FinCEN settlement of $3.4 billion and OFAC settlement of $968 million largest for each
IRS – CI investigation leads to Department of Justice action
WASHINGTON — The U.S. Department of the Treasury, through the Financial Crimes Enforcement Network (FinCEN), the Office of Foreign Assets Control (OFAC), and IRS Criminal Investigation (CI), has taken unprecedented action to hold Binance Holdings Ltd. and its affiliates (collectively, Binance) accountable for violations of the U.S. anti-money laundering (AML) and sanctions laws that protect American national security and the integrity of the international financial system. Binance is the world’s largest virtual currency exchange, responsible for an estimated 60% of centralized virtual currency spot trading.
Today, Binance settled with FinCEN and OFAC for violations of the Bank Secrecy Act (BSA) and apparent violations of multiple sanctions programs. The violations include failure to implement programs to prevent and report suspicious transactions with terrorists — including Hamas’ Al-Qassam Brigades, Palestinian Islamic Jihad (PIJ), Al Qaeda, and the Islamic State of Iraq and Syria (ISIS) — ransomware attackers, money launderers, and other criminals, as well as matching trades between U.S. users and those in sanctioned jurisdictions like Iran, North Korea, Syria, and the Crimea region of Ukraine. By failing to comply with AML and sanctions obligations, Binance enabled a range of illicit actors to transact freely on the platform. Today’s settlements are part of a global agreement simultaneous with Binance’s resolution of related matters with the Department of Justice (DOJ) and the Commodity Futures Trading Commission (CFTC).
“Binance turned a blind eye to its legal obligations in the pursuit of profit. Its willful failures allowed money to flow to terrorists, cybercriminals, and child abusers through its platform,” said Secretary of the Treasury Janet L. Yellen. “Today’s historic penalties and monitorship to ensure compliance with U.S. law and regulations mark a milestone for the virtual currency industry. Any institution, wherever located, that wants to reap the benefits of the U.S. financial system must also play by the rules that keep us all safe from terrorists, foreign adversaries, and crime, or face the consequences.”
FinCEN’s settlement agreement assesses a civil money penalty of $3.4 billion, imposes a five-year monitorship, and requires significant compliance undertakings, including to ensure Binance’s complete exit from the United States. OFAC’s settlement agreement assesses a penalty of $968 million and requires Binance to abide by a series of robust sanctions compliance obligations, including full cooperation with the monitorship overseen by FinCEN. To ensure that Binance fulfils the terms of its settlement — including that it does not offer services to U.S. persons — and to ensure that illicit activity is addressed, Treasury will retain access to books, records, and systems of Binance for a period of five years through a monitor. Failure to live up to these obligations could expose Binance to substantial additional penalties, including a $150 million suspended penalty, which would be collected by FinCEN if Binance fails to comply with the terms of the required compliance undertakings and monitorship.
The monitor will oversee remedial undertakings necessary to address Binance’s failure to comply with its anti-money laundering and sanctions obligations. The monitor will also conduct periodic reviews and report to FinCEN, OFAC, and the CFTC on its findings and recommendations to ensure Binance’s ongoing compliance with the terms of the settlement agreements.
Today’s unprecedented actions underscore Treasury’s commitment to promoting compliance within the virtual currency industry, including by actively enforcing AML and sanctions laws. Treasury’s authorities to enforce those laws are broad, reaching a wide range of misconduct, and can apply to both U.S. and foreign persons. Wherever located, virtual currency exchanges and financial technology firms should, like any other financial institution, ensure they adopt a managerial commitment to compliance at the very top, and that risk-based programs and controls are integrated effectively into their platforms and technology from “Day One.”
Treasury worked closely with counterparts at DOJ, including the Criminal Division's Money Laundering and Asset Recovery Section, the National Security Division’s Counterintelligence & Export Control Section, and the U.S. Attorney's Office for the Western District of Washington, as well as the CFTC.
FinCEN Enforcement Action
FinCEN’s historic $3.4 billion settlement is the largest penalty in U.S. Treasury and FinCEN history.
Binance admits that it willfully operated as an unregistered money services business (MSB) while obscuring its ties to the U.S. and maintaining its most commercially important U.S. customers.
