News

$196M Lost in BitMart Hack, Crypto Analysts Warn More Will Come

Richard Marley
December 07, 2021
3 minutes read
2218

BitMart, one of the world’s largest cryptocurrency exchanges, lost $196 million in a recent hack due to ineffective compliance infrastructure.

Crypto analysts have warned that cryptocurrency technologies have made it easier for fraudsters to hide their tracks after successfully stealing $196 million from crypto exchange “BitMart”.

The exchange is the world’s 118th largest cryptocurrency provider, based on client traffic, trading volumes, liquidity, and customer trust. However, BitMart customers’ confidence has shattered after the exchange announced it had fallen prey to cybercriminals.

“We have identified a large-scale security breach related to one of our [ethereum] hot wallets and one of our [Binance] hot wallets today,” BitMart confirmed in a statement on Saturday. “At this moment we are still concluding the possible methods used.”

The cryptocurrency exchange estimated that masterminds of the multi-million dollar hack had fled with nearly $150 million in digital currency. However, blockchain security experts later pointed out that the theft was around $196 million.

The crypto heist was first noticed by the cyber experts when an unusual flow of $10 million was detected from exchange to an anonymous address. BitMart stated that the hack had only affected “a small percentage of assets on BitMart and all of our other wallets are secure and unharmed.”

“We are now conducting a thorough security review and we will post updates as we progress,” BitMart added. “At this moment we are temporarily suspending withdrawals until further notice.”

It’s ambiguous how the hackers broke into BitMart. However, the security companies said that the cybercriminals used the transfer-out, swap, and wash approaches to overcome the risk of getting traced. The cybersecurity analyst also stated that due to insufficient infrastructure criminals are able to easily hack into crypto exchanges for their financial gains.

“The technology underpinning cryptocurrencies makes it far too easy to steal large sums of money, often leaving little or no trace as to where the money has gone or who has stolen it,” Jake Moore, cybersecurity specialist at ESET. “Sending funds to an ethereum mixing service is common for those wanting to evade being followed by the authorities, so better initial prevention for those with digital funds is vital to help mitigate this growing trend.”

“Users can add layers of protection such as 2FA and remain on guard against cleverly targeted phishing emails but crypto exchanges could potentially add extra layers of security when money is requested. Multiple verification techniques over certain amounts of money can slow thieves down and potentially reduce or even prevent the money from being taken”, Jake said.

BitMart was warned before this hack that cybercriminals can take over the security systems due to the absence of Know Your Customer (KYC) practice, thus making it difficult for the regulatory bodies to track down criminals.

Therefore, financial regulators across the globe are now determined to come up with more strict laws and policies to halt the usage of digital currencies in financial crimes.

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
Danish Gambling Operator Reports Tipwin to the Police for AML Failings
Then danish gambling operator Spillemyndigheden has reported Tipwin to the police for violating the Danish Money Laundering act

According to the sources, Spillemyndigheden, the government office based in Odense, Denmark, has reported to the police that the business has failed to create risk assessments of retail bets with a lack of written policies on its retail offerings.

It is also worth mentioning that the operator also lacks complete business procedures and controls for the offerings based on land or in regards to money laundering until 25 May 2022.

In the official statement of the regulator to the police, it stated all the shortcomings of Tipwin in compliance with the anti-money laundering standards. It stated: “Spillemyndigheden notes that the rules on risk assessment, policies and business procedures are absolutely fundamental in the Money Laundering Act. By failing to prepare a risk assessment, Tipwin has not had a useful tool that has provided an overview and understanding of where and to what extent Tipwin is exposed to money laundering or terrorist financing, and what measures are in place are necessary to mitigate the risks involved.”

This clearly states that the german based gambling operator, Tipwin is exposed to the illicit crimes of money laundering and terrorist financing and has failed to comply with the AML regulations. The Danish regulator also focused on the lack of preparation from the operator on assessments of risks which are fundamental components of the anti-money laundering act.

Spillemyndigheden also added: “Preparing a risk assessment of the company’s business model is a very fundamental means of limiting the risk of money laundering. Tipwin has thus also not had policies and operational procedures that stem from the risk assessment. By failing to prepare a risk assessment, the Gambling Authority has therefore handed over the case to the police investigation.”

The authority also launched an injunction on the breach of rules and procedures in regard to the online casino and betting operations. With the main emphasis on money laundering, the regulator released a statement last month which reminded businesses in the industry of the obligations. It mentioned the regulations most firms are complied with, which are in order to prohibit the financial interactions with individuals, groups, legal bodies or countries.

In addition, Spillemyndigheden issued a 3 months deadline to Tipwin to sort out the situation.

Suggested Read: Danish Gaming Regulator Sanctions Unibet Over AML Violations

Recent Posts

Blog
AML/CFT Compliance - Why Australia is a Safe Haven for Money Laundering
Recent inquiries and cases against major Australian casinos have raised questions about the measures adopted by the gambling sector to counter financial crime. The Star casino inquiry has shown the world how millions of billions of dollars have been laundered through the casino.

