Video: The charges against Binance
This is the script for “The charges against Binance”, a video about the legal actions against Binance and its former CEO, Changpeng Zhao.
On November 21, the United States announced a landmark resolution to multiple years-long investigations into the world’s largest cryptocurrency exchange: Binance. The company’s founder and CEO, Changpeng Zhao, agreed to plead guilty to a felony, pay a fine, and resign. Binance itself pleaded guilty to three charges, agreed to pay a total of $4.3 billion in fines and restitution, and agreed to a massive overhaul of its compliance program, with an independent monitors to be installed to hold them accountable. Coming only weeks after the conviction of Sam Bankman-Fried, CEO of the once second-largest global cryptocurrency exchange, this seems like another huge moment in the crypto crackdown.
But is it? Or is it just a slap on the wrist? And what happens to Binance now?
Let’s take a dive past the headlines, into the history of Binance, what they did, why the United States government even cares about a crypto exchange located offshore, and what this resolution is likely to mean both for Binance and for the crypto industry going forward.
I’m Molly White, a cryptocurrency researcher and industry critic who writes about crypto and the broader technology world in the Citation Needed newsletter. I also created and write Web3 is Going Just Great, a website where I track only some of the many examples of how cryptocurrency and web3 projects are failing to live up to their promises.
History
Binance was founded in 2017 by Changpeng Zhao, who is better known online just by his initials: CZ. CZ was born in China, but he and his family fled the country when he was twelve years old after the massacre at Tianmen Square. He spent the rest of his youth in Canada and ultimately earned a computer science degree from a Canadian university before returning to China in 2005 to work in the traditional finance and technology sector. He claims that in 2013, after hearing about Bitcoin during a poker game, he sold his apartment in Shanghai and went all in, buying a million dollars’ worth. The same year, he joined what would later become the cryptocurrency company Blockchain.com. In 2014, he was hired by a woman named Yi He to serve as chief technology officer for another crypto exchange, OKCoin (now rebranding to OKX).
After that, he founded Binance, and that’s when things start to get… really murky… in ways that are somehow widely accepted within crypto. Binance is an enormously secretive company, and it has actively worked to obscure even the most basic facts, like where it’s based and who else forms its senior leadership. I’m going to do my best here.
CZ founded Binance in June 2017, but he didn’t work alone. Although CZ is the public face of Binance, and often described as though he is its sole founder, he had at least one other co-founder. The known co-founder is Yi He, who had hired him to work at OKCoin, although she’d left the company by the time he recruited her. The Department of Justice has described a third co-founder, a man whose identity I’ve not been able to determine. We do know a little more about Yi He these days, but her role at the company, and even her existence, has not always been widely known. She keeps a low public profile — which she says is because she doesn’t speak much English, and she fears that speaking Mandarin will lead people to believe Binance is a Chinese exchange: something that CZ has gone to great lengths to dispute. Despite remaining out of the public eye, she has been enormously influential at Binance: in addition to being a core decisionmaker at the company, she helped with the early marketing that rocketed Binance to its status as the largest global exchange. Since then, she’s held roles including chief customer service officer, running Binance’s multi billion dollar venture capital fund, and running the group that decides what tokens Binance will list for trading on the exchange.
Oh, and — she also has kids with CZ. She’s described him as something like a “college roommate” and a “comrade-in-arms”, and has balked at comparisons between their relationship and that of Sam Bankman-Fried and his lietuenant, Caroline Ellison. “Caroline was an employee, whereas I am a partner,” she insists.
Binance’s locus of operations
In September 2017, only months after Binance opened up shop, China started to crack down on the crypto industry in a major way. Rather than shut down, Binance relocated to Japan. But in 2018, Japanese regulators warned the company about operating without a license, so it uprooted itself once again, this time to Malta. But even the crypto-friendly Malta intervened in 2020, announcing that the company was unlicensed there, too.
Since then, Binance has claimed not to have any headquarters. CZ is based in the United Arab Emirates, and since 2021, most of Binance’s senior leadership has been located either there or elsewhere in Asia.
Binance growth
Within days of its launch in mid-2017, Binance grew really quickly, amassing more than 120,000 users within only 45 days. Almost a quarter of them were based in the United States.
By March 2018, Binance had already become the largest exchange globally as measured by trading volume: a status it maintains today.
By this time, the company had begun to feel some heat around their operations in the United States, where they were not registered and where they were blatantly flouting US financial laws.
But the number of customers from the US and the amount of money they were trading would prove to be too alluring for Binance to quit, even as CZ acknowledged internally that they should be blocking US users from the platform. According to internal documents, in March 2018, the company had around 3 million users from the United States — more than one third of their overall userbase.
“Compliance”
Probably in part because of this heat around US customers, in April 2018, Binance hired its first Chief Compliance Officer — something they’d yet to do despite having almost ten million users by that point. When they finally got around to it… well, they found someone who either couldn’t or wouldn’t do a very good job of it.
That person was Samuel Lim, and although he at times spoke to other senior leaders about making sure Binance was compliant in the United States and in other jurisdictions, he didn’t seem to try all that hard to actually get them to do anything. Sometimes, he was the one helping Binance avoid becoming compliant.
