US postal inspectors need ‘comprehensive crypto training,’ audit finds
The United States Postal Inspection Service (USPIS), the law enforcement arm of the U.S. Postal Service, has conducted an internal audit of the way in which it carries out crypto-related investigations and found there’s significant room for improvement.
Notably, the USPIS handled only a small number of crypto-related cases during the two fiscal years under review — 2019 and 2020 — with a total of four closed cases for which postal inspectors seized crypto as evidence during an investigation and nine other cases that were managed under the USPIS’ “Cryptocurrency Fund Program,” established back in 2017.
This program was intended to specify standards and policies that can help account for cryptocurrency transactions during investigations and reduce any associated operational risks. As the report has emphasized, this is particularly important given that “The anonymity of cryptocurrency transactions and the significant fluctuations in the value of cryptocurrency create opportunities for abuse or theft when used during law enforcement activities.”
Despite the small volume of crypto-related activities, the USPS Office of Inspector General (OIG) had determined earlier this year that a self-initiated audit was necessary in light of the fact that cryptocurrencies can often be the “preferred medium of exchange” for illicit activities like ransomware campaigns, online scams and money laundering.
Assessing operations during the two fiscal years under review, the audit report identified a “lack of standardized training” for USPIS employees regarding cryptocurrencies. This meant that postal inspectors who carried out undercover investigations and purchased crypto as part of their activities failed to comply with the guidance that had been established as part of the Cryptocurrency Fund Program.
While in some cases inspectors did use the program to account for crypto transactions they make for investigative purposes, the audit found that there are many legitimate instances when using the program may not be possible, as when certain crypto vendors only accept payment in the form of specific private cryptocurrencies.
In these cases, inspectors needed to request standard investigative funds in the form of U.S. dollars and were personally responsible for all crypto-fiat conversions and the management of unused investigative funds.
It is in these scenarios that the audit identified a breakdown in communication between management and inspectors, meaning that the program’s managers at present “cannot account for the total amount of cryptocurrency used for investigative purposes across the Postal Inspection Service.”
The auditors were therefore required to conduct a manual keyword search for various crypto-related terms to try to ascertain whether or not crypto had been used in certain investigative cases, finding 1,064 unique case numbers that will now need to be manually reviewed. On this point, the audit report concluded:
“The Program is unable to carry out one of its primary purposes—to help postal inspectors manage the challenges associated with cryptocurrency’s inherent volatility—which ultimately leaves the Postal Inspection Service susceptible to theft, abuse, and mismanagement of federal funds.”
The audit report has recommended that going forward, the USPIS should ensure that the Cryptocurrency Fund Program has the information it needs to provide oversight and that the agency also develop a comprehensive cryptocurrency training program for all inspectors. Additionally, it has recommended a rehaul of current data management for investigative transactions, which have been inaccurate and include duplicates, again impacting the agency’s ability to accurately track and manage its crypto-related law enforcement activities.
According to Margaret McDavid, deputy assistant inspector general in the OIG Office of Audit’s Inspection Service and Information Technology Directorate, the USPIS was “involved in the joint efforts to dismantle the Wall Street Dark Web Marketplace” in 2019, which led to the seizure of over $25 million in crypto.