.svg)
As hackers wreak havoc on decentralised finance (defi) platforms, a US regulator has issued its largest crypto enforcement action to date following a multi-year investigation into suspected sanctions-busting.
First up, it has been a hell of a month for crypto hacks, as new data from crypto analytics firm Chainalysis suggests that October is already the worst month of 2022 for crypto hacks, and it is still far from over.
So far this month, $718m has been stolen from defi platforms in 11 separate hacks. This puts October just ahead of March as the worst month for value lost, but March still leads in terms of number of hacks.
At this rate, Chainalysis predicts that 2022 will likely surpass 2021 as the worst year on record for value lost to hacks. So far, hackers have already stolen $3bn from a total of 125 hacks.
Last week, as reported by VIXIO, Binance was hit by a $570m hack of one of its cross-chain bridges, but ultimately it was able to recover most of the funds.
This week, Solana-based Mango Markets, another defi platform, was hit by a $100m hack.
While the Binance hacker attempted to duplicate a large transaction and cash out the difference, the Mango hacker was able to drain the platform of funds by manipulating the price of its MNGO token.
By artificially raising the price of MNGO, the hacker was able to use it as collateral to take out enormous loans in other crypto-assets from Mango liquidity pools.
In a statement, Mango said it has called on other crypto platforms to help freeze the stolen funds and has disabled further deposits to its own platform.
Bittrex $53m Settlement With Regulators
In the US, the Treasuryâs Office of Foreign Assets Control (OFAC) revealed that it has reached a $24m settlement with crypto exchange Bittrex, as part of its largest crypto enforcement action to date.
In the first parallel enforcement action of its kind, the Financial Crimes Enforcement Network (FinCEN) also reached a $29m settlement with Bittrex due to violations of the Bank Secrecy Act (BSA).
Following investigations, OFAC found âapparent violationsâ of multiple sanctions by Bittrex, while FinCEN found âwilful violationsâ of anti-money laundering (AML) and suspicious activity reporting (SAR) requirements outlined in the BSA.
The $24m settlement covers Bittrexâs âpotential civil liabilityâ for the sanctions offences, while the $29m settlement covers Bittrexâs failure to apply AML and SAR controls under the BSA.
The sanctions case against Bittrex dates back to 2014 and runs until 2017, during which time the exchange is alleged to have committed more than 116,000 sanctions violations.
According to OFAC, Bittrex allowed $263m worth of trades to be entered by persons âapparently locatedâ in the sanctioned jurisdictions of Crimea, Cuba, Iran, Sudan and Syria.
Meanwhile, from 2014 to 2018, FinCEN found that Bittrex had failed to maintain effective AML controls.
Bittrexâs transaction monitoring was described by FinCEN as âinadequateâ and âineffectiveâ, resulting in âsignificant exposureâ of the exchange to illicit finance.
Moreover, between 2014 and 2018, FinCEN found that Bittrex had failed to file any SARs, despite a significant number of transactions involving sanctioned jurisdictions.
âFor years, Bittrexâs AML program and SAR reporting failures unnecessarily exposed the US financial system to threat actors,â said Himamauli Das, acting director of FinCEN.
âBittrexâs failures created exposure to high-risk counterparties including sanctioned jurisdictions, darknet markets, and ransomware attackers.â
Das stressed that FinCEN will not hesitate to act against crypto companies in future if it identifies wilful violations of the BSA.
Bored Ape catches interest of SEC
This week another US regulator, the Securities and Exchange Commission (SEC), issued queries and subpoenas to a number of non-fungible token (NFT) companies, including Yuga Labs, creator of the Bored Ape Yacht Club collection.
According to a report from Bloomberg, the SEC has been investigating NFTs since March this year to establish whether they are being used to raise money in the same way as traditional securities like stocks and bonds.
If so, then NFT issuers and re-sellers could be held liable for unregistered securities violations under the 1933 Securities Act.
As the creator of Bored Ape Yacht Club, the worldâs most valuable NFT collection, Yuga Labs stands to be affected significantly if the SEC were to classify NFTs as securities.
At its peak in May this year, the Bored Ape collection hit a market cap of $1.8bn, but has since shed about 50 percent of its value at the time of writing.
Jim Preissler, co-founder of defi platform SOMA.finance, said a two-tier classification model may be the best fit for NFTs.
Even if NFTs are not classed as securities at the time of issuing, he said, there is precedent for certain instruments to be classed as securities once traded on a secondary market.
âThe NFT may or may not be a security, but the exchange that actively trades them could be required to be a licensed security exchange, and the NFTs may need to be treated as such on that exchange,â he said.
Preissler also pointed out that fractionalised NFTs and NFT community tokens, such as Yuga Labsâ ApeCoin, are even more likely to be seen as securities.
Such instruments would not have the âwriggle roomâ of standalone NFTs, said Preissler, which are often likened to digital works of art.
According to Bloomberg, the SEC is also investigating whether Yuga Labsâ launch of ApeCoin constitutes an unregistered securities offering.
Coinbase launches new payments tie-up with Google Cloud
Finally, to close out the week, perhaps some positive news for the crypto industry as Coinbase announces the launch of a new payments partnership with Google Cloud.
Under the deal, Google Cloud will allow customers to pay for its services using selected cryptocurrencies via Coinbase Commerce.
Coinbase Commerce is a global platform that helps merchants accept crypto payments, and provides access to crypto integration and business analytics tools.
Merchants currently using Coinbase Commerce include WeWork, Alo Yoga and Budweiser brewer Anheuser Busch.
Owen Lau, senior analyst at investment bank Oppenheimer, told CoinDesk that the deal will be seen as a âvalidationâ of the crypto industry in the eyes of bigtech and the traditional finance world.
However, anonymous crypto analyst Bitfinexâed pointed out that Google will not technically be accepting the final payment in crypto form, as payments will first be converted into fiat when passing through Coinbase Commerce.
âGoogle isnât accepting bitcoin, theyâre immediately liquidating bitcoin for dollars,â he said. âThis isnât a bullish event. Everyone that pays for Google services with Coinbase is selling their crypto.â
Nonetheless, traditional finance institutions are clearly seeing some form of validation in crypto, as can be seen from the entry this week of the US's oldest bank, BNY Mellon, into the crypto custody market.
Using BNY Mellonâs Digital Asset Custody platform, clients will be able to hold and transfer bitcoin and ether, which together make up almost 60 percent of cryptoâs total market cap.
