North Korea -- Licensing Requirements Regulatory Overview

**Sanctions Evasion:** Bypassing international sanctions to fund the regime's weapons programs and luxury goods for the elite.

**Money Laundering:** Obscuring the origin of illicit funds.

**Cyberattacks and Theft:** Stealing virtual assets from exchanges and financial institutions globally to generate revenue.

**Exchanges, Custody Providers, Payment Processors:** There are no publicly known or established licensing regimes or requirements for these types of entities to operate legally and openly within North Korea for a domestic market. Any virtual asset activity occurring within the DPRK is either:

Directly managed by state-affiliated entities (e.g., intelligence agencies, state-owned banks, research institutions).

Carried out by state-sponsored hacking groups (like the Lazarus Group).

Highly controlled and isolated, serving specific state objectives rather than a private market.

**Registration vs. Licensing Regime:** The distinction between registration and licensing regimes, as understood in conventional financial regulation, does not apply to virtual asset service providers (VASPs) within North Korea. There is no public body for registration or licensing of private crypto businesses.

**Capital Requirements:** Any "capital" involved in North Korea's virtual asset activities is state-provided or stolen. It's not about private companies meeting a capital threshold but the state allocating resources (human and financial) to its cyber operations and sanctions evasion efforts.

**AML/KYC (Anti-Money Laundering/Know Your Customer):** North Korea actively works to *circumvent* AML/KYC procedures globally. Its primary goal is to hide the origin and destination of funds, making it impossible to identify the ultimate beneficial owner. They exploit weaknesses in VASP AML/KYC processes internationally. Within North Korea, there are no requirements for domestic actors to adhere to AML/KYC in the conventional sense, as their operations are designed to bypass such measures.

**Local Presence:** For state-sponsored activities, the "local presence" is the DPRK government itself and its various affiliated entities operating both domestically and through proxies internationally. There is no requirement for a foreign VASP to establish a licensed local presence in North Korea for private operations.

State employees or affiliated personnel.

Members of state-sponsored hacking groups.

Individuals compelled or coerced by the regime.

**United Nations Security Council (UNSC) Panel of Experts Reports on the DPRK:** These annual reports frequently detail North Korea's use of cyber means, including virtual asset theft and exploitation, for sanctions evasion.

Example (look for the most recent reports): UN Security Council - Reports of the Panels of Experts on DPRK

*Note: You will need to browse specific reports for detailed findings on virtual assets.*

**Financial Action Task Force (FATF) Statements and Reports:** The FATF has repeatedly flagged North Korea as a high-risk jurisdiction for money laundering and terrorist financing, highlighting its severe deficiencies in AML/CFT.

Example (Public Statement on High-Risk Jurisdictions subject to a Call for Action): FATF Public Statements

*Note: North Korea is consistently listed here as a jurisdiction with significant strategic deficiencies for which countermeasures are called for.*

**U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) Advisories:** OFAC frequently issues advisories and sanctions related to North Korean cyber activities, including those involving virtual assets.

Example: OFAC - North Korea Sanctions Advisories

Example: Advisory on Potential Sanctions Risks for Facilitating Illicit Ransomware Payments (Often relevant as DPRK groups are involved in such activities).

**Cybersecurity and Blockchain Analytics Firm Reports:** Companies like Chainalysis, Mandiant (formerly FireEye), and CrowdStrike regularly publish reports detailing North Korean hacking groups (e.g., Lazarus Group, Kimsuky, Andariel) and their methods of virtual asset theft and laundering.

Example: Chainalysis - The 2024 Crypto Crime Report (and previous years)

*Note: These reports often feature dedicated sections on North Korean activities.*

**Violation of Foreign Exchange Laws:** Strict controls on foreign currency.

**Anti-State Economic Activity:** Undermining state control over finance.

**Sanctions Evasion:** A constant concern for the regime itself, but also a charge against citizens found using unauthorized foreign assets.

**Prohibited asset:** Violating state control over finance and foreign exchange.

**Evidence of illicit activity:** Leading to severe penalties.

**Utility tokens:** Tokens meant for access to a service.

**Security tokens:** Tokens representing ownership or rights in an asset (if such a concept could even exist privately in NK).

**Payment tokens/Cryptocurrencies:** Bitcoin, Ethereum, stablecoins, etc.

**NFTs:** Any digital asset that could be traded.

**Private issuance of tokens (or any financial instruments) is strictly forbidden.** No individual or non-state entity is permitted to issue financial assets outside of state control.

Any attempt to "issue" a token would likely be viewed as a grave economic crime or an act of subversion against the state's financial monopoly, leading to immediate arrest and severe punishment.

**Illegal:** Violating foreign exchange laws and prohibitions on private financial dealings.

**Covert:** Conducted entirely underground, risking severe punishment if discovered.

**Unregulated:** By definition, as the state seeks to prevent it entirely.

**Arrest and Imprisonment:** Individuals caught possessing or transacting in unauthorized foreign currency (which crypto would fall under) face long prison sentences, often in forced labor camps.

**Asset Seizure:** Any discovered cryptocurrency or assets derived from it would be confiscated by the state.

**"Anti-Socialist" or "Anti-State" Activities:** Engaging in economic activities outside state control can be broadened to include these charges, which carry even harsher penalties, potentially including execution in extreme cases, especially if deemed to be aiding external forces.

**Public Shaming and Re-education:** Less severe cases might involve public denunciation and forced re-education.

North Korean state-affiliated hacking groups (e.g., Lazarus Group) are notorious for stealing vast sums of cryptocurrency from exchanges and DeFi protocols globally. This is done to fund the regime's weapons programs and circumvent international sanctions.

These state actors operate *outside* of international law and any "classification" framework, using cryptocurrency as a tool for illicit finance, not as a regulated asset class.

**Reports from international bodies:** Such as the UN Panel of Experts reports on DPRK sanctions, which detail North Korea's illicit use of cryptocurrency.

*Example:* UN Security Council Resolution 1718 (2006) Sanctions Committee (General sanctions framework, detailed reports often mention crypto activities).

*Example (indirect, reports often cite this):* Various UN Panel of Experts reports to the DPRK Sanctions Committee. These are typically published as UN documents. Search "UN Panel of Experts North Korea cryptocurrency" on the UN Digital Library for specific reports.

**Statements and advisories from foreign governments:** Particularly the U.S. Treasury Department (OFAC) and cybersecurity agencies, warning about North Korean cyber threats and cryptocurrency theft.

*Example:* U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) Advisories (Often contain details on North Korean illicit finance, including crypto).

*Example:* CISA and FBI Advisories on North Korean Malicious Cyber Activity (Contain information on state-sponsored crypto hacking).

**Academic research and analyses from NGOs:** Based on defector testimonies, satellite imagery, and intercepted communications.