This will be a recurring theme throughout this video: although CZ and other executives sometimes discussed making changes that would reduce illicit activity on the platform and bring it closer to compliance with regulations, they never actually did much. Later legal documents would reveal that Binance has been extremely focused on appearing to be compliant, including in internal conversations and policies, without actually being compliant. In a chat in October 2020, Lim wrote that Binance’s compliance was just “email sending and no action … for media pickup … I guess you can say it’s ‘fo sho.”
Before diving in to the details of what Binance was doing, let me quickly explain what I mean by “compliant”. Financial companies that serve US markets are required to abide by, among other things, a law called the Bank Secrecy Act. A more apt name for it might be the Bank Not-so-much Secrecy Act, because it’s a law that requires banks and other financial institutions to proactively share information with the US government in order to try to prevent money laundering, tax evasion, and really any kind of illicit activity involving money. The Act was signed into law in 1970 during the Nixon administration, but was strengthened in the wake of the 9/11 attacks under the PATRIOT Act, in an attempt to curtail terrorist financing. The Bank Secrecy Act is the reason you have to provide substantial proof of your identity to financial institutions — like an official government identity document and not just your name — and it’s why financial institutions have to keep records and are required to file what are called “suspicious activity reports” on customers who move around large sums of money or otherwise raise red flags. When I talk about the Bank Secrecy Act, I’ll repeatedly use two related acronyms: KYC and AML. AML stands for anti-money laundering, and is just what it sounds like: programs by financial institutions to detect and prevent customers who are trying to launder money. A part of AML is KYC, which stands for “know your customer” or “know your client”. This refers to the processes by which financial companies make sure the people using their services are who they say they are. If you’ve signed up for an account on a cryptocurrency exchange — or with really any financial company — and they’ve required you to submit a scan of your passport or driver’s license, that’s KYC. Companies that fail to do a good job at KYC and AML face the risk of winding up on the bad side of a bureau of the Treasury Department called FinCEN: the Financial Crimes Enforcement Network.
Despite serving US customers since their inception, and as such being required to register with FinCEN, Binance never did. The Bank Secrecy Act required them to file suspicious activity reports, but despite regularly discussing suspicious activity internally and sometimes shutting down accounts connected to criminal operations, Binance never filed a single suspicious activity report. And Binance certainly never complied with the Bank Secrecy Act’s requirements around anti-money laundering and KYC, in part because the vast majority of customers provided no identifying information whatsoever to Binance.
Level 1 accounts
See, Binance had what they called “Level 1” and “Level 2” accounts. Level 1 accounts were anonymous — all people had to give Binance was an email address, and a pinky swear that they weren’t in the US or “on any economic sanctions list”. Level 2 accounts required a more complete set of KYC information from the user, including their government ID document or number, citizenship, and residential address. However, there was almost no incentive or requirement to sign up for a Level 2 account, and so most people didn’t. The only real downside to having a Level 1 account was that you could only withdraw up to 2 bitcoins per day — but even this wasn’t really a barrier. For one, 2 Bitcoins were worth more than $100,000 at various points while Binance supported these “Level 1” accounts, so it was a pretty high limit. But besides that, if people wanted to withdraw more than that in a day, they could just create new accounts with new email addresses and cash out as much as they wanted.
Binance users had the option of creating a Level 1 account for four years, until the company finally decided they had to shut down the offering in May 2022. And even after that, customers could evade KYC until at least October 2022 by going through what Binance variously called “exchange brokers” or “nested exchanges”, which traded on customers’ behalf without doing adequate KYC. Through that loophole, Binance ended up providing services to groups like the SUEX exchange which processed transactions for ransomware attacks like the one on Colonial Pipeline, and for Garantex, which processed ransomware transactions such as those involved with the Conti ransomware.
Failure to identify US-based customers
But despite the lack of identity documentation from their customers, Binance would have still been able to make some inferences about their customers’ locations based on what’s called their IP address: an identifier assigned to any device accessing the Internet. By examining the IP addresses used by their customers, Binance could have made a pretty good guess about where they were based. Instead, Binance chose willful ignorance, with CZ internally acknowledging that they would have had far fewer users and less revenue had they blocked US users. “Better to ask forgiveness than permission,” he wrote.
Failure to identify customers in sanctioned locations
US customers weren’t the only people Binance was failing to identify. They also served many customers from jurisdictions that are subject to comprehensive sanctions by the United States, such as Iran, North Korea, and Syria. This would have been less of an issue if they weren’t also serving US customers, but because they were, and because cryptocurrency exchanges work by matching people who want to buy crypto with those who want to sell it, they were facilitating trades between Americans and sanctioned individuals. As far back as 2018, Binance gave lip service in their policies to banning customers from sanctioned areas, but in fact were well aware that they had many such customers. Internally, they acknowledged that they had processed at least a million transactions with Iranian customers alone. However, they tried to conceal this fact when contacted by law enforcement, with Chief Compliance Officer Samuel Lim stating: “We definitely do not want to acknowledge we have [Iranian users] onboard, as our official stance is we gotten rid of them all(sanctions) and blocked.”
