European supervisors have moved from theory to practice in assessing whether cryptocurrency platforms have fulfilled their earlier pledge to build effective AML programs, said Peter Oakes, former director of AML enforcement at the Central Bank of Ireland.
Maltese anti-money laundering regulators have fined cryptocurrency platforms Bequant Pro Ltd and Bequant Exchange Ltd nearly half a million euros in parallel actions that may herald stricter enforcement against virtual assets service providers, or VASPs, in Europe.
Inspections by Malta’s Financial Intelligence Analysis Unit, or FIAU, in 2021 identified egregious AML failures at both platforms, starting with inadequate assessments of customer- and business-related threats and a failure to conduct enhanced due diligence on high-risk clients, some of whom hailed from nations blacklisted by the Financial Action Task Force.
Bequant Pro and Bequant Exchange’s provision and management of digital wallets, tasks that often form the heart of a VASP’s business, proved just as problematic, according to FIAU, which disclosed the actions Thursday.
FIAU found that both platforms failed to vet the external parties with which their own clients sent and received cryptocurrency; failed to “determine whether the wallet being used … was a private or multi-signature wallet, or a custodial wallet;” and manually screened payments of more than €10,000 despite the high volume of such transactions.
Inspections by Malta’s Financial Intelligence Analysis Unit, or FIAU, in 2021 identified egregious AML failures at both platforms, starting with inadequate assessments of customer- and business-related threats and a failure to conduct enhanced due diligence on high-risk clients, some of whom hailed from nations blacklisted by the Financial Action Task Force.
Bequant Pro and Bequant Exchange’s provision and management of digital wallets, tasks that often form the heart of a VASP’s business, proved just as problematic, according to FIAU, which disclosed the actions Thursday.
FIAU found that both platforms failed to vet the external parties with which their own clients sent and received cryptocurrency; failed to “determine whether the wallet being used … was a private or multi-signature wallet, or a custodial wallet;” and manually screened payments of more than €10,000 despite the high volume of such transactions.
 | “The promise to act in good faith is no longer enough,” said Oakes, now a consultant in Dublin. “Now supervisors are checking and politicians are pushing them to demonstrate they have oversight on this industry.” |
Bequant Exchange neglected to verify the accuracy of the personal information submitted by 44 percent of the platform’s customers, and both companies failed to collect sufficient records on the source of their funds and the nature of their anticipated financial activity.
In one case, the only information that Bequant Exchange had on hand to identify a customer’s line of business and assess risk was a bank statement with a balance, precluding the company from monitoring his or her transactions effectively.
Malta’s enforcement actions against Bequant not only represent the first against VASPs in Malta, they also mark a turning point in Europe, where AML supervision of the sector is still in its infancy and penalties are few and far between.
French regulators withdrew Paris-based platform BYKEP’s permission to operate (https://www.moneylaundering.com/news/french-regulators-issue-first-ban-oncryptocurrency-platform/?) in September in response to “serious” AML failures, and German supervisors separately ordered fining U.S. cryptocurrency exchange Coinbase to strengthen internal governance, a broad concept that includes AML controls.
The following month, Lithuania’s primary AML regulator fined two platforms, Alteway and Decentralized, and announced plans to conduct a round of targeted inspections after finding that 90 percent of the 195 VASPs they had examined by that point had yet to report a single suspicious transaction.
Those inspections have already resulted in still-undisclosed penalties, but on a much smaller scale than those assessed in Malta, Alexandre Pinot, a founder of Amlyze, an AML firm in Vilnius, told moneylaundering.com. “Fines of this amount are still exceptional in Europe, but the tide is clearly turning,” Pinot said.
In one case, the only information that Bequant Exchange had on hand to identify a customer’s line of business and assess risk was a bank statement with a balance, precluding the company from monitoring his or her transactions effectively.
Malta’s enforcement actions against Bequant not only represent the first against VASPs in Malta, they also mark a turning point in Europe, where AML supervision of the sector is still in its infancy and penalties are few and far between.
French regulators withdrew Paris-based platform BYKEP’s permission to operate (https://www.moneylaundering.com/news/french-regulators-issue-first-ban-oncryptocurrency-platform/?) in September in response to “serious” AML failures, and German supervisors separately ordered fining U.S. cryptocurrency exchange Coinbase to strengthen internal governance, a broad concept that includes AML controls.
The following month, Lithuania’s primary AML regulator fined two platforms, Alteway and Decentralized, and announced plans to conduct a round of targeted inspections after finding that 90 percent of the 195 VASPs they had examined by that point had yet to report a single suspicious transaction.
Those inspections have already resulted in still-undisclosed penalties, but on a much smaller scale than those assessed in Malta, Alexandre Pinot, a founder of Amlyze, an AML firm in Vilnius, told moneylaundering.com. “Fines of this amount are still exceptional in Europe, but the tide is clearly turning,” Pinot said.
That same tide of enforcement applies to other categories of violations as well.
The Dutch central bank levied the largest regulatory penalty against a cryptocurrency platform in Europe last month, fining Coinbase €3.3 million for offering services in the Netherlands without permission.
European supervisors have moved from theory to practice in assessing whether cryptocurrency platforms have fulfilled their earlier pledge to build effective AML programs, said Peter Oakes, former director of AML enforcement at the Central Bank of Ireland.
“The promise to act in good faith is no longer enough,” said Oakes, now a consultant in Dublin. “Now supervisors are checking and politicians are pushing them to demonstrate they have oversight on this industry.”
Contact Gabriel Vedrenne at gvedrenne@acams.org
Article in PDF here
The Dutch central bank levied the largest regulatory penalty against a cryptocurrency platform in Europe last month, fining Coinbase €3.3 million for offering services in the Netherlands without permission.
European supervisors have moved from theory to practice in assessing whether cryptocurrency platforms have fulfilled their earlier pledge to build effective AML programs, said Peter Oakes, former director of AML enforcement at the Central Bank of Ireland.
“The promise to act in good faith is no longer enough,” said Oakes, now a consultant in Dublin. “Now supervisors are checking and politicians are pushing them to demonstrate they have oversight on this industry.”
Contact Gabriel Vedrenne at gvedrenne@acams.org
Article in PDF here