BitMEX, a Seychelles-based centralized exchange for trading derivatives on bitcoin, ether and litecoin, and certain of its executives have been charged with a number of violations under the U.S. Commodity Exchange Act (CEA), including allegedly operating an unregistered trading platform and violating anti-money laundering regulations. The Department of Justice filed a parallel criminal indictment.
On October 1, 2020, the Commodity Futures Trading Commission (CFTC) filed a civil enforcement action against BitMEX, the second-largest cryptocurrency-derivatives exchange, and its three co-founders for operating an unregistered trading platform and failing to comply with anti-money laundering (AML) regulations. Simultaneously, DOJ criminally individually charged BitMEX’s owners and the head of business development with criminally conspiring to violate the Bank Secrecy Act (BSA) by operating an exchange without complying with U.S. AML requirements, including the requirement to conduct KYC (know your customer) due diligence.
According to the U.S. charges, beginning in November 2014, BitMEX profited while illegally offering leveraged retail commodity transactions, futures, options and swaps on digital assets—including bitcoin, ether and litecoin—to persons in the United States without being registered with the CFTC as required by law. Specifically, BitMEX violated the Commodity Exchange Act and CFTC regulations by offering, entering into, confirming the execution of, or otherwise dealing in, off-exchange commodity futures transactions;
offering, entering into, confirming the execution of, or transacting in off-exchange transactions in commodity options;
acting as an unregistered futures commission merchant (FCM);
operating a facility for the trading or processing of swaps without being registered as a swap exchange facility (SEF) or as a designated contract market;
failing to supervise the handling of commodity interest accounts; and
failing to comply with applicable provisions of the Bank Secrecy Act.
The CFTC alleges that the defendants violated AML regulations by failing to implement any know-your-customer procedures, or a customer information program to verify the identity of its customers. BitMEX also allegedly failed to implement AML policies or procedures to prevent or detect terrorist financing and other criminal activity. The CFTC claims that the defendants were aware of U.S. regulations for financial institutions, but made conscious decisions to avoid and evade them despite serving U.S. customers.
On the same day as the filing of the CFTC complaint, the U.S. Attorney for the Southern District of New York initiated a criminal proceeding against BitMEX’s founders, as well as its head of business development, charging the four individuals with violating the Bank Secrecy Act and conspiracy to violate the Bank Secrecy Act. The Department of Justice alleges that the defendants “willfully fail[ed] to establish, implement, and maintain” adequate AML program and policies. The charges state that BitMEX permitted customers to conduct financial transactions anonymously, thereby causing BitMEX to be used to launder the proceeds of crimes and permitting trading by customers located in sanctioned countries. Indeed, the complaint alleges that two founders personally communicated with customers from Iran.
These actions signal that the CFTC and the Department of Justice will be closely monitoring the digital asset market for any activities that undermine the market’s integrity. They also make clear the risk to international financial intermediaries that do business with U.S. persons. Acting Manhattan U.S. Attorney Audrey Strauss said: “With the opportunities and advantages of operating a financial institution in the United States comes the obligation for those businesses to do their part to help in driving out crime and corruption. As alleged, these defendants flouted that obligation and undertook to operate a purportedly ‘off-shore’ crypto exchange while willfully failing to implement and maintain even basic anti-money laundering policies.”
Also at issue in these enforcement actions is the adequacy of “geo-blocking” mechanisms often employed by offshore crypto exchanges. According to the CFTC complaint and the indictment, BitMEX’s sole geo-blocking method was an IP address check and BitMEX did nothing to prevent U.S. persons from circumventing this geo-block. Allegedly, the use by BitMEX’s U.S. customers of VPN services to mask the customer’s IP address, making online actions virtually untraceable, was an “open secret” and the defendants are accused of knowing that U.S. customers opened and were continuing to use BitMEX accounts.