Also in 2018, Lim spoke of being nervous about lying about sanctions enforcement. “There is no fking way in hell I am signing off as the CCO for the ofac shit,” he wrote. This seemed to stem from an understanding of his own personal liability — he would later write in a chat message to a colleague: “US users = CFTC = civil case can pay fine and settle no kyc = BSA act [sic] = criminal case have to go [to] jail”.
Criminal activity
Besides all these customers they weren’t supposed to be serving, Binance also knew that their lax policies were attracting serious criminals to the platform. In July 2017 – the very same month Binance began operating – US authorities filed 21 charges against the operators of a Russian bitcoin exchange called BTC-e, and explicitly called out how its lack of KYC was enabling criminal money laundering. Binance executives were later briefed on this enforcement action, and on how BTC-e’s operations resembled Binance’s own business practices.
In August 2018, a service provider came to Binance with concerns about “one of the worst hacking groups we have seen”, and how they were using multiple Level 1 accounts to cash out just under 2 BTC a day to avoid the KYC limit. In February 2019, a member of Binance’s compliance team even joked about Binance’s lax controls were inviting criminals to the platform’: “we need a banner ‘is washing drug money too hard these days - come to binance we got cake for you’”.
Binance also had an explicit internal policy, created by Lim on direction from CZ, to tip off VIP users when they had become the subject of a law enforcement inquriy. “contact the user through all available means (text, phone), to inform him/her that his account has been frozen or unfrozen. . . .We cannot in any circumstances directly tell the user to run/withdraw, we can get sued or undertake personal liability. Giving a strong hint[,] such as your account is unlocked/your account has been investigated by XXX is usually a good enough hint of severity.” “If the user is a big trader, or a smart one, he/she will get the hint.”
When some accounts were flagged to Binance as being associated with ISIS and Hamas, Lim instructed employees to first check if they were VIP accounts. If so, he said: “[o]ffboard the user but let him take his funds and leave. Tell him that third party compliance tools flagged him.”” In another instance, after being informed of “HAMAS transactions” on Binance, Lim explained that terrorists tend to avoid sending large amounts of money. “can barely buy an AK47 with 600 bucks”, the employee replied. At a later point, discussing customers from Russia, Lim remarked, “Like come on. They are here for crime.” Binance’s Money Laundering Reporting Officer agreed, “we see the bad, but we close 2 eyes.”
Binance also knew about customers who were either sending money to or receiving money from marketplaces that sold child sexual abuse material. Although they shut down some of those customers’ accounts, they never filed any suspicious activity reports.
Tai Chi entity
In late 2018, feeling the heat, Binance hired a consultant to advise them on the legal risk they were facing in the United States. The consultant went to great detail on the regulations that Binance needed to be following in the United States (but wasn’t), and then offered three possible strategies: a “low-risk” option in which Binance would become fully compliant with the US, a “high-risk” option in which Binance would continue as it had been, and a “medium-risk” option. Binance made it seem as though they rejected the consultant’s recommendations, but in reality, they would ultimately go on to follow the “medium risk” strategy very closely.
This “medium risk” plan involved creating what the consultant called a “Tai Chi entity” — a reference to the Chinese martial art that emphasizes not using force against force, but instead strategically redirecting an opponent’s force away or back towards them. This entity, he said, would “insulate Binance from legacy and future liabilities” by becoming “the target of all built-up enforcement actions”. He also recommended several actions Binance could take, which would be “just for publicity”, including begin discussions with the US SEC “with no expectation of success and solely to pause potential enforcement actions”.
Establishment of Binance US
In keeping with that plan, Binance announced in mid-2019 that they would be blocking users from the United States, and would launch a separate exchange for the US market.
Quick clarifying point: Going forward in this video, you’ll hear me refer to “Binance”, “Binance.com”, or “Binance global”. When I say that, I’m referring to the primary, global Binance exchange, run by CZ, and not Binance US.
The Tai Chi consultant was brought back, and helped with the development of the new exchange for several months. Several months later, under an entity called BAM Trading, Binance launched Binance US. Binance US would go on to become one of the top five crypto exchanges in the United States.
They were very careful about messaging, because they didn’t want to publicly admit that they had ever had US customers on the global exchange. Internally, in a meeting where he also described Binance.com’s substantial US customer base, CZ talked about how to announce the US exchange’s launch. “We need to finesse the message a little bit,” he said. “The message is never about Binance blocking US users, because our public stance is we never had any US users. So, we never targeted the US. We never had US users.”
Binance US appeared to do everything by the book: at the time of its launch, the exchange listed only seven cryptocurrencies at the time of their launch, compared to the more than one hundred tokens listed on Binance.com. This was an apparent attempt to placate the US SEC, which is watchful for exchanges listing tokens it believes to be securities, though Binance US would ultimately list more than 150 tokens. Binance US doesn’t offer trading in crypto derivatives, a riskier type of instrument that the US CFTC doesn’t want exchanges offering to retail customers. And they registered the new US exchange as a money services business, and obtained state money transmitting licenses.
