A cryptocurrency exchange operating in Canada, Xeltox Enterprises Ltd. (known as Cryptomus), has been issued an unprecedented fine of nearly $177 million by the country’s financial intelligence agency, FINTRAC. This monumental penalty is the largest ever imposed by the agency, significantly eclipsing the previous record fine of approximately $20 million given to another crypto firm, KuCoin, just last September. FINTRAC announced the substantial action, stating that the sheer volume and severity of the violations, particularly their connection to serious crimes, compelled them to take this extraordinary step.
The largest concerns stemmed from Cryptomus’s failure to report over 1,000 transactions in July 2024 that were linked to criminal activity, including transactions involving known darknet markets and virtual currency wallets associated with trafficking in child sexual abuse material, fraud, ransomware payments, and sanctions evasion. The director and CEO of FINTRAC emphasized that such illicit activities were a driving factor behind the agency’s forceful enforcement action. Darknet markets and virtual currencies often provide an anonymity that creates a conducive environment for these types of serious criminal activities.
Beyond the failure to flag transactions connected to darknet markets, Cryptomus also committed a violation by neglecting to report 7,557 transactions originating from Iran between July 1 and December 31, 2024. Due to ministerial directives concerning financial transactions with the Islamic Republic of Iran, these transactions should have been treated as high-risk. This required the company to perform rigorous due diligence, including verifying the identities of the senders and beneficiaries, maintaining detailed records, and reporting the transactions to FINTRAC—none of which the agency found had been properly fulfilled.
Further non-compliance issues were identified, including the failure to report an additional 1,518 transactions in July 2024 that met the mandatory $10,000 threshold for the reporting of large virtual currency transfers. FINTRAC also noted that Cryptomus had “incomplete and inadequate policies and procedures” for essential compliance obligations like ongoing monitoring and “know-your-client” requirements. Under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, various businesses, including cryptocurrency exchanges, are legally required to maintain a strict compliance regime and report specific financial activities to FINTRAC.
This fine marks the latest regulatory issue for Cryptomus, which was also temporarily banned from trading securities and other market activities by the B.C. Securities Commission earlier in the year. In the 2024-25 fiscal year, FINTRAC issued a total of 23 violation notices, the highest number in its history, totaling over $25 million in penalties before the Cryptomus fine. Since 2008, when it received the legislative authority, FINTRAC has imposed more than 150 penalties as part of its mandate to combat financial crime.
Reference:
