Compliance officers looking for helpful “ripped-from-the-headlines” enforcement actions to support their requests for more and better resources, direct access to the board, and technology investments in their programs need look no further than the recent $30‑million fine from the New York Department of Financial Services on the cryptocurrency trading unit of online brokerage firm Robinhood Markets, Inc. for alleged violations of anti-money-laundering and cybersecurity regulations. The consent order in the department’s first crypto enforcement action describes deficiencies in the compliance culture, violations of a host of virtual currency, AML/BSA, financial services, and cybersecurity regulations, and a failure to comply with a previous order. The order also highlights Robinhood’s hyper-fast growth and reliance on the parent company’s (also inadequate) compliance systems and resources as potential factors in their failures. The concerning alleged conduct also included inaccurate compliance certifications and a failure to cooperate. See “The Evolving Crypto Regulatory Climate
” (May 11, 2022).