In order to further distance themselves from the entity, Binance and its executives were extremely careful to describe Binance US as a “partner”, not a subsidiary. However, despite having its own executive team on paper, it was controlled by CZ, who also was the beneficial owner of the company. These executives and other employees didn’t even have full visibility into the trading data of the exchange they were supposedly running. They had no control over their own bank accounts, and had to get approval from CZ for even routine expenses. Binance would occasionally transfer tens of millions of dollars out of Binance US without the CEO, Catherine Coley, even knowing about it. When CZ directed that Binance US list the BNB token in September 2019, Coley balked because it was likely to be deemed a security by the SEC. CZ “brought Coley to the room to strongarm a [BNB] listing”, and it was listed the same month. Coley ultimately launched what she called “Project 1776” in late 2020 to try to gain independence from the global exchange and CZ, which she called the “mothership”.
While working on this, Forbes published an article revealing the existence of the Tai Chi plan, which Coley said had destroyed trust among employees of the US exchange who felt “like they’ve been duped into being a puppet”. Binance quickly sued Forbes and the two authors of the article for defamation, seeking damages and the deletion of the article, though they dropped the suit a few months later. Days after dismissing the lawsuit, Binance made a show of power by investing $200 million into Forbes.
As for Project 1776, CZ fired Coley only some months after she embarked on the campaign. CZ installed a new CEO, who resigned only three months after taking the position when it “became clear to [him] at a certain point [that] CZ was the CEO of BAM Trading, not me”.
Keeping US customers on the exchange
Despite their public statements about blocking US customers and limiting them to the no-fun-allowed US exchange, the reality was very different. Binance wanted US customers — especially those who were doing high volumes of trading and were very profitable for Binance — to keep using the global exchange where they had access to a wider range of products. They accomplished this through a combination of willful ignorance and knowingly helping customers — especially VIPs — circumvent their own supposed restrictions.
When talking about showing a pop-up to redirect users with US IP addresses away from Binance towards Binance US, CZ said, “We need to word [the popup] very carefully so that we let people know what they need to do, including using a VPN, without explicitly stating it.” Samuel Lim later told another employee that, “If US users get on .com, we become subjected to the following US regulators, fincen ofac and SEC…” “we try to ask our US users to use VPN / or ask them to provide (if [they] are an entity) non-US documents / On the surface we cannot be seen to have US users but in reality, we should get them through other creative means.”
Ultimately, the pop-up was just a pinky swear: it asked people to self-certify that they were not a US person.
In calls during June 2019, as Binance was planning to launch the US exchange, Yi He told CZ and other executives that Binance had at least 3,500 VIP accounts based in the US, and that those US-based VIPs accounted for around 25% of Binance’s trading revenue. CZ really didn’t want to lose these users, so he spoke of “achiev[ing] a reduction in our own losses” while ensuring that “U.S. supervision agencies not cause us any troubles” by making “US users slowly turn into other users”. Binance “cannot say this publicly, of course”, he said. “We do need to let users know that they can change their KYC on Binance.com and continue to use it. But the message, the message needs to be finessed very carefully because whatever we send will be public. We cannot be held accountable for it.”
Binance employees began a campaign in which they contacted US VIP customers — on the phone, not in writing — to inform them that Binance had “misidentified” their accounts as belonging to US customers, and asking them to “correct” the “previously inaccurate records”. CZ explained on a call with other executives, “We cannot say they are US users and we want to help them. We say we mis-categorized them as US users, but actually they are not.” Samuel Lim added: “We cannot advise our users to change their KYC. That’s of course against the law… But what we can tell them is through our internal monitoring, we realize that your account exhibits qualities which makes us believe it is a US account.” This, he acknowledged, was “intentional circumvention of KYC”.
In chat conversations, Lim also spoke about giving “special treatment” to US VIPs who were “doing sick ass volumes”.
Documents were drafted to coach employees on having these conversations with the US VIP customers. For those who were suspected to be based in the US based on their IP addresses, employees were told to inform them that it was their IP address preventing them from using the exchange. “If the user doesn’t get the hint, indicate that IP is the sole reason why he/she can’t use .com.” They were told they couldn’t “explicitly instruct user to use different Ip. We cannot teach users how to circumvent controls. If they figure it out on their own, its fine.”
“Make sure to inform user to keep this confidential,” the coaching document stated. Some employees went even further, using fake names for these conversations, out of fear that the strategy might leak and the company could be pressured to fire them.
These VIP customers were coached to create offshore entities, if they didn’t already have them, and then update their KYC information to reflect a basis of operations there. In some cases, Binance just changed how they defined “US user” so it wouldn’t apply, and adjusted their automated geofencing controls to not apply.
By September 2020, an internal report showed around 16% of its total userbase was based in the United States. Around this time, Binance became very cautious about keeping records that they had US-based users on the global platform due to fear of “leak risk”, a fear that seemed to have been amplified by US regulatory action against BitMex. The next month, at CZ’s direction, Binance simply changed the label on this report to “unknown”. Around the same time, CZ rebuked an employee for posting US data in an internal group chat, instructing he delete the message. CZ also told an employee who told him about a US trading firm that was accessing the global platform, “[g]ive them a heads up to ensure they don’t connect from a us IP [address]. Don’t leave anything in writing.” [CFTC has screenshots] Binance employees started to only discuss US matters on Signal, where some chats had auto-delete functionality enabled.
