Crypto Under the Microscope

Lessons from Enforcement Actions

📅 July 11, 2024

The digital assets market has seen phenomenal growth, evolving from a niche area to a major component of the global financial system. This surge has drawn a diverse mix of participants including individual investors, institutional entities, and various intermediaries. However, the market’s rapid expansion brings considerable complexity, characterized by volatility, technological advances, and a fragmented regulatory environment. These dynamics underscore the pressing need for robust compliance strategies that can adapt to continuous changes and mitigate risks.

Enforcement in Action

Regulatory bodies like the Office of Foreign Assets Control (OFAC), U.S. Securities and Exchange Commission (SEC), and the Commodity Futures Trading Commission (CFTC) are at the forefront of enforcing regulations in the digital assets sector. These U.S. agencies have demonstrated a proactive and rigorous approach, often leading the charge globally in monitoring and taking decisive actions against violations within the industry. Their efforts serve as crucial deterrents and provide valuable lessons for maintaining integrity and compliance in the rapidly evolving digital assets marketplace.

As digital asset regulations continue to evolve, enforcement actions play a critical role in clarifying regulatory expectations and indicating the future “direction of travel” for regulatory frameworks. These actions not only address current compliance breaches but also signal to the market the areas of heightened regulatory focus and potential future standards. This is particularly important in a field as dynamic and fast-paced as digital assets, where traditional regulatory frameworks may struggle to keep pace with technological advancements. This assertive stance by U.S. regulators contrasts with the varied and sometimes cautious approaches observed in other countries, which include measures such as license refusals, issuing consumer warnings, or adjusting regulatory frameworks to address the unique challenges of digital assets. Here, we explore some key cases that have shaped the regulatory landscape:

Binance Holdings Ltd.
In 2023, Binance, the world’s largest digital asset exchange, faced significant scrutiny from OFAC, the Financial Crimes Enforcement Network (FinCEN), and the U.S. Justice Department. Between August 2017 and October 2022, Binance processed transactions worth approximately $706 million that violated U.S. sanctions and AML regulations. Despite being aware of the applicable sanction laws, Binance knowingly allowed trades between U.S. users and those in comprehensively sanctioned jurisdictions and failed to implement an effective AML program or properly file suspicious activity reports. Binance agreed to a settlement of over $968 million for OFAC violations and was fined an additional $3.4 billion by FinCEN.

This case underscores the critical importance of digital asset service providers maintaining robust compliance systems, including effective sanctions controls and AML procedures. It also highlights the consequences of misrepresenting compliance practices to regulatory bodies and the public. Binance implemented Terms of Service and documents describing their “compliance” program, claiming robust compliance to regulators and customers. However, they simultaneously undermined these efforts by continuing operations knowing their controls were ineffective, which significantly misrepresented the adequacy of their compliance measures.

💡 Learn More

For more detailed analysis on the Binance case, refer to our Expert Insight Report: Binance Settles with Regulators

View Expert Insight Report

CoinList Markets LLC
CoinList Markets LLC (CLM), a California-based digital asset exchange, faced sanctions compliance issues when it allowed users from Crimea, a region embargoed by the United States and its partners, to access its platform. Users exploited gaps in CLM’s sanctions screening processes by providing addresses in Crimea but listing their country of residence as Russia. Despite rigorous KYC requirements, the system erroneously opened 89 accounts for users who listed their country of residence as Russia but provided addresses in the embargoed region of Crimea. This occurred because the screening protocols did not flag Crimea-specific addresses when “Russia” was listed as the country of residence. Crimea has been specifically embargoed since its annexation in 2014. CLM settled with U.S. regulators for $1.2 million and committed to enhancing its compliance measures, including implementing updated geo-blocking technologies and improved identity verification processes.

This case highlights the importance of not only having compliance systems in place but also ensuring these systems are comprehensive and capable of capturing all necessary information to prevent access by users from sanctioned jurisdictions.

FTX Trading Ltd. (FTX)
In November 2022, FTX, once a prominent digital asset exchange, collapsed amidst allegations of financial mismanagement and fraud. Triggered by a liquidity crisis and revelations of using customer funds for risky trades, the fallout was extensive. Founder Sam Bankman-Fried was charged with multiple felonies, including fraud and money laundering. The collapse affected a large number of investors. In March 2024, he was sentenced to 25 years in prison and ordered to repay $11 billion for embezzlement and misuse of customer funds.

FTX’s collapse stresses the critical need for transparent financial practices and robust internal controls within digital asset companies. It also emphasizes the importance of regulatory oversight to prevent similar scenarios in the future.

Coinbase
In January 2023, Coinbase, one of the largest U.S. digital asset exchanges, settled with the New York Department of Financial Services (NYDFS) for $50 million due to violations of AML and KYC requirements. Financial regulators identified that Coinbase allowed customers to open accounts without conducting sufficient background checks. These lapses exposed the platform to serious criminal activities, including fraud, potential money laundering, suspected child sexual abuse material-related activity, and possible narcotics trafficking. The settlement also required Coinbase to invest an additional $50 million into its compliance program to address deficiencies identified by NYDFS. Additionally, in June 2023, the SEC charged Coinbase with operating its trading platform as an unregistered securities exchange, broker, and clearing agency, and for failing to register its “crypto asset staking-as-a-service program.”

