Crypto crime value dropped significantly in 2023, shows Chainalysis report

What have been the most significant trends in crypto-related crime observed over the last year?

Our tracking of crypto crime includes both direct activities, such as stealing, scamming, market manipulation, and so on, as well as indirect activities such as money laundering, ransomware, sanctions evasion and more, where cryptocurrencies are utilised by criminals to realise financial gain from their activities.

Our most recent analysis of the crypto crime landscape has revealed encouraging developments. The value received by illicit cryptocurrency addresses through 2023 totalled $24.2bn, a significant drop compared to the all-time high of $39.6bn in 2022. It is worth highlighting that crypto crime only accounted for an estimated 0.34 per cent of total on-chain transaction volume last year.

Moreover, $14.9bn of the total – representing the largest portion (61.5 per cent) of the illicit transaction volume – related to sanctioned entities, meaning a portion of these transfers could be attributed to average crypto users who happen to reside in sanctioned jurisdictions and use those local services.

Give us insights into what led to the significant drop in value received by illicit cryptocurrency addresses last year.

Most prominently, crypto scamming and hacking revenues fell significantly last year, with total illicit revenue dropping 29.2 per cent and 54.3 per cent respectively. On-chain metrics suggest scamming revenues globally have been trending down since 2021. This aligns with the long-standing trend that scamming is most successful when markets are up and exuberance is high, and people feel like they are missing out on an opportunity to get rich quickly.

As for crypto hacking, the decline in stolen funds is driven largely by a sharp drop-off in DeFi hacking. That drop-off could represent the reversal of a disturbing, long-term trend and may signify that DeFi protocols are improving their security practices. That said, stolen funds metrics are heavily outlier-driven, and one large hack could again shift the trend.

It should be noted that there were exceptions to the overall downward trend. Ransomware and darknet markets – two of the most prominent forms of crypto crime – saw revenues rise in 2023 in contrast with overall trends. The growth of ransomware revenue is especially disappointing given the sharp declines we saw last year. This suggests that ransomware attackers have perhaps adjusted to organisations’ cybersecurity improvements.

Does the decline in crypto crime transaction volumes also indicate the growing effectiveness of law enforcement agencies? Have these entities been effectively cracked down on crypto crime?

The downward trend does paint the picture of a rapidly maturing ecosystem where the impact of regulation, better controls, customer vetting, transaction monitoring, and consumer awareness are having a positive effect in reducing crypto crime.

That said, tracking and mitigating crypto crime does pose challenges to law enforcement agencies. Investigations often involve tracing funds as they are transferred across multiple tokens or chains. So, while the inherent transparency of blockchains means deep analysis and investigation of crypto crimes is possible in ways that are just not possible with traditional finance, an important caveat is that raw on-chain data would simply show law enforcement agencies and private enterprises a list of transactions between different crypto addresses, with no indication of what organisations and entities those addresses represent. Institutions therefore need the right tools to draw actionable insights from on-chain data.

What measures or regulations have the GCC governments implemented to mitigate crypto crimes, and what impact have they had so far?

The UAE has been at the forefront of embracing emerging technologies. By setting up specialised regulatory regimes, such as the Financial Services Regulatory Authority of Abu Dhabi Global Market and more recently, the establishment of a bespoke regulator in Dubai, the Virtual Assets Regulatory Authority (VARA), UAE has showcased a forward-thinking approach to harness and regulate the crypto sector. Few countries in the region now boast crypto regulation that is as comprehensive as that of the UAE. For example, VARA with its 12 rulebooks clearly outlines everything from market conduct and marketing guidelines to information management procedures and anti-money laundering laws.

Consequently, this clarity has enabled virtual asset service providers (VASPs) to know exactly where the UAE government stands and thus map out their long-term business roadmaps with confidence. It’s no surprise then that many large crypto businesses are setting up in the country.

The positive impact of forward-focused regulations is also evident in consumer behaviours. The outsized share of institutional-size investors in the UAE is an indication of growing confidence and the consequent eagerness from entities and high-net-worth individuals to add cryptocurrency to their investment portfolios. The growing popularity of DeFi – which represents the cutting edge of blockchain-based applications in many ways – further validates the success the country has had in attracting more sophisticated market participants.

Finally, as crypto becomes more mainstream, how can individuals who want to utilise cryptocurrencies for investments or the transfer of value do so without the risk of falling victim to crypto scams and fraudulent activities?

Scams tend to exploit the weakest link in the chain – humans. Social engineering attacks are often successful despite security solutions being in place because ultimately, it’s the trust of humans that is exploited rather than gaps in the technology infrastructure. So, in addition to implementing robust security solutions and utilising reputed service providers, there is a need for awareness, education and exercising caution and due diligence. As a rule of thumb, if something sounds ‘too good to be true’, it probably is.

Similarly, requests that force a sense of urgency are often attempts at tricking users into acting quickly and letting down their guard.

Keeping up to date with news on the latest threats and scams will benefit both individuals and businesses.