[downandout]

"The chief selling point of Tornado Cash is money laundering, which is in and of itself a crime in both the US and Netherlands."

You have a fundamental misunderstanding of US law with regard to money laundering. Obfuscating the source of funds, by itself, is not money laundering. Money laundering requires a "predicate offense" - the money that is being laundered must be proven to have had an illicit source. Further, the entity accused of doing the "laundering" also must know that the source of funds is illicit before doing it. Intent to promote the carrying on of "specified unlawful activity" must also be proven in order for a money laundering conviction to occur. You can read the entire statute here [1].

Therefore, the "chief selling point" cannot be money laundering, at least under US law, because the contracts were deployed with no prior knowledge of how or by whom they would be used. One cannot form intent without prior knowledge. The chief selling point was anonymity, not money laundering, which has a highly specific legal meaning.

[1] https://www.law.cornell.edu/uscode/text/18/1956

[woodruffw]

You're addressing 18 USC 1956 (a)(1)(A)(i) and (a)(1)(B)(i).

I'm concerned with (a)(1)(B)(ii), which concerns reporting requirements. The kind of financial transactions that Tornado Cash enables are fundamentally incompatible with the US's Federal reporting requirements.

My understanding of the Dutch criminal code (which is not great!) is that their standard is even weaker: it is sufficient to demonstrate mere concealment, not a failure to meet particular reporting requirements.

[downandout]

At least under US law, intent is still required. Meaning that while some users of TC may have violated this law, the devs did not, nor did they knowingly aid in it or have any provable intent to do so.

I don't know what Dutch law says with regard to intent/knowing participation, but I suspect that any system of laws in a civilized country would generally require it for criminal convictions.

[woodruffw]

(B)(ii) does not require specific intent. It requires knowledge that the transaction fails to meet reporting requirements.

The intent in question is manifested in Tornado Cash's design, which doesn't pass the malfeasance smell test: you can't absolve yourself of illegality by automating the illegality.

[downandout]

The intent in question is manifested in Tornado Cash's design, which doesn't pass the malfeasance smell test: you can't absolve yourself of illegality by automating the illegality.

Given that it also has legitimate uses, I think that's a very difficult case to make. Also, with very limited exceptions, nearly all crimes in the US require intent and/or knowing participation. It's a fundamental tenet of our system. There is a reason that they aren't being prosecuted in the US, and those reasons are outlined above. Perhaps Dutch law is different enough to allow a conviction; time will tell.

I'd also point out that Apple's device encryption scheme was specifically designed so that Apple itself cannot unlock devices, which thwarts law enforcement subpoenas for assistance. They can legitimately throw their hands up in the air and say "we have no ability to help you" - and that's by design. It is not illegal to design systems in this way. It just shifts the legal liability for misuse onto the users, where it should be.

[ChrisLomont]

>Given that it also has legitimate uses,

You're not addressing the point about "(a)(1)(B)(ii), which concerns reporting requirements".

If they cannot meet US law for reporting requirements, then they are breaking the law, right?

[downandout]

No, they are not. They aren’t actively participating in the transactions, and thus have no reporting requirement. Users are not allowed to structure transactions, as it is illegal for them to do so.

[300bps]

Also, with very limited exceptions, nearly all crimes in the US require intent and/or knowing participation.

The fact that this statement is 100% completely wrong in totality is common knowledge.

I recently bought a kayak. In my state I'm required to register the kayak and have a registration sticker on it. If I was unaware of this, there is no, "Oopsie! Didn't know" defense.

This principle goes back to Roman law - ignorantia juris non excusat. You may have heard Thomas Jefferson saying the English version, "Ignorance of the law is no excuse". It's one of the favorite things for judges to say as they sentence people in criminal proceedings.

[vlovich123]

Is it “100% wrong in totality”? Mens rea (“guilty mind”) is a required element of many crimes [1]. Moreover, there’s the whole annoying concept of due process [2]:

> as due process required that the defendant have notice of the crime at issue. The Lambert decision explicitly recognized this fair notice requirement as an exception to the general rule that ignorance of the law is no defense.

I’m not saying that necessarily applies here but clearly ignorance of the law can sometimes be an excuse, no?

