Crypto company CB Payments Limited (CBPL) has been slapped with a £3.5m fine after the Financial Conduct Authority made its first-ever crypto sting.
Action against CBPL, which is part of the Coinbase Group, was taken under the Electronic Money Regulations 2011, the first time the FCA has ever taken enforcement action using the powers.
After the FCA found “significant weaknesses and gaps” in CBPL’s financial crime control network in 2020, the company entered a voluntary requirement that prevented it from taking on new high-risk customers while it addressed the issues.
Despite this, the company onboarded and provided crypto services to over 13,000 high-risk customers over the space of three years.
A third of them were able to make almost 13,000 deposits worth about $25m (£19.4m), and they then ended up making multiple crypto transactions throughout the Coinbase network that totalled about $226m (£175m).
Several of the transactions were over $50,000 (£38,800), and CBPL ended up filing Suspicious Activity Reports on 62 of the customers over fears of potential money laundering.
The breaches went undetected for almost two years and were the result of CBPL’s “lack of due skill, care and diligence in the design, testing, implementation and monitoring” of the controls put in place by the voluntary requirement they had agreed to, the FCA said.
“This included failing to consider all of the various ways in which customers might be onboarded when designing the controls,” the watchdog added.
Following the sting, CBPL agreed to resolve the matter and qualified for a 30 per cent discount on its fine, which would have been over £5m otherwise.
Therese Chambers, joint executive director of enforcement and market oversight at the FCA said: “The money laundering risks associated with crypto are obvious and firms must take them seriously.
“Firms like CBPL that enable crypto trading, need to have strong financial crime controls. CBPL’s controls had significant weaknesses and the FCA told it so, which is why the requirements were needed. CPBL, however, repeatedly breached those requirements.
“This increased the risk that criminals could use CBPL to launder the proceeds of crime. We will not tolerate such laxity, which jeopardises the integrity of our markets.”