Compliance Insight Weekly Update

The vote for MiCA has been postponed

The Markets in Crypto-assets (MiCA) Bill was initially supposed to be voted upon in November 2022 by the plenary. Then it was delayed to February 2023. In January 2023, however, an EU Parliament spokesperson announced that it would be delayed again by two months due to the necessary efforts to translate the 400-pages-Regulation in 24 languages. As a result, the vote is supposed to be passed in April 2023. 

Law Enforcement Actions

Gemini – Genesis

SEC Charges Genesis and Gemini for the Unregistered Offer and Sale of Crypto Asset Securities through the Gemini Earn Lending Program

Genesis and Gemini agreed in December 2020 to offer Gemini clients the opportunity to loan crypto assets to Genesis, the “Gemini Earn program”, which would pay interest. The program was deployed in February 2021. However, by November 2022 it failed as Genesis announced: “it would not allow its Gemini Earn investors to withdraw their crypto assets because Genesis lacked sufficient liquid assets to meet withdrawal requests following volatility in the crypto asset market”. Currently, the program is terminated after $900 million in investor assets were held by Genesis from 340,000 Gemini Earn investors in November 2022. 

The program represented an offer and sale of securities under applicable law, but was not registered with the Commission.

“We allege that Genesis and Gemini offered unregistered securities to the public, bypassing disclosure requirements designed to protect investors,” said SEC Chair Gary Gensler. 

As per SEC’s press release, “[t]he SEC’s complaint, filed in the U.S. District Court for the Southern District of New York, charges Genesis and Gemini with violations of Sections 5(a) and 5(c) of the Securities Act of 1933. The complaint seeks permanent injunctive relief, disgorgement of ill-gotten gains plus prejudgment interest, and civil penalties.”

The SEC announced that an investigation is still ongoing to verify whether other securities law violations occurred. 


The New York State Department of Financial Services started an investigation on Coinbase in May 2020 resulting in findings of “significant deficiencies across Coinbase’s compliance program, including its Know-YourCustomer/Customer Due Diligence (“KYC/CDD”) procedures, its Transaction Monitoring System (“TMS”), and its OFAC screening program. The Examination also found that Coinbase failed to conduct adequate annual Anti-Money Laundering (“AML”) risk assessments since 2017, as required by 23 NYRCC 200.15(b), and that Coinbase had not provided evidence of a validation review of its TMS system, as required by 23 NYCRR 504.3(a).”

Coinbase proved cooperative with authority and applied remedial measures in late 2020 and 2021. “However, substantial weaknesses remained, and, over the course of 2021, it became clear that Coinbase’s compliance system was inadequate to handle the growing volume of Coinbase’s business, a situation that was exacerbated by tremendous growth in its customer base.” 

“By the end of 2021, Coinbase had a backlog of unreviewed transaction monitoring alerts grew to more than 100,000 (many of which were months old), and the backlog of customers requiring enhanced due diligence (“EDD”) exceeded 14,000.”

This delay in applying proper user activity verification was due to a considerable lack of sufficient personnel, resources, and tools. 

Upon further verification, in August 2022, it was reported that “although Coinbase had made some progress in remediating its compliance issues, certain deficiencies persisted”. 

Coinbase is still working on the remediation of identified deficiencies. However, for the already identified violations of AML law, the entity was penalized with a fine worth 50M USD. 

On January 26, it was reported that Coinbase was fined 3.33M EUR for providing crypto services in the Netherlands without registering with the country’s Central Bank. 


FinCEN announced that crypto-exchange Bitzlato was discovered to have facilitated transactions for criminals, specifically for ransomware groups and darknet markets “on behalf of both darknet customers and darknet vendors”. 

“Bitzlato processed over 1.46 million direct transfers with the Hydra darknet marketplace between May 2018 and early April 2022, representing transactional flows of nearly 20,000 BTC sent and received during that timeframe.”

After the shutdown of Hydra by authorities, Bitzlato’s activity shows continued transactions with other Russian darknet markets: BlackSprut, OMG!OMG!, and Mega, representing the entity’s top counterparties by the total number of transactions. 

Although the entity is registered in Hong Kong, it operates from Russia, as FinCEN discovered during its investigation. Users are allowed to exchange Bitcoin (BTC), Ether (ETH), Bitcoin Cash (BCH), Litecoin (LTC), Dash (DASH), Tether (USDT), Monolith Ruble (MCR) and Dogecoin (DOGE).


Nexo, headquartered in Sofia, Bulgaria, was reported by a local news media outlet as having been raided by the police as part of an international operation that alleges the company to participate in financial crimes, money laundering and violations of international sanctions against Russia. 

The investigation started in late 2022 after foreign entities detected sanctions circumvention activity linked to sanctioned Russian banks and individuals.