models Involving Convertible Virtual Currencies, FIN-2019-G001 (May 9, 2019).

[7]        18 U.S.C. § 1960(B)(1).

[8]        See 31 C.F.R. § 1022.380(a)(1); 31 U.S.C. § 5318(g); 31 C.F.R. § 1022.320(a); 31 C.R.F § 1022.210.

[9]        Complaint ¶ 34.

[10]       Complaint ¶ 34.

[11]       Complaint ¶ 37.

[12]       Complaint ¶ 38.

[13]       Complaint ¶ 10.

[14]       Complaint ¶¶ 13–15.

[15]       Complaint ¶ 28.

[16]       Complaint ¶ 30.

[17]       FinCEN Order at 27.

[18]       FinCEN Order at 3.

[19]       31 U.S.C. § 5318A(b)(5); FinCEN Order at 4.

[20]       FinCEN Order at 21.

[21]       FinCEN Order at 17–18.

[22]       FinCEN Order at 14.

[23]       FinCEN Order at 18-19.

[24]       FinCEN Order at 22, 27.

[25]       Frequently Asked Questions, FinCEN (Jan. 18, 2023), https://www.fincen.gov/sites/default/files/shared/FAQs_Bitzlato%20FINAL%20508.pdf.