DOJ and FinCEN Reach Resolutions With U.S.-Based Virtual Asset Trading Platform for Anti-Money Laundering Violations

On December 9, the Department of Justice (DOJ) and the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) announced concurrent resolutions with Paxful, a U.S.-based online virtual currency trading platform, relating to Bank Secrecy Act/anti-money laundering (“BSA/AML”) violations.[1]  

Paxful was established in July 2015 and operated an “online trading market where customers with Paxful accounts negotiated for and traded in virtual currency, such as bitcoin, in exchange for other financial instruments, including gift cards, pre-paid cards, and fiat currency.”[2] Paxful also allowed users to store virtual currency, transmit it peer-to-peer (“P2P”) to other users, and transmit it to external accounts. Between January 2017 and September 2019, Paxful facilitated more than 26.7 million trades worth nearly $3 billion in value and collected more than $29.7 million in revenue. Paxful no longer operates in the United States.

In the DOJ matter, Paxful pled guilty to a three‑count criminal information alleging conspiracies with two senior executives to willfully fail to maintain an effective AML program (from July 2015 through at least November 2019), operate an unlicensed money transmitting business, and violate the Travel Act. DOJ determined that the appropriate criminal fine was $112.5 million, but that fine was reduced to $4 million based on Paxful’s inability to pay. DOJ alleged that Paxful had engaged in a conspiracy with two senior executives: Co-Conspirator 1 (who served as President/CEO) and Artur Schaback (who served as Chief Technology Officer/Chief Operating Officer/Chief Product Officer). Schaback had previously pled guilty to criminal charges in relation to AML deficiencies at Paxful. [3] 

In the parallel civil action, FinCEN issued a consent order against Paxful based on willful violations of the BSA for the period February 2015 to April 2023 and assessed a $3.5 million civil money penalty (crediting $1.75 million against the DOJ criminal fine).[4]  

In announcing the guilty plea, Acting Assistant Attorney General Matthew R. Galeotti of the Justice Department’s Criminal Division stated that “Paxful made millions of dollars in part by knowingly moving cryptocurrency for the benefit of fraudsters, extortionists, money launderers and purveyors of prostitution” and highlighted that Paxful “attracted its criminal clientele by promoting its lack of anti-money laundering controls and its deliberate decision not to identify its customers.” Similarly, FinCEN Director Andrea Gacki noted that “[f]or years, Paxful disregarded its BSA obligations and facilitated transactions associated with illicit activity and high-risk jurisdictions, such as Iran and North Korea.”

Summary of the DOJ Criminal Resolution

AML Program-Related Conspiracy: The DOJ alleged that from Paxful’s founding in July 2015 through at least November 2019, Paxful and the co-conspirators conspired to willfully fail to “establish, develop, implement, and maintain an effective AML program” as required by the BSA and FinCEN’s BSA regulations for money services businesses (“MSBs”).[5] DOJ alleged that Paxful “did not have an AML program.”

According to DOJ, the Company went years without fulfilling the basic requirements of an AML program, including by:

• failing to designate a compliance officer responsible for AML (until November 2018);

• failing to provide AML training for employees (until June 2019);

• failing to “file a single SAR,” despite being aware of suspicious and criminal activity by Paxful customers (until November 2019);

• failing to provide for independent compliance testing or auditing on AML (until September 2020);

• allowing customers to open Paxful accounts and trade and transfer funds on the website without sufficient KYC and customer identification;[6]

• marketing Paxful to customers as a platform that did not require KYC;[7]

• failing to establish transaction monitoring controls related to money laundering, sanctions, prostitution, and terrorist financing, among other criminal activity;

• misleading financial institutions and companies about Paxful’s AML program, “knowing that their program was non-existent and insufficient”;

• presenting an AML program to third parties that was “adapted from the AML policy of a university,” knowing that the stated programs were not implemented or enforced at Paxful; and

• making exceptions to AML and KYC policies based on Paxful customers’ trading volumes and their relationships with the co-conspirators.

