With Bitcoin, Ethereum and countless other profitable cryptocurrency options bursting onto the scene over the past decade, a modern-day gold rush has ensued creating generational wealth for even novice investors. The allure of the crypto space is undeniable, but it also comes with unique risks for both individual consumers and the international financial system as a whole. As such, government bodies from across the globe have been forced to consider extensions of current financial regulations to cover what has essentially developed into an entirely new asset class. While one of the calling cards of this space has long been its decentralized nature (i.e. the crypto-ecosystem operates without a true central authority, and as such grants control to all of its collective users), lawmakers and government authorities around the world – specifically those tasked with combatting illicit financial activity – have begun to consider new rules to harbor this space given the tendency of this market to be utilized to facilitate nefarious financial activities and often other forms of crime. Various world powers have begun to take steps forward in creating legal framework for regulators, financial institutions, and even individual investors to follow in order to establish a previously non-existent layer of protection for those operating in this space around the world. Domestically however, multiple crypto platforms and their leadership have already begun to feel the heat for their respective regulatory failures, this as the Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC) are now contributing to better regulating this space. Lapses in judgement and/or outright disregard for the law have already led to multiple big-name entities such as Coinbase, Binance and others, as well as the individuals behind these popular platforms, being hit with increasingly large fines not dissimilar from those being levied against top financial service providers for non-compliance with existing BSA and anti-money laundering regulations.
Various financial technology (FinTech) groups have also become primary targets of this increase in oversight, with those operating in this space also paying the price for compliance shortcomings. In January, the Financial Times reported that in 2023 alone, digital payment companies paid over $5.8 billion in fines for failures related to maintaining appropriate customer due diligence, proper anti-money laundering controls, and upholding economic sanctions amongst other crime-prevention issues.4 This total becomes even more striking when considering that fines paid by traditional financial service institutions sat at just $835 million total for 2023, the lowest sum in a decade.4
All told however, a true regulatory framework governing all aspects of cryptocurrencies in the United States and many other global jurisdictions remains up in the air at current. Domestically, multiple bills aimed at establishing key pieces of regulatory structure such as defining when a cryptocurrency is a security or a commodity, expanding oversight on the industry as a whole, and clarifying the roles of different bodies in managing crypto remain stuck on Capitol Hill. Should such measures come to pass however, the number of regulatory penalties for errors in this field are expected to increase exponentially. “Most jurisdictions have yet to regulate crypto firms in line with global standards, so we can expect further fines to come in this area,” said David Lewis, the former head of prominent money laundering and terrorist financing watchdog the Financial Action Task Force (FATF). “This lack of oversight and proper regulation is a real concern as the risks of cryptos continue to increase, and criminals seek to exploit loopholes wherever they can.”
Across the pond however, the European Union (EU) stands as a shining example for its international counterparts in this regard. In May of 2023, the EU introduced the world’s first comprehensive cryptocurrency regulations known as the Markets in Crypto-Assets Regulation (MiCA). These measures require any company issuing or trading cryptocurrency will need a license, and from January 2026 all service providers will have to obtain the name of senders and beneficiaries, whatever the amount being transferred. Additionally, any self-hosted wallets holding over 1,000 euros will need to undergo wallet ownership verification for transactions.1 While analysts expect certain variations of these rules to be published on behalf of the U.S., a fair portion of their ultimate success may ultimately be derived from the precedent set by the EU.
U.K. Issues Watershed Fine Against Coinbase Subsidiary
While no longer an EU-member state itself, the United Kingdom has too been able to implement various pieces of legislation to better govern this sector. In October 2022, the lower house of the British Parliament recognized crypto assets as regulated financial instruments. Shortly thereafter, the Financial Services and Markets bill became law and extended existing laws regarding all crypto assets, services, and providers. Among these extensions include specific reporting requirements for individuals and crypto-firms, as well as requiring maintenance of proper CDD, AML/CFT and Know Your Customer (KYC) standards.
The U.K.’s new regulations are already seeing tangible results. Just last week, a Coinbase business called CB Payments Limited (CBPL) located in Britain was fined for breaking a regulatory agreement in which they pledged to improve their financial crime defenses. The sanction was handed out by the U.K.’s primary financial watchdog, the Financial Conduct Authority (FCA), and became the first crypto-assets penalty of its kind to be issued in the United Kingdom. Reports have indicated that CBPL, which acts as a gateway for customers to trade crypto-assets within the global Coinbase Group, had reached a previous agreement with the FCA in October of 2020 to improve their internal controls as they pertain to financial crime safeguards. As part of this agreement, CBPL were barred from taking on any new high-risk customers until their previous regulatory shortcomings were addressed. CBPL broke this agreement when they accepted several new high-risk customers over the years to follow – 13,416 of them to be exact. To make matters worse, nearly a third of these individuals accounted for deposits totaling nearly $25 million total, with many speculating that the root of most of these funds were derived from illicit activity. These funds were later used to execute multiple crypto-asset transactions via other Coinbase entities, totaling approximately $226 million. 2 The level of disrespect and blatant disregard for the agreement left the FCA with an easy decision to fine the subsidiary 3.5 million pounds (approximately $4.5 million dollars).
In a statement released on the penalty, joint executive director of enforcement and market oversight at the FCA Therese Chambers compounded the fact that this type of carelessness is ultimately the main purpose of expanding regulatory requirements over this sector. She added that “The money laundering risks associated with crypto are obvious and firms must take them seriously.”3 Clearly, CBPL did not take the risks or their due diligence seriously when they took on thousands of high-risk clients against direct orders from the regulator. It seems they incorrectly assumed that because no one entity in the U.K. had ever been fined for breaking crypto regulations before, they would be safe to expect they would not be the first. They assumed wrong and now owe millions of dollars as a result. All told, the developments seen on the global scale over the last handful of years should put any financial institution that deals or even loosely associates with the crypto industry on alert. As the tides continue to turn and this once untamed sector becomes better regulated globally, the threat of repercussions for compliance lapses draws ever closer.
Citations
- “Cryptocurrency Regulations Are Changing across the Globe. Here’s What You Need to Know.” World Economic Forum, 2 May 2024.
- Jones, Huw. “Coinbase UK Unit Fined for Breaching Financial Crime Requirements | Reuters.” Reuters, Thomson Reuters, 25 July 2024.
- Kowsmann, Patricia. “Coinbase Unit Fined in U.K. for Taking on Risky Clients.” The Wall Street Journal, 25 July 2024.
- Noonan, Laura, and Alan Smith. “Crypto and Fintech Groups Fined $5.8bn in Global Crackdown on Illicit Money.” Financial Times, 8 Jan. 2024.