Coinbase reaches $100M settlement over background check failures

New York financial regulators have found that the popular cryptocurrency exchange Coinbase violated anti-money laundering laws by failing to conduct adequate background checks. Coinbase will pay a $50 million fine to the New York State Department of Financial Services, and is also required to spend $50 million on improving its compliance program.

Coinbase disclosed that this investigation was in progress in its annual 10k filing in 2021.

State regulators first noticed problems at Coinbase in May 2020 during routine supervisory examinations. The Department of Financial Services found what it called “significant deficiencies” in various compliance programs, including customer due diligence procedures, transaction monitoring systems, Office of Foreign Assets Control (OFAC) programs and anti-money laundering risk assessments. Upon closer examination into potential legal violations, regulators also found issues with Coinbase’s “retention of books and records” and reporting to the state department.

“During the course of the Department’s investigation, the compliance situation inside Coinbase reached a critical stage,” the filing reads. The regulators found that by the end of 2021, Coinbase had a backlog of over 100,000 unreviewed transaction monitoring alerts, plus a backlog 14,000 users requiring enhanced due diligence.

These backlogs were due in part to Coinbase’s dramatic growth in 2021 — the filing says that Coinbase signups in May 2021 were fifteen times higher than January 2020, and by November 2021, there were twenty-five times more monthly transactions than in January 2020.

Regulators say that Coinbase did not have enough staff to keep up with growing compliance needs. Yet when Coinbase laid off 18% of its workforce (or 1,100 people) in June 2022, CEO Brian Armstrong said that the cuts were a result of over-hiring after the company’s 2021 boom.

According to the filing, it was instead the responsibility of over 1,000 third-party contractors to catch up with the backlog, not full-time employees. Regulators found that Coinbase didn’t properly oversee or train these contractors, so “a substantial portion of the alerts reviewed by third parties was rife with errors,” the filing says.

“The training Coinbase provided was not scalable for the size of the contractor force, and attendance at the training sessions was not adequately tracked,” regulators wrote. “The quality control process was not always performed by the contractor organizations to the standards that Coinbase provided, and initially, Coinbase did not have a system in place to audit the quality control that was done.”

As a result of these inaccuracies, regulators wrote that Coinbase failed to report potential instances of money laundering, narcotics trafficking and CSAM-related activity to authorities.

The filing also states that since 2018, Coinbase has been aware of its failures to meet state standards for money laundering and financial terrorism compliance.

“Although Coinbase has worked to correct these issues, its progress has been slow: progress in certain areas did not occur until recently, and work remains outstanding to the present,” the filing states.

The risks of this non-compliance are haven’t been merely hypothetical, regulators wrote.

The department found that one former Coinbase customer had faced criminal charges in the 1990s related to child sexual abuse material (CSAM). After engaging in “suspicious transactions potentially associated with illicit activity” for more than two years, Coinbase detected the activity, shut down the account and cooperated with law enforcement.

Another customer claimed to be an employee of a corporation and managed to gain unauthorized access to that corporation’s bank — by setting up a fraudulent Coinbase account in the name of the corporation, the customer transferred $150 million to their new account. Coinbase didn’t detect this fraud until six days later when contacted by the corporation in question; the money was later recovered after an investigation by law enforcement.

These charges come at a time when consumers are losing trust in popular cryptocurrency exchanges. After filing for bankruptcy, FTX founder and former CEO Sam Bankman-Fried is facing criminal charges including wire fraud and conspiracy to misuse customer funds; Bankman-Fried has plead not guilty to all charges.

“Coinbase has taken substantial measures to address these historical shortcomings and remains committed to being a leader and role model in the crypto space, including partnering with regulators when it comes to compliance,” said Coinbase chief legal officer Paul Grewal. “We believe our investment in compliance outpaces every other crypto exchange anywhere in the world, and that our customers can feel safe and protected while using our platforms.”

Coinbase reaches $100M settlement over background check failures by Amanda Silberling originally published on TechCrunch

Pin It on Pinterest

Share This