Eric Fried's thesis
Uniting U.S. Agencies to Fight the Illicit Use of Cryptocurrency
– Executive Summary –
This thesis explores potential frameworks for interagency collaboration to combat the illicit use of cryptocurrency. A 2019 study by the non-profit Center for Naval Analyses (CNA) research group identified the use of cryptocurrencies in facilitating illicit activity as an emerging threat.[1] The same study also identified familiarity with cryptocurrencies as a knowledge gap within the Special Operations Command (SOCOM), the lead component for carrying out the military’s counter-threat finance (CTF) mission.[2] One conclusion drawn by CNA was the need for SOCOM to partner with other government agencies to close this gap in capabilities.[3] Law enforcement agencies with experience in the financial sector have been exploring issues surrounding cryptocurrencies for several years now. The law enforcement community is well positioned not only to assist the Department of Defense (DoD) but also to act in full partnership with it to create a unified, interagency effort to confront the emerging threat from the illicit use of cryptocurrency.
This thesis’s central research question therefore asks, what is a potential framework that will allow the interagency to combat the emerging, developing, and long-term threat posed by the illicit use of cryptocurrencies? To answer this question, the thesis works from three central characteristics regarding malign actors’ behavior, their ability to adapt to avoid discovery, and the appropriate response from the U.S. government. First, many adversarial entities engage in multiple activities, such as terrorism, insurgency, and criminality, and when these singular organizations are not carrying out malign activities, they are forming strategic alliances with other organizations to further their own interests.[4] Second, as these malign organizations form new alliances, they are also developing new detection-evasion techniques, with the use of cryptocurrency representing this behavior; as cryptocurrencies become more mainstream, it can be expected that their use among criminal organizations will increase as well.[5] Third, as this threat environment continues to be defined by nefarious alliances utilizing increasingly sophisticated technological tools, the United States will need to develop a means for implementing all of its instruments of power to confront it.
The illicit use of cryptocurrency, characterized by the exploitation of malign actors and facilitated by rapid technological advancements, could overwhelm the resources of any one U.S. department or agency to combat it. The homeland security enterprise (HSE) will need to explore models of interagency cooperation to better identify and disrupt the sources of funding of the nation’s adversaries. The U.S. government has several potential models for consideration when crafting an interagency response to the illicit use of cryptocurrency. These frameworks include a new interagency combatant command (ICC), an “agency-led” model in the mold of the FBI’s National Cyber Investigative Joint Task Force (NCIJTF) and a new joint interagency task force (JIATF) based on the counter-drug mission of JIATF-South (JIATF-S).
These models have strengths and weaknesses that affect their ability to conduct a counter-crypto mission. A new ICC would be modeled on the traditional DoD geographic combatant command (CCMD). Proponents of an ICC argue that CCMDs have suffered from increased mission creep and are ill suited to meet 21st century security threats.[6] A new ICC would provide a host of advantages: it would better represent a whole-of-government approach, eliminate redundancies, encourage greater foreign nation cooperation, enhance the role of interagency partners, and increase the professional development of participating members.[7] Though CCMDs are considered outdated by critics, they do participate in a 21st century interagency effort via the DoD’s CTF mission. This is a mission that could be taken up by a reimagined CCMD. However, a 2021 report by the DoD’s Office of Inspector General was critical of the DoD’s execution of its CTF responsibilities.[8] This audit found that the CTF mission suffered from a lack of support, oversight, and development from DoD headquarters components; the mission was also marred at the CCMD level by differing priorities, inconsistent partnerships, and a lack of standardized SOPs.[9] These factors have hindered the DoD’s ability to maximize the effectiveness of it CTF mission. These deficiencies could be a harbinger of the inability of a similarly organized ICC to counter the illicit use of cryptocurrency.
The FBI’s NCIJTF was established to coordinate and facilitate information sharing among U.S. HSE agencies regarding cyber-threat investigations.[10] The NCIJTF has strengthened interagency cooperation, incorporated some international partners, and has leveraged relationships with private companies and industry groups to promote better public–private interactions. However, the NCIJTF struggles with organizational challenges including sharing full and timely information, integrating foreign partners, and incorporating law enforcement partners into leadership roles.[11] Other factors could inhibit the practicality of the agency-led model. Several agencies conduct cryptocurrency investigations, and there is no clear-cut agency to spearhead a new counter-crypto mission. Additionally, the director of the FBI is expressly forbidden from controlling the operations of partnering agencies.[12] This prohibition most likely reflects the desire of partnering agencies to avoid surrendering operational control of their own resources to an outside agency. Though the functionality of the NCIJTF has improved, the ad hoc nature of the agency-led model and inherent flaws, as outlined in the Department of Justice’s Office of the Inspector General (OIG)’s audits, may limit the potential of this framework.
The third model of interagency cooperation, the unity-of-effort approach, is practiced by JIATF-S. JIATF-S is a partnership that includes the military, law enforcement, the Intelligence Community, and representation from Europe and Latin America.[13] Although a DoD command, its leadership structure has incorporated representatives from multiple partner agencies. JIATF-S has leveraged executive orders, legislative actions, and funding to drive support and garner buy-in from the agencies involved in its mission.[14] Multiple organizational variables have also contributed to JIATF-S’s success.[15] JIATF-S benefits from organizational purpose: drug interdiction that is clearly understood by all partners. JIATF-S has achieved organizational empowerment through special funding set aside for its exclusive use and personnel authorized to make commitments for their parent organizations. Finally, JIATF-S has maintained organizational support by bringing together all its partners to determine operational plans for the assets and resources the JIATF uses while allowing individual agencies to take credit for seizures and prosecutions.
