March 24, 2021

Merchant Crypto Payments: A New National Security Frontier

By: Yaya J. Fanusie

Last month, the U.S. Department of the Treasury’s Office of Foreign Asset Control (OFAC), the agency that enforces U.S. sanctions, announced it had reached a half a million dollar settlement with cryptocurrency payment processor firm BitPay, a U.S. company. OFAC had been investigating BitPay for allegedly processing payments to merchants from customers in sanctioned jurisdictions. This announcement got scant public attention, even among cryptocurrency industry watchers, but it is a glimpse into thorny regulatory challenges ahead as large, mainstream corporations are jumping into the crypto space and pushing for more people to use digital assets in commerce. Much of this steady rush into retail crypto activity is occurring without a check of the regulatory blindspots ahead.

The BitPay settlement also points to how illicit actors might adjust their strategies to circumvent anti-money laundering, combatting the financing of terrorism (AML/CFT) and sanctions compliance requirements. As people’s lives become more digital and businesses become more open to cryptocurrencies, U.S. law enforcement and national security personnel may find that illicit financial activity increasingly involves crypto payments.

Much of this steady rush into retail crypto activity is occurring without a check of the regulatory blindspots ahead.

The business model for cryptocurrency payment processors like BitPay is straightforward. These companies provide software allowing retail merchants to accept cryptocurrencies as payment online or in brick-and-mortar establishments. The merchants do not need to handle cryptocurrencies directly. The payment processor owns the software wallets with which customers pay using Bitcoin or some other cryptocurrency, and then the processor converts those funds into regular fiat currency. The processor company then sends those converted funds to the merchant, minus a commission. This financial activity makes the payment processor a money transmitter under U.S. law and obligates it to follow all AML/CFT and sanctions regulations.

According to OFAC, BitPay failed in sanctions compliance. While BitPay screened its merchant clients to ensure they were not on the U.S. sanctions list or operating in sanctioned countries, the company for five years did not prevent individuals in sanctioned locations such as Crimea, Cuba, Iran, North Korea, Sudan and Syria from purchasing from U.S. merchants via BitPay’s crypto payment platform. Thus, it enabled customers in these locations to evade sanctions and transact with U.S. businesses.

Read the full article from Lawfare.

More from CNAS

  • Commentary
    • Sharper
    • November 20, 2024
    Sharper: Trump 2.0

    Donald Trump's return to the White House is widely expected to reshape America's global priorities. With personnel choices and policy agendas that mark a significant break fro...

    By Charles Horn & Gwendolyn Nowaczyk

  • Podcast
    • November 14, 2024
    Trump 2.0's Economic Security Agenda

    Emily and Geoff switch from obsessing over the election to obsessing over the transition. They dig into what a Trump 2.0 presidency will mean for tariffs, sanctions, export co...

    By Emily Kilcrease & Geoffrey Gertz

  • Commentary
    • The Washington Post
    • November 14, 2024
    Biden’s Gloves Can Finally Come Off to Help Trump End the Ukraine War

    The Biden administration’s reasons to treat Russian oil with kid gloves, in other words, no longer apply....

    By Edward Fishman

  • Podcast
    • November 13, 2024
    European Security and Defense under Trump 2.0 with Andrea Kendall-Taylor and Jim Townsend

    Max and Donatienne are joined by Andrea Kendall-Taylor and Jim Townsend, hosts of the Brussels Sprouts podcast at the Center for a New American Security, to discuss the implic...

    By Andrea Kendall-Taylor & Jim Townsend

View All Reports View All Articles & Multimedia