Despite the concern about connecting from US IP addresses, even the programs that were intended to detect that were incredibly flawed. “I HAZ NO CONFIDENCE IN OUR GEOFENCING”, an employee told Lim in November 2020.
In October 2020, Binance had to hire an auditor to demonstrate to a US-based business partner, Paxos, that it had an effective compliance program. Lim stated internally that they found an auditor who would “just do a half assed individual sub audit on geo[fencing]” to “buy us more time.” Binance’s Money Laundering Reporting Officer complained that she “need[ed] to write a fake annual MLRO report to Binance board of directors wtf.”
Merit Peak, Sigma Chain
So, by this point I’ve talked a lot about customers trading on the Binance exchange. But I haven’t yet gotten into Binance’s own trading. Although Binance didn’t disclose to customers that they were trading on their own platform, they actually operated around 300 “house accounts” ultimately owned by CZ, including some operated by two trading firms he owns. In addition to Binance and Binance US, CZ also owns a two cryptocurrency trading firms, incorporated in early 2019, called Sigma Chain and Merit Peak. Both firms were only nominally independent from Binance — CZ owned them, and Binance employees were in charge of their operations.
Why does a cryptocurrency exchange operating an only nominally independent trading firm ring a bell?
Both Sigma Chain and Merit Peak operated as market makers for Binance on both the US and global exchanges. If you’re running an exchange, the simplest description of your business is that you match people who want to buy an asset with those who want to sell that asset. But what if someone wants to buy or sell an asset and there’s no one around who wants to make the opposite trade? Exchanges solve this problem by engaging “market makers”, which are typically large trading firms who will step in on the other side of trades to make sure there is adequate liquidity within the markets.
There is substantial conflict of interest risk when it comes to operating both an exchange and a market maker, which why such activities are required by US securities laws to be carefully separated. But CZ’s firms simply flouted these regulations, which are designed to keep firms from trading against their own customers.
And that’s exactly what they did. From the moment of Binance US’s launch, Sigma Chain engaged in extensive wash trading, which is when an entity trades assets among accounts it secretly controls in order to artificially manipulate that asset’s price. The wash trading by CZ and his firms was beneficial to him and those firms, at the expense of the other traders on the platform.
The very day Binance US opened, wash trading between accounts operated by CZ, senior Binance employees, and Sigma Chain constituted more than 99% of the initial hour of trading for one crypto asset, and 70% for the full day.
When Binance US would list a new crypto token, Sigma Chain wash traded it. In a six-month period in 2022, Sigma Chain wash traded newly listed tokens in 48 of 51 cases. Even tokens that had been on the platform for a while were heavily wash traded, including in a spike of wash trading leading up to Binance US raising a funding round, which appears intended to juice trading numbers to make the platform look more appealing to those prospective investors.
But even while he was engaging in this blatant and widespread wash trading, CZ and other Binance employees were talking up just how important it was that exchanges control against market manipulation and claiming that Binance did so.
In April 2019, upset that Binance was appearing lower on a list of crypto exchanges by volume than he believed was accurate, CZ tweeted: “CREDIBILITY is the most important asset for any exchange! If an exchange fakes their volumes, would you trust them with your funds?” What he didn’t mention was that his very own firms were doing that exact thing.
Meanwhile, Binance US was claiming both to the public and to prospective investors that they were carefully monitoring trading for manipulative behaviors and made claims about their trading volume without disclosing the massive wash trading.
Despite these claims, an employee would tell Coley over a year later: “[a]pparently we have nothing in place to prevent wash trading? Just tested myself, sold market order into my own bid.” Another employee replied: “Yikes.”
The wash trading wasn’t the only problem with these entities, though. Massive amounts of Binance money was flowing to and from Sigma Chain and Merit Peak, including between the global and US entities. Customer money, investor money, and company money was all commingled in these accounts to the tune of billions of dollars.
This wash trading of crypto assets, commingling, and lack of disclosures would later raise alarms at the US SEC, but it was hardly the only issue on the agency’s radar. Neither Binance global nor Binance US registered with the SEC as an exchange, broker-dealer, or clearing agency despite apparently filling all of those roles (roles that would normally be separated). Furthermore, they listed tokens — including their own BNB token — that looked a whole lot like unregistered securities. They also offered staking services, programs that the SEC cracked down on hard in the US in 2023. Binance employees knew that they were risking enforcement actions from the SEC: all the way back in 2018, Lim bluntly stated to another member of the compliance team: “We are operating as a fking unlicensed securities exchange in the USA bro.”
Complaints
For years, rumors swirled of a Department of Justice investigation into Binance and CZ. CZ seemed increasingly reticent to leave the United Arab Emirates, which does not have a formal extradition treaty with the United States. In 2021, when his father passed away, CZ didn’t travel to Canada to the funeral (though Binance would later claim he had). Sam Bankman-Fried joked on Twitter in 2022 that CZ might not be “allowed” in the United States.
