The Virtual Currency Gold Rush and the Regulatory Wild West

Since my departure from the world of full-time academia, I have dedicated noticeably less time to writing new content for this site – however, not for want of subject matter. In the course of my recent work on AML (Anti-Money Laundering) and CFT (Countering the Financing of Terrorism) I have been deeply engaged with an old favourite topic of mine – digital payment methods. Specifically, both e-money and virtual currencies have cropped up on numerous occasions as innovative, though oft ill-understood, developments, which are raising a number of issues for AML/CFT and regulation more broadly. In this post, I will attempt to give a quick overview of virtual currencies from a prospective regulatory angle, focusing on the importance of clear and logical definitions (where possible), but leaving any more technical analysis of individual virtual currencies or underlying blockchain or distributed ledger technologies to another day.

Virtual currency can currently be best understood as a digital representation of value that can be digitally traded and function as a medium of exchange, a unit of account, and/or a store of value, but does not have legal tender status in any jurisdiction, and fulfills the above functions only by agreement within the community of users.[1] Virtual currencies could present unique challenges to both regulators and law enforcement agencies, as issues arise regarding both the definition and understanding of virtual currencies, and the emerging properties of these markets. As such, few jurisdictions currently regulate virtual currencies directly, and many law enforcement, monitoring, or risk-assessing measures are hindered by a number of issues, including lack of information, lack of expertise, and/or anonymity or opacity of the market.

The term ‘digital currency’ is often used interchangeably with the term ‘virtual currency’, however this can be misleading and is best avoided, as money or currency can be stored in a ‘digital’ form, such as e-money, without being a ‘virtual’ currency. E-money, for example, is not a virtual currency, but a digital representation of fiat currency, is legislated for at EU level,[2] and is regulated in Ireland by the Central Bank of Ireland. The issuance of e-money is limited to certain cases, such as institutions holding a banking license or e-money license. No such structured regulation currently exists for virtual currencies at EU level or in Ireland. Virtual currency has also been distinguished by the Financial Action task Force (FATF) as;

“[…] distinct from emoney, which is a digital representation of fiat currency used to electronically transfer value denominated in fiat currency.”[3]

The European Banking Authority (EBA) has defined virtual currencies as a digital representation of value that is issued by neither a central bank nor a public authority, not necessarily attached to a fiat currency, but  accepted by natural or legal persons as a means of exchange, and can be transferred, stored or traded electronically.[4]

One of the key characteristics of a virtual currency is that it is not tied to a ‘fiat’ or ‘real’ currency, although it may be possible to redeem virtual currency against fiat currency, at variable or fixed exchange rates. Many virtual currencies are what are known as ‘non-convertible’ virtual currencies – currencies which may be utilised within a virtual world or marketplace, but which may not be redeemed against fiat currency. Other, ‘convertible’, virtual currencies can be exchanged with fiat currencies. A FATF report on key definitions and risks for virtual currencies, published in June 2014,[5] defined convertible and non-convertible virtual currencies thus:

Convertible (or open) virtual currency has an equivalent value in real currency and can be exchanged back-and-forth for real currency. Examples include: Bitcoin; e-Gold (defunct); Liberty Reserve (defunct); Second Life Linden Dollars; and WebMoney.

Non-convertible (or closed) virtual currency is intended to be specific to a particular virtual domain or world, such as a Massively Multiplayer Online Role-Playing Game (MMORPG) or, and under the rules governing its use, cannot be exchanged for fiat currency. Examples include: Project Entropia Dollars; Q Coins; and World of Warcraft Gold.

Another key distinction made by the FATF report is between ‘centralised’ and ‘decentralised’ virtual currencies. Just as the convertibility is of key importance to AML/CFT risk, due to the flexibility of convertible currencies, the centralised or decentralised nature of a virtual currency has significant implications for supervision, regulation, and cooperation with law enforcement agencies.

Centralised Virtual Currencies have a single administrating authority (administrator)—i.e., a third party that controls the system. An administrator issues the currency; establishes the rules for its use; maintains a central payment ledger; and has authority to redeem the currency (withdraw it from circulation). […] Currently, the vast majority of virtual currency payments transactions involve centralised virtual currencies.

Decentralised Virtual Currencies (a.k.a. crypto-currencies) are distributed, open-source, math-based peer-to-peer virtual currencies that have no central administrating authority, and no central monitoring or oversight.

As mentioned above, cryptocurrencies are a subset of virtual currencies, which are math-based, decentralised, convertible, and protected by cryptography. They are perhaps the most widely recognised forms of virtual currency – some of the most popular cryptocurrencies (based on market capitalisation)[6] include Bitcoin, Litecoin, Dogecoin, Dash, along with other offerings by Ripple Labs, Ethereum, and Voxelus, which utilise cryptocoins as part of a wider service infrastructure.