Not only has money laundering affected the gambling industry, but the dirty money cleaned through casinos has accounted for an increase in real estate prices and is also being invested in luxury items. The issue has now led authorities to question whether these gambling operators should be allowed to continue providing services after allowing money laundering and fraud.

Crown and Star Casinos – A Stain on Australia’s Reputation

The investigations into money laundering cases at Star and Crown casinos have proved that Australia has a poor reputation throughout the world for combating financial crime. Tens of billions of dollars are estimated to be laundered through the country annually. As of now, the senior management and directors of the casinos have been held accountable for the instances of money laundering, foreign intervention, and other types of organized crime. However, experts believe that questioning the higher management isn’t sufficient to clamp down on financing crime in the gambling sector.

In March this year, a federal Senate inquiry issued a report stating that Australia had failed to meet the Financial Action Task Force (FATF) international obligations for fighting money laundering. The Senate report also issued a warning about the increased costs in Australia’s banking sector. The country’s overall economy has been affected due to a stained reputation and cannot be recovered unless Anti-Money Laundering (AML) legislation and Counter-Terrorism Financing laws are not tightened.

The Australian Banking Association had the same view as it stated in the Senate inquiry that the country’s banks have to provide additional information and guarantees to foreign investors regarding their AML regime after the FATF rated Australia as non-compliant in certain areas. The federal government has repeatedly discussed the tightening of AML/CFT laws since 2015 when the Paris-based global watchdog first criticized its controls against financial crime. Australia being one of the founding members of the FATF doesn’t take the criticism lightly.

Australia’s Anti-Money Laundering Regime

In 2015, the FATF pointed out the failure of Australia’s AML/CFT laws that govern financial institutions and gambling service providers to bring lawyers and real estate agents under their scope. Even today, the laws do not oblige professional services firms to report suspicious activities. Whereas China and the US, which were also pointed out by the FATF for the same, have already started making efforts to bring professional services firms under AML/CFT laws.

The Australian Criminal Intelligence Commission (ACIC) and the Australian Federal Police have stated that professional services firms and the establishment of trusts and companies through nominees and third parties enable crimianls to obscure the real origins of their illegally-obtained funds.

Derwent Coshott, an expert on trust law and money laundering at University of Sydney said, ‘We still don’t require real estate agents to know who they’re dealing with. We do think that Australian properties have been used to launder money.’

If Australia brings lawyers, real estate agents, and accountants under the scope of AML regulations along with financial institutions and casinos, law enforcement agencies can get a better oversight on financial crime risks. Financial regulators like AUSTRAC and the Australian Tax Office, as well as law enforcers like the AFP and ACIC, can easily trace the beneficial owners of properties and illicit funds.

“By having secondary professions do the customer due diligence work, and report into AUSTRAC, when there are suspicious matters, you will be able to catch a lot of this. We want to extend those obligations to those secondary professions, and pretty much every other country in the world has.” says Derwent Coshott.

The expert says that failing to bring secondary professions under the scope of AML laws is leading Australia to getting the worst-ever scores on Transparency international’s global corruption index, where combating transnational corruption is one of the key factors.

How Casinos and Businesses Can Secure their Operations

Australia introduced the Customer Data Right (CDR) in 2019 that obliges many sectors including financial institutions to require and verify their customers’ personal information. The CDR allows financial firms and FinTech companies to secure their operations through the verification of their customers’ identities. It also provides the option to customers to share their information at a federal, state, or territorial level.

In June 2021, Australia saw new AML reforms that were known as Tranche 1.5. The new regulation allowed businesses operating in Australia to incorporate third-party identity verification solutions in order to comply with international KYC requirements. The Australian corporate structure can be secured from financial crime if businesses implement robust AI-driven KYC solutions to onboard legitimate users and identify high-risk entities.

Businesses and financial institutions must identify and report suspicious activities leading to financial crimes like money laundering and terrorist financing. Adopting a risk-based approach, financial firms and online gambling operators must monitor transactions involving large amounts, those without a defined purpose, and those with sudden variations in amounts.

What Shufti Pro Offers

While Australia’s vulnerability to money laundering and organized crime is obvious, firms that incorporate a robust AML Screening solution can steer clear of both money laundering and regulatory penalties. AML/CFT regulations oblige businesses to identify the ultimate beneficial owners and individuals who perform transactions for corporate customers. The FATF advises businesses to verify the identities of their customers through document verification checks and analyse the risk associated with them.

Shufti Pro’s AI-backed identity verification and Anti-Money Laundering (AML) screening solutions allow financial firms to adopt a risk-based approach. The globally acclaimed company offers services in 230+ countries and territories that ultimately overcomes the data transparency issues identified by FATF. In less than a second, financial organizations can get 98.67% accurate identity verification results.

To learn more about Shufti Pro’s AML Screening solution, get in touch with experts.

Talk to us

$196M Lost in BitMart Hack, Crypto Analysts Warn More Will Come

Crown and Star Casinos – A Stain on Australia’s Reputation

Australia’s Anti-Money Laundering Regime

How Casinos and Businesses Can Secure their Operations

What Shufti Pro Offers

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.