UK NCA Claims Crypto "Increasingly Used" For Money Laundering, E2EE Risk To Children

Estimating Criminal Use Of Cryptocurrency

The NCA's national risk assessment claims an estimated 1.7 Billion – 5.1 Billion GBP in "illicit cryptocurrency transactions" to be linked to the UK annually, but provides no further data on the allegedly identified volume or insight into the methodologies applied. The spread of more than 66% between its lowest and highest presented estimation is notable.

The assessment notes that illicit funds are "typically held as cryptocurrency", but again fails to provide further data or oversight of applied methodologies, merely making note of a case study on the ransomware group LockBit.

The assessment appears to speak to a lack of certainty on overall illicit transaction volume in the UK, stating that ""it is highly likely that over £12 billion of criminal cash is generated each year in the UK" and "it is a realistic possibility that over £100 billion is laundered through and within the UK or UK-registered corporate structures each year."

The assessment claims that "as the popularity of cryptocurrency grows, so too does the frequency of cryptocurrency crime" – a statement that stands in direct contrast to previous trends observed within the industry, which correlate a growth in overall cryptocurrency volume with a decrease in illicit transaction volume.

The assessment's findings of an increasing use of "cryptoassets" to launder "non-digital proceeds of crime" appears to further stand in contrast to industry findings which reported a "significant drop in value received by illicit cryptocurrency addresses" in 2023, estimating the total volume of illicit transaction volume to lie at merely 0.34%, from 0.42% in 2022.

The assessment states that "international controller networks use a variety of methods to provide a professional money laundering service to criminals. They are increasingly able to exchange cash for cryptoassets on behalf of global criminal networks. This links UK generated proceeds of crime to transnational cybercrime impacting victims worldwide". The published assessment provides no further data on this claim.

The assessment states that "Cryptocurrency remains an important facilitator of criminal transactions, for laundering funds, paying for goods and services on the dark web, and making ransom demands. Their legitimate use by the public also provides criminals with fraud and theft opportunities," but again fails to corroborate its findings with concrete data points.

The assessment echoes a recent Financial Action Task Force report on the implementation of FATF standards regarding 'Virtual Assets' and 'Virtual Asset Service Providers', which found virtual assets increasingly used by terrorist groups, while "data gaps remain a main challenge".

Supposed Risk To Children Through End-To-End Encryption

Apart from findings on cryptocurrency, the assessment claims that "the deployment of end-to-end encryption on key platforms is increasing the risks to children by reducing the visibility of offending".

The assessment states that "the NCA estimates that the deployment of end-to-end encryption on popular social media platforms will undermine agreed Safety by Design principles and will impair the industry’s ability to identify child sexual abuse content. It is estimated this will reduce the number of industry reports disseminated by the NCA to police each year by as much as 92% for all of Facebook and 85% for all of Instagram. Consequently, industry and law enforcement’s ability to protect children will be reduced".

The assessment merely makes note of a case study on "self-generated indecent images", in which the NCA was able to "identify the offender, safeguard victims, and gather evidence because his offending on Snapchat was not end-to-end encrypted".

The concern for end-to-end encryption to allegedly hinder the protection of children is reflected in globally proposed legal frameworks such as the EU's Regulation on Preventing and Combating Child Sexual Abuse, also known as Chat Control, and the US' EARN IT and KOSA Acts.

The NCA assessment's findings on end-to-end encryption to increase security for children on the internet stand in contrast to the opinions of human rights and civil liberties organizations, which find that proposed legal frameworks for the protection of children would incentivize censorship, disincentivize privacy and security protections, and enable "warrantless government access to private data".

The NCA assessment's findings on the protection of children further stand in contrast to an open letter to the US Senate by parents of trans and gender expansive kids, who argue that proposed bills for the protection of children, such as KOSA, would "would make our kids less safe, not more safe".

The risk assessment does not appear to have been published in full – The Rage will file a Freedom of Information Request with the UK's NCA to obtain the data leveraged and methodologies applied.

Independent journalism does not finance itself. If you enjoyed this article, please consider donating to our Geyser Fund.