When are regulators going to hold crypto accountable? 

As a former financial regulator who brought hundreds of enforcement actions against banks and their executives, I believe the consent order between the U.S. government and Binance and the plea by its CEO seemed lenient, given the circumstances.  

The firm was charged with intentionally evading U.S. anti-money-laundering (AML) laws and encouraging its customers to obscure where they were. The government described Binance’s actions as “willful,” exposing the public to “significant harm.” That seems mild, considering that, according to the consent order, Binance was facilitating transactions involving U.S.- designated terrorists like Hamas and purveyors of child sexual abuse material.  

Binance reportedly acted as a “colossal money-laundering hub for terrorists, cybercriminals and customers in sanctioned countries.” That is pretty horrific behavior — many steps beyond mere ministerial AML mistakes.  

Binance paid a $4.3 billion fine — one that catapulted over most fines assessed to date. But it’s only money. It also agreed to a range of corporate monitoring and AML rehabilitation programs. Its CEO, Changpeng Zhao, pled guilty to a crime that reportedly will earn him at most a sentence of 18 months in prison, and he gets to keep his significant ownership interest in Binance.

If Binance were a bank, its FDIC deposit insurance may have been terminated, its charter revoked and its doors shuttered. At the very least, no one in management involved in the scheme who stayed out of jail would have been able to remain employed or return to work in the financial services business. 

Money laundering is the engine that makes crime work. Without it, there would be smaller paydays for criminals and less crime.  

In the analogue world, it enables crimes like human trafficking, illegal narcotics, terrorism, child sexual abuse material, smuggling and the sale of state secrets in our analogue world. But in the online world, the scale and scope of those crimes increases exponentially, thanks in no small way to the role played by cryptocurrencies. When a 23-year-old man can sit in his apartment in South Korea and distribute 250,000 videos of children as young as one being abused and be paid in cryptocurrency, AML laws become a lifeline for law enforcement to be able to find and arrest him.  

An organization that intentionally avoids AML reporting and may knowingly be involved in the transmission of money that may have been earned from crimes, terrorism and child abuse is not just guilty of bad recordkeeping or taking business shortcuts — it is enabling the underlying crimes. So why weren’t Binance and its CEO treated more harshly for their evasion of AML laws?

Perhaps it would have been an indictment of Congress and government authorities who have sat by for 14 years and allowed cryptocurrency — a business built on nothing but valueless computer code — to grow into a $10 trillion industry with nearly zero oversight and regulation. Even after the warning signs of the shock of the 2021 crypto-crash and the fall of FTX, cryptocurrencies remain largely unregulated.  

Leniency shown to Binance may have also resulted from the realization that shutting it down could have had an adverse impact on financial systems around the world. Secretary of the Treasury Janet Yellen as much as admitted that in her press release on the matter. In 2010, the Dodd-Frank Act created new regulatory mechanisms to protect the operability and safety of U.S. financial systems. And yet, crypto appears to have become systemically significant completely outside of any regulatory purview. If that is true, it is an equally damning omission by government authorities.  

We are long past the time for regulatory action. More flowery executive orders from presidents are not going to change a thing. Regulators need to stop quibbling over regulatory turf and Congress needs to look past political donations from the tech and crypto industries and act decisively.  

Crypto firms hold customers’ money and should be treated just like other financial services companies. If they look like a bank, swim like a security and quack like an exchange, they should be regulated just like them. There should be capital, liquidity and disclosure requirements, as well as restrictions on their activities and dealings with their affiliates. Most importantly, like banking and securities, there must be a litmus test to limit who can issue cryptocurrencies and own exchanges. Creeps and crooks need not apply.  

Finally, cryptocurrencies and crypto exchanges should be required to register in the United States and subject themselves to jurisdiction if they do business directly or indirectly with even one person in the country. These are the bare minimums needed to begin to steer the business in the right direction. 

The days of having tech wunderkinds fast-talk everyone into believing they know what they are doing should be over. Until we can stop being infatuated with crypto technologies and their promoters and take steps to initiate a prudent regulatory scheme, we should expect more FTXs and Binances and the continued proliferation of every kind of online crime imaginable. It would seem like a pretty easy choice for policymakers. 

Thomas P. Vartanian served in the Carter and Reagan Administrations as a bank regulator and is currently the executive director of the Financial Technology & Cybersecurity Center. He is the author of “200 Years of American Panics” and “The Unhackable Internet.”