[1] https://en.m.wikipedia.org/wiki/Mens_rea

[2] https://nccriminallaw.sog.unc.edu/ignorance-law-excuse/

[xeromal]

For someone who isn't in the know of this case, can you share some legitimate uses for Tornado Cash?

[downandout]

Sure, I used to use it. I won't explain the strategy, but I have a crypto trading bot that sometimes profits at the expense of other bots. The owners of these bots got so annoyed at this that they would blacklist the address at which my bot was, and would then track any addresses that I sent funds to from there and blacklist those in advance. TC broke this ownership chain, so they could no longer preemptively blacklist the addresses my bot operated from.

[jimcsharp]

Privacy - just the general desire to participate in crypto as if it were cash, like originally intended. Right now if you aren't running a miner, you've lost that ability without tumblers.

[dfadsadsf]

Anonymity and privacy is very useful in a lot of legal use cases. One example is buying domain name without disclosing who is buying (disclosing that information may dramatically inflate price).

There are obviously workarounds without tornado cash but tornado cash is probably the cheapest option.

[psychlops]

You should read about high frequency trading sometime.

[woodruffw]

I know a little bit about HFT, and I don't have anything particularly nice to say about it. But it's more or less unrelated to the particular crime of money laundering.

[300bps]

Money laundering requires a "predicate offense"

Structuring is one of the most common methods of facilitating money laundering.

No predicate offense required. It’s illegal all on its own.

https://bsaaml.ffiec.gov/manual/Appendices/08

[TacticalCoder]

Structuring though is one of the dumbest, laziest and most arbitrary law ever. If you say that the limit is, say, max 100 K USD for something but plan to attack for structuring the person who did 5 times 100 K USD, then simply make the law clearer: make the law say 100 K USD max and, say, max 200 K USD over five years. But don't come after people who did respect the numbers written in the law for "structuring".

It's another crazy concept of overreaching states and IRSes enjoying way too much power. They can arbitrarily decided what's structuring and what is not. Arbitrary decisions aren't how a democracy should work.

You want to prevent people doing these kind of transfers? Make it clear what the limits are. Don't come after people doing precisely what the limit allows several times: precise it can only be done once or x times over a certain time period.

That's by the way, how some laws do work. For example in France you're allowed to give your kids up to 150 K EUR of real estate (or something), tax and inheritance tax free, once every 15 years. After 15 years you're free to do it once again.

But putting limits and then attacking people respecting the limits? To me it's the sign of something deeply rotten in the state and that such laws exists isn't something that should be cheered.

[jdmichal]

Your real estate example is not a great fit, because real estate transfers are not common. That particular tax-free status on the transfers would probably be best interpreted as a carve out or loophole, with the normal status being that the transactions should be taxed.

On the other hand, depositing money is the normal status. Depositing what amounts to large sums over arbitrary periods of time is also normal. Directly to the point, the limit in place is not a restriction, but merely one that triggers mandatory reporting. The limit is very clear and absolute -- though at their discretion banks may report smaller transactions. Structuring is specifically about avoiding that limit and the accompanying questions and reporting.

So how would you rewrite this law to require mandatory reporting, but also not allow structuring? Because it's not apparently trivial how to achieve that goal any better than they did.

[hakfoo]

Is mandatory reporting a good idea, though?

I feel like the signal-to-noise ratio must be terrible, especially as inflation gradually lowers the meaning of a $10,000 reporting limit. Selling a used car is enough to trigger a reportable amount of cash.

I'd think what we need is less magic numbers, and instead a better training/reporting ecosystem that insulates people with good intentions but gives them the right tools to identify criminal behaviour.

Actually expecting banks to know their customers at a personal level should be the goal.

I suspect, in contrast, everyone involved likes a fixed 10k limit because it provides a convenient liability hand-off. Compliance can be automated on a much greater level and they can say "we filled out the appropriate forms when required, how were we supposed to know that Hamas Cupcakes Inc was a front?"

[jdmichal]

Agreed on the last bit. Having a clear-cut line where "this must be reported" is I think necessary for liability reasons. There are definitely other transactions that should be reported, in the spirit of the actual AML (anti money laundering) issue. But I think it's necessary to be able to say, in a legal setting, that the required obligation was met and discharged, even if something happened that probably should have been caught.

