Digital Currency Technology Company Settles OFAC Charges For Sanctions Violations

A California-based provider of secure digital wallet management services settled its potential civil liability for alleged violations of numerous sanctions programs.

According to OFAC, the company allowed persons apparently located in the Crimea region of Ukraine, as well as Cuba, Iran, Sudan, and Syria, to use its non-custodial secure digital wallet management service, permitting the individuals to store digital "keys" online and send digital currency to other digital wallets. OFAC explained that the provision of these services to persons in these sanctioned jurisdictions was in violation of applicable sanctions regulations (and, in the case of the Crimea region, Executive Order 13685). In all, between March 10, 2015 and December 11, 2019, OFAC alleged that the company processed 183 digital currency transactions on behalf of sanctioned persons, with a total transaction value of over $9,000.

OFAC found that, at the time of the apparent violations, the company tracked its users' Internet Protocol ("IP") addresses for security purposes. This information would have allowed the company to identify whether users were accessing its services from sanctioned jurisdictions. OFAC asserted that the company did not utilize IP address information for sanctions screening purposes, thereby allowing these apparent violations to occur.

OFAC stated that the company did not voluntarily self-disclose the violations, but that the violations constituted a non-egregious case. OFAC also found the company's significant remedial measures to be a mitigating factor in its calculation of the appropriate penalty amount. Remedial steps included the hiring of a Chief Compliance Officer and implementation of an OFAC Sanctions Compliance Policy requiring, among other things, IP address blocking and other restrictions for sanctioned jurisdictions.

To settle the charges, the company agreed to pay a $98,830 civil monetary penalty.