On January 4, 2023, the New York State Department of Financial Services issued a consent order against Coinbase, a virtual currency company. Pursuant to the consent order, Coinbase will be paying a $50 million penalty to the state of New York for failing to maintain a compliant program. The company has also agreed to invest an additional $50 million in its compliance function over the next two years to address these issues and improve its compliance program.
According to the consent order, Coinbase’s compliance program failed to meet the standards set by the New York Banking Law and the New York State Department of Financial Services’ regulations for virtual currency, money transmission, transaction monitoring, and cybersecurity. These failures made Coinbase’s platform vulnerable to criminal activity such as fraud, money laundering, and the distribution of child sexual abuse material and narcotics.
The consent order also stated that Coinbase’s Know Your Customer/Customer Due Diligence program and Transaction Monitoring System were inadequate for a financial services provider of its size and complexity. The company failed to properly onboard customers and did not conduct appropriate due diligence. In addition, Coinbase was unable to keep up with the volume of alerts generated by its TMS, resulting in a backlog of over 100,000 unreviewed alerts. This led to Coinbase’s failure to timely report suspicious activity as required by law.
In response to these issues, the Department installed an independent monitor to work with Coinbase in fixing these issues and building a more effective and robust compliance program. The independent monitor will continue to work with Coinbase for at least one more year, with the possibility of extension at the Department’s discretion.