Coinbase fined for not reporting suspicious activity, and poor AML internal controls in a sufficient time, the latest crypto security issue raised in the past month.
The Central Bank of Ireland fined Coinbase’s European subsidiary $24.8m (€21.5m) after breaching its anti-money laundering (AML) and counter-terrorist financing (CTF) rules on November 6 .
Coinbase Europe Ltd was found to not have properly monitored up to €176bn worth of more than 30 million transactions over a 12 month period. This represented 31% (€176bn) of all transactions in Europe.
The Irish central bank also found the crypto exchange took up to three years to complete the transaction monitoring requirements of the transactions in question.
Up to 2,708 transactions were reported as suspicious to European Financial Intelligence Units (FIUs), which underwent the relevant analysis to open up an investigation to assess whether Coinbase had violated the Irish regulators AML and CTF rules.
Coinbase was found to have processed transitions associated with money laundering, fraud/scams, cyber attacks, drug trafficking and sexual exploitation.
“To be effective in combating financial crime, law enforcement agencies rely on regulated financial institutions to have systems in place to monitor transactions and report suspicions,” said Colm Kincaid, Deputy Governor of Consumer and Investor Protection of the Central Bank of Ireland.
“The failure of such a system within any financial institution creates an opportunity for criminals to evade detection – and criminals will take that opportunity.”
Coinbase accepts responsibility
Coinbase Europe reached a settlement with the Central Bank of Ireland on November 5 after accepting it breached transaction monitoring rules of the Criminal Justice Act 2010 (CJA).
The crypto exchange admitted it did not fully and properly monitor the 30 million transactions during the relevant time period, adopted internal policies and controls to prevent and detect money laundering and terrorist financing, and conducted additional measures to the Central Bank.
As part of the settlement agreement, Coinbase’s initial €30.6m fine was reduced by 30% due to the settlement scheme in place, which brought it down to the €21.5m fine. This was accepted by Coinbase and is subject to confirmation by the High Court.
A continued crypto issue?
Money laundering and terrorist financing via crypto has and continues to be an issue within Europe following the revelation a €600m money laundering ring was uncovered by Eurojust last week.
The European authority arrested nine people across several European countries in connection to the fraudulent network, who created dozens of fake crypto investment platforms, disguised as legitimate websites to steal crypto funds from victims.
Other fines related to money laundering failures in Europe occurred last year. Virtual currency operator UAB Payeer was fined €8.3m by Lithuania’s Financial Crimes Investigation Service for breaking AML laws. CryptoTrust Ltd. was handed a hefty €239m fine for breaching Markets in Crypto Assets’ (MiCA’s) guidelines on mishandling clients funds.
Due to the decentralised nature of crypto, the anonymity enables fraudsters to either hack networks or manipulate the market to their benefit, and are able to send funds almost instantly and close cold wallets at the same speed.
“Crypto has particular technological features which, together with its anonymity-enhancing capabilities and cross-border nature, makes it especially attractive to criminals looking to move their funds,” said Kincaid. “This is why it is especially important that firms engaged in crypto services have robust controls in place to identify and report suspicious transactions.”
“Where system failures do occur, it is imperative that they are reported to the Central Bank without delay so that appropriate actions can be taken to manage and mitigate the risk.”
Under MiCA regulations, regulated crypto assets service providers (CASPs) like Coinbase are required to report potentially suspicious transactions and activity, as well as demonstrate effective internal controls to their national authority.