Paxful’s Relationship with Backpage: The second and third counts in the Information related specifically to Paxful’s relationship with Backpage, a website that was “an online advertising platform for illicit prostitution” before it was seized by the DOJ in April 2018, and a similar site from April 2018 to December 2022.

• Unlicensed Money Transmitting Business Conspiracy: The DOJ alleged that from its founding in July 2015 through at least December 2022, Paxful and co-conspirators conspired to “knowingly” conduct or manage an “unlicensed” money transmission business, which DOJ defined, per 18 U.S.C. § 1960(b)(1)(C), as a money transmission business that “involves the transportation and transmission of funds that are known to . . . have been derived from a criminal offense and are intended to be used to promote or support unlawful activity[.]”[8] According to DOJ, the co-conspirators “sought to do business with websites they knew were engaged in advertising illegal prostitution and commercial sex services in the United States,” including Backpage and a similar site. As evidence that Paxful knew that Backpage advertised and profited from illegal prostitution, DOJ cited to conversations between Paxful employees and undercover law enforcement agents. For example, in November 2016, a Paxful employee “provided advice to an undercover law enforcement agent about how to contact [Backpage] to discuss advertisements. In or around one week later, the undercover agent created a fake prostitution advertisement and posted it on [Backpage] using the ‘Pay With Paxful’ widget and bitcoin from a Paxful account.” DOJ further alleged that the co-conspirators communicated with Backpage customers to assist them in opening Paxful accounts “from which they could send bitcoin to [Backpage] for commercial sex advertisements.” Moreover “[i]n various criminal proceedings, Backpage and its owners and operators admitted that Backpage advertised and profited from illegal prostitution, including illegal sex work depicting minors.”

• Travel Act Conspiracy: DOJ alleged that from its founding in July 2015 through at least December 2022, Paxful and the co-conspirators conspired to violate the Travel Act through an interstate “business enterprise involving prostitution.” According to DOJ, among other things, the co-conspirators communicated with Backpage employees, including over email, about “ways to improve their business collaboration” and “created and disseminated guides for customers associated with [Backpage], instructing them on how to use Paxful to purchase bitcoin to send to [Backpage].” DOJ further noted that the co-conspirators “created a ‘landing page’ on Paxful’s website for customers seeking payment services for commercial sex advertisements on [Backpage]” and allowed “customers seeking to send virtual currency to [Backpage] and [a similar site] to open accounts and transmit bitcoin to the sites for commercial sex advertisements.”

  According to DOJ, as a result of Paxful and its co-conspirators’ payment processing for Backpage and a similar site, “Paxful facilitated the transfer of over $15 million worth of virtual currency from its escrow wallet to [Backpage] and over $2 million worth of virtual currency from its escrow wallet to [a similar site] on behalf of Paxful customers.”  

DOJ-Mandated Remediation: Under the plea, Paxful agreed to a $4 million criminal fine and extensive compliance and reporting undertakings. [9] The agreement requires Paxful to review, enhance, implement, and maintain a comprehensive compliance program designed to detect, deter, and prevent money laundering, terrorist financing, and other illicit finance risks. This includes a high-level commitment to compliance by the board and senior management; relevant policies, procedures and internal controls; transaction monitoring and reporting; risk-based identification and verification; compliance leadership with appropriate resources and direct reporting lines to internal audit and relevant management committees; formal insider risk controls; training and guidance; confidential reporting mechanisms; mechanisms to incentivize compliance and discipline violations; and periodic and risk-based reviews and testing of compliance programs.

