Bitcoin Makes It Harder For Feds To Track Ransom Money In BVI
ROAD TOWN, Tortola, BVI – Charges filed recently by the Justice Department against Anthony R. Murgio and Yuri Lebedev have been linked to the hacking of JPMorgan Chase in which information related to 83 million customer accounts was stolen.
The two men are accused of setting up an illegal Bitcoin money-transmission business to help hackers launder money from ransom demands made on companies threatened with cyberattacks.
An intriguing aspect of the plan outlined in the government’s complaint included taking control of a small credit union in New Jersey to help move the proceeds through the banking system.
The problem for anyone engaged in financial crimes is getting the money out of the United States without a trace so that it can be retrieved later. Carrying cash is far too risky, so finding a way into the financial system to move funds electronically is crucial.
According to the complaint, Murgio and Lebedev hid their money-transmission business, called Coin.mx, behind a dummy corporation named “Collectables Club.”
Its website claimed to let members trade cars, stamps and sport memorabilia, with the club taking a 15 percent cut of the transactions.
Murgio opened accounts at two banks to move the money from Bitcoin transactions at Coin.mx to accounts in the British Virgin Islands and Cyprus, using the club as a front to explain the volume of large transactions.
In using the accounts, the defendants needed to avoid setting off the anti-money laundering controls in place at the banks. An email from Murgio quoted in the complaint instructs a customer of Coin.mx not to send $100,000 by wire because it would get flagged by the bank.
In a lament undoubtedly repeated by those trying to launder money, he wrote that “if the U.S. was not so damn screwed up about this stuff, we wouldn’t have to deal with this.”
The complaint estimates that about $1 million went through the accounts at the two banks, which is not a trivial amount but hardly enough to conduct a major illicit money transmission business, especially if the transactions have to be kept small enough to avoid setting off inquiries.
The next step in the program described in the complaint was a creative one: gaining access to the banking system by taking control of a credit union. An ordinary bank customer has to worry about being monitored, but if you control the financial institution, then you do not have to worry about the money laundering rules.
Murgio and Lebedev took over a tiny credit union in Jackson, N.J., called Helping Other People Excel Federal Credit Union, in May 2014 by paying one of its executives. New directors with ties to Murgio, including Lebedev, were then installed on the board.
Given its small size, with less than 200 members, and modest operations, it was no surprise that a credit union did not have anti-money laundering controls in place because it did not need them.
After Murgio was put in charge, an account for a payment processor was opened through which as much as $30 million a month in bank wires was transmitted. For a credit union with only about $200,000 on deposit by its members, this caught the attention of the National Credit Union Administration, the regulator of federal credit unions.
It ordered the credit union to stop to the transfers and remove the new directors. But for a few months in 2014 there was unfettered access to the banking system to move money without any concern about anti-money laundering safeguards.
Whether it is a global banking operation like Citigroup or a tiny New Jersey credit union, the potential for money laundering is always present. Anywhere money can flow, there is the danger that the proceeds of financial crimes will be washing through the financial system.