This marks Ireland’s first enforcement action against a crypto company and represents one of the largest penalties ever issued by the Irish financial regulator.

The Scale of the Problem

Coinbase Europe’s transaction monitoring system had serious flaws that left over 30 million transactions unmonitored during a 12-month period. These transactions were worth more than €176 billion ($202 billion), representing about 31% of all the company’s European activity during that time.

The Central Bank of Ireland announced the settlement on November 6, 2025. The original penalty was set at €30.66 million, but Coinbase received a 30% discount for admitting to the violations and cooperating with regulators.

According to the settlement agreement, Coinbase Europe admitted to three main failures: not properly monitoring over 30.4 million transactions, lacking adequate internal controls to prevent money laundering and terrorist financing, and failing to conduct additional monitoring on 184,790 specific transactions.

What Went Wrong

The problems stemmed from coding errors in Coinbase’s Transaction Monitoring System (TMS). This software is designed to analyze financial transactions and flag suspicious patterns that compliance teams need to investigate.

Coinbase built 21 different monitoring “scenarios” to catch potential red flags. However, three coding mistakes caused five of these 21 scenarios to miss certain transactions. The system overlooked cryptocurrency addresses that were separated by special characters.

Source: centralbank.ie

These errors didn’t affect the other 16 monitoring scenarios or Coinbase’s other compliance controls. The company discovered the bugs through its own internal testing and fixed them by the end of April 2022. However, reviewing all the affected transactions took much longer—nearly three years to complete, with the final transactions reviewed in March 2025.

Criminal Activity Concerns

After fixing the coding errors, Coinbase reprocessed all the affected transactions through the corrected monitoring system. Out of roughly 97 million crypto transactions processed during this period, about 184,790 needed further investigation.

From this review, Coinbase filed approximately 2,700 Suspicious Transaction Reports with Irish authorities. These reports covered transactions worth about €13 million and included suspicions of serious crimes such as money laundering, fraud, drug trafficking, cyberattacks with ransomware, and child sexual exploitation.

It’s important to note that filing these reports doesn’t confirm that criminal activity actually occurred. Companies must file suspicious transaction reports whenever they suspect or have reasonable grounds to suspect illegal activity, even without proof.

Colm Kincaid, Deputy Governor for Consumer and Investor Protection at the Central Bank of Ireland, emphasized the seriousness of the situation. He explained that law enforcement agencies depend on financial institutions having proper systems to monitor transactions and report suspicions. When these systems fail, criminals have opportunities to avoid detection.

A Pattern of Compliance Issues

This isn’t Coinbase’s first major compliance problem. The Irish case is connected to similar issues the company faced in the United States. The European unit had outsourced its transaction monitoring to Coinbase Inc., the U.S. parent company, which had its own regulatory troubles.

In January 2023, the New York Department of Financial Services ordered Coinbase to pay $50 million for compliance failures. That settlement also required the company to invest another $50 million to improve its compliance program. New York regulators found that Coinbase’s systems couldn’t keep up with the company’s rapid growth, creating a backlog of over 100,000 unreviewed transaction alerts.

Moving Forward

Coinbase says it has taken significant steps to prevent similar problems in the future. The company enhanced its testing procedures for the transaction monitoring system, especially before making any code changes. It also strengthened oversight of its technical processes and continues building new scenarios to detect evolving criminal activity.

In a blog post responding to the settlement, Coinbase emphasized its commitment to compliance. The company stated that it recognizes the importance of effective anti-money laundering procedures and takes its regulatory obligations seriously.

The settlement must still be confirmed by Ireland’s High Court before taking effect. This is standard procedure for enforcement actions under Irish law.

Interestingly, Coinbase had already moved its main European regulatory base from Ireland to Luxembourg in June 2025. The company now holds a license under Europe’s Markets in Crypto Assets (MiCA) regime, allowing it to serve approximately 450 million Europeans under unified regulations. Reports suggest Coinbase experienced friction with the Central Bank of Ireland, though the company cited multiple reasons for the move, including Luxembourg’s mature legal framework for areas like tokenization.

The Bigger Picture

This enforcement action sends a clear message to the cryptocurrency industry about regulatory expectations. Ireland’s Deputy Governor Kincaid pointed out that cryptocurrency has specific features—including anonymity capabilities and its cross-border nature—that make it particularly attractive to criminals. This makes robust monitoring systems especially important for crypto companies.

The fine calculation was based on Coinbase Europe’s average annual revenue between 2021 and 2024, which was approximately €417 million ($480 million). This represents the Central Bank of Ireland’s 162nd enforcement action to date, bringing the regulator’s total fines to over €428 million.

For context, this penalty ranks as the fourth-largest financial fine ever imposed by the Irish financial regulator and sets a precedent for how Ireland will handle crypto sector violations going forward.

Closing the Compliance Gap

The Coinbase settlement highlights a critical challenge facing the cryptocurrency industry: balancing rapid growth with regulatory compliance. As crypto exchanges scale globally, their compliance systems must keep pace with transaction volumes and evolving criminal tactics.

For Coinbase users, this settlement doesn’t affect their wallet balances or ability to trade. The issues involved internal monitoring systems, not the security of customer funds or the integrity of transactions themselves. However, the case raises important questions about compliance infrastructure as crypto companies seek greater regulatory legitimacy worldwide.