Coinbase Europe Limited has agreed to a €21.5 million (approximately $25m) settlement with the Central Bank of Ireland following breaches in its anti-money laundering (AML) transaction monitoring obligations. The announcement, made in November 06, 2025, highlights the tightening regulatory scrutiny facing virtual asset service providers (VASPs) as global financial watchdogs push for stricter compliance in the rapidly evolving crypto sector.

Image Source: Coinbase

The Breach Details

Coinbase Europe, a subsidiary of the leading global cryptocurrency exchange Coinbase Global, provides crypto asset and wallet services to customers worldwide. Operating as a registered VASP in Europe, the company is responsible for maintaining robust transaction monitoring systems to detect suspicious activities related to money laundering, terrorist financing, and other illicit financial crimes. Between April 2021 and March 2025, Coinbase Europe failed to properly monitor over 30 million transactions. The affected transactions, valued at more than €176 billion, were not adequately screened for compliance risks due to technical faults in the company’s transaction monitoring system. These shortcomings delayed reporting to the Irish Financial Intelligence Unit (FIU), critical for law enforcement and regulatory oversight.

Coding Errors and Their Impact

According to Coinbase’s official statement and the Central Bank of Ireland’s assessment, the lapses were rooted in “unintentional coding mistakes” within the transaction monitoring system. Specifically, five out of 21 risk scenarios were not fully operating during 2021 and 2022, leading to an incomplete screening process. Coinbase swiftly rectified these errors within two to three weeks of discovery, but the delay had a ripple effect with long-term implications. The delayed and incomplete monitoring resulted in 2,708 late suspicious transaction reports (STRs) being filed with the FIU. These reports corresponded to transactions linked with serious criminal activities such as fraud, money laundering, drug trafficking, cybercrime, and even child sexual exploitation, underscoring the critical nature of thorough AML oversight in the digital asset space.

Settlement Details

The Central Bank of Ireland, which enforces the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010, launched investigations upon detecting these breaches. In its settlement notice, the Central Bank emphasized the serious risk posed by such failures: a broken monitoring system “allows criminals to escape detection and they will seize that chance.” Originally, the fine proposed was €30.7 million, but Coinbase qualified for a 30% settlement discount due to early resolution and cooperation, thereby settling the case for €21.5 million. Coinbase Europe accepted responsibility for the breaches, acknowledged the undisputed facts of the case, and agreed to the sanctions pending confirmation by the Irish High Court.

Regulatory Significance

This settlement marks the first enforcement outcome by the Central Bank specifically targeting the crypto sector, signaling a pivotal moment in regulatory seriousness toward virtual asset service providers. Colm Kincaid, Deputy Governor of the Central Bank for Consumer & Investor Protection, stressed the vulnerabilities cryptocurrency’s technological characteristics introduce, especially its international reach and anonymity features that attract financial criminals. The case serves as a reminder that cryptocurrency exchanges must maintain continuous, effective transaction monitoring systems and robust internal controls.

Coinbase’s Next Steps

To prevent recurrence of similar issues, Coinbase has implemented enhanced testing and monitoring protocols, reinforcing its commitment to regulatory compliance. The company reiterated that the unsettled transactions could not be definitively linked to criminal activity. Nonetheless, Coinbase’s cooperation and remediation efforts were instrumental in securing the settlement discount.