The Biden administration’s publication of its “Executive Order on Ensuring the Responsible Development of Digital Assets” identified cryptocurrency as a risk to national security.[16] This EO has called on the interagency to formulate a plan to counter the illicit use of virtual currencies and mitigate the potential risks they pose to the United States. This thesis proposes the creation of a new joint interagency task force, JIATF-Crypto, for such a tasking. JIATF-C, with a narrow and clearly defined mission (combating the illicit use of cryptocurrency), employing the organizational variables that empowered JIATF-S, would be best positioned to counter the risks identified by the Biden administration. This thesis further recommends that the creation of a new JIATF-C should come via legislation or executive order to signal the importance of the JIATF’s mission and ensure the full cooperation of the HSE. Finally, this thesis recommends that a new JIATF-C explore funding opportunities with the Treasury Executive Office of Asset Forfeiture to take advantage of the proceeds derived from the seizure of cryptocurrencies. JIATF-C, with the ability to become a self-funding entity, even in part, could alleviate budgetary burdens on the participating agencies and insulate a JIATF-C from executive or congressional budget cuts.
[1] Megan McBride and Zack Gold, Cryptocurrency: Implications for Special Operations Forces, CRM-2019-U-020186-Final (Arlington, VA: Center for Naval Analyses, 2019), https://www.cna.org/CNA_files/PDF/CRM-2019-U-020186-Final.pdf.
[2] McBride and Gold.
[3] McBride and Gold.
[4] Angel Rabasa et al., Counternetwork: Countering the Expansion of Transnational Criminal Networks (Santa Monica, CA: RAND Corporation, 2017), https://www.rand.org/pubs/research_reports/RR1481.html; Michael Miklaucic and Jacqueline Brewer, eds., Convergence: Illicit Networks and National Security in the Age of Globalization (Washington, DC: National Defense University Press, 2013), https://inss.ndu.edu/Media/News/Article/699539/convergence-illicit-networks-and-national-security-in-the-age-of-globalization/.
[5] Nicholas Weaver, “Inside Risks: Risks of Cryptocurrencies,” Communications of the ACM 61, no. 6 (June 2018): 1–5, https://doi.org/10.1145/3208095; Steven David Brown, “Cryptocurrency and Criminality: The Bitcoin Opportunity,” Police Journal: Theory, Practice and Principles 89, no. 4 (2016): 327–39, https://doi.org/10.1177/0032258X16658927.
[6] Christopher L. Naler, “Are We Ready for an Interagency Combatant Command?,” Joint Forces Quarterly, no. 41 (2006): 26–31.
[7] Naler, “Are We Ready for an Interagency Combatant Command?”; Jeffrey Buchanan, Maxie Y. Davis, and Lee T. Wight, “Death of the Combatant Command? Toward a Joint Interagency Approach,” Joint Forces Quarterly, no. 52 (2009): 92–96.
[8] Michael J. Roark, Evaluation of Combatant Command Counter Threat Finance Activities, DODIG-2021-082 (Washington, DC: Department of Defense, Office of the Inspector General, 2021), https://www.dodig.mil/reports.html/Article/2629376/evaluation-of-combatant-command-counter-threat-finance-activities-dodig-2021-082/.
[9] Roark.
[10] George W. Bush, Cybersecurity Policy, NPSD-54/HSPD-23 (Washington, DC: White House, 2008), https://irp.fas.org/offdocs/nspd/index.html.
[11] Department of Justice, Office of the Inspector General, The Federal Bureau of Investigation’s Ability to Address the National Security Cyber Intrusion Threat, Audit Report 11-22 (Washington, DC: Department of Justice, 2011), https://oig.justice.gov/reports/FBI/a1122r.pdf; Department of Justice, Office of the Inspector General, Audit of the Federal Bureau of Investigation’s Implementation of Its Next Generation Cyber Initiative (Washington, DC: Department of Justice, 2015), https://oig.justice.gov/reports/2015/a1529.pdf.
[12] Bush, Cybersecurity Policy.
[13] Richard M. Yeatman, “JIATF-South: Blueprint for Success,” Joint Forces Quarterly, no. 42 (2006): 26–27.
[14] Evan Munsing and Christopher J. Lamb, Joint Interagency Task Force-South: The Best Known, Least Understood Interagency Success (Washington, DC: National Defense University Press, 2011), https://www.hsdl.org/?abstract&did=489189; Patrick Howell, “Will the CORDS Snap? Testing the Widely Accepted Assumption That Inter-Agency Single Management Improves Policy-Implementation” (PhD diss., Duke University, 2018), https://hdl.handle.net/10161/17471.
[15] Munsing and Lamb, Best Known, Least Understood.
[16] See “Executive Order on Ensuring Responsible Development of Digital Assets,” White House, March 9, 2022, https://www.whitehouse.gov/briefing-room/presidential-actions/2022/03/09/executive-order-on-ensuring-responsible-development-of-digital-assets/.
