Robinhood Crypto to Pay $30 Million Penalty for AML and Consumer Protection Violations

Robinhood’s crypto division has been fined by the New York State Department of Financial Services (NYDFS). The authority confirmed on Tuesday that it has imposed a penalty worth $30 million on Robinhood Crypto for ‘significant’ violations related to anti-money laundering, cybersecurity and consumer protection.

The details shared by the authority show that significant shortcomings were identified in Robinhood Crypto’s compliance programs. The crypto division of the financial services provider also violated certain reporting requirements.

“As its business grew, Robinhood Crypto failed to invest [in] the proper resources and attention to develop and maintain a culture of compliance, a failure that resulted in significant violations of the Department’s anti-money laundering and cybersecurity regulations,” said Superintendent Harris.

“All virtual currency companies licensed in New York State are subject to the same anti-money laundering, consumer protection and cybersecurity regulations as traditional financial services companies. DFS will continue to investigate and take action when any licensee violates the law or the Department’s regulations, which are critical to protecting consumers and ensuring the safety and soundness of the institutions,” Harris added.

In the last 12 months, Robinhood has expanded its presence in the crypto ecosystem significantly. In April 2022, the company signed an agreement to acquire Ziglu.

Violations

NYDFS highlighted that the company failed to allocate appropriate resources to its compliance program. The authority noted that some weaknesses were found in Robinhood Crypto’s transaction monitoring and cybersecurity programs.

“The Department found, following a supervisory examination and a subsequent enforcement investigation, that RHC’s BSA/AML compliance program, including its transaction monitoring system, had significant deficiencies. Among other things, RHC’s BSA/AML program was inadequately staffed; failed to timely transition from a manual transaction monitoring system that was inadequate for RHC’s size, customer profiles and transaction volumes; and did not devote sufficient resources to adequately address risks specific to RHC,” NYDFS added.