Coinbase has been hit with a significant financial penalty in Ireland, as the Central Bank of Ireland imposed a fine of $24.75 million for serious lapses in anti-money laundering (AML) and counter-terrorism financing (CTF) monitoring. The sanction stems from compliance failures by Coinbase Europe Limited—the European subsidiary of the U.S.-based cryptocurrency exchange—spanning a period from 2021 to 2025.
This enforcement marks the first major regulatory action from the Irish Central Bank directed at the crypto industry. On November 5, 2025, Coinbase and the Central Bank reached a settlement which initially pegged the fine at $35.3 million. However, due to a 30% reduction under a settlement discount scheme, the final penalty was brought down to $24.75 million.
The Central Bank’s investigation exposed critical flaws in Coinbase Europe’s transaction monitoring systems. Most notably, over 30 million transactions went unchecked over a 12-month span, representing nearly a third—approximately €176 billion—of all transactions processed by the platform during that time. These failures meant that potentially suspicious activities were not flagged in real time, allowing for possible undetected financial crimes.
As a registered Virtual Asset Service Provider (VASP) in Ireland, Coinbase is legally obligated to actively monitor customer transactions and report any suspicious activity to the Financial Intelligence Unit (FIU) and the Revenue Commissioners. Despite these requirements, it took Coinbase nearly three years to fully review the flagged transactions, ultimately resulting in the submission of 2,708 Suspicious Transaction Reports (STRs). Many of these reports suggested involvement in potentially serious criminal conduct, the regulator noted.
Colm Kincaid, Deputy Governor of Consumer and Investor Protection at the Central Bank, emphasized the importance of robust compliance systems within financial institutions. “The effectiveness of our fight against financial crime depends on institutions having appropriate monitoring mechanisms and reporting suspicious activities without delay,” he stated. “Systemic failures in these areas provide an opening for criminals to operate under the radar, and they will exploit those opportunities.”
Kincaid further stressed that any technological or procedural failures must be immediately reported to the Central Bank so that adequate measures can be taken to mitigate risks and prevent further breaches.
In addition to regulatory troubles in Ireland, Coinbase has recently come under political scrutiny in the United States. Democratic Senator Chris Murphy accused the company of being linked to a “corruption factory” tied to former President Donald Trump’s administration. The senator alleged that campaign donations from Coinbase were politically motivated and may have influenced the decision to drop a Securities and Exchange Commission (SEC) lawsuit against the exchange.
Coinbase’s legal and policy executives swiftly denied the allegations. Chief Legal Officer Paul Grewal and Chief Policy Officer Faryar Shirzad described the claims as unfounded. Shirzad criticized the previous SEC leadership’s approach as one characterized by intimidation and misuse of authority. Grewal added that allowing Coinbase to go public, only to later target it with litigation, exemplified arbitrary and politically motivated enforcement.
Although the Irish fine is significant, it’s not the first time Coinbase has faced regulatory action. In 2022, the U.S. Department of Financial Services fined the company $50 million for similar failings in its compliance programs. This pattern suggests ongoing challenges in maintaining adequate oversight systems amid rapid global expansion.
The Irish case highlights a broader issue within the cryptocurrency sector: the struggle to meet traditional financial compliance standards while operating in a decentralized, fast-evolving market. As digital assets become more integrated into mainstream finance, global regulators are ramping up scrutiny to ensure that crypto firms cannot act as conduits for illicit financial flows.
Compliance experts argue that this case sends a clear signal to other crypto firms operating within the European Union. The introduction of the Markets in Crypto-Assets (MiCA) regulation, set to take full effect in 2024, will impose stricter obligations on virtual asset service providers, including requirements for risk management, audit transparency, and consumer protection. Firms failing to adapt to this evolving regulatory environment may find themselves facing similar enforcement actions.
In response to the fine, Coinbase has publicly committed to improving its compliance infrastructure. The company stated it is investing in upgraded transaction monitoring systems and increasing staff across its compliance and legal departments. However, critics remain skeptical, pointing out that the scale and duration of the failures in Ireland suggest deeper structural weaknesses.
Some industry analysts view this incident as a tipping point for the crypto sector in Europe. They argue that regulators are no longer willing to tolerate the “grow now, regulate later” approach that has long defined the industry. Instead, there is a growing insistence on accountability and transparency from day one.
Moving forward, Coinbase’s ability to maintain its European operations—and its reputation—may hinge on how effectively it can demonstrate compliance with both existing and emerging regulatory frameworks. For investors and users, the Irish case serves as a reminder of the risks associated with even the most established players in the crypto space.
In conclusion, the $24.75 million fine levied by the Irish Central Bank is not just a punitive measure—it’s a wake-up call. It underscores the need for crypto exchanges to prioritize robust compliance programs, not only to satisfy regulatory authorities but also to maintain user trust and financial system integrity. As the industry matures, so too must its governance, oversight, and responsibility.