In its first crypto-related enforcement action, the New York State Department of Financial Services (NYDFS) levied a fine of $30 million on the cryptocurrency trading subsidiary of online brokerage Robinhood Markets Inc. for alleged violations of anti-money-laundering and cybersecurity standards.
The financial regulator for the state of New York announced on August 2 that Robinhood Crypto LLC had failed to maintain and certify compliant anti-money-laundering and cybersecurity measures, according to a report published by The Wall Street Journal.
As part of the terms of the consent order, Robinhood will also be obliged to hire an outside consultant to review the extent to which the company complies with the requirements imposed by the NYDFS as well as its remedial efforts.
Robinhood was found to have serious weaknesses
Severe flaws in Robinhood were discovered after conducting a supervisory exam and a subsequent enforcement inquiry.
According to the regulating body, the company’s management and control of its compliance systems were inadequate, which led to the failures.
These include failures to build and sustain a culture of compliance and to commit appropriate resources to the programs, particularly as the company grew swiftly, which aggravated the issues. Other failures include the inability to allocate ample resources to the programs.
Robinhood’s Associate General Counsel of Litigation and Regulatory Enforcement, Cheryl Crumpton said in a statement Tuesday:
“We have made significant progress building industry-leading legal, compliance, and cybersecurity programs, and will continue to prioritize this work to best serve our customers.”
Robinhood anticipated violation
Notably, Robinhood Crypto has anticipated the violation and stated in the last year that it is anticipating receiving a fine from the New York regulator.
As per statements made by the company last year, an investigation conducted in 2020 that “focused primarily on anti-money laundering and cybersecurity-related problems” discovered that the company had violated a number of regulatory standards.
In the paperwork that was submitted to the Securities and Exchange Commission a year ago, the company’s first estimate of the potential financial impact of the violation was at least $10 million, but the fine was ultimately raised to $30 million.