However, it would ultimately be the US CFTC to come down on Binance first. In March 2023, they charged Binance entities, CZ, and Samuel Lim with seven violations of the Commodity Exchange Act. Although the CFTC is only able to file civil complaints, which can result in injuctions from operating and potential fines but no jail time, a lot of the behavior described in the complaint sounded really criminal. Lim would later settle his portion of the CFTC complaint by paying a $1.5 million fine.
Binance was defiant, and published a long statement by CZ describing his “disappointment” in the lawsuit “despite our working cooperatively with the CFTC for over two years.” “In this journey towards freedom of money, we do not expect everything to be easy. We do not shy away from challenges.”
Only two months after the CFTC lawsuit, the SEC followed up with their own complaint, which included thirteen charges against Binance entities and CZ personally. The charges encompassed the wash trading, commingling of assets, cryptocurrency staking, and operating without registration. Notably, the SEC also used the lawsuit to describe a whole lot of popular cryptocurrency tokens as securities, something that could have a massive impact on cryptocurrency industry in the United States if upheld in court. Robinhood, eToro, and Bakkt all acted quickly to delist the tokens for US customers, cautious of also being accused of offering unregistered tokens.
The SEC also applied for, and was granted, an emergency temporary restraining order aimed at preventing CZ and Binance from transferring assets out of the United States. According to former SEC enforcement attorney John Reed Stark, a TRO is “the most powerful tool the SEC has…” “used sparingly,” and reserved only for “really bad situation[s]”.
Binance, again, was defiant, accusing the SEC of “regulat[ing] with the blunt weapons of enforcement and litigation rather than the thoughtful, nuanced approach demanded by this dynamic and complex technology”.
In the months after the CFTC and SEC lawsuits, Binance suffered misfortune after misfortune. Regulatory action from various jurisdictions caused them to exit or dramatically cut back operations in jurisdictions including Australia, Belgium, Canada, Cyprus, the Netherlands, and the United Kingdom. A seemingly neverending train of executives and other high-level employees quit, including the US Head of Legal and US Chief Risk Officers — a bad sign. Both Binance global and Binance US performed substantial layoffs.
But throughout it all, CZ remained defiant, lashing out on Twitter at the media and dismissing reports as “FUD”.
That is, until November 21.
The charges
That was the day the Justice Department announced that Binance had agreed to plead guilty to three charges, pay $4.3 billion in penalties, and submit to comprehensive monitoring to ensure that their compliance programs were finally properly implemented. Simultaneously, CZ pleaded guilty to one felony charge, resigned as CEO of Binance, and agreed to pay a $50 million fine. Sentencing is scheduled for late February, and it’s entirely possible that he will have to do prison time.
Why
This was a surprise. For one, despite the recordbreaking fine, it seemed somewhat lighthanded by the DOJ, who could have pushed to take a case to trial. It was also a surprise that CZ voluntarily showed up in Seattle to enter a guilty plea after years of appearing to avoid the grasp of US law enforcement, and that he stepped down from the company that had become an extension of himself seemingly without much of a fight.
It may be that CZ decided that the likely consequences were an acceptable price for — eventually — being able to move freely again. It also seems that the net was beginning to tighten somewhat around CZ, particularly after an investigation into Binance began this past summer in France — a country that does have an extradition agreement with the UAE. Furthermore, the UAE has been looking to clean up its reputation and be removed from the Financial Action Task Force’s gray list, and CZ and Binance reportedly kept coming up in conversations between UAE officials and financial authorities in France and in the US.
The choice of action by the DOJ may have been out of that a more aggressive approach could topple the exchange, endangering the finances of its many direct customers and the far more people who would be impacted by the enormous impact a Binance collapse would have on the crypto industry and markets. The DOJ threw the book at Sam-Bankman Fried, sure, but the damage to FTX had already been done at that point. And more generally speaking, the DOJ usually tries to avoid putting companies out of business, a former US prosecutor told Wired.
It also could have been because Binance had a bargaining chip: information. With such a substantial global userbase and a known history of serving criminals, Binance is sitting on troves of data that must be irresistable to the justice department. Perhaps they weren’t willing to bet that they could force Binance to fork it over through the legal system, choosing instead to find ways to get access to that valuable data through a friendlier settlement.
Charge details
Now that we’ve touched on why the deal may have happened, let’s dig in to the charges and what they mean for Binance and CZ.
The DOJ filed a complaint naming Binance and CZ personally. CZ pleaded guilty to one charge: failure to maintain an effective anti-money laundering program. Binance the company pleaded guilty to three charges: conspiracy to conduct an unlicensed money transmitting business and to fail to maintain an effective anti-money laundering program, conducting an unlicensed money transmitting business, and violations of the International Emergency Economic powers Act, which prohibits causing transactions between US people and Iran. Binance was also required as a part of their plea to prohibit CZ from any present or future involvement in operating or managing the Binance business, though he is still — critically — the owner of the company.
