top of page

Lessons learned from Bittrex crypto exchange $29 million penalty

Updated: Oct 21, 2023

FinCEN, in October 2022 has announced a penalty of $29 million to crypto exchange Bittrex. Why?



Between 2014 - 2018 Bittrex:

  • Failed to maintain an effective AML program, including written policies and procedures

  • Failed to appropriately assess the risks associated with the products and services it offered (crypto)

  • Failed to implement effective transaction monitoring on its trading platform

  • Relied on only two employees with minimal AML training and experience to manually review over 20,000 transactions per day for suspicious activity in addition to other duties.

  • Failed to file any SAR for more than three years.


How about screening systems?


Only in 2016 Bittrex hired a third-party vendor to automatically screen transactions for compliance with OFAC sanctions.


The software however, only screened transactions to identify potential matches with sanctioned persons but not with sanctioned jurisdictions


As a result, Bittrex conducted more than 116,000 transactions for over $260 million with persons subject to OFAC sanctions.


Lessons learned:


  • Risk assessment is an essential step to AML compliance

  • If policies and procedures are not written down, they do not exist.

  • A manual transaction monitoring system, in most of the cases is deemed to fail.

  • The AML officers should be sufficiently experienced.

  • The AML department must have sufficient resources.

  • Regulated entities should ensure that the third-party vendors screening tools check against all relevant sanctions lists.

  • Penalties for AML failures can be huge.


The question is: Do we learn from our lessons?

Comments


bottom of page