Policy

South Africa’s FIC flags crypto crime risks for VASPs — Report

The agency says that criminal actors are turning to crypto to launder their profits and wants licensed VASPs to report them

Design by Omowunmi Babalola for Maribock.

South Africa’s Financial Intelligence Center (FIC) has cautioned virtual asset service providers (VASPs) in the country to tighten controls against criminal exploitation.

The agency named key vulnerabilities in crypto operations and asked exchanges to be on guard against common tactics bad actors use to capitalize on them.

Driving the news

In its sector risk assessment report published on April 1, the financial watchdog highlighted money laundering and terrorist financing risks that VASPs in the country will potentially face.
It stated that the number of firms registered with it had grown to 256 by Feb. 10 and added that it gathered information on 31 other companies operating without licenses.
The FIC found that nine VASPs were proven to be associated with child sex abuse, terrorism financing, purchase of darknet materials and other crimes designated as severe risk.

Dive deeper

The FIC has warned that non-crypto criminals are increasingly laundering money through cryptocurrency, using methods that many Virtual Asset Service Providers (VASPs) struggle to detect and report.
The FIC ordered crypto exchanges to watch and check their customers for possible money laundering and terrorism funding risks in their transactions.
It listed several common ways criminal actors work, typically purchasing assets through fake legal intermediaries and then converting them into privacy coins.
These coins are moved to mixers notorious for blurring the true origins of funds and then withdrawn to fiat, making it hard for authorities to trace their true sources.

What activities are flagged as ‘suspicious?’

The FIC requires exchanges to report suspicious activities, particularly transactions from anonymous sources or those deliberately hiding participants’ identities.
Suspicious activities include wallets linked to multiple cards, transactions from gambling services, rapidly moving multiple assets or transferring from public blockchains like Bitcoin to privacy-focused ones and deposits exceeding a customer’s normal patterns.
Exchanges should flag deposits from mixing services, platforms with weak AML/CFT controls, and anonymous entities like shell companies.
The FIC stated that customers who regularly move large amounts from multiple wallets to one or make several small deposits just under reporting limits should be reported.

The FIC’s action points

The agency also said crypto exchanges must implement strong KYC procedures and better match transactions to the actual identities of those initiating them.
Currently, authorities are prosecuting a South African national for a bitcoin payment he made to a terrorist organization in 2017.