Summary of the FinCEN Consent Order

FinCEN determined that, from on or about February 3, 2015 through April 4, 2023, Paxful willfully failed to: maintain its MSB registration; develop and implement an effective AML program; and identify and timely report suspicious activity. Paxful allowed its MSB registration to lapse for 974 days while continuing operations; had no written AML program until 2019; operated for years without a qualified AML officer, training, or adequate independent testing; and did not file any SARs for over four years. FinCEN found pervasive programmatic gaps across Paxful’s compliance controls, including those related to KYC, transaction monitoring, geofencing/geo‑spoofing, and high‑risk product coverage (notably prepaid access). According to FinCEN, even after Paxful implemented a written AML program in July 2019, the program “remained deficient,” including because “the policies Paxful established did not sufficiently account for the risks associated with its business lines.”

Paxful’s Failure to Register as an MSB: FinCEN determined that Paxful initially registered as an MSB on July 27, 2015 and was required to renew that registration by December 31, 2016. Paxful did not renew its registration until September 3, 2019 but continued to operate its hosted wallet and P2P money transmission services between January 1, 2017 and September 2, 2019. FinCEN concluded that Paxful therefore operated as an unregistered MSB for 974 days in violation of 31 U.S.C. § 5330 and 31 C.F.R. § 1022.380. FinCEN noted that the former CTO later admitted to allowing the registration to lapse while Paxful continued money transmission activity.

Paxful’s AML Program Failures: FinCEN found that Paxful had no written AML program until July 2019—over four years after beginning operations—and that the program “remained deficient even after Paxful implemented one.” Across the relevant period (February 2015 through April 2023), Paxful’s program lacked risk‑commensurate policies, procedures, and internal controls; failed to provide for timely and effective transaction monitoring; was not appropriately implemented by staff; and failed to detect, escalate, or report numerous red flags associated with illicit finance, including ransomware, child sexual abuse material (“CSAM”), darknet markets, hostile nation‑state actors, and terrorist financing.

• KYC. According to FinCEN, Paxful did not require KYC prior to February 2019, which “contributed to the establishment and maintenance of relationships with high-risk customers that conducted significant volumes of activity without appropriate risk mitigation.” For example, Paxful processed over 4 million transactions (valued at over $24 million) involving Backpage. Moreover, FinCEN explained that Paxful “actively solicited” Backpage’s business by “advertis[ing] how Backpage customers could create accounts on Paxful to sell advertisements on the Backpage platform.” According to FinCEN, “Paxful did not file a single SAR on this activity, even after the government seized Backpage in 2018.” Post-February 2019, Paxful announced new mandatory KYC requirements for its users. According to FinCEN, “these controls were deficient, applying only to users with activity that exceeded $1,500 without any controls to identify users who sought to evade these controls by structuring transactions.”

• Unregistered MSB Activity. FinCEN found that Paxful identified the risks posed by smaller unregistered P2P exchangers using Paxful, but failed to implement effective policies, procedures, or internal controls to prevent exploitation by such exchangers. Although Paxful’s written program referenced obtaining MSB registrations from customers, in practice it did not implement controls to identify or mitigate unregistered MSB activity, nor did it file SARs as required.

• Geographic Spoofing. FinCEN determined that Paxful failed to implement effective controls to identify or address “geographic spoofing,” including the use of VPNs to mask IP addresses and locations. Prior to January 2018, Paxful “failed to implement any meaningful IP restrictions on customer activity,” including for high‑risk or sanctioned jurisdictions such as North Korea, Iran, Syria, and Cuba. Paxful’s own assessment identified over 1,500 accounts opened between May 2015 and August 2018 with IP addresses in Iran, Syria, Cuba, Crimea, or Sudan. According to FinCEN, Paxful’s “ineffective geo-spoofing controls also failed to identify tens of millions of users that logged in to its trading platform with U.S. IP addresses,” even though users were actually located abroad, including “significant volumes of users from Nigeria and China.”

