How Paxos’s AML Compliance failures led to a multimillion-dollar settlement
On August 7, 2025, the New York State Department of Financial Services (NYDFS) announced a $48.5 million settlement with Paxos Trust Company, concluding a multi-year investigation into the company’s anti-money laundering (AML) and due diligence practices. According to Reuters, the enforcement action stemmed from significant compliance deficiencies linked to Paxos’s former partnership with Binance, the global cryptocurrency exchange. As part of the settlement, Paxos will pay a $26.5 million civil penalty and invest $22 million to strengthen its compliance infrastructure.
Paxos, which has held a New York trust charter since 2015, entered into an arrangement with Binance in 2019 to issue and manage the Binance USD (BUSD) stablecoin. Under its charter, Paxos was obligated to conduct thorough and ongoing due diligence on its partner. NYDFS found that from 2017 to 2022, Paxos failed to meet that obligation. According to the regulator, roughly $1.6 billion in Binance transactions during that period were connected to illicit actors, including darknet markets, Ponzi schemes, and sanctioned entities. The investigation identified weaknesses in Paxos’s transaction monitoring, escalation protocols, and customer due diligence measures—gaps that allowed suspicious activity to go undetected or unaddressed.
In February 2023, NYDFS ordered Paxos to cease minting BUSD, citing these deficiencies. Paxos complied immediately and subsequently ended its relationship with Binance. The company has since stated that the issues were historical, have been fully remediated, and did not result in customer losses or destabilization of the BUSD peg. Its other stablecoin offerings, Pax Dollar (USDP) and PayPal USD (PYUSD), remain unaffected.
Three key realities for crypto-related entities
This case underscores three enduring realities for regulated crypto entities. First, AML obligations extend beyond in-house systems to include the operations of third-party partners. Even when a partner is a global market leader, trust does not replace verification. Second, structural weaknesses in AML programs—whether in know-your-customer (KYC) procedures, transaction monitoring, or escalation—can result in regulatory actions that carry both financial and reputational costs. Finally, remediation is not optional. Regulators increasingly require firms to invest heavily in compliance infrastructure as part of enforcement resolutions, making robust systems and oversight a strategic necessity rather than a discretionary expense.
For AML and compliance professionals, the Paxos settlement is a clear reminder that regulators remain vigilant, especially in the digital asset sector. Stablecoin issuers, custodians, and other crypto infrastructure providers operate in a landscape where the speed of transactions, the complexity of cross-border flows, and the anonymity of certain participants amplify AML risks. Proactive investment in technology, processes, and skilled compliance teams is not just a defensive measure—it is essential for operational resilience and long-term trust in the market.
