BitPay has reached a settlement deal with the Office of Foreign Assets Control (OFAC) over alleged sanctions violations.
The crypto payments firm will remit $507,375 related to digital currency transactions between U.S. merchants and users who appeared to be located in Ukraine, Cuba, North Korea, Iran, Sudan and Syria.
OFAC alleges BitPay's "deficiencies" in its sanctions compliance program led to about 2,102 transactions from 2013 to 2018 that could be considered violations. The digital currency payments were equivalent to $129,000.
OFAC has determined that those apparent violations "were not voluntarily self-disclosed and were non-egregious." Most of the individual transactions were less than $100 and related to online hosting services and gaming, according to BitPay. The firm said it views this as a testament to its compliance program at the time.
While BitPay did screen merchants against OFAC's blocked persons list (SDN List), it didn't screen data related to buyers, according to OFAC.
"BitPay failed to exercise due caution or care for its sanctions compliance obligations when it allowed persons in sanctioned jurisdictions to transact with BitPay’s merchants using digital currency for approximately five years, even though BitPay had sufficient information to screen those customers," said the settlement statement.
A BitPay spokesperson said the firm has made an effort to beef up its compliance program both during the five-year period the violations took place and after.
"BitPay has steadily enhanced its already rigorous compliance program to both fulfill its regulatory obligations and to be an example of doing business right in the evolving blockchain payments space," said BitPay.
OFAC's statement also sought to remind other digital currency businesses that they are bound by the regulator's sanctions standards.
"This action highlights that companies involved in providing digital currency services—like all financial service providers—should understand the sanctions risks associated with providing digital currency services and should take steps necessary to mitigate those risks." said the statement.