If Craig David made court cases…
WELL, that was a whirlwind wasn’t it?
Tornado Cash (TC) developer Alexey Pertsev, guilty of money laundering on Tuesday, off to prison on Wednesday, appealing to the Court of Appeal in Den Bosch on Thursday.
I appreciate that you might think I am about to recite the remainder of the Craig David song, “7 Days”. However, unlike the gentleman in the Craig David song, I don’t think Pertsev was chilling last Sunday, having started his 64-month prison sentence, imposed by the three-judge panel of East Brabant District Court in the Netherlands.
Judgement of the Dutch court
The court held that Pertsev, together with TC co-founders Roman Storm and Roman Semenov (both of whom have been indicted in the US for their involvement), developed TC in such a way that it automatically carried out the actions “essential for money laundering”. The platform’s in-built anonymity and “optimal concealment techniques” (such as the use of relayers and collection pools), together with a lack of functionality to identify those who used the platform, resulted in the court finding that TC could not be considered a legitimate tool, unintentionally abused by criminals. In fact, criminals “gratefully embraced” it.
As Pertsev and his co-conspirators had done nothing to prevent this abuse, he was convicted of ‘habitual’ laundering of monies deriving from the predicate offences of unspecified hackers, who laundered their money through TC between July 2019 and August 2022.
This judgment will not be gratefully embraced by DeFi developers. While it is not binding on courts in any other jurisdiction, the upcoming trial of Storm in the US in September (Semenov still being at large) may result in a similar finding, paving the way for other countries to follow suit. As the DeFi Education Fund has stated in its amicus brief in those proceedings, an adverse finding against Storm will have huge ramifications for software developers who create open source, general use software, who would be held “criminally liable when third party bad actors use that software years after it was created and with no direct or active engagement between the developers and those bad actors”.
Pertsev’s defence
Pertsev’s defence team tried to argue that he was an intermediary who provided a communications service under Article 54a of the Dutch Criminal Code, and therefore could not be prosecuted in the event that a criminal offence was committed using that service. However, the court ruled that this regulation was specifically intended to support freedom of expression for communications providers, and as Pertsev had developed software that allowed crypto to be moved anonymously and made this software available to users online, he could not benefit from any immunity.
As to the money laundering charges, Pertsev argued that he had no intention of committing money laundering, but rather to provide a legitimate privacy solution to a growing need in the crypto community. It was up to the user not to misuse the software for illegal purposes, albeit it was recognised that the technical properties of TC made action against abuse impossible.
Court’s findings
Pertsev was not able to rely on the autonomous functioning of TC’s smart contracts to distance himself from TC’s operation. The court considered that he, Storm and Semenov were “inventors, makers and implementers” of TC, and how the smart contracts were executed was a result of “conscious choices by the designers”.
While it was TC that broke the link between the deposit and the withdrawal, concealing the origin of the withdrawn crypto, TC’s operation was imputed to Pertsev. He could not be considered a “powerless third party” against the “unstoppable money laundering activities” of TC. The fact that governance had transferred to a DAO in 2020 had no impact, particularly since Pertsev and his co-founders retained 30% of voting rights within the DAO, and the DAO itself could do nothing to change the execution of the smart contracts.
The court also had to establish intent, i.e. that the suspect knew or ‘consciously accepted’ that the money being deposited with TC derived from the commission of a crime. The court established this intention on the basis that:
1. TC was a mixer, mixers were at a heightened risk of money laundering, and TC was used to launder money;
2. Pertsev knew that TC was being used to launder money as he had been contacted by third parties, including law enforcement, regarding ongoing investigations, and had participated in chat groups where media articles regarding TC’s involvement had been discussed;
3. Pertsev did not ‘distance himself from TC’ and continued to promote its use; and
4. Pertsev and his co-founders did nothing to change the design and roll out of TC, and instead continued to prioritise anonymity. The development of a ‘compliance tool’ (not mandatory for every transaction) as well as a system to monitor transactions and ban sanctioned wallet addresses did not persuade the court that Pertsev was actively trying to discourage use of the platform by launderers.
It was also irrelevant that Pertsev had received legal advice that TC did not fall under FinCEN regulations, and therefore had no obligation to incorporate compliance measures into TC. The court held that while that might be true, it was irrelevant when considering whether TC, and therefore Pertsev, had concealed criminal property.
We DeFi that judgement
So, a developer can be criminally responsible for the automatic acts of the product that he or she has developed, and guilty of money laundering where it is foreseeable that their risky product might be or has been used by criminals, at unspecified times, to launder money. Does that sound right?
Perhaps this is a one-off ruling, fact specific and based on the aggravated and cumulative conduct of the co-founders, exacerbated by the fact that the underlying product is a mixer. And we know that no one likes mixers: the Blockchain Integrity Act, proposed earlier this month in the US House of Representatives, is intended to prohibit financial institutions, including crypto exchanges, money services businesses and virtual asset service providers, from transacting with funds that have gone through mixers for two years, while the US Security and Exchange Commission, the Commodity Futures Trading Commission and the Department of Justice conduct a study on their illicit uses. Last month, the European Parliament also passed the latest AML Regulation, banning tools providing anonymity services, including mixers.
However, despite that it relates to a mixer, the ruling may be of wider concern to developers. Could it prevent future innovation of privacy products in the crypto universe? It certainly is a further erosion of the concept of privacy as the cornerstone of crypto transactions, albeit Pertsev’s attempt to ‘hide behind the guise of ideology’ in this regard, failed.
We have the US trial of Storm, which might provide clarity in the US at least, although knowledge that funds are the proceeds of ‘criminal activity’ can be also based on wilful blindness or conscious indifference, and therefore the co-founders failure to take action when faced with clear red flags may place them similarly at the mercy of the US court.
The first instance Dutch judgment is also being appealed, during which time Pertsev can apply to await the appeal trial at home. Maybe Pertsev will be able to chill this Sunday.
This article was first published in The Digital Commonwealth on 24 May 2024.