New York’s financial regulator levels its first crypto enforcement action on Robinhood

Drive-by regulation usually happens on roads where firm rules don’t really exist, which explains the steady drumbeat of enforcement measures being imposed on crypto firms. But that style of regulation has now hit New York, where crypto rules are considered so burdensome by the industry that they have led to a mass exodus.

What’s up: The New York State Department of Financial Services on Tuesday imposed a $30 million fine on the crypto trading arm of Robinhood Markets, citing, among other things, alleged anti-money laundering and cybersecurity violations.

• It turned out that the compliance program was understaffed and led by an officer who lacked the experience to do so.
• Meanwhile, Robinhood CEO Vlad Tenev said on Tuesday that the firm would cut its headcount by nearly 25% as ambitious growth plans during the bull run led to over-hiring.

Why it matters: For how tough New York is supposed to be for crypto firms to set up shop, Robinhood Crypto has apparently operated for years without being compliant.

The details: The enforcement action – a first against a crypto store for the state’s financial regulator – follows the approval of Robinhood Crypto to operate by granting it a BitLicense in January 2019.

• Robinhood mentions the investigation in its public documents filed with the Securities and Exchange Commission in March 2019, saying they would likely pay a $10 million fine (a third of the actual settlement).

What they say: Robinhood Crypto, or “RHC,” was “not in full compliance” with government regulations when it began operating under its license on May 23, 2019, the consent order said.

• Missing reinforced missing. “Weaknesses in RHC’s approach to compliance led to problems across RHC’s BSA/AML and transaction monitoring programs.”
• Its compliance department. was understaffed. “RHC did not have sufficient BSA/AML staff with appropriate skill levels to support its BSA/AML compliance program.”
• And led by unskilled workers. “RHC [chief compliance officer]who lacked the equivalent experience to oversee a compliance program like RHC’s, especially as it grew, was not sufficiently involved in overseeing the launch and implementation of RHC’s automated software program.”
• Robinhood had a lot of homework overdue. “RHM had a significant backlog in processing alerts, i.e. in evaluating potentially suspicious transactions.”
• And they checked by hand. “RHC did not transition the manual system to an automated transaction monitoring system in a timely manner, which was unacceptable for a program that, as of September 30, 2019, averaged 106,000 transactions daily, totaling $5.3 million.”

• Robinhood was also late to listen. Robinhood hired an outside consultant in December 2019, who described the firm’s manual processing system as having “minimal value at this time,” but the firm did not enter software until April 2021.

Meanwhile, Robinhood kept confirming that it matched.

• “Despite all of these deficiencies, including acknowledgment by RHF’s head of AML that RHC was not in compliance with the Transaction Monitoring Regulation, on May 31, 2020, RHC’s CCO submitted a Certification of Compliance with DFS,” the consent order states.

Be smart: Starting a crypto company in New York is difficult, in part because of the BitLicense. And this year it became more expensive for licensees to operate in the state.

• Just over 30 digital asset companies have been approved to operate in New York.
• Case in point: Coinbase Global’s coin directory, which shows where in the world trading is allowed for each specific asset, breaks out New York as its own crypto jurisdiction, separate from the US (See e.g. bitcoin here)
• Of note: New York’s 2023 fiscal budget included a provision requiring licensed firms to pay for the costs of ensuring they are in compliance.