In addition to their own charges, though, the DOJ invited some friends to the party. The resolution with the DOJ also involved settling the open complaint from the CFTC, who will collect $2.7 billion in penalties and disgorgement from Binance, and $150 million from CZ (towards which his $50 million DOJ fine will be credited). It also resolved ongoing actions by the Office of Foreign Assets Control, or OFAC, who is in charge of enforcing sanctions violations, and by the Financial Crimes Enforcement Network, or FinCEN, who as I mentioned earlier is responsible for enforcing the Bank Secrecy Act. Both agencies imposed their own fines and penalties, though some of the fines colleccted by the DOJ will go towards the FinCEN or OFAC settlements.
The question now becomes: does Binance have the cash they’ll need to pay these fines? There is a schedule that requires portions of the fine to be paid at different points, but ultimately Binance will have to cough up the whole amount within fifteen months of sentencing. Binance says they’re good for it, obviously, but are they? CZ seemed to try to dodge a question about whether they could pay several billion dollars about a year ago.
Binance discloses very little, and has no audited financials, so no one outside of the company can really say with certainty how much money they have. Binance claims to show “proof of reserves” on their website, which they say is real-time proof that they have sufficient assets backing their users’ holdings, but putting aside that proof of reserves are deeply flawed in terms of presenting a complete picture of a firm’s assets and liabilities, Binance’s claims only refer to customer assets and not corporate holdings.
Would Binance resort to dipping in to customer funds to pay the fines? An exodus of Binance customers has suggested that there are a good number of people who don’t intend to stick around to find out.
Arguably more onerous than the fines, though, are the monitorships that are being imposed, with Binance footing the bill. John Reed Stark, a former enforcement attorney at the SEC, has described the monitorship as a “24/7 365-days-a-year financial colonoscopy.” A US prosecutor told Wired that the monitorship was “kind of crazy… I don’t know what kind of business would want to operate while allowing that much government oversight.”
The DOJ has ordered Binance to become compliant with the applicable laws, and imposed a three-year-long monitorship to make sure that happens. Independently, FinCEN has also ordered a monitor to ensure Binance’s compliance with the Bank Secrecy Act, and that monitorship has a term of five years. Their monitorship will involve ensuring that all US users are gone from the global exchange, as well as digging into details around Binance’s Russian cryptocurrency exchange “partner” that looks kind of a lot like the kind of “partnership” Binance reportedly had with Binance US. These monitors, and the consultants they hire to conduct additional reviews, will be watching Binance like a hawk as they continue to operate AND going back through their past operations — news that I’m sure has struck terror into more than a few criminal operators.
Remember all of the suspicious activity reports Binance wasn’t filing? Well, FinCEN doesn’t intend to just shrug those off. Instead, the monitor will hire a consultant to do a formal suspicious activity report lookback, identifying where reports should have been filed and then filing reports pertaining to categories including ransomware, terrorist financing, high-risk jurisdictions, darknet markets and scams, and child sexual abuse material. According to that same US prosecutor, “it would be a game changer in taking down transnational syndicates doing evil deeds worldwide and trying to shield those crimes by using cryptocurrency to move money.” FinCEN says they think there are at least 100,000 suspicious activity reports that should have been filed, but weren’t.
Indeed, there’s some precedent for this type of retroactive inspection after criminal action. When US authorities took down BTC-e in 2017, criminals involved in child sexual abuse materials distribution and in the hacking of the Silk Road darknet marketplace were identified thanks to data seized by authorities.
Now, this may be a hot take here: The degree of data access by the US government as a result of this action is actually arguably overbroad, as they will now have access to user data with no requirement that the transactions raised suspicion, and no requirement that law enforcement demonstrate probable cause that that user was involved in illicit activity. Regardless of your opinions on the prevalence of crime in the crypto world, or of the likelihood a given crypto user is engaging in criminal activity, warrantless access to private data should be cause for concern.
What’s next for Binance
The question now is: what’s next for Binance? It remains to be seen whether they can pay the fine, though some knowledgeable commentators suspect the DOJ wouldn’t have imposed a fine the company couldn’t pay.
It also remains to be seen whether Binance will — or even can — follow through with its compliance promises under monitorship. I really can’t overstate just how onerous this kind of program is. A former Wells Fargo executive who was in charge of their financial crimes risk management program told Ben Penn at Bloomberg Law: “There has been nothing remotely close to this when it comes to complexity, length, scope”—and to monitor what was “a criminal enterprise, essentially.” Penn drew comparisons to the HSBC monitorship, which was imposed after they were found to have laundered drug money for Mexican cartels. HSBC’s monitorship was supposed to last for five years, but was ultimately extended to almost ten after the independent montiors discovered multiple failings.
In Binance’s case, somehow, this monitor has to assemble a team that can probe the workings of a company that has been designed to be deliberately opaque and resistant to law enforcement inquiry, while also satisfying the expectations of financial regulators who don’t want to be seen to be giving Binance a pass.
And even in a best case scenario, where Binance is able to become fully compliant with the laws it was supposed to have been following all along, can Binance survive? Part of the reason cryptocurrency companies are profitable is by skirting regulations. A profitable business case for a fully regulated, fully compliant cryptocurrency exchange is not clear to me, despite the claims of companies like Coinbase. CZ explicitly stated internally that he was so hesitant to register and comply with US regulations because it would likely touch off a dramatic reduction in customers and, thus, profits.
