New York Fines Coinbase for Compliance Failures
Posted by Colin Lambert. Last updated: January 9, 2023
The new year has started off largely as the old ended for the crypto industry, with a leading player targeted and fined by US regulators. New York Department of Financial Services (DFS) has announced a $100 million settlement with Coinbase related to “significant failures” in its compliance programme.
Coinbase is paying a $50 million penalty to the DFS and has agreed to invest $50 million in its compliance function over the next two years to remediate the issues found by DFS. The firm will also enhance its compliance programme according to a plan approved by the regulator.
The DFS finds Coinbase’s KYC programme “immature and inadequate” and says the firm failed to conduct appropriate due diligence as part of the customer onboarding process. It also says Coinbase was unable to keep pace with the volume of alerts generated by its transaction monitoring systems and by late 2021 had a backlog of over 100,000 unreviewed trade alerts.
Additionally, because of the backlog in dealing with alerts, Coinbase often filed suspicious activity reports months after it was first observed.
DFS says in light of the state of Coinbase’s compliance system, in early 2022, during the course of the investigation, it took what it terms “the extraordinary step” of installing an independent monitor to immediately evaluate the situation and begin working with Coinbase to fix the outstanding issues.
Under the terms of the Consent Order, the monitor will continue to work with Coinbase for an additional year, extendable at the DFS’ sole discretion. The regulator says in direct response to its findings and swift action, Coinbase has begun to remediate many of the referenced issues and to build a more effective and robust compliance programme under the supervision of DFS and the independent monitor.
“It is critical that all financial institutions safeguard their systems from bad actors, and the Department’s expectations with respect to consumer protection, cybersecurity, and anti-money laundering programmes are just as stringent for cryptocurrency companies as they are for traditional financial services institutions,” says DFS superintendent Adrienne Harris. “Coinbase failed to build and maintain a functional compliance programme that could keep pace with its growth. That failure exposed the Coinbase platform to potential criminal activity requiring the Department to take immediate action including the installation of an independent monitor.”