Coinbase's CB Payments Limited (CBPL) business does not offer crypto transactions but acts as a gateway for customers to make trades via other businesses within the group.
In 2020, amid concerns about the unit's financial crime control framework, it entered a voluntary requirement that prevented it from taking on new high-risk customers.
Despite this, says the FCA, CBPL onboarded or provided e-money services to 13,416 high-risk customers. Nearly a third of these customers deposited $24.9 million, which was used to make withdrawals and then make crypto transactions via other Coinbase entities, totalling approximately $226 million.
The FCA says the breaches were the result of CBPL’s lack of due skill, care and diligence in the design, testing, implementation and monitoring of the controls put in place to ensure that the voluntary requirement was effective.
Therese Chambers, joint executive director, enforcement and market oversight, FCA, says: "The money laundering risks associated with crypto are obvious and firms must take them seriously.
Firms like CBPL that enable crypto trading need to have strong financial crime controls. CBPL's controls had significant weaknesses and the FCA told it so, which is why the requirements were needed.
CPBL, however, repeatedly breached those requirements.
"This increased the risk that criminals could use CBPL to launder the proceeds of crime. We will not tolerate such laxity, which jeopardises the integrity of our markets."