The Cost of Crypto Non-Compliance

Regulatory actions against non-compliance are a top 5 loss event.

The cost of non-compliance can include financial penalties and legal settlements, reputational and productivity loss – leading to an overall drawdown in revenue.

In the legacy fiat system, costs of non-compliance are three times that of being in regulatory compliance. In 2018, the average cost to multinational corporations from non-compliance issues was estimated at $14.8 million – a 45% increase from 2011.

But what about the crypto markets?

Hit to Asset Prices

According to a McKinsey report on the costs of non-compliance in the traditional equity markets, the first day that a regulatory fine is announced, stock values plummet -5.5% on average. In the wild world of volatile crypto markets, that loss event is closer to -50%.

The SEC filing against Kik Interactive Inc. on 4th of June 2019 for conducting an unregistered securities sale took the native coin KIN from $0.000036 to $0.000021 later that same day, a -41.6% drawdown.

Source: CoinMarketCap

The SEC filing against Centra Tech., Inc.’s co-founders on the 2nd of April 2018 sent CTR tumbling -60% in 5 hours from $0.319 to $0.131.

The cost to Centra Tech’s investors and founders was more serious than that of Kik – as Centra Tech’s was a securities fraud violation. Earlier this month one of Centra Tech’s co-founders, Sohrab Sharma, was sentenced to 8 years in prison after pleading guilty to securities, wire and mail fraud.

Source: CoinMarketCap

Whilst the above examples are those of allegations of U.S. securities violations, the cost of non-compliance resulting in regulatory action in the crypto space on the value of assets is clear.

Drawdowns in Revenue

Whilst excellent AML compliance solutions abound in the blockchain ecosystem, not every exchange has been as quick to use the measure.

When the Commodity Futures Trading Commission (CFTC) filed a civil enforcement action against BitMEX, a large crypto derivatives platform, and its three co-founders in October of last year for failure to comply with AML regulations and operating an unregistered trading platform – open interest in BTC tumbled 21% on the platform within 24 hours from $593.1M to $468.9M. The same day the Department of Justice criminally charged the owners with conspiring to violate the Bank Secrecy Act (BSA).

Source: skew.

Since then, BitMEX has vowed to institute resolute AML and KYC processes (hiring a Chief Compliance Officer shortly after the DoJ and CFTC announcements) but it took the exchange 3 months before the same open interest volumes were passing through the platform after its case of non-compliance.

A Bad Reputation

Adverse media in the ‘olden days’ might only have meant that some potential customers have been pre-poisoned against a service provider by their choice of news source.

However, in the age of a maturing digital economy, more choices are being made by machine learning-based algorithms and ‘crowd-sourced’ popular opinions such as a reddit post with high levels of organic interactions.

Adverse media can also affect current and future strategic partnerships – putting that critical piece of the puzzle out of reach and enabling competition to fill that niche – as no legitimate organizations seek to team up with another firm accused of facilitating money laundering, terrorism or proliferation financing.

Companies accused of allowing sanctions breaches to be conducted are especially likely to be in the crosshairs of regulators or high-level government officials as these entities can be viewed as a direct threat to the public. This non-compliance threat is subsequently made explicitly known to their respective citizens and the overall market perception of the business declines rapidly.

Cherry Picking Jurisdictions

One factor that can hinder growth is being in line with local legislation but not so with other countries’ regulations such as the US’s BSA or the EU’s AMLD5. This can lead to massive drawdowns in growth projections as obliged entities – crypto asset exchanges, custodians and wallet providers – are forced to cease business or comply with the relevant jurisdiction (or face penalties).

And it’s worth knowing the penalties for other jurisdictions, as some are becoming increasingly more severe to founders or those with significant control of the business entity.

South Korea’s Financial Services Commission recently amended their reporting requirements to the country’s FIU (Financial Intelligence Unit) for all crypto asset transactions. Failure to do will lead to an up to 5-year jail term.

Crypto operators conducting business in the jurisdiction of Hong Kong must already be mindful of this threat to liberty for missteps. Failure to submit a SAR (Suspicious Activity Report) to the FIU there will result in a 3-month sentence, as well as a fine.

The Cost of Mis-Compliance

All legal financial intermediaries have some form of risk management and compliance process (if they are planning on staying in business). But not all are created equally. Many financial services businesses are affected by a high rate of false positives, where flags are raised due to certain transaction amount parameters or other suspicious behaviour which turns out to be a non-event.

Over time, this leads to hefty labour costs to sort through all the red flags to figure out which are deemed worthy of having a Suspicious Activity Report (SAR) filed to the relevant financial intelligence unit.

However, smart data-led approaches to this problem leverage machine learning to shift through the issues. Effective Enhanced Due Diligence via clustering algorithms, e-discovery, destination and source of funds, ownership analysis and fingerprints of activity.