Home Business Robinhood faces first virtual currency enforcement action

Robinhood faces first virtual currency enforcement action

Robinhood faces first virtual currency enforcement action

In what is the first enforcement action by the New York Department of Financial Services (NYDFS) against an NYDFS-licensed “virtual currency business,” on August 1, 2022, the agency announcement $30 million settlement with cryptocurrency investment platform Robinhood Crypto, LLC (“RHC”). The settlement related to charges stemming from what the NYDFS cited as various shortcomings in 2019-20 of the Bank Secrecy Act (BSA) and RHC’s Anti-Money Laundering (AML) program and obligations of cybersecurity of RHS within the framework of the virtual currency of the agency ““BitLicense” policy (23 NYCRR Part 200) and Cyber ​​Security Regulations (23 NYCRR Part 500), among others

NYDFS has been active in crypto regulation for many years. In 2015, New York was the first state to enact a comprehensive framework for regulating businesses related to virtual currency. The cornerstones of BitLicense regulation are consumer protection, anti-money laundering compliance, and cybersecurity rules that aim to place appropriate “safeguards” in the industry while allowing the innovation. In addition, NYDFS Cybersecurity Regulations went into effect in March 2017 and generally require all covered entities, including licensed virtual currency businesses, to establish and maintain a cybersecurity program designed to protect the privacy, integrity and availability of its information systems. Licensed virtual currency companies are subject to the same anti-money laundering and cybersecurity regulations as traditional financial services companies.

In 2019 NYDFS granted RHC’s request for a BitLicense. The BitLicense, along with a New York State money transfer license also granted at the time, authorized Robinhood Crypto to offer services for buying, selling and storing various cryptocurrencies to New York residents. Overall, NYDFS said that after conducting a supervisory review and investigation, it found that RHC had “deficiencies in the company’s management and oversight of its compliance programs” and that staff and inadequate resources were devoted to BSA/AML, transaction monitoring and cybersecurity compliance. with its growth. As such, the agency found that RHC’s programs did not fully address RHC’s operational risks, particularly those associated with operating a cryptocurrency trading platform, and that policies specific to the within the program were not fully compliant with NYDFS cybersecurity and virtual currency regulations. Under the settlement, beyond the $30 million penalty, RHC will be required to retain the services of an independent consultant to perform a comprehensive assessment of RHC’s remediation and compliance efforts.

It’s been an active summer at NYDFS for crypto developments. RHC settlement follows one from last month publication of a stablecoin guide intended to establish fundamental criteria for USD-backed stablecoins issued by DFS-regulated entities on issues of redemption, asset reserves and certifications regarding such reserves.

Jonathan Mollod also contributed to this article.

© 2022 Proskauer Rose LLP. National Law Review, Volume XII, Number 223


Please enter your comment!
Please enter your name here