[rev_d]

The government is well-aware of how inflation erodes reporting thresholds. If you look at the obligation to report non-US bank accounts to FinCEN, they've indexed the penalties ($10,000 per line item) to inflation but not the $10,000 aggregate reporting threshold.

[vlovich123]

So boiling the frog so that eventually all transactions must be reported?

[dmatech]

I must say that I dislike the rationale for banning structuring. It's basically a law that bans attempts to comply with the letter of another law without complying with its spirit. Complying with any law should be completely straightforward.

[300bps]

I must say that I dislike the rationale for banning structuring.

So there are two possibilities.

1. You think the government shouldn't be allowed to track money laundering

2. You have a suggestion on improving money laundering tracking without anti-structuring laws

If you believe the government has a legitimate vested interest in stopping money laundering and you set a $10,000 limit before something must be reported, the reporting requirement might as well not exist if someone can deposit $9999.99 literally 100 times per day without a report being generated.

So what would your suggestion be on how to track money laundering? Or do you just think that's none of the government's business?

[jimmydorry]

The answer isn't to then set the $10,000 limit and add an opaque criteria of "but the limit doesn't matter if we look at your transactions and think you are hiding something".

Something more reasonable may be: a limit of $10,000 per month (or any time frame) before mandatory reporting. That of course means dropping the hand wavy exception completely.

[pyuser583]

Requiring actual criminal proceeds. Simply wanting to avoid government attention should not be illegal. Covering up a crime should be.

[downandout]

Yes, but the same intent provisions still apply to the entity that enabled the structuring. Tornado Cash has legitimate use cases - I had one prior to the OFAC issue (hiding the source of funds to an address in order to prevent certain bots from reacting to it). So the devs cannot have formed intent to aid in any of the crimes that TC may have unwittingly enabled.

Casinos are used as vehicles for structuring and money laundering every minute of every day - on a much larger scale than anything Tornado Cash could ever have achieved. They don't have the intent to aid in these activities though, which is why they are allowed to operate.

[300bps]

[Casinos] don't have the intent to aid in these activities though, which is why they are allowed to operate.

Casinos are allowed to operate because not only do they not have the intent to aid these activities, they happily track and report everything they're required which is just as much as a bank is required. They aren't the hotbed of money laundering you seem to think they are.

https://www.fincen.gov/resources/statutes-regulations/guidan...

https://casinogrounds.com/blog/know-your-customer-gambling/

[downandout]

They aren't the hotbed of money laundering you seem to think they are.

I spent a fair amount of time in the gaming business, and I can tell you that this statement is patently false. Very little of it gets caught, because the people involved in such schemes know what the rules are and simply work around them. Casinos themselves also sometimes turn a blind eye to such activity when it is especially profitable for them. Example [1]. That occurred even with the reporting requirements.

[1] https://www.justice.gov/usao-cdca/pr/operator-venetian-resor...

[300bps]

There really seems to be a lot of mental gymnastics going on here.

Your original point was that casinos are allowed to operate because of their "lack of intent". I respond that it's actually because they're as heavily regulated as banks are. Your response is, "But sometimes they break the law!"

Who cares? Casinos are heavily regulated and most of the time they follow their regulations. Or they would be shut down.

And here we go back to the real original point... what regulations were Tornado Cash following? Were they ever following AML/BSA regulations? Did they do anything significant to attempt to comply with regulations that all money exchange companies have to comply with?

Seriously, take 2 minutes and read this:

https://home.treasury.gov/news/press-releases/jy0916

Your little example of Casino money laundering was $47 million and was touted as “the largest all-cash, up-front gambler the Venetian-Palazzo had ever had to that point,”.

Now read that link from treasury.gov:

Tornado Cash, which has been used to launder more than $7 billion worth of virtual currency since its creation in 2019. This includes over $455 million stolen by the Lazarus Group, a Democratic People’s Republic of Korea (DPRK) state-sponsored hacking group

It's not even comparable. $47 million is 0.6% of $7 billion. Tornado Cash's raison d'être was money laundering and it was right to shut them down.

[vlovich123]

Out of curiosity, what was the total volume of funds processed over the same time period? I haven’t been able to find that anywhere.