NYDFS has issued its first enforcement action against one of its regulated cryptocurrency entities. Enforcement takeaways:
- $30 million penalty is significant.
- Alleged violations include BSA/AML; Cybersecurity; Reporting; and Consumer Protection.
- The Department alleged adequate resources were not devoted to RHC’s compliance programs, particularly as it grew, which exacerbated compliance issues.
- Robinhood improperly certified compliance with the Department’s Transaction Monitoring Regulation and Cybersecurity Regulations (Part 504 and Part 500), according to NYDFS.
- Robinhood also violated certain reporting requirements pursuant to its bespoke Supervisory Agreement with the Department, according to NYDFS.
- Robinhood must engage an Independent Consultant for 18 month term to assist with and oversee remediation.
More on the consent order here: https://www.dfs.ny.gov/reports_and_publications/press_releases/pr202208021