Cryptocurrencies’ key properties are pseudo-anonymity and decentralization. Nevertheless, these capabilities such as improved anonymity also support illegal activities often including fraud, human trafficking, and money laundering. Criminals are drawn to privacy, which fuels a variety of illicit activities, and financial distress and cultural security threat for you. Regulatory bodies have expanded their surveillance of the blockchain and digital assets area in order to safeguard both clients and their assets from illegal activities.
Arthur Hayes, a rich businessman and financier, is the former chairman of BitMEX, a Bitcoin trading platform founded by three billionaires. Hayes surrendered on April 6, 2021, to face US accusations for breaking the Bank Secrecy Act (BSA). The BSA is intended to compel US financial firms to help US government authorities in detecting and preventing financial crimes. The Financial Crimes Enforcement Network (FinCEN) of the United States Department of the Treasury discovered that BitMEX failed to enforce the necessary policies, processes, and corporate governance to prevent clients from utilizing a virtual private network (VPN) for navigating trading platforms and circumventing Internet Protocol monitoring. [Full disclosure: I worked at FinCEN, the Treasury Department, and the Department of Justice.]
Given the regulatory oversight and risk of complications that cryptocurrency companies face from both the authorities and felonious actors, organizations associated with digital currencies and blockchain technology would be wise to re-evaluate their compliance programs and best practices in order to protect their businesses as the crypto world awaits new regulation in response to cyber-enabled financial crime and governments responding with zero tolerance.
The genesis of a “culture of compliance”
Noncompliance can have dire implications, spanning financial fines and lawsuits to judicially enforced company cease-and-desist orders and even incarceration. Compliance standards and significant fines push companies to comply, but it also motivates staff to act correctly and professionally toward the company, exhibiting professionalism both for the client base and the confidential material under the employer’s custody. Compliance is integrated into the business culture, most notably beliefs and actions, to achieve this professional and compliance-first approach. It is vital that compliance habits are established from the executive level, by upper leadership and C-Suite officers.
As the company expands, the payoff in a compliance culture becomes more apparent. It could come as a shock how unprepared a company is to comply with rules as it expands. The BSA isn’t the only crypto-related regulatory scheme in the US, and FinCEN isn’t the only federal authority with an involvement in crypto assets. To become and remain compliant, Virtual Asset Service Providers (VASPs) must adhere to the dynamic and evolving requirements of multiple regulatory authorities.
VASPs must conform to the changing and developing standards of different regulatory agencies in order to have and maintain compliance. The strength of a company’s compliance depends on its familiarity with the agencies that regulate the territory in which it performs. The cultural foundations of compliance, which are imprinted on workers, may inspire them to meet the criteria, but the organization may not be fully prepared. The following agencies have adopted regulations that are crucial to the culture of compliance in its essence for VASPs:
- The Office of Foreign Assets Control (OFAC): An organization within the United States Department of the Treasury in charge of overseeing and implementing financial sanctions on specified foreign nations, segments, businesses and residents in order to accomplish US foreign policy and national security goals.
- The Financial Crimes Enforcement Network (FinCEN): FinCEN’s objective is to safeguard the financial sector from unauthorized use, to combat money laundering, and to improve national security via the collection, processing, and distribution of financial intelligence, as well as the tactical use of financial powers.
- Securities and Exchange Commission (SEC): The SEC’s purpose is to safeguard investors, ensure fair, regulated, and productive markets, and promote capital creation. The SEC works to foster an economic climate worthy of the people’s trust.
- Commodity Futures Trading Commission (CFTC): The purpose of CTFC is to safeguard the public from deception, manipulation, and abusive activities in the marketing of commodities and financial futures and options, as well as to build public, innovative, and financially prudent futures and alternative markets.
Global Economic Sanctions, Anti-Money Laundering, Customer Identification and Know Your Customer programs, securities legislation, and commodities regulation are all governed by the previously stated regulators in order to fulfill their objectives. They keep cryptocurrency companies as well as other financial institutions liable for any security breaches resulting from their customers’ transactions.
The repercussions of noncompliance or neglecting to establish a compliance culture are severe. This can be the impending failure for a VASP in rare situations. To maintain adequate compliance duties, the appointment of a Chief Compliance Officer, regular compliance education, staff awareness initiatives, testing and inspection of compliance controls, and also a specific contact point inside the legal department should be in place.
