Syed Rahman, of financial crime specialists Rahman Ravelli, outlines the issues in the first case of the US Treasury imposing sanctions on a virtual currency mixer.

The United States Treasury has sanctioned a virtual currency mixer for the first time.

It has imposed sanctions on the cryptocurrency mixing service Blender.io. The sanctions have been placed on Blender because it provided services for the individuals who obtained $600 million by attacking the Ronin sidechain in March.

According to the Treasury, the theft was carried out by the North Korean Lazarus group, which was first sanctioned in 2019. Blender was used by the attackers to process $20.5 million.

Under Secretary of the Treasury for Terrorism and Financial Intelligence, Brian Nelson, said:

"For the first time ever, the Treasury is sanctioning a virtual currency mixer. Virtual currency mixers that assist illicit transactions pose a threat to US national security interests.

"We are taking action against illicit financial activity by the DPRK (North Korea) and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered."

The Treasury added that Blender was also involved in laundering for Russian-linked ransomware groups including Trickbot, Conti, Ryuk, Sodinokibi, and Gandcrab. It accused Blender of facilitating illicit transactions by disguising their origin, destination and the parties involved

The sanctions mean any Blender - or majority Blender-owned - property in the US has to be reported. The sanctions cover funds, goods and services. All transactions by Americans within the US are blocked unless a licence is issued to allow them.

The attack on the Ronin sidechain obtained Ethereum and US coin. It was only noticed a week later. Afterwards, Ronin stated that it had not had a proper tracking system in place. A replacement system with more checks is to be introduced.

This was a case that illustrated how vitally important it is for every institution to devise and introduce a set of procedures that can assess and minimise the risks it faces. This involves developing a risk-based approach to prevent unwanted customer transactions, creating alerts to minimise suspicious incidents and prompt investigation of them, and preparing tools and software to reduce the potential for illegal activity

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.