A Canadian financial intelligence agency has imposed a record-breaking fine of nearly $177 million on a cryptocurrency exchange for various violations, including neglecting to flag over 1,000 transactions suspected of criminal ties. The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) disclosed the penalty against Xeltox Enterprises Ltd., operating as Cryptomus (formerly Certa Payments Ltd.), based in British Columbia.
This hefty fine of $176,960,190 surpasses the previous highest penalty of about $20 million charged by FINTRAC to Peken Global Ltd., the operator of KuCoin, another cryptocurrency business, in September. According to FINTRAC’s director and CEO Sarah Paquet, the enforcement action against Cryptomus was necessitated by numerous violations related to activities like child sexual abuse material trafficking, fraud, ransomware payments, and sanctions evasion.
The agency identified 1,068 instances where Cryptomus failed to file reports for transactions in July 2024 involving darknet markets and virtual currency wallets associated with criminal pursuits. Darknet markets serve as online platforms for illicit trade, while virtual currencies enable anonymity, making them attractive for criminal endeavors.
In addition to the aforementioned lapses, FINTRAC highlighted another breach by Cryptomus, failing to report 7,557 transactions originating from Iran within a specific period. These transactions, subject to heightened scrutiny due to ministerial directives regarding financial dealings with Iran, required strict compliance measures, including verification of identities, due diligence, record-keeping, and reporting to FINTRAC, which Cryptomus neglected.
Furthermore, FINTRAC discovered 1,518 transactions that met the reporting threshold for significant virtual currency transfers in July 2024, which Cryptomus failed to report. The agency also pointed out deficiencies in the company’s policies and procedures, affecting ongoing monitoring and “know-your-client” obligations.
Under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, various businesses are mandated to maintain records, identify clients, implement compliance protocols, and report specific financial transactions to FINTRAC. This penalty is the latest in a series of actions against Cryptomus, as the company was previously banned by the B.C. Securities Commission from trading securities and engaging in market activities earlier in the year.
In the fiscal year 2024-25, FINTRAC issued a record 23 violation notices to non-compliant businesses, totaling over $25 million in penalties, marking the highest number of notices in a single year in its history. Since gaining the authority to impose penalties in 2008, FINTRAC has levied more than 150 fines.