Ensuring Legality in Cryptocurrency Transactions: Key Points on AML Compliance in Taiwan

Due to the high technical barriers of concepts like cryptocurrency and blockchain, virtual currencies have increasingly been used illegally in recent years. According to the FBI’s 2023 Internet Crime Report, cryptocurrency scams alone resulted in a financial loss of $3.94 billion in the US last year—a 53% increase from 2022. Consequently, governments worldwide have established regulations to enhance supervision in the virtual currency sector, creating growing regulatory pressure for businesses to seek compliant and secure KYC solutions to stand out in the competitive market.

Why Are AML Regulations Increasingly Important in the Cryptocurrency Industry?

Given cryptocurrency’s anonymity and decentralization, it is often used by criminal organizations for money laundering and other illegal activities, making detection challenging. To combat this, the Financial Action Task Force (FATF) issued guidelines in June 2020, mandating that countries include virtual assets in their anti-money laundering (AML) frameworks and officially audited 39 member countries to prevent cryptocurrency-related fraud.

10 Common Cryptocurrency Scam Techniques

1. Mixing Services and Tumblers: Criminals use these services to obscure the origins of funds by mixing illicit money with other users’ funds, complicating tracking by regulators.
2. Privacy Coins: Cryptocurrencies like Monero, Zcash, and Dash prioritize user privacy, making it harder for authorities to track transactions and identify criminals.
3. Decentralized Exchanges (DEXs): These exchanges allow users to trade cryptocurrencies without a central authority, making it easier for criminals to exchange illicit funds and evade detection.
4. Peer-to-Peer (P2P) Platforms: These platforms enable direct user transactions without traditional financial institutions, increasing the risk of money laundering.
5. Layering: Criminals use complex techniques, conducting multiple transactions across various wallets and exchanges to obscure the flow of illicit funds.
6. Cryptocurrency ATMs: These ATMs facilitate the quick conversion of cryptocurrency to cash and vice versa but often lack KYC/AML regulations, becoming tools for criminals.
7. Complex Wallet Structures: Techniques like multi-signature wallets and wallet clustering further obscure fund movements and criminal activities.
8. Non-Fungible Tokens (NFTs): Criminals may use NFTs to transfer illicit funds through purchases and sales.
9. Ransomware: In ransomware attacks, criminals typically demand payment in cryptocurrency to hide their tracks.
10. Anonymous Services: Criminals use VPNs, the Tor network, and encrypted messaging apps to conceal their identities.

Taiwan’s regulators have also intensified their supervision in recent years, actively scrutinizing non-compliant businesses to prevent the cryptocurrency market from becoming a hotbed for financial crimes. For instance, in mid-July this year, the Financial Supervisory Commission’s Securities and Futures Bureau announced penalties against “ACE Exchange” for violating multiple AML regulations, such as failing to conduct Enhanced Customer Due Diligence (ECDD) for high-risk customers, insufficiently understanding the business purposes and nature of customers, not setting monitoring thresholds based on customer risk levels, and failing to maintain transaction records, resulting in a fine of NT$1.52 million.

7 AML Principles for Cryptocurrency Businesses

1. Conduct Risk Assessments: Pre-emptively assess risks related to individual business activities to allocate resources effectively and address high-risk areas.
2. Implement Know Your Customer (KYC) and Customer Due Diligence (CDD): KYC procedures include verifying customer identities and collecting relevant information to establish legitimacy, while CDD involves assessing individual customer risks, continuously monitoring accounts and transactions, and regularly reviewing updated customer information to implement risk mitigation measures.
3. Monitor Cryptocurrency Transactions: Virtual Asset Service Providers (VASPs) must monitor their platform transactions for suspicious activities, such as large or unusual transactions, those involving high-risk jurisdictions, or signs of money laundering and other illegal activities.
4. Report Suspicious Activities: VASPs are obligated to proactively report any suspicious transactions to aid in anti-money laundering and other financial crime prevention.
5. Develop a Compliance Program: VASPs need to implement a comprehensive AML compliance program that includes policies, procedures, and controls to prevent money laundering and comply with regulatory requirements.
6. Maintain Records for Audits: VASPs must keep accurate and up-to-date customer databases and records of transaction activities and AML compliance for regulatory audits.
7. Provide Employee Training: VASPs should offer AML training to employees to ensure they understand their obligations and are capable of effectively identifying and reporting suspicious activities.

What is the “VASP Anti-Money Laundering and Counter-Terrorism Financing Measures”?

On June 22, 2021, Taiwan’s Financial Supervisory Commission announced the completion of the “Regulations Governing Anti-Money Laundering and Counter-Terrorism Financing for Virtual Asset Platform and Trading Business,” which took effect on July 1, 2021. This regulation includes five categories of virtual asset businesses under AML management:

1. Exchanging virtual currencies for New Taiwan Dollars, foreign currencies, or currencies issued in Mainland China, Hong Kong, or Macau.
2. Exchanging between virtual currencies.
3. Transferring virtual currencies.
4. Custody and management of virtual currencies or providing related management tools.
5. Providing financial services related to the issuance or sale of virtual currencies.

The ten key points of this guideline cover asset “segregated custody,” operational, cybersecurity, and “cold/hot wallet” management mechanisms. It also formally regulates offshore businesses operating without a local presence. Besides the commonly regulated fiat and crypto exchanges and crypto-to-crypto exchanges, other entities under compliance include those assisting in transferring virtual assets or providing mixing services, offering virtual asset-related custody services or tools, and financial service providers related to ICOs and IEOs.

Currently, VASPs are beginning to cooperate to establish industry order, gradually implementing self-compliance, and promoting a secure and transparent trading environment. The emergence of a new industry ecosystem can be expected.

For example, businesses must register with the appropriate regulatory bodies and obtain necessary licenses to operate legally. “Fusheng Digital Technology Co., Ltd.,” an investment of the Taiwan Mobile Group, has recently completed its AML compliance declaration and plans to launch a cryptocurrency exchange and asset management services.

How Can Authme Help VASPs with Compliance?

Facing rampant identity fraud, KYC certification is one of the best methods to help virtual currency businesses resist crime. Moreover, KYC certification has become a standard for users to evaluate the safety of trading platforms.

Authme provides a one-stop KYC identity verification solution that complies with international standards like the EU GDPR and US SEC. It maintains internal audit trails to ensure legal compliance without doubts. Combining AI and machine learning technology, it can quickly detect document authenticity and provide instant verification results, helping you meet international regulatory requirements while maintaining a smooth user experience.

Contact us for more product information and start by securing the first step, working together to prevent fraudsters from entering the cryptocurrency market.