Crypto Platform Bitzlato and its Founders Face Enforcement Action from U.S. Authorities for Processing Over $700M of Illicit Funds

Merkle Science
November 6, 2024

On January 18, the U.S. Department of Justice (DoJ) confirmed the arrest of Anatoly Legkodymov, the creator of the cryptocurrency exchange Bitzlato, which is registered in Hong Kong. He is accused of using the platform to handle $700 million in illegal money. 

A U.S. federal court filed charges against the 40-year-old Russian native who was detained in Miami for "running a money transmitting business that moved illegal money and that it failed to fulfill U.S. regulatory protections, including anti-money laundering standards." 

After learning that the exchange has been used to assist criminal operations including drug trafficking and fraud, an investigation prompted the Financial Crimes Enforcement Network (FinCEN) to identify Bitzlato as a key money laundering issue.

In its press release, FinCEN stated that Bitzlato had failed to implement effective anti-money laundering (AML) measures, despite being aware of the risks associated with its business model. The exchange had not implemented know-your-customer (KYC) procedures and had not taken steps to identify and report suspicious activity on its platform.

Owing to the deficit KYC procedures, Bitzlato emerged as a haven for criminal proceeds and funneling funds intended to be used in criminal activity. Bitzlato’s largest counterparty in cryptocurrency transactions was the online darknet marketplace, Hydra Market. Before Hydra Market was shut down by the U.S. and German law enforcement in April 2022, users of the platform traded more than $700 million in cryptocurrencies with Bitzlato directly or through intermediaries.

Moreover, the FinCEN highlighted that by facilitating illicit transactions for ransomware actors based in Russia, including, Conti, a Ransomware-as-a-Service group that has ties with the Government of Russia, Bitzlato played a key role in laundering crypto. Ransomware as a Service is a malicious subscription-based model in which malware developers offer pay-for-use malware tools which enable cybercriminals to execute ransomware attacks.

“Bitzlato poses a global threat by allowing Russian cybercriminals and ransomware actors to launder the proceeds of their theft,” said FinCEN Acting Director Himamauli Das. “As criminals and criminal facilitators evolve, so too does our ability to disrupt these networks. We will continue to leverage the full range of our authorities to prohibit these institutions from gaining access to the U.S. financial system and using it to support Russian illicit finance.”

The shutdown of Bitzlato serves as a reminder of the importance of compliance with AML regulations in the cryptocurrency industry. The DOJ's action also underscores the need for exchanges to implement effective measures to detect and prevent money launderings, such as robust KYC procedures and transaction monitoring systems. This is a strong statement made by the US authorities on the importance of compliance and regulations in the crypto space. Exchanges must work closely with regulators and law enforcement agencies to ensure that they are operating in compliance with all applicable laws and regulations. 

At Merkle Science, we understand the importance of keeping our customers informed and protected. That's why we have taken immediate action to ensure that our customers can easily identify any interactions they may have had with Bitzlato using our flagship behavior-based transaction monitoring and reporting solution, Compass.

We have promptly added the addresses associated with Bitzlato to our system and designated them as "Law Enforcement" type with the subtype "Seized Coin." Additionally, we have escalated the risk level of these sanctioned addresses to "Critical Risk" in our system, to ensure that our customers are fully informed of any potential risks.

To provide even further protection, we have also implemented additional compliance measures. Addresses that have had any exposure to Bitzlato, whether directly or indirectly, will now be flagged with new alerts according to our customers' individual business risk policies. This ensures that our customers are always aware of any potential risks and can make informed decisions accordingly.