WSJ.COM
SubscribeSign In
Search

This copy is for your personal, non-commercial use only. To order presentation-ready copies for distribution to your colleagues, clients or customers visit https://www.djreprints.com.

https://www.wsj.com/articles/robinhood-expects-30-million-fine-in-cyber-money-laundering-probe-of-crypto-arm-11626731084

WSJ PRO

Robinhood Expects $30 Million Fine in Cyber, Money-Laundering Probe of Crypto Arm

The company initially anticipated a fine of at least $10 million

Robinhood Markets Inc. says its crypto unit, Robinhood Crypto LLC, anticipates the payout as part of a proposed deal to end an investigation by financial regulators.

Photo: Jakub Porzycki/Zuma Press
By

David Uberti

Robinhood Markets Inc.’s cryptocurrency arm expects to pay a $30 million fine to settle a New York state probe into its cybersecurity and anti-money-laundering practices, the mobile investing firm said in regulatory filings Monday, a sharp increase from an earlier estimate of the potential penalty.

Robinhood said in revised paperwork for a public listing that its crypto unit, Robinhood Crypto LLC, anticipates the payout as part of a proposed deal to end an investigation by financial regulators into allegedly lax security procedures.

“[Robinhood Crypto] and the [New York Department of Financial Services] have reached a settlement in principle with respect to these allegations, subject to final documentation, in connection with which, among other things, [Robinhood Crypto] expects to pay a monetary penalty of $30 million and engage a monitor,” the company said.

Menlo Park, Calif.-based Robinhood first disclosed the investigation earlier this month when it filed paperwork to go public. The company told investors at the time that a proposed settlement with the New York Department of Financial Services would require Robinhood’s crypto brokerage to engage a monitor and pay a fine of at least $10 million.

A spokeswoman for Robinhood declined to comment. A NYDFS representative said the investigation is ongoing and declined to comment further.

In its initial filings to go public, Robinhood said New York regulators alleged “certain deficiencies in our policies and procedures regarding risk assessment, lack of an adequate incident response and business continuity plan, and deficiencies in our application development security.” The company has shared few other details.

NYDFS requires financial firms to have anti-money-laundering programs that include collecting basic customer data, responding to law-enforcement requests and evaluating transactions for risks such as sanction violations. The agency also mandates that companies maintain cyber defenses and contingency plans in the event of a hack.

State and federal regulators have ramped up their scrutiny of cyber protections of privately owned critical infrastructure, such as financial services firms, as foreign intelligence agencies and hacking groups target more U.S. companies.

U.S. officials at the same time are increasing scrutiny of crypto transactions, many of which run through foreign exchanges, in the hope of spotting criminal activities such as tax evasion or digital ransom payments.

Robinhood expects its initial public offering to value the company, which boomed as retail investors poured money into markets, at about $33 billion.

MORE FROM WSJ PRO CYBERSECURITY

Write to David Uberti at david.uberti@wsj.com

Copyright ©2021 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Copyright 2021 Dow Jones & Company, Inc. All Rights Reserved

This copy is for your personal, non-commercial use only. Distribution and use of this material are governed by our Subscriber Agreement and by copyright law. For non-personal use or to order multiple copies, please contact Dow Jones Reprints at 1-800-843-0008 or visit www.djreprints.com.