Senators Urge US Government to Curb North Korean Crypto-Fueled Weapons Proliferation

A letter by three US senators – Elizabeth Warren, Tim Kaine, and Chris Van Hollen – has revived concerns that the Democratic People’s Republic of Korea (DPRK) may be funding its ballistic weapons program with cryptocurrency. The letter urges the US government to curb North Korean virtual assets-fueled sanctions evasion and weapons proliferation. The letter is the latest in a long string of bipartisan efforts to prevent the criminal use of crypto and protect the American public.

The letter addresses Brian E. Nelson, the Department of the Treasury’s Under Secretary for Terrorism and Financial Intelligence, and Jake Sullivan, President Biden’s National Security Advisor, citing blockchain analysis figures that show an upswing in North Korean crypto thefts. In parallel, it points out international research showing North Korea has increased cyber warfare and weapons proliferation programs. 

Evidence Links North Korean Crypto Underground with Missile Program

North Korea is economically isolated due to heavy sanctions, so the country’s sourcing and use of funds is often obscure. But it is estimated that North Korea uses crypto assets to fund up to 50 percent of its weapons program. This estimation comes from Anne Neuberger, Deputy National Security Advisor, Cyber and Emerging Tech, and represents a significant increase from her 30 percent estimate in 2022. 

Additional independent data suggests North Korea may be using virtual assets to proliferate weapons. For one thing, estimates suggest significant defense spending. In 2019, the US Department of Defense estimated that Pyongyang spent around 26 percent of its gross domestic product (GDP) – $4 billion – on defense. Other estimates suggest spending as high as 30 percent. At over 1.9 million personnel, the country’s military is one of the largest in the world.

And Kim Jong-un has linked the country’s sharp uptick in cyber activity to its war, nuclear, and missile programs. North Korea’s crypto-centered hacking activities are well-known. In 2021, the US Department of Health and Human Services Cybersecurity Program estimated 7,000 individuals belonged to the country’s cyber warfare program. It also suggested DPRK’s cyber activity had jumped 300 percent since 2017. The same report cited Kim Jong-un as saying, “Cyberwarfare is an all-purpose sword that guarantees the North Korean People’s Armed Forces ruthless striking capability, along with nuclear weapons and missiles.” A 2019 United Nations report – cited in the US senators’ letter – said the country had stolen around $2 billion from banks and crypto exchanges to fund weapons of mass destruction. 

North Korea appears to owe a staggering proportion of its revenue to stolen crypto. As the Royal United Services Institute (RUSI) reported in 2022, DPRK has often used designated non-financial businesses and professions (DNFBPs) – for example, lawyers, real estate, and casinos – for sanctions evasion and proliferation financing. But as sanctions continue to tighten even as the pandemic has caused economic downturns, virtual assets’ appeal as a funding source grows. The senators’ letter cited a blockchain analytics report finding that in 2022, North Korea had stolen around $1.7 billion – nearly four times the amount stolen in 2021. In contrast, the country’s export revenue is estimated to be a mere $89 million. 

The letter also points out that DPRK’s missile testing program has increased in parallel to this influx of stolen crypto. According to the James Martin Center for Nonproliferation Studies, North Korea conducted ten times more tests in 2022 than in 2021. And at the end of 2022, Kim Jong-un called for an “exponential” expansion of his country’s nuclear and missile programs, especially targeting South Korea and the US. 

AML/CFT Regulations and Virtual Assets

US representatives have urged regulators to strengthen cryptocurrency anti-money laundering and counter-terrorist financing (AML/CFT) regulations. Notably, the Digital Asset Anti-Money Laundering Act has proposed classifying virtual asset service providers as money service businesses (MSBs). If passed, the act would subject the virtual asset industry to mainstream AML/CFT requirements.

A proactive approach to risk management can help firms in the virtual assets sector stay ahead of regulations. Firms under US jurisdiction should continue to watch for cryptocurrency designation updates throughout the year. In 2022, US regulators targeted mixers allegedly facilitating North Korean cryptocurrency money laundering. In light of this, firms may also want to update their knowledge of cryptocurrency money laundering typologies. These include common layering tactics such as:

• Mixers and tumblers – These services allow multiple crypto users to pool funds over time, mixing them to hide where they came from. Once mixed, they are distributed among new receiving accounts – chosen before the mixing began. This process can be repeated multiple times to scramble the data and throw off tracing attempts.
• Chain-hopping – This has been especially popular in the attempt to conceal the origins of ransomware and other stolen proceeds. Launderers convert a currency on one blockchain to another with a separate blockchain – often using decentralized finance through peer-to-peer exchanges. The more times this is done, the harder it becomes to trace the money back to its illicit source because of how many times the data chain has been disrupted. The use of privacy coin in the process can further obscure the money trail.

How Should Firms Respond?

In transaction screening and monitoring, firms can look for key red flags that identify crypto layering, such as: 

• High-volume, low-value transactions that evade thresholds.
• Crypto transfers to under-regulated or high-risk areas.
• Rapid currency exchanges that don’t follow current market trends.
• Currency exchanges or transactions involving regular losses.

Firms may especially want to consider trends involving North Korea’s use of virtual assets, some of which are highlighted on pages 74-77 of the 2023 report by the United Nations 1718 DPRK Sanctions Committee panel of experts.