Improved IT systems, new training and updated legislation are needed to track the use of virtual currencies by ransomware crooks and terrorists, according to a U.S. official.
To keep up with increasing uses of cryptocurrencies, particularly those that could pose a national security threat, experts agree the government must improve its IT systems and personnel training.
At a June 8 House Financial Services Terrorism and Illicit Finance Subcommittee hearing, lawmakers from both sides of the aisle raised questions about how and if the government can keep up with and regulate transactions of virtual currency that fund illicit activities.
"The big problems I see are the unregulated and unregistered exchanges" that take place outside the purview of the U.S. government, Assistant U.S. Attorney and Digital Currency Coordinator for the Department of Justice Kathryn Haun said.
"Where we have a problem is in getting at that information or forcing compliance from these overseas entities," she said. "We can't keep up with those as the matter currently stands."
However, Haun said she believes that law enforcement can keep up with illicit digital exchanges if the government provides adequate resources for systems upgrades and personnel training.
"The systems are very important because oftentimes … our old systems can't even access" or process metadata provided by more technologically advanced systems, she said.
Haun said while terrorist and ransomware transactions occur outside view of regulators, many of the “ransomware campaigns or unregulated exchanges actually rely on a lot of U.S. companies," such as Google, Amazon and Microsoft.
"I think we could use some tools in our toolkit, statutory tools … to more easily chip away at parts of their businesses that touch on the U.S.," she said.
Haun also said that updating decades-old federal statutes and mutual legal-assistance treaties to specifically include digital currencies would give the government more flexibility and give "prosecutors a lot more comfort that this technology is absolutely" covered in illicit monetary exchange statutes.
President of the Identity and Payments Association Scott Dueweke was less optimistic about law enforcement's ability to track the uses of virtual currencies, due to the amorphous and anonymous nature of these transactions and because they often "are being protected by local political entities and law enforcement."
"I have a very dim view of us being able to cope with them effectively because the barrier to entry for setting up an exchange is so low," he said, adding that law enforcement is "far, far, far behind … at coping with this."
Executive Director of Coin Center Jerry Brito testified that while "the current regulatory framework impedes law enforcement" from fully collaborating with the private sector, he added that new rules aren't the answer.
"Encouraging [virtual currency’s] legitimate use gives us more and better visibility into the network, while discouraging its use only cedes the network to bad actors," he said, adding that because it's still a nascent technology, "there's still time to develop a considered response."