• Transaction Monitoring. FinCEN found that Paxful offered hundreds of payment methods and multiple convertible virtual currencies (“CVCs”) without commensurate transaction monitoring. According to FinCEN, “even minimal transaction monitoring was not in place until at least 2018, more than three years after Paxful began operating,” and written transaction monitoring procedures were not adopted until July 2019. Even then, the policies “did not adequately address all of Paxful’s products and services, and left significant gaps in reviewing transactions made in prepaid access cards.” Although Paxful acquired additional blockchain analytics tools in March 2020, it “omitted coverage for several CVCs offered on its platform, meaning Paxful continued to fail to appropriately monitor all of the CVC offered on its platform.” According to FinCEN, Paxful had “no ability” to identify and report suspicious activity in more than 15 CVCs, including Dogecoin, Ripple, Ethereum, Tron, and Tether.

• Prepaid Access Transactions. FinCEN concluded that Paxful did not implement appropriate policies, procedures, and internal controls to “meaningfully monitor and report illicit activity taking place in its prepaid access sales across its platform,” even though prepaid access sales were a “substantial portion” of Paxful’s overall business. According to FinCEN, from May 2015 through December 2019, iTunes and Amazon prepaid access cards were the top payment methods through Paxful, totaling over $1.7 billion. In 2020, CVC‑to‑prepaid access trades constituted over half of total weekly bitcoin volume (approximately $20 million per week). FinCEN cited internal communications in which then‑management knowingly encouraged use of the platform to dispose of “scammed iTunes cards.”

• Transactions Involving North Korea, Iran, and Terrorist Financing. FinCEN found that Paxful’s failures in KYC, geolocation controls, and transaction monitoring enabled transactions with “hostile nation-states and state-sponsored cyber criminals from Iran and North Korea.” According to FinCEN, Paxful processed thousands of trades by Lazarus Group member Yinyin Tian between October 2017 and November 2018; identified dozens of transactions with Iranian actors later designated by OFAC; permitted trading in Venezuela’s “Petro” CVC despite U.S. prohibitions on such transactions; and permitted transactions associated with a fundraising campaign for al‑Qaeda in January 2019.

• Compliance Officer. FinCEN determined that Paxful lacked a qualified individual responsible for day‑to‑day BSA/AML compliance through 2018. Paxful listed its then‑CEO as chief compliance officer during that period despite no “BSA/AML‑specific training” or “appropriate experience to meet the compliance obligations under the BSA.”

• Independent Testing. FinCEN found that Paxful conducted “only a single independent [AML] test” during the entire relevant period, a frequency far below what would be commensurate with Paxful’s risk profile and transaction volumes. According to FinCEN, “[a]ppropriate independent testing performed on a recurring basis would have identified AML program gaps and potentially suspicious transactions that went unreported.”

• SARs. FinCEN identified hundreds of suspicious transactions for which Paxful failed to timely and accurately file SARs, noting that Paxful did not file a single SAR until November 2019. Failures spanned multiple typologies and high‑risk counterparties, including at least 26 ransomware strains (including SamSam, Trickbot, and BitPaymer); CSAM marketplaces (including Backpage, Welcome to Video, and Dark Scandals); darknet markets (including AlphaBay); at least 13 unregistered CVC mixers (including Helix) with equivalent value of over $35 million transacted; designated individuals and virtual asset service providers in Iran and North Korea; and large‑scale fraud rings (including MMM and Black Axe). FinCEN highlighted leadership resistance to SAR obligations, including “instructing employees not to file SARs on suspicious activity” and concluded that these systemic failures deprived law enforcement and national security agencies of “crucial reporting” across priority threat areas.

FinCEN Resolution: FinCEN imposed a $3.5 million civil money penalty and credited $1.75 million against Paxful’s DOJ payment, leaving $1.75 million payable to Treasury. In assessing the penalty, FinCEN emphasized the egregious nature and systemic duration of the violations; harm to national security priorities through failures to file SARs; management complicity and a “culture of non‑compliance”; and financial benefit derived from growth fueled by high‑risk activity without adequate controls. Mitigating considerations included subsequent leadership changes in 2023, a SAR remediation backlog filing effort, cooperation during the investigation, and the absence of prior criminal, civil, or regulatory enforcement action against Paxful. FinCEN did not impose any compliance requirements.