And history does not offer a promising outlook for crypto exchanges that operated outside of the law and then tried to shape up. Poloniex was a cryptocurrency exchange known as an anything-goes operation, where its lack of KYC was a selling point. It was “shitcoin casino numero uno”, according to a former employee, who described it as “completely Wild West”. In 2018, the US-based cryptocurrency company Circle purchased the exchange with the idea of cleaning things up and making it into an above-board, US-regulated exchange. They discovered, however, that when they introduced KYC, both customers and trading volume vanished. They gave up on the idea very quickly, and sold the exchange in 2019 to Justin Sun, who moved it to the Seychelles and returned it to its “YOLO Polo” roots.
If Binance fails to truly comply with US regulations and its new monitorship requirements, or if Binance otherwise fails to comply with the conditions of its plea agreement, all bets are off: the DOJ could come after the company and its executives criminally, far more harshly than they already have, and the DOJ and other financial agencies could seek to end the company’s presence within the United States.
And Binance has already raised some eyebrows as far as its attitude towards this supposed new, above-board era in its history. During his very first public interview as the replacement CEO of Binance, the former Abu Dhabi regulator Richard Teng was evasive in his answers to even the most basic questions. “I’ve asked you where Binance’s global headquarters is, I’ve asked you whether Binance is going to undergo an audit, how many employees the company currently has on its books and whether you’re applying for a license in the UK, which is what Binance told us during our last FT crypto conference. You haven’t answered those questions,” stated a frustrated interviewer at a conference hosted by the Financial Times. Teng ultimately snapped back, “why do you feel so entitled to those answers?”
For CZ
As for CZ, his future is also unclear. After pleading guilty to his felony charge, he was going to return to his home in Dubai until the sentencing hearing scheduled for February. However, prosecutors appealed the judge’s decision not to include a travel restriction in his bond conditions, and ultimately the judge decided that he was a flight risk who would need to remain within the United States until sentencing.
His charge comes with a maximum ten-year sentence, although sentencing guidelines would put him at a recommended 15–21 month term of imprisonment. However, these guidelines are truly only guidelines — there’s nothing to stop the government from trying to seek a maximum sentence, and his plea agreement allows prosecutors to include evidence of additional crimes that were not ultimately charged against him thanks to his cooperation when providing materials for a pre-sentencing report, which is used to determine an ultimate sentence. On the flip side, CZ could also face lighter treatment than the sentencing guideline, and could even end up with probation or house arrest — though this would likely be somewhat politically unpopular given the sentiment towards cryptocurrency crimes and the apparent scale of wrongdoing at Binance under CZ’s leadership.
As for CZ’s willingness to abide by the terms of his plea agreement, well, he seems to be testing the waters as well, particularly when it comes to the part that prohibits him from publicly denying the wrongdoing he just admitted to. In a long message on Twitter where he wrote “I made mistakes, and I must take responsibility,” he proceeded to do nothing of the sort, finishing the post with “On that note, I am proud to point out that in our resolutions with the U.S. agencies they: do not allege that Binance misappropriated any user funds, and do not allege that Binance engaged in any market manipulation.”
Fortunately for CZ and the future of his plea agreement, he was careful to ensure that this statement was technically correct, if also somewhat misleading. It relies on the fact that allegations of misappropriation of user funds and market manipulation came from the SEC — the one agency that did not join the group settlement spearheaded by the DOJ.
As for the SEC charge, well, that is plowing ahead with full force. In fact, the SEC has already filed notice of supplemental authority in that case, attaching Binance and Zhao’s plea agreements and the consent order from FinCEN. The admissions made in those agreements could dramatically bolster the SEC’s case against the company, which could result in hefty fines and injuctions — though the SEC, like the CFTC, does not have criminal authority.
I wish I could end this video with a confident prediction of what the future holds for Binance, and the crypto industry where it has been a dominant force for more than five years, but it’s pretty early to be doing such things, and I learned long ago that what happens in the crypto industry will almost always be more absurd and unbelievable than anything I predict.
Instead, I hope I have left you with a full understanding of what has happened up to this point, with which you are certainly free to make your own predictions — leave a comment if you want. With that knowledge, we can watch what the future will bring together. Don’t forget to buy some popcorn.
Thanks so much for watching! This was my first longform video, and I really hope you’ve enjoyed it. I’m super new to writing, recording, and editing video, so please leave me any feedback you have! And if there are any topics you want to see me cover, either in video form or in my usual writing, please feel free to suggest those as well. If you liked this video, you should check out my writing over at the Citation Needed newsletter, where I publish regular writings about cryptocurrency industry and tech more broadly. I also do a roughly weekly recap of what’s been happening in the cryptocurrency world, so if you’re looking to stay informed on what happens with Binance going forward, consider signing up for a subscription. All content there is free, but I rely on the paid subscriptions to be able to do this kind of work — including this video — fulltime. If you want to support my work without a newsletter subscription, you can also check out mollywhite.net/support for some alternatives.
Again, thanks so much for watching, and stay tuned for more videos like this.
Disclosures for my work and writing pertaining to cryptocurrencies and web3 can be found here.