Central Bank fines Coinbase Europe €21.5m for anti-money laundering breaches

Updated / Thursday, 6 Nov 2025 12:44

Coinbase Europe provides crypto asset and wallet services to customers globally to facilitate their use of its trading platform to buy and sell crypto assets

The Central Bank has fined cryptocurrency exchange Coinbase Europe €21.5m for breaching anti-money laundering and counter-terrorist financing transaction monitoring obligations.

The breaches occured between April 2021 and March 2025.

Coinbase Europe, which is part of the Coinbase Group, provides crypto asset and wallet services to customers globally to facilitate their use of its trading platform to buy and sell crypto assets.

In a statement, the Central Bank said that as a virtual asset service provider, Coinbase Europe is required to monitor customer transactions on an ongoing basis.

Where it suspects that a transaction is facilitating money laundering or terrorist financing it is required to file a Suspicious Transaction Report (STR) with the national Financial Intelligence Unit (FIU) and Revenue as soon as possible.

The Central Bank said that Coinbase Europe has been fined due to faults in the configuration of its transaction monitoring system, which resulted in over 30 million transactions not being properly monitored over a 12-month period.

The transactions contained suspicions associated with serious criminal activities including money laundering, fraud, drug trafficking, cyber attacks and child sexual exploitation, the Central Bank said

The value of these transactions amounted to over €176 billion, and accounted for about 31% of all Coinbase Europe transactions conducted in the period when the faults existed, it added.

The regulator also noted that it took Coinbase Europe almost three years to fully complete the monitoring of the impacted transactions. This subsequent monitoring led to the reporting of 2,708 STRs to the FIU for further analysis and potential investigation, it added.

Today’s fine is the Central Bank’s 162nd enforcement outcome to date, bringing the total fines imposed by it to over €428m.

The Central Bank of Ireland

Coinbase Europe has accepted that it breached its transaction monitoring obligations by failing to fully and properly monitor 30,442,437 transactions; adopt internal policies, controls and procedures to prevent and detect the commission of money laundering and terrorist financing and conduct additional monitoring in respect of 184,790 transactions.

Colm Kincaid, the Central Bank’s Deputy Governor – Consumer & Investor Protection - said to be effective in combatting financial crime, law enforcement agencies rely on regulated financial institutions to have systems in place to monitor transactions and report suspicions.

“The failure of such a system within any financial institution creates an opportunity for criminals to evade detection - and criminals will take that opportunity,” he said.

He said that crypto has particular technological features which, together with its anonymity-enhancing capabilities and cross-border nature, makes it especially attractive to criminals looking to move their funds.

“This is why it is especially important that firms engaged in crypto services have robust controls in place to identify and report suspicious transactions. Where system failures do occur, it is imperative that they are reported to the Central Bank without delay so that appropriate actions can be taken to manage and mitigate the risk,” he added.

In a statement, Coinbase said today’s settlement is a result of “certain technical coding errors” that impacted how it monitored crypto transactions in 2021 and 2022.

It said these errors led it to only partially screen certain customer transactions. When it re-reviewed those customer transactions, it ultimately filed roughly 2,700 suspicious transaction reports with the Irish Government.

It also said that it and the Central Bank can not say that the affected transactions actually resulted in criminal activity.

Coinbase said it had built a Transaction Monitoring System (TMS), which is software that analyses financial transactions to detect suspicious patterns or anomalies that it may need to investigate.

In building this TMS system, Coinbase said it inadvertently made three coding errors that caused five of the 21 TMS scenarios to not fully screen all transactions in 2021 and 2022. For example, crypto addresses separated by special characters were overlooked by these scenarios.

These coding errors did not impact the other TMS scenarios that screened transactions, or Coinbase’s complementary compliance controls, it added.

Coinbase said it identified these coding errors as part of its efforts to monitor and test its compliance systems. Once detected, it fixed the coding errors within two to three weeks, it added.

It then ran all of the impacted crypto transactions back through the now fixed five TMS scenarios, which it said took a longer period of time to complete.

It said this review identified approximately 185,000 transactions that compliance needed to investigate further. Coinbase Europe Limited processed around 97 million crypto transactions during this period.

As well as fixing these coding errors, Coinbase said it took steps to prevent these types of errors from happening again - enhancing testing and monitoring of TMS scenarios, including before any code changes are made to the system, to prevent inadvertent errors.

“Coinbase recognises the importance of effective AML procedures and takes our obligations under AML legislation and regulatory guidance very seriously,” it said in today’s statement.

“Our goal has always been and will always be to build the most trusted, compliant, and secure platform in the world,” it added.