Cryptocurrency platform BitMEX has agreed to pay $100 million as part of a settlement with two U.S. regulators for multiple violations of the Bank Secrecy Act (BSA) and other anti-money laundering (AML) laws.

The Commodity Futures Trading Commission (CFTC) and Financial Crimes Enforcement Network (FinCEN) announced the agreement Tuesday. BitMEX and its operating entities will pay $50 million to the CFTC and $30 million to FinCEN, with the chance to have the remaining $20 million suspended pending the successful completion of independent consultant reviews ordered as part of the settlement.

The case relates to Department of Justice charges filed against the three founders of the company—Arthur Hayes, Benjamin Delo, and Samuel Reed—and its first employee in October 2020 for violating the BSA. The CFTC is also pursuing litigation against Hayes, Delo, and Reed that is ongoing.

The details: BitMEX is wholly owned and operated by HDR Global Trading Limited, which is incorporated in the Seychelles. The platform operates as a convertible virtual currency derivatives exchange with offices worldwide.

Prior to BitMEX’s start, its founders were allegedly aware offering services to U.S. users would require the creation of an AML program amid other know your customer (KYC) compliance requirements to meet the country’s regulations. Despite this knowledge, the company began operations without an AML program, and though it purported to not do business in the United States, it was aware U.S. citizens were interacting with the platform, according to FinCEN’s consent order.

Steps were taken to mask these users, including encouraging U.S. citizens to establish shell companies outside the country to trade on the platform and altering IP addresses to countries like Canada, according to FinCEN. On multiple occasions, BitMEX was alerted to its U.S. user base by third-party vendors and allegedly chose to ignore the information.

Extensive BSA violations: “Until at least late 2020, BitMEX continued to operate without establishing and implementing a written AML program approved by senior management with adequate AML policies, procedures, and internal controls,” FinCEN stated. Other alleged lapses include:

  • Failure to conduct independent testing for compliance;
  • Failure to designate an individual responsible for implementing and monitoring operations and internal controls of an AML program;
  • Failure to conduct ongoing training for appropriate persons; and
  • Failure to establish appropriate risk-based procedures for conducting ongoing customer due diligence.

Until at least May 2018, BitMEX allowed customers to create an account with only an email address and “decided not to collect, maintain, or update any customer information or supporting verification documents,” according to FinCEN. The regulator believes thousands of transactions with suspicious counterparties were allowed to take place because of such due diligence lapses.

“Based on FinCEN’s analysis … at least $209 million worth of transactions were conducted by, at, or through BitMEX with known darknet markets or unregistered MSBs providing mixing services, as well as transactions involving high-risk jurisdictions and alleged fraud schemes,” the regulator stated. “Of these transactions, BitMEX failed to file a [suspicious activity report] on at least $15 million through at least 588 specific transactions that exceeded the minimum threshold and were either suspicious at the time of the transaction, or became suspicious when additional information about the suspicious nature of the transactions became available to BitMEX.”

CFTC violations: The CFTC’s order found BitMEX violated the Commodity Exchange Act by operating as a futures commission merchant without registration, “including by accepting bitcoin to margin digital asset derivative transactions and acting as a counterparty to leveraged retail commodity transactions.” BitMEX also violated CFTC regulations regarding KYC and AML.

“This case reinforces the expectation that the digital assets industry, as it continues to touch a broader pool of market participants, takes seriously its responsibilities in the regulated financial industry and its duties to develop and adhere to a culture of compliance,” stated Acting Chairman Rostin Behnam.

BitMEX response: “Today marks an important day in our company’s history, and we are very glad to put this behind us,” said CEO Alexander Höptner in a statement. “As crypto matures and enters a new era, we too have evolved. … Comprehensive user verification, robust compliance, and anti-money laundering capabilities are not only hallmarks of our business – they are drivers of our long-term success.”

Remedial measures taken by BitMEX include the prohibition of all U.S. users from accessing the trading platform, development of an AML program and user verification program, enhancement of internal controls to detect suspicious activity, and appointment of Malcolm Wright as chief compliance officer in October 2020. FinCEN noted in its order the company was aware it needed proper compliance personnel as far back as December 2018; the unnamed individual designated as responsible for compliance in 2019 took no action to resolve the alleged BSA violations.

“The future of crypto will belong to platforms that seek to be regulated in relevant jurisdictions and have responsible KYC and AML policies,” wrote Höptner in a follow-up blog. “As the largest crypto derivatives exchange with a fully verified user base, this is what BitMEX stands for. Putting this legal matter with the CFTC and FinCEN behind us will only accelerate our evolution, and puts us firmly on the right path.”