B2BX Digital Exchange OÜ operated in a business segment with a high risk of money laundering and terrorist financing, considering its clients, the services provided, and geographical risks. A large portion of the company’s clients were service providers offering services to their own clients, meaning the business involved correspondent relationships, which require a different and heightened level of due diligence. Additionally, services were provided to clients from third countries, and the company’s total revenue, when converted to euros, exceeded one billion euros.
The Financial Intelligence Unit identified in a supervision proceeding that the company had not applied due diligence measures appropriately in accordance with its risk profile for clients and transactions in correspondent relationships. The company’s risk assessment and risk appetite documents, as well as procedural rules for applying due diligence measures in correspondent relationships, had significant deficiencies. There was no internal control policy in place, which, if properly implemented, could have identified many of the problem areas much earlier than the Financial Intelligence Unit’s supervision did. The company systematically failed to apply due diligence measures to identify the source and origin of funds used in transactions, as well as the origin of wealth. It also conducted inadequate real-time transaction screening and failed to perform subsequent monitoring. As a result, B2BX Digital Exchange OÜ did not report suspicious transactions related to money laundering or terrorist financing to the Financial Intelligence Unit in a timely manner.
B2BX Digital Exchange OÜ held a license for providing virtual asset services from November 8, 2018, until January 31, 2025. As of February 10, 2025, there are 40 active licenses for providing virtual asset services in Estonia.
