Robinhood Crypto fined $30M for AML, cybersecurity failures
By 
Aaron Nicodemus2022-08-02T18:27:00
Robinhood Crypto (RHC) agreed to pay a $30 million fine to the New York State Department of Financial Services (NYDFS) for “significant failures” in its Bank Secrecy Act/anti-money laundering (BSA/AML) and cybersecurity compliance programs.
The NYDFS announced Tuesday that over several years, Robinhood’s BSA/AML program was inadequately staffed; failed to transition from a manual transaction monitoring system unfit for the firm’s size, customer profiles, and transaction volumes; and did not devote sufficient resources to addressing risks unique to the company.
Similarly, Robinhood’s cybersecurity program did not adequately address the risks of a potential breach and was not in full compliance with the NYDFS’s cybersecurity regulations.
Related articles
-
News BriefRobinhood Financial to pay $7.5M in Mass. settlement
Online stock trading platform and broker-dealer Robinhood Financial agreed to pay a $7.5 million fine as part of a settlement with the Commonwealth of Massachusetts addressing claims related to “gamification” of its platform and cybersecurity issues that lent to a 2021 data breach.
-
News BriefRobinhood discloses New York AG probe into brokerage execution
Online brokerage Robinhood Markets disclosed in a quarterly filing it is under investigation regarding the quality of its brokerage execution.
-
News BriefOneMain Financial fined $4.25M in NYDFS cybersecurity case
Mortgage servicer OneMain Financial Group will pay $4.25 million to settle allegations it left customer information vulnerable to cyberattacks by failing to implement required controls under New York’s cybersecurity law.
More from Regulatory Enforcement
-
ArticleSan Francisco firm pays $11.4M for alleged Russia-related sanctions violations
A San Francisco-based private equity firm has agreed to pay $11.4 million to settle allegations it violated U.S. sanctions rules by handling investments for a sanctioned Russian oligarch.
-
ArticleCompany agrees to report to FTC for 10 years for alleged student data lapses
A tech company that stores student information for schools has agreed to implement a data security program and report to the Federal Trade Commission for 10 years, after security failures led to data for 10 million students being breached.
-
ArticleLarge wound care practice pays $45M, agrees to monitoring
One of the largest wound care practices in the nation and its founder have agreed to pay $45 million and be subjected to third-party monitoring, to settle allegations that the business intentionally overbilled Medicare by priming its electronic medical records system to do so.