NYDFS issued an enforcement action against Coinbase Inc., alleging a variety of compliance failures. Some details:
– $50MM penalty; $50MM commitment spend on compliance; Continuation of Independent Monitor
– “During much of the relevant period, Coinbase’s KYC/CDD program, both as written and as implemented, was immature and inadequate. Coinbase treated customer onboarding requirements as a simple check-the-box exercise and failed to conduct appropriate due diligence.”
– “Coinbase was unable to keep pace with the growth in the volume of alerts generated by its TMS. By late 2021, Coinbase’s failure to keep pace with its alerts resulted in a significant and growing backlog of over 100,000 unreviewed transaction monitoring alerts.”
– “One consequence of Coinbase’s failed TMS was that as uninvestigated TMS alerts languished for months in the backlog, Coinbase routinely failed to timely investigate and report suspicious activity as required by law. The Department’s investigation found numerous examples of SARs filed months after the suspicious activity was first known to Coinbase.”
– “In light of the state of Coinbase’s compliance system, in early 2022, during the course of the investigation, the Department took the extraordinary step of installing an Independent Monitor to immediately evaluate the situation and begin working with Coinbase to fix the outstanding issues.”
The consent order may be found here: https://www.dfs.ny.gov/system/files/documents/2023/01/ea20230104_coinbase.pdf