Interesting doc. Obviously you have to get past the "proprietary techniques" blatant self-promotion that is typical of these guys, as well as the constant "Russian" "high-risk" language designed to ping high $ value government contracts, but at root the story they're telling is a familiar one: criminals trying to move high amounts of money through coinjoin find both a kind of success and a kind of failure: the success is, they can find a way to move the money before it gets found, basically it's usually through exchanges that aren't doing the whole "coinjoin flagging" thing. It's still never going to be easy for them to convert it to something in the real world, but it's at least possible this way. The bad side is that the pattern of usage "take a huge chunk of coins and put them in and then, shortly after, shove all of those coins into a specific offramp venue" has the problem that *just* timing correlation and amount correlation already provides a huge red flag, and then the investigator just needs to find more metadata clues that are inevitably lurking around. These problems even exist with e.g. zcash, monero (perhaps I should mention Liquid?). Of course it *is* worse in Bitcoin - e.g. the "gridchain case" where a bunch of money moved through joinmarket but when it was funneled, outwards, through an exchange, they sent ~ all of it to the same address!