Cryptocurrency theft and scams stands at $4.4 billion, the lowest it has been in two years, according to the Ciphertrace Q3 2019 Cryptocurrency Anti-Money Laundering Report. 

After two years of large, high-profile exchange hacks and exit scams, there has been a significant reduction in cryptocurrency crime, says Ciphertrace. Still, even with the lowest quarterly cryptocurrency thefts and scams in two years, 2019 still experienced a massive spate of crypto crimes—more than $4.4 billion to date, says the report. 

In addition, the research results revealed that more than two-thirds (63 percent) of exchanges have "Weak" or "Porous" Know Your Customer (KYC) procedures, which are required by the Financial Action Task Force (FATF), an intergovernmental organization that standardizes global legal, regulatory and operational measures for combating money laundering, terrorist financing and other related threats. Only 37 percent of exchanges has "Good" KYC procedures. 

The breakdown of the ratings are as follows:

• Weak – These exchanges allowed CipherTrace researchers to withdraw at least .25 BTC daily with very little to no KYC.
• Porous – These exchanges require some sort of ID verification process. 
• Good – These exchanges require a very strenuous KYC process, which required completing several steps before the researchers were able to make a deposit or withdrawal. They not only require the ID process but also proof of address. Some require a phone call or video chat to complete the KYC process.

Additional findings include:

• Q3 saw an increasing regulatory clampdown on virtual asset transactions as nations, crypto exchanges, banks and financial institutions prepare for the FATF funds Travel Rule to take hold. The Travel Rule requires VASPs to securely transmit (and store) sender and receiver personally identifiable information (PII) with any cryptocurrency transaction valued at or exceeding USD/EUR 1,000. Consequently, stringent KYC is necessary to meet the Travel Rule’s base requirements.
• In anticipation of the new FATF AML regulations, many cryptocurrency exchanges have preemptively jettisoned their privacy coins; yet, 32 percent of exchanges, including those determined to have weak KYC, still have privacy coins listed.
• Terrorists, wise to blockchain forensics, are developing more sophisticated methods of obfuscating cryptocurrency funds flows for financing attacks and operations.