Reuters analysts revealed that between 2017 and 2021, cybercriminals laundered at least $2.35 billion in illegally obtained funds through the Binance cryptocurrency exchange.

During the investigation, experts examined court records, law enforcement statements, and data from blockchain analysis companies. According to the information received, funds obtained from hacking, investment fraud and drug sales on the platform were laundered.

Important points:

• From 2017 to 2022, buyers and sellers of the Hydra darknet market used Binance to make $780 million worth of cryptocurrency transactions.
• According to Chainalysis, in 2019 alone, the exchange received $770 million worth of malicious funds, outperforming all platforms in this indicator.
• Law enforcement in Germany reported that in 2020 Binance was used to launder some of the proceeds from scam schemes, resulting in victims losing a total of €750 million.
• North Korean hackers Lazarus sent some of the funds to Binance from the hacks of the Slovak exchange Eterbase and the Ronin sidechain.

Reuters noted that by mid-2021, the exchange had weak AML procedures.

Hours after the Eterbase attack, hackers opened at least 20 anonymous accounts on Binance in 2020, allowing them to convert stolen funds and “hide a trail of funds,” according to media reports.

Hydra-related cryptocurrency transactions going through Binance dropped sharply after the exchange tightened customer verification procedures in August 2021, researchers said.

At the same time, Reuters noted that the share of “dirty” cryptocurrencies passing through Binance is only a small fraction of the exchange’s total trading volume.

Binance Director of Communications Patrick Hillmann described the calculations presented in the article as inaccurate. He further stated that the exchange is engaged in transaction monitoring and risk assessment to “ensure that illegal funds are tracked, frozen, recovered and/or returned to the rightful owner.”

In response to the investigation, the exchange also republished a blog post stating that contrary to popular belief, cryptocurrencies are not the main method used by criminals to launder money. The entry appeared on Binance prior to the publication of the Reuters investigation.

The post doesn’t mention Reuters directly, but references a journalist who allegedly “has proof that Binance allowed laundering of approximately $2.5 billion between 2017 and 2022.”

The exchange noted that “it is much easier to open a bank account with false documents in a small regional bank than to use cryptocurrencies” to launder money.

Binance emphasized that cryptocurrency platforms follow strict KYC procedures, that large transactions cannot be made silently and can be easily tracked via the blockchain.

The company also announced cooperation with law enforcement, the use of “state-of-the-art systems” to combat money laundering, and working with a large team of cybercriminals.

Binance noted that in the event of the Ronin attack, most of the stolen funds ended up on other exchanges and went through the Tornado Cash Ethereum mixer. In collaboration with law enforcement and analysts, Binance froze approximately $5.8 million in hack-related assets.

The exchange also talked about the Eterbase hack, with dozens of anonymous accounts opened on the crypto platform by Lazarus hackers. The company announced that Binance is collaborating with Slovak authorities to identify such accounts both on its site and on other exchanges.

The statement also refers to the indirect use of “every major exchange” to handle Hydra-related cryptocurrency transactions. At the same time, Binance noted that it is the traceability of crypto assets that contributes to the investigation of the darknet site’s activities.

“For those who oppose cryptocurrencies, it is a disturbing fact that the vast majority of all money laundered goes through the traditional banking system, not crypto assets,” Binance said.

Recall that in January, Reuters wrote that Binance repeatedly withheld information from regulators, neglected KYC procedures, and violated the recommendations of its own compliance department.

In April, the media reported that the exchange’s regional office agreed to share information about Russian customers with Rosfinmonitoring and the FSB in exchange for assistance in doing business in the state. Binance published correspondence with Reuters journalists and denied the allegations.