FinCEN Penalized First Peer-to-Peer Cryptocurrency Exchange

May 1, 2019 by ACA Compliance Group


On April 18, the Financial Crimes Enforcement Network (FinCEN) announced that they have imposed their first-ever penalty on a peer-to-peer cryptocurrency exchange for violating AML regulations, among other violations. FinCEN has assessed a civil money penalty against an individual for allegedly willfully violating the Bank Secrecy Act’s (BSA) registration program and reporting requirements. FinCEN contended the individual failed to register as a money services business (MSB), had no written policies or procedures for ensuring compliance with the BSA, and failed to report suspicious transactions and currency transactions.

The individual is claimed to have operated as a peer-to-peer exchanger of convertible virtual currency. As “money transmitters,” peer-to-peer exchangers are required to comply with the BSA obligations that apply to MSBs, including registering with FinCEN; developing, implementing, and maintaining an effective AML program; filing Suspicious Activity Reports (SARs) and Currency Transaction Reports (CTRs); and maintaining certain records.

The individual allegedly conducted over 200 transactions involving the physical transfer of more than $10,000 in currency, yet failed to file a single CTR. For instance, the individual allegedly conducted approximately 160 purchases of bitcoin for approximately $5 million through in-person cash transactions conducted in public places, such as coffee shops, with an individual identified through a bitcoin forum. Of these cash transactions, 150 were allegedly to have occured in-person and conducted in separate instances for over $10,000 during a single business day. Each of these 150 transactions necessitated the filing of a CTR.

ACA Guidance

If you are a cryptocurrency exchange operating in the U.S., ACA recommends taking the following actions:

  • Ensure that your organization is registered with FinCEN as an MSB
  • Register as a money transmitter with the state(s) where your organization is located and plan to do business in
  • Hire an experienced chief compliance officer and/or independent consulting firm to assist in creating and implementing an effective AML compliance program (i.e., policies & procedures, risk assessment, training)
  • Consider investing in technology to assist with AML compliance such as Identity Verification (IDV), Know Your Customer (KYC), Transaction Monitoring and/or OFAC/Sanctions software to assist with onboarding, data retention, monitoring of activity and regulatory reporting.

Additional Resources