Binance admits that it willfully failed to establish, implement, and maintain an effective anti-money laundering program by, among other things, failing to perform Know Your Customer (KYC) on a large number of its users. This meant that Binance allowed a range of illicit actors to transact freely on the platform, damaging the integrity of the financial system. FinCEN’s investigation revealed that Binance also failed to mitigate the risks of anonymity-enhanced cryptocurrencies that allowed its users to obscure information about the origin and destination of transactions.
As an MSB, Binance was required to report suspicious transactions to FinCEN through suspicious activity reports (SARs). FinCEN’s investigation revealed that Binance’s former Chief Compliance Officer told personnel that the CEO’s policy was to not report such activity, and Binance never filed a single SAR with FinCEN. Binance willfully failed to report well over 100,000 suspicious transactions that it processed as a result of its deficient controls, including transactions involving terrorist organizations, ransomware, child sexual exploitation material, frauds, and scams.
Terrorist Financing. Binance failed to report to FinCEN transactions associated with terrorist groups including Al Qaeda, the Islamic State of Iraq and Syria (ISIS), Hamas’ Al-Qassam Brigades, and Palestinian Islamic Jihad (PIJ).
Ransomware. Despite being one of the largest receivers of ransomware proceeds, and transacting in millions of dollars of ransomware proceeds from attacks involving at least 24 different strains of ransomware, Binance failed to report these transactions.
Child Sexual Abuse Materials. Binance never reported transactions with websites devoted to selling child sexual abuse materials, including Dark Scandals.
Darknet Markets, Scams, and Other Illicit Activity. Despite sending and receiving virtual assets proceeds from large-scale hacks, account takeovers, and darknet markets dealing in illegal narcotics, counterfeit and fraud-related goods and services, as well as other illegal contraband, Binance never reported any such transactions.
In order to fill the gap in reporting to law enforcement related to these and other types of illicit activity, Binance has agreed to a lookback to identify and report to FinCEN the suspicious transactions that it processed and willfully failed to report.
For additional details, see the FinCEN consent order here.
OFAC Enforcement Action
The historic sum of OFAC’s action reflects the egregious nature of Binance’s conduct, the high volume of its transactions, and senior management’s involvement. Between August 2017 and October 2022, Binance executed more than 1.67 million virtual currency trades on its Binance.com platform between U.S. persons and users in sanctioned jurisdictions and blocked persons.
As early as mid-2018, Binance knew or should have known that enabling such activity would result in violations of sanctions. Nevertheless, Binance deliberately undermined and ineffectually implemented its own sanctions compliance controls. One way that Binance did so was through its suggestion that users utilize virtual private networks that could circumvent Binance’s own geofencing controls, i.e., technical protocols that blocked access for users with internet protocol addresses from the United States and sanctioned jurisdictions. In doing so, Binance sought to retain its base of U.S. users and the large volume of trading liquidity that U.S. users provided, while also keeping its customers from sanctioned jurisdictions. Binance knew that given the operation of its matching algorithm, maintaining both sets of users would inevitably lead to executed trades between U.S. and sanctioned jurisdiction users, violating sanctions in the process. To maintain this activity, Binance executives, including its CEO, issued guidance to “appear” compliant, while knowingly allowing the apparently violative activity to continue.
Binance’s settlement is the largest in OFAC history, and Binance could face exposure up to billions of dollars in further penalties if it materially breaches its compliance commitments as described under the agreement.
For additional details, including the public settlement agreement, see the OFAC web post here.
IRS-CI Contributions
CI special agents led the criminal investigation into Binance and its founder that served as the basis for criminal charges and civil penalties. Evidence gathered as part of the investigation proved the company and its founder did not have an effective anti-money laundering program in place, the company did not register as a money transmitter as required by federal law, and the company willfully violated U.S. sanctions tied to the International Emergency Economic Powers Act.
CI is the criminal investigative arm of the IRS. For more than 100 years, CI special agents have spent 100% of their time investigating tax and financial crimes, a skillset that has easily transferred to the digital realm where they now follow the money trails of increasingly complicated cybercrimes.
The agency has two Cyber Crimes Units — a Western Cyber Crimes Unit based in the Los Angeles Field Office and an Eastern Cyber Crimes Unit based in the Washington, D.C. Field Office — that conduct cyber investigations. The Western Cyber Crimes Unit, as well as CI’s headquarters-based Cyber and Forensic Services Section, played an integral role in the civil penalties announced Tuesday.
###