There are even currently Bitcoin ATMs in limited cases, which provide the capacity for a customer to exchange cash for bitcoins on-site. Once cash is exchanged for bitcoins, they can relatively easily be converted to other virtual currencies – some of which are less traceable than bitcoin – used to purchase goods or services anonymously (including in Dark Web marketplaces), transferred to other, more legitimate, e-money/digital wallets or online betting wallets, or simply re-converted to cash using online BTC-EUR currency exchanges. This particular issue has previously been subject to research by Europol and the United Nations Office on Drugs and Crime (UNODC).[7]

It was reiterated by FATF, in their June 2015 guidance for a risk-based approach to virtual currencies,[8] that the 2014 Report had indicated in its risk assessment that;

“[…] at least in the near-term, only convertible VC, which can be used to move value into and out of fiat currencies and the regulated financial system, is likely to present ML/TF risks”.

Due to the still relatively limited market for various convertible decentralised virtual currencies, there will in most cases be a need to convert fiat currency into virtual currency, or vice versa, at some point for the purposes of money laundering, terrorist financing, tax evasion, or various other illicit activities. As such, virtual currency exchanges are the most likely first port of call for any policymakers or regulators who want to get a handle on the illicit use of virtual currencies.


There are corresponding concerns at international, EU, and national level amongst law enforcement agencies, regulators, and policymakers that convertible virtual currencies – particularly cryptocurrencies with a focus on anonymity – may offer criminals untraceable avenues for both money laundering and terrorist financing. This is reflected in the recent amendments proposed to the upcoming 4th Anti-Money Laundering Directive (4AMLD), which would seek to bring virtual currency exchanges within the remit of AML/CFT regulation, by classifying them as ‘obliged entities’, or ‘designated persons’ under Irish law. This classification would bring with it the obligation to submit ‘suspicious transaction reports’ (STRs) to relevant financial intelligence units (FIUs), and to conduct customer due diligence (CDD) on their users.

Nonetheless, at present, many of the potential risks of virtual currencies do not seem to have materialised. A report by EUROPOL in January 2016 stated that;

“[d]espite third party reporting suggesting the use of anonymous currencies like Bitcoin by terrorists to finance their activities, this has not been confirmed by law enforcement.”[9]

However, it remains unclear to what extent this can be attributed to low criminal or terrorist uptake of these avenues, a lack of suitability for money laundering or terrorist financing, or simply that money laundering or terrorist financing in this area are remaining undetected. This area is being monitored on an ongoing basis at a national law enforcement, state supervisory, and EU level, and it seems – in both the sphere of AML/CFT regulation, as well as elsewhere – virtual currencies will not escape affections of regulators for long.

It remains to be seen how these developments will affect the nascent virtual currency scene; it may split the market into currency exchanges and centralised virtual currency administrators who work with authorities to legitimise their offerings, and the more anonymity-focused, decentralised virtual currency proponents; it may prove simply unworkable, due to logistical impracticalities, or the fact that the geographic reach of any regulation may be hampered by the relatively borderless nature of virtual currencies and facilitators; or it may signal a move to national central banks embracing distributed ledger technologies and virtual currencies themselves. Either way, it is undoubtedly going to continue to engender a great deal of impassioned debate from all corners.

~ Shane

Title image screenshot from the wonderful ‘Ð is for Ðogecoin‘ video

[1] Adapted from the definition provided in FATF, Virtual Currencies Key Definitions and Potential AML/CFT Risks, June 2014, p 4,

[2] Directive 2009/110/EC of the European Parliament and of the Council on the taking up, pursuit and prudential supervision of the business of electronic money institutions, which was later transposed into Irish law through the European Communities (Electronic Money) Regulations 2011

[3] FATF, Virtual Currencies Key Definitions and Potential AML/CFT Risks, June 2014, p 4,

[4] Adam Farkas, Executive Director, European Banking Authority, EBA’s work on Virtual Currencies and Cyber Risks, FSC Meeting, Brussels, 17 February 2016

[5] FATF, Virtual Currencies Key Definitions and Potential AML/CFT Risks, June 2014,

[6] Based on figures from

[7] UNDOC, Basic Manual on the Detection And Investigation of the Laundering of Crime Proceeds Using Virtual Currencies, June 2014,

[8] FATF, Guidance for a Risk-Based Approach: Virtual Currencies, June 2015,

[9] EUROPOL, Changes in modus operandi of Islamic State terrorist attacks, 18 January 2016,


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s