CB Payments Limited (CBPL), a subsidiary of the globally recognised cryptoasset trading platform Coinbase, has been fined £3,503,546 by the Financial Conduct Authority (FCA) for significant breaches of a voluntary requirement (VREQ) imposed on the company. This enforcement action marks the first use of the FCA’s new powers under the Electronic Money Regulations 2011, emphasising the regulator’s commitment to maintaining stringent financial crime controls within the cryptoasset industry.
Background of the enforcement action
The enforcement action stems from a period between 31st October 2020 and 1st October 2023, during which CBPL failed to comply with the terms of the VREQ. This VREQ was voluntarily accepted by CBPL in October 2020 after extensive discussions with the FCA highlighted deficiencies in the firm’s financial crime control framework. The VREQ restricted CBPL from onboarding new high-risk customers while the company addressed these deficiencies.
Breaches of the VREQ
Despite the VREQ’s restrictions, CBPL onboarded and provided e-money services to 13,416 high-risk customers. Alarmingly, approximately 31% of these customers were permitted to execute 12,912 prohibited transactions, resulting in deposits totalling USD $24.9 million. These funds facilitated further cryptoasset transactions via other Coinbase Group entities, amounting to approximately USD $226 million.
FCA’s statement
Therese Chambers, Joint Executive Director of Enforcement and Market Oversight at the FCA, underscored the gravity of the situation, stating:
“The money laundering risks associated with crypto are obvious and firms must take them seriously. Firms like CBPL that enable crypto trading need to have strong financial crime controls. CBPL’s controls had significant weaknesses and the FCA told it so, which is why the requirements were needed. CBPL, however, repeatedly breached those requirements. This increased the risk that criminals could use CBPL to launder the proceeds of crime. We will not tolerate such laxity, which jeopardises the integrity of our markets.”
Failures in compliance and monitoring
The FCA identified that CBPL’s breaches were due to a lack of due skill, care, and diligence in designing, testing, implementing, and monitoring the controls intended to ensure compliance with the VREQ. The firm failed to account for all potential onboarding methods for customers, leading to repeated and material breaches that went undetected for nearly two years.
The FCA’s action is a clear message to all firms operating within the cryptoasset sector: robust financial crime controls are non-negotiable. CBPL’s agreement to resolve the matter resulted in a 30% discount on its fine. However, the substantial fine serves as a stark reminder of the serious consequences of failing to adhere to regulatory requirements.
How Neopay can help
In light of these developments, it’s clear that robust financial crime controls are more critical than ever. Neopay offers comprehensive compliance solutions tailored to help firms meet FCA regulations effectively. Our Financial Crime Audits provide an independent review of your financial crime framework, identifying any gaps or deficiencies. Our expert team can assist in designing, implementing, and monitoring robust anti-money laundering (AML) and counter-terrorist financing (CTF) frameworks. With Neopay’s support, companies can enhance their compliance posture, mitigate risks, and maintain the integrity of their operations, ensuring they remain fully compliant with FCA requirements.
To find out more about how we can support your business, contact our team here.