BankInfoSecurity.com reported that “Smartphone investing app Robinhood Markets will pay New York financial regulators $30 million to settle findings that its cryptocurrency trading division had poor cybersecurity and failed to monitor for illegal transactions.” The August 2, 2022 article entitled “New York Nabs $30M From Robinhood Crypto in Regulatory Fine” included these comments:
The New York Department of Financial Services says an audit conducted during most of 2019 of Robinhood Crypto revealed an understaffed cybersecurity operation that lacked adequate risk assessment procedures. The company’s incident response plan lacked a process for notifying regulators and law enforcement in the event of an incident, the state reveals in the consent order ending the matter.
Regulators say the trading platform throughout 2020 also had a substantial backlog in evaluating suspicious transactions for potential fraud or money laundering. By late October, the pile of unevaluated transactions climbed up to nearly 4,400.
As part of the settlement agreement, Robinhood will engage an independent consultant for the next year and a half to monitor remediation efforts. Robinhood is publicly traded; it’s most recent quarterly filing shows 15.9 million monthly active users and $19.7 billion in cryptocurrency assets under custody.
Hopefully other crypto currencies will get the message about Cybersecurity!