When your company is operating on the cutting edge of technology or seeking to establish a foothold in a new market created by modern technology, the mundane requirements of staying compliant to existing legislation can seem to be archaic and out of place. That appeared to be the position taken recently by a competitor to Bitcoin in the virtual currency exchange or cryptocurrency market that was fined $700,000 for “willful violations of the Bank Secrecy Act (BSA).
Civil charges brought by US regulators in the Financial Crimes Enforcement Network (FinCEN) cited the company for issuing its own currency through a subsidiary to trade in the form of digital tokens to settle payments on the network of the parent company without first registering as a money services business (MSB). In addition, FinCEN recorded several situations where the subsidiary failed to abide by anti-money laundering (AML) procedures including failure to use KYC (know-your-customer) paperwork to support and validate virtual currency transactions.
One specific transaction in 2013 initiated criminal charges that were later dropped and replaced by civil charges that were addressed with the $700K fine. The company failed to file a suspicious activity report during a negotiated $250,000 transaction “with an individual who had prior felony convictions for dealing in explosive devices.”
The extent of the compliance breakdown can be seen with the failure to register as an MSB until September 4, 2013 (after the alleged incident), the failure to develop and implement a comprehensive AML policy until September 26, 2013, the absence of a chief compliance officer until “late January 2014”, and the failure to address “inadequate internal controls” to ensure BSA compliance or an AML risk assessment until March 2014. In February 2015 the company brought on a general counsel and BSA officer as part of the settlement agreement for the BSA violations.
There is no doubt that the start-up phase of any new venture is exciting, fast-paced and stressful as employees rush to prove the viability of the concept and to make enough money to keep the nascent venture up and running. Compliance at this stage can be easy to procrastinate over, but when your new venture operates in such a highly regulated environment, such basic malfunctions as failing to register and failing to establish comprehensive protocols to offer reassurance to clients who may be experimenting with virtual currency for the first time, is difficult to accept. It is easy to see why regulators automatically assumed a nefarious intent in this case.
The absence of compliance procedures has the potential to cast a darker shadow over your dealings than just a simple administrative error, as the absence of AML procedures and the deliberate failure to use KYC documentation did in this case. Without establishing a comprehensive compliance management system as a top priority so that the creation, revision and reinforcement of all company policies, processes and procedures are closely monitored and detailed, the suspicious nature of any transaction will stand unchallenged and could run the risk of costing your company hundreds of thousands of dollars.