- Learn More Learn More
Kroll assisted a large international cryptocurrency exchange under investigation by numerous U.S. government agencies.
The client had grown at scale rapidly over a short period, with its compliance infrastructure and capability requiring significant uplift and enhancement to satisfy the demands of a range of regulators, including the U.S.
Our work covered multiple areas including regulatory reporting, know your customer (KYC) assessments, geofencing and enterprise-wide risk assessment, market surveillance, politically exposed person (PEP) backlog remediation, and policies and procedures review.
We assisted the external counsel with regulatory requests and the collation of the relevant supporting data, related to an exercise confirming clients had been offboarded in specific jurisdictions. Kroll performed KYC current state assessment, covering policies, procedures, internal controls and systems to assess proper identification of relevant clients. This included customer file testing and proposed remediation procedures based on findings. The current state of IT controls were tested to identify gaps in geofencing controls. This was conducted by testing across laptops, mobile devices, VPNs and APIs and was supported by an open-source review. A draft enterprise-wide risk assessment (EWRA) methodology for control assessments was created covering inherent and residual risk scoring methodologies, reporting requirements and an escalation process. This was alongside a full health check review of the AML control environment to inform the risk assessment report. A controls assessment was undertaken to determine coverage of market surveillance capabilities, which included documenting existing monitoring solutions deployed by the firm, an evaluation of the design effectiveness of these solutions and an assessment of their data feeds. To support the PEP backlog, the necessary tools, processes and procedures to manage remediation of the backlog were reviewed, providing the technical expertise, where appropriate, to automatically resolve/close PEP backlog alerts. Staff augmentation services were provided across the different functional areas to support all aspects of the work.
Learn More About Our Blockchain and Financial Crime Services
We provide staff augmentation and managed compliance services; regulatory consulting; asset valuation and due diligence; cyber strategy and risk consulting; entity restructuring and wind down plans; and compliance risk, diligence and consulting. Our global team of risk, regulatory, IT, computer science and data science experts brings decades of experience and cutting-edge technologies to provide independent expert support and impactful advisory services for issues involving digital assets, data and IT.