The U.S. government sanctioned a crypto exchange for the first time last week, escalating its fight against ransomware and proclaiming that crypto regulation will not be free of enforcement actions.

The other major storyline last week came from China, which once again announced it was taking on crypto activities, this time banning transactions and raising the possibility of criminal penalties. My colleague Muyao Shen explores this issue and what the broader lessons may be for the crypto regulation landscape.

You’re reading State of Crypto, a CoinDesk newsletter looking at the intersection of cryptocurrency and government. Click here to sign up for future editions.

OFAC ramps up crypto regulation

The narrative

The Treasury Department’s Office of Foreign Asset Control (OFAC) is taking on the ransomware fight, sanctioning a crypto exchange for the first time.

Why it matters

OFAC’s role in the ransomware fight is interesting. It’s a sanctions enforcer, not a cyber watchdog. While it makes sense that the agency has a role in trying to mitigate the ransomware crisis, the fact that it’s involved in the most public action against ransomware to date may actually reinforce one of the core ideas within the crypto sector: that intermediaries are points of failure.

Breaking it down

Last week, the OFAC blacklisted a crypto exchange for the first time on allegations it facilitated bitcoin transactions for ransomware actors. Suex, an exchange that claims to operate out of the Czech Republic but with offices in a handful of Russian cities, became the latest crypto entity to join the Specially Designated Nationals (SDN) list on Tuesday.

It’s the first formal action the U.S. government has taken in its fight against ransomware under the current administration, though Treasury has sanctioned people for facilitating cryptocurrency transactions on behalf of ransomware attackers in the past.

It’s also the first time a crypto exchange has landed in OFAC’s crosshairs.

Treasury officials did not respond to a set of questions about the action or the exchange.

“Treasury is announcing that we will now also be taking steps to obstruct and deter these criminals by going after their financial enablers,” Deputy Treasury Secretary Wally Adeyemo said in a press call previewing the action. “Today’s action is a signal of our intention to expose and disrupt the illicit infrastructure used in these attacks.”

Suex was a nested exchange, Adeyemo said, which blog posts from TRM Labs and Chainalysis described as an exchange that doesn’t operate its own custody service, but rather, uses a larger exchange to tap into its liquidity and market-making abilities.

In this case, Binance appears to be one of these larger exchanges. CEO Changpeng Zhao said Suex accounts were “de-platformed” based on analysis of the 25 crypto addresses included in last week’s action.

There are a number of details about this action that really stood out to me. First, while the TRM and Chainalysis blog posts identified a handful of Suex’s employees and described their operations, OFAC did not add any of these individuals to its SDN list.

In contrast, when OFAC sanctioned alleged North Korean hackers, alleged Chinese drug traffickers or alleged Iranian crypto transmitters, the enforcer named the specific individuals involved in the illicit activities.

That hasn’t stopped Suex founder Egor Petukhovsky from saying he’ll take on the U.S. government in court. He wrote that none of his business entities engaged in illegal activity on Facebook.

Still, regardless of whether Petukhovsky or the rest of the Suex team knew what transactions they were facilitating, the fact that reportedly around 40% of Suex’s transactions went to known addresses tied to malicious actors may be enough for the U.S. government.

It’s also interesting to me that OFAC swung what appears to be one of the first offensive blows against ransomware attackers. We’ve known for a while that actions against crypto exchanges were on the table – officials have been warning about this for months now – but I wasn’t able to find a comparable action by the Department of Homeland Security, for example.

Past precedent?

The closest I could find are rumors that the U.S. government may have been involved in the REvil ransomware group going offline, but nothing definitive.

While I’m sure there’s activity that isn’t publicized, the lesson seems to be that financial intermediaries may be among the easiest targets for regulators tamping down on illicit behavior.

This is obvious to those of you who have spent any length of time in the crypto industry, but it’s worth re-examining this through the lens of OFAC’s action and ransomware attacks more broadly.

OFAC didn’t sanction the final recipients of these transactions (yet), just like it doesn’t seem to have sanctioned the final recipients in its first crypto action in 2018. The names on the SDN list belong to those charged with facilitating…

www.coindesk.com