On November 21, 2023, the Treasury Department, through the Financial Crimes Enforcement Network (FinCEN) and Office of Foreign Assets Control (OFAC), announced unprecedented actions against Binance Holdings Ltd. (Binance) and its affiliates for violations of U.S. anti-money laundering and sanctions laws. Binance, the world's largest virtual currency exchange, has agreed to enter into settlement agreements with FinCEN and OFAC for $3.4 billion and $968,618,825, respectively.

Never in the history of the U.S. Treasury have such massive sums been assessed against an institution. The combined, multi-billion dollar settlement—imposed alongside other terms and in tandem with the resolution of related criminal and civil matters before the Department of Justice and Commodity Futures Trading Commission— reflect the enormity and aggravated nature of the 1,667,153 apparent AML and sanctions violations Binance accrued while conducting its global affairs.

This development showcases the Treasury Department's willingness to take aggressive enforcement action within the virtual currency industry. Wherever located, those that rely on the U.S. financial system must ensure compliance with AML, sanctions, and other U.S. national security obligations. This is particularly the case for money services businesses (MSB) that are required to adhere, for example, to special reporting requirements.

Violations

In matching and executing virtual currency trades on its online exchange platform, Binance apparently violated multiple sanctions programs by providing prohibited goods and services or otherwise facilitating prohibited transactions involving blocked users or embargoed destinations. Specifically, Binance's conduct is alleged to have violated sanctions programs that target Iran, Syria, North Korea, Cuba, the Crimea region of Ukraine, and the Donetsk and Luhansk People's Republics.

Binance also appears to have violated FinCEN requirements by operating as an unregistered MSB and failing to report over 100,000 suspicious transactions to FinCEN through suspicious activity reports. These transactions related to terrorist financing, ransomware, child sexual abuse materials, dark net markets, scams, and other illicit activity.

OFAC found the apparent violations were egregious because Binance demonstrated awareness of and willful disregard for U.S. requirements. The penalties were further increased because these apparent violations were not voluntarily disclosed.

Settlement Terms

In addition to the hefty monetary sum, the settlement agreements impose a panoply of monitoring and compliance commitments. Binance agreed to engage an independent monitor for the next five years and implement a sanctions compliance program designed to minimize the risk of further violations, including by conducting a risk assessment, implementing internal controls, undergoing testing and auditing, providing training, ensuring Binance's full exit from the United States, and more. Binance's Chief Executive Officer also resigned on the day the penalties were announced.

Takeaways (Dos and Don'ts)

There are several takeaways underscored by the Binance settlement, with both general applicability and specific applicability to those operating in financial services, including:

  • Do secure buy-in and commitment from senior management, hire appropriate compliance personnel, and establish a corporate culture of compliance;
  • Do not allow messaging from senior officials that encourages circumvention of U.S. rules and internal controls by, for example, suggesting use of Virtual Private Networks to mask sanctioned activity, or, permitting a comingling of foreign and domestic business activity;
  • Do employ guardrails on use of and access to online services platforms, through use of tools such as geofencing, geolocation, and IP blocking;
  • Do not allow automated processes, such as "location-agnostic" algorithms, to operate unchecked by AML and sanctions compliance considerations;
  • Do ensure that your AML and sanctions compliance program is tailored and commensurate with the nature, sophistication, and scale of your operations;
  • Do not delay in designing and implementing an AML and sanctions compliance program, registering as an MSB where required, and voluntarily disclosing likely AML and sanctions violations.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.