Paxos to Pay $48.5 Million Over AML Failures & Binance Due Diligence Lapses

Key Takeaways

• $48.5 Million Settlement: Paxos will pay a $26.5 million penalty to New York State and invest $22 million into compliance enhancements under a DFS-approved remediation plan.
• Binance Due Diligence Failures: DFS found Paxos failed to adequately vet and monitor Binance, allowing $1.6 billion in transactions tied to illicit actors between 2017 and 2022.
• Geofencing and Sanctions Issues: Binance’s lax geofencing enabled U.S. users to access its unregulated exchange and process transactions with OFAC-sanctioned entities.
• AML and KYC Deficiencies: Paxos’s weak compliance program allowed customers with shared identifiers to open multiple accounts, missed money-laundering patterns, and lacked proper investigative protocols.
• Regulatory First: DFS’s 2023 order for Paxos to halt BUSD minting marked the first regulator-led winddown of a stablecoin, setting a precedent for federal and foreign enforcement actions.

Deep Dive

The New York State Department of Financial Services (DFS) has reached a $48.5 million settlement with Paxos Trust Company over systemic anti-money laundering (AML) deficiencies and failures to adequately vet its former business partner, Binance. The agreement, announced by Superintendent Adrienne A. Harris on August 7, requires Paxos to pay a $26.5 million penalty to the state and commit an additional $22 million to bolstering its compliance program under a DFS-approved remediation plan.

DFS’s investigation found that Paxos’s oversight shortcomings created heightened money-laundering risks, including failing to detect or respond to significant illicit activity occurring at or through Binance. Paxos, chartered by DFS in 2015 as a limited purpose trust company authorized to engage in virtual currency business, partnered with Binance to market and distribute the Binance USD (BUSD) stablecoin. Under the terms of its DFS agreement, Paxos was obligated to conduct regular due diligence on Binance, a requirement the regulator found it repeatedly failed to meet.

According to DFS, Binance’s lax geofencing allowed U.S. users to access its unregulated exchange, facilitating questionable activity. A historical review of selected Binance transactions from 2017 to 2022 found that $1.6 billion in transfers involved illicit actors, including transactions with entities sanctioned by the U.S. Office of Foreign Assets Control (OFAC).

“The Department of Financial Services has led the nation in regulating the virtual currency industry, protecting consumers and markets through examinations, supervision, and where necessary, enforcement,” Harris said. “Regulated entities must maintain appropriate risk management frameworks that correspond to their business risks, which includes relationships with business partners and third-party vendors.”

DFS previously took supervisory action in February 2023, ordering Paxos to cease minting BUSD due to safety and soundness concerns tied to Binance. That move marked the first regulator-led wind down of a stablecoin, prompting similar actions by federal and foreign authorities.

Beyond Binance-related lapses, DFS found Paxos had operated an underdeveloped compliance program for years. Weak Know Your Customer (KYC) and Customer Due Diligence (CDD) procedures allowed customers sharing the same addresses, corporate documents, beneficial owners, or other indicators of coordinated illicit activity to open and maintain multiple accounts undetected.

The firm’s transaction monitoring systems were similarly deficient, failing to flag obvious money-laundering patterns and lacking clear guidelines for initiating investigations after receiving law enforcement requests. DFS said these gaps delayed the detection of bad actors and undermined the company’s overall compliance framework.

Under the settlement, Paxos will be required to implement a comprehensive remediation plan aimed at upgrading its AML, KYC, and transaction monitoring systems to DFS standards and will be monitored for compliance as improvements are made.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.