New York regulators slap Robinhood’s crypto business with $30 million fine

In the latest in what seems to be a string of challenges the company has to grapple with, Robinhood’s crypto division has been slapped with a $30 million fine by the New York State Department of Financial Services. It’s the first crypto-focused enforcement action by the regulator, which has issued the multimillion dollar penalty against Robinhood for what it says are violations against the state’s anti-money laundering and cybersecurity regulations. In its announcement, the Financial Services Department said it found significant deficiencies in the company’s compliance programs following a supervisory examination.

Apparently, there weren’t enough people working in Robinhood’s money laundering compliance program. The company also failed to transition from a manual monitoring system, which is no longer sufficient now that it’s much larger than when it started. In addition, the department found that policies within Robinhood’s cybersecurity program aren’t in full compliance with official cybersecurity and virtual currency regulations. 

The New York regulator also mentioned that Robinhood improperly certified compliance with the Department’s Transaction Monitoring Regulation and Cybersecurity Regulation. Since it wasn’t fully compliant with the state’s cybersecurity rules, Robinhood violated the law by claiming compliance. Finally, the regulator said Robinhood failed to adhere to consumer protection requirements by not maintaining a separate phone number (and displaying it on its website) specifically for consumer complaints. 

Superintendent of Financial Services, Adrienne A. Harris, said in a statement:

“As its business grew, Robinhood Crypto failed to invest the proper resources and attention to develop and maintain a culture of compliance—a failure that resulted in significant violations of the Department’s anti-money laundering and cybersecurity regulations. All virtual currency companies licensed in New York State are subject to the same anti-money laundering, consumer protection, and cybersecurity regulations as traditional financial services companies. DFS will continue to investigate and take action when any licensee violates the law or the Department’s regulations, which are critical to protecting consumers and ensuring the safety and soundness of the institutions.”

Aside from having to pay $30 million, Robinhood must retain an independent consultant who will evaluate if it has taken the appropriate actions to address its violations and deficiencies under the settlement.

Robinhood also recently announced that it’s laying off 23 percent of its workforce due to record inflation and the cryptocurrency crash. It’s the company’s second round of job cuts this year and will affect employees across divisions. That revelation came after Robinhood published its earnings for the second quarter of 2022, wherein it posted a net loss of $295 million and announced a decrease of 1.9 million in monthly active users. 

Hacking free-for-all relieves crypto bridge users of $200 million

Cryptocurrency hacks are all too common, but they’ve rarely been quite so anarchic as the latest example. As The Vergenotes, Nomad has confirmed that its cryptocurrency bridge (a service that lets you swap tokens between blockