Earlier today, Ripple Labs Inc. was fined $700,000 for “willfully violating several requirements of the Bank Secrecy Act (BSA).” The Financial Crimes Enforcement Network (FinCEN) stated that the company issued its own currency (XRP) and failed to implement adequate anti-money laundering measures, in addition to operating as a money services business without the proper authorization from the federal regulatory body. FinCEN worked with the US Attorney’s Office for the Northern District of California to coordinate the civil money penalty against Ripple Labs Inc and XRP II, LLC, which is owned by Ripple Labs.
Sale of XRP to Roger Ver
A statement of facts included in FinCEN’s assessment of the violations describes multiple situations where XPR II “failed to file, or untimely filed, suspicious activity reports.” One such scenario involved noted bitcoin entrepreneur and evangelist Roger Ver. The report alleges that Ver purchased $250,000 worth of XRP from XRP II without filling out a KYC (know your customer) form. The report notes:
“On September 30, 2013, XRP II negotiated an approximately $250,000.00 transaction by email for a sale of XRP virtual currency with [Roger Ver]. XRP II provided [Ver] with a ‘know your customer’ (‘KYC’) form and asked that it be returned along with appropriate identification in order to move forward with the transaction. [Ver] replied that another source would provide the XRP virtual currency and did not ‘require anywhere near as much paperwork’ and essentially threatened to go elsewhere. Within hours, XRP II agreed by email to dispense with its KYC requirement and move forward with the transaction.”
Implications for the Ripple protocol going forward
This course of action from FinCEN could have implications for the level of anonymity offered by Ripple in the future. In fact, “enhancements to [the] Ripple protocol” are outlined in a document explaining an agreement by Ripple Labs and XRP II to ensure compliance with AML/CFT obligations. The report states:
“Within 60 days, Ripple Labs, XRP II, and the Ripple Trade MSB will improve, and upon request provide any information requested by FinCEN or the U.S. Attorney’s Office as to the use and improvement of, existing analytical tools applicable to the Ripple protocol, including: (1) reporting regarding any counterparty using the Ripple protocol; (2) reporting as to the flow of funds within the Ripple protocol; and (3) reporting regarding the degree of separation.”
The document also explains how AML transaction monitoring will be implemented across the entire Ripple protocol:
“Ripple Labs will institute AML programmatic transaction monitoring across the entire Ripple protocol, and will report the results of such monitoring to the U.S. Attorney’s Office, FinCEN, and any other law enforcement or regulatory agency 4 upon request. The monitoring and reporting must include, at a minimum: (a) risk rating of accounts based on the particular gateway used; (b) dynamic risk tools to facilitate investigation of suspicious activity, including counterparty reporting, flow of funds reporting, account flagging of suspicious accounts, and degrees of separation reporting; and (c) other reports of protocol-wide activity regarding any unlawful activity.”
Decentralized software vs distributed transaction ledgers
This action against Ripple Labs from FinCEN will undoubtedly be used by bitcoin proponents as proof that proof-of-work-powered, decentralized solutions (such as bitcoin) are still necessary. The course of action taken by FinCEN may be used as proof that the regulatory body will go after any point of failure in a distributed ledger system when complete decentralization is not achieved. This is not to say that Ripple can no longer provide value to its users; however, the fact that bitcoin and Ripple are to be used for different use cases should now be as clear as ever.