This case emphasizes the importance of strong AML and KYC procedures and the significant financial and reputational costs of non-compliance.

Integrating Lessons with the Three Lines of Defense
These enforcement actions reinforce the need for robust compliance frameworks. They underscore several key principles that align with the three lines of defense model crucial for navigating the complexities of digital assets compliance.

💡 Learn More

Three Lines of Defense – How They Contribute to a More Effective AML/CFT Organization

Read Article

Robust Compliance Systems: Implementing comprehensive AML and KYC procedures, effective sanctions controls, and transparent financial practices is essential. These measures form the backbone of the first and second lines of defense, ensuring operational managers and compliance teams can detect and mitigate risks effectively.
Adaptability and Continuous Improvement: As regulatory landscapes evolve, so too must compliance frameworks. This adaptability is crucial for the second line of defense – it must remain versatile so that it can develop and monitor regulatory changes and maintain compliance policies that can withstand regulatory scrutiny and adapt to new challenges.
Clear Accountability and Oversight: Enforcement actions repeatedly underscore the need for clear oversight and accountability. The second line of defense plays a pivotal role in providing this oversight, supporting the first line, and ensuring that compliance strategies are both robust and responsive. The third line (internal audit) provides further oversight of both the first and second lines.
Technological Integration: Advanced technology is crucial across all lines of defense, enhancing compliance with AML and other regulatory requirements. In large organizations, technology supports all lines of defense by enabling effective monitoring, risk detection, and compliance management. Technology also plays a critical role in the third line by supporting internal audits. These audits ensure that technological applications used by the first and second lines are effective and comply with regulatory standards, reinforcing the integrity of the compliance framework throughout the organization. Leveraging advanced technologies to enhance compliance efforts is essential.

Understanding and applying the lessons from these enforcement actions are crucial for financial institutions operating in the digital assets market. The three lines of defense provide a structured framework to ensure that risks are managed effectively, compliance is maintained, and the organization is prepared for future regulatory challenges.

Recorded Webinar

As we navigate the rapidly evolving landscape of digital assets, the need for robust compliance frameworks has never been clearer. View our webinar on, “Mastering Compliance in Digital Assets through Multi-Tiered Defense Strategies.” This session delved deeper into the complexities of digital assets compliance, providing actionable insights and strategies to enhance your compliance practices.

View Recording

Recommended Blogs

How to be a Digital Asset Detective

November 21, 2024

Step into the role of a digital asset investigator. From tracing complex ownership structures to leveraging blockchain transparency, discover the tools and techniques that bring clarity to a sector often seen as cryptic. Follow along with our investigation into a digital asset business and come away with a step-by-step guide for uncovering hidden risks.

Side Quest

November 19, 2024

“Side quests” are initiatives that align staff motivations, interests, and experience with discretionary projects. They provide solutions to enhance staff engagement, performance, and retention, and are particularly valuable where resource constraints may slow promotions or pay increases, or where compliance tasks involve repetitive work.

Big Fines, Bigger Lessons

October 30, 2024

TD Bank’s $3 billion fine highlights a growing trend: regulators are cracking down hard on weak AML programs. Discover why fines are skyrocketing and how strong AML training can help safeguard your institution.

Risky Convergences

October 28, 2024

New digital solutions in money laundering and underground banking have facilitated the expansion of the criminal business environment in Southeast Asia, integrate billions of criminal proceeds into the formal financial system and enabling the growth of new criminal organizations.

A PEP Talk

October 24, 2024

Politically exposed persons are individuals who, due to their positions of power, influence, or proximity to government, are susceptible to becoming involved in corruption, bribery, or other financial crimes. And because moving and hiding misappropriated assets often involves money laundering, financial institutions across the globe are tasked with the challenge of identifying and managing these risks.

A $3 Billion Mistake

October 22, 2024

TD Bank was recently slammed with a record $3 billion fine for failing to comply with AML laws. With $18 trillion in unmonitored transactions, the bank became a hotbed for criminal activity. What went wrong, and what can other financial institutions learn from this?

Beneficial Ownership: Who Owns What?

October 17, 2024

U.S. efforts to curb illicit finance are in full swing, as the requirement to reveal the beneficial owners of certain entities registered or operating in the United States came into effect this year. In this article, we explore key requirements, benefits, and deadlines as well as address some of the concerns organizations may have about the new regulation.

From Cash to Clicks – AML Challenges & Typologies for Digital Payments

October 2, 2024

Dive into the dynamic world of digital payments, where convenience meets innovation. Learn the challenges Payment Service Providers are navigating with smarter, technology-driven Anti-Money Laundering practices to ensure secure and efficient transactions.

AML Compliance for Small Businesses

September 4, 2024

Small businesses face the challenge of navigating the intricate landscape of anti-money laundering (AML) regulations. Despite the challenges posed by evolving global standards and limited resources, small businesses can use tailored strategies to fortify their compliance frameworks and thrive in a complex regulatory environment.