Crypto company fined $29.3 million for violating multiple U.S. sanctions

U.S. Treasury Secretary Janet Yellen holds a news conference in the Cash Room at the U.S. Treasury Department in Washington, U.S. July 28, 2022. 

Jonathan Ernst | Reuters

The Treasury Department fined a Washington-based cryptocurrency trading platform $29.3 million for violating multiple sanctions, including those prohibiting U.S. companies from doing business with individuals operating in Iran, Sudan, Syria, Cuba and the Crimea region of Ukraine, the agency announced Tuesday.

Bittrex, an online currency exchange and cryptocurrency wallet service company based in Bellevue, Washington, agreed to pay $24.3 million to the Treasury’s Office of Foreign Assets Control to settle civil charges that it conducted 116,421 transactions valued at more than $260 million that violated U.S. sanctions. The Treasury’s Financial Crimes Enforcement Network division, or FinCen, imposed a total civil penalty of $29.3 million, which covers additional violations under the Bank Secrecy Act.

FinCen said it will credit the OFAC fine to settle Bittrex’s potential liability with the agency. The company will pay $5 million to the Treasury.

Bittrex’s reporting failures “unnecessarily exposed the U.S. financial system to threat actors,” said FinCen acting Director Himamauli Das.

“Bittrex’s failures created exposure to high-risk counterparties including sanctioned jurisdictions, darknet markets, and ransomware attackers. FinCEN has made clear that virtual asset service providers must implement robust risk-based compliance programs and meet their BSA reporting requirements, and will not hesitate to act when it identifies willful violations of the BSA,” Das said.

The settlement is OFAC’s largest enforcement action against a cryptocurrency company to date and is the first joint enforcement action by OFAC and FinCen.

Bittrex reportedly failed to prevent individuals located in restricted areas from using its services. The company operated 1,730 accounts that processed 116,421 virtual currency-related transactions online totaling more than $263 million between March 28, 2014, and Dec. 31, 2017, according to a press release.

FinCen also discovered that the company did not maintain an effective anti-money-laundering program from February 2014 through December 2018. At times, as few as two employees were responsible for reviewing over 20,000 daily transactions for suspicious activity.

Bittrex also failed to file any suspicious activity reports between February 2014 and May 2017, including the processing of 22 transactions from the sanctioned locations involving over $1 million worth of virtual assets. More than 200 transactions during that time involved $140,000 worth of virtual assets, which is nearly 100 times larger than the average transaction on the company’s platform, according to the agencies.

The actions violated OFAC policies, which generally prohibit individuals and companies located in the U.S. from interacting with individuals and companies in sanctioned jurisdictions.

CNBC Politics

Read more of CNBC’s politics coverage:

The violations were discovered months after the Biden administration established a task force to enforce U.S. and allied countries’ sanctions against Russian officials and oligarchs who helped finance Russian President Vladimir Putin‘s invasion of Ukraine.

FinCen said Bittrex’s policies show that it was aware of OFAC’s sanctions regulations as far back as August 2015, but it didn’t start to screen customers for their locations until October 2017. A sanctions compliance program was not adopted until December 2015, though Bittrex began offering virtual currency services in early 2014.

Bittrex began implementing measures to fix its faulty monitoring practices, only after OFAC subpoenaed the company in October 2017.

In a statement, Bittrex said none of the allegations relate to conduct after 2018.

“As the settlement documents and announcements affirm, we had controls in place from an early stage —including formal sanctions and anti-money laundering policies — and we employed third-party experts and service providers to review our compliance processes, conduct sanctions screening, and help verify accounts,” a spokesman told CNBC. “As a growing company, during the period in question, we routinely assessed and improved these functions.”