Key Takeaways

The DOJ resolution focused on the company’s willful failure to establish an AML program, including its failure to file a single SAR until November 2019—conduct similar to that at issue in prior DOJ resolutions with several non-U.S. virtual asset platforms. The DOJ resolution also included charges focused on the company’s extensive partnership with a third party, Backpage, that it knew was engaged in criminal activity. The FinCEN resolution, applying a civil standard, swept more broadly and encompassed deficiencies in the company’s AML program for years after it was established in 2019. The enforcement actions underscore the continued expectations by DOJ and FinCEN that virtual asset platforms maintain compliant AML programs, adhere to MSB registration requirements, and file SARs as necessary.

                                                                                                                             * * *

[1] U.S. Dep’t of Just., Virtual Asset Trading Platform Pleads Guilty to Violating the Travel Act and Other Federal Criminal Charges (Dec. 10, 2025), available here; U.S. Dep’t of Treasury, FinCEN Assesses $3.5 Million Penalty Against Paxful for Facilitating Suspicious Activity Involving Illicit Actors (Dec. 9, 2025), available here. The DOJ enforcement action involved Paxful Holdings and the FinCEN action involved Paxful, Inc. and Paxful USA, Inc. (collectively, Paxful).

[2] Information, United States v. Paxful Holdings, Inc., No. 2:25-cr-00235-JAM (E.D. Cal. Oct. 8, 2025), Dkt. No. 1; See also Plea Agreement, United States v. Paxful Holdings, Inc., No. 2:25-cr-00235-JAM (E.D. Cal. Dec. 8, 2025), Dkt. No. 18.

[3] See U.S. Dep’t of Just., Paxful Inc. Co-Founder Pleads Guilty to Conspiracy to Fail to Maintain Effective Anti-Money Laundering Program (July 8, 2024), available here.

[4] Consent Order Imposing Civil Money Penalty, In the Matter of Paxful, Inc. and Paxful USA, Inc., No, 2025-02 (Dec. 9, 2025), available here. 

[5] DOJ charged this as Count One, Conspiracy to Willfully Fail to Maintain an Effective Anti-Money Laundering Program in violation of 18 U.S.C. § 371.

[6] Trades on Paxful could be conducted “without requiring or receiving any identification or other KYC information beyond a name and email address.” Paxful also claimed that it outsourced KYC procedures to its vendors. 

[7] Paxful’s co-founder, who previously pled guilty to conspiracy to fail to maintain an effective AML program, told a prospective customer that Paxful’s trades were “instant and anonymous whereas with exchanges you have to KYC yourself and wait 5 days for bitcoins to arrive.”

[8] In remarks in August 2025, Acting Assistant Attorney General Matthew R. Galeotti stated that “the Justice Department will not charge regulatory violations in cases involving digital assets—like unlicensed money transmitting under 1960(b)(1)(A) or (B)—in the absence of evidence that a defendant knew of the specific legal requirement and willfully violated it” but that DOJ “may, under certain circumstances, bring cases under Section 1960(b)(1)(C), which prohibits the transmission of funds that the defendant knows are derived from a criminal offense, or are intended to be used to support unlawful activity.” See U.S. Dep’t of Just., Acting Assistant Attorney General Matthew R. Galeotti Delivers Remarks at the American Innovation Project Summit in Jackson, Wyoming (Aug. 21, 2025), available here.

[9] As of November 1, 2025, Paxful is “offering limited services” to “withdraw any remaining digital assets,” but has otherwise “shut down operations.” See Press Release, Paxful, Paxful Has Shut Down Operations: What You Need to Know, available here. The plea agreement requires Paxful, among other things, to submit reports addressing the “status of PXF Global’s and the Defendant’s efforts to exit the U.S. market and cease providing services to customers based in the United States.”