CB Payments Limited (CBPL), a subsidiary of the Coinbase Group, has been fined £3,503,546 by the Financial Conduct Authority (FCA) for repeatedly violating a restriction that barred the firm from offering services to high-risk customers.
This is the first time the FCA has taken enforcement action under the Electronic Money Regulations of 2011.
CBPL, which acts as a gateway for customers to trade crypto assets via other Coinbase Group entities, does not undertake crypto asset transactions for customers and is not registered to conduct crypto asset activities in the UK.
Coinbase UK Repeated Breaches of Financial Crime Controls
We’ve fined CB Payments Ltd £3,503,546 for repeatedly breaching a requirement that prevented the firm from offering services to high-risk customers. #cryptoassets #CryptoTrading #FinancialRegulation https://t.co/etahpXO3q3
— Financial Conduct Authority (@TheFCA) July 25, 2024
In October 2020, following significant engagement with the FCA over concerns about its financial crime control framework, CB Payments Limited (CBPL) entered into a voluntary requirement (VREQ) that prevented it from taking on new high-risk customers until the issues were addressed.
However, despite these restrictions, CBPL onboarded and/or provided e-money services to 13,416 high-risk customers, with approximately 31% of these customers depositing around USD 24.9 million. These funds were subsequently used to execute multiple crypto asset transactions via other Coinbase Group entities, totaling approximately USD 226 million.
The FCA’s investigation found significant weaknesses in CBPL’s controls, stating,
“CBPL’s controls had significant weaknesses, and the FCA told it so, which is why the requirements were needed. CPBL, however, repeatedly breached those requirements.”
The FCA’s investigation revealed that the breaches resulted from CBPL’s “lack of due skill, care, and diligence in the design, testing, implementation, and monitoring of the controls.”
They claimed that CBPL failed to consider all potential methods of customer onboarding when designing these controls, leading to inadequacies in monitoring compliance with the VREQ. Consequently, repeated and material breaches went undiscovered for nearly two years.
Therese Chambers, joint executive director of enforcement and market oversight at the FCA, stated the seriousness of the breaches, noting,
“This increased the risk that criminals could use CBPL to launder the proceeds of crime. We will not tolerate such laxity, which jeopardizes the integrity of our markets.”
As a consequence of these violations, the FCA imposed a £3.5 million ($4.5 million) fine on Coinbase’s UK subsidiary.
FCA Fines Coinbase to Sending Strong Warning to Financial Sector
The regulator highlighted that it would not tolerate such negligence, which threatens the integrity of financial markets.
The fine is intended to send a strong message to other financial institutions about the necessity of robust compliance systems and adherence to regulatory standards.
In response to the fine, Coinbase stated that it takes the FCA’s findings and its “broader regulatory compliance very seriously.”
The company assured that CBPL is proactively enhancing its controls to ensure regulatory compliance and highlighted the FCA’s acknowledgment of CBPL’s cooperation with the investigation.
CBPL agreed to resolve the matter and, therefore, qualified for a 30% discount on the fine.
CBPL also mentioned that it “unintentionally onboarded” some high-risk customers between October 30, 2020, and October 1, 2023, which represented 0.34% of the unit’s overall new customer sign-ups.
Subsequently, following this news, Coinbase Global shares were down by nearly 2% in U.S. premarket trading.
Coinbase scams are back as investors face a new threat of impersonation scams, with four users targeted and over $1M in cryptocurrency.#Coinbase #Scam https://t.co/A46ts2oekF
— Cryptonews.com (@cryptonews) July 8, 2024
Lately, Coinbase has been embroiled in a series of controversies, one of such was the recent series of impersonation scams, resulting in significant financial losses for at least four users.
Scammers employed sophisticated social engineering tactics, posing as Coinbase representatives to deceive victims into revealing sensitive financial information. One victim lost $1.7 million in cryptocurrency.
The scammers sent fraudulent emails claiming unauthorized transactions and directed victims to enter their seed phrases on fake websites, allowing partial access to wallets.
Reports suggest attackers may be using information leaked from CoinTracker’s email service provider database in 2022.
Other users have reported similar scams, with fake Coinbase representatives attempting to manipulate them into revealing passwords and account details.
The post Coinbase Subsidiary Fined $4.5 Million by FCA for Breaching Customer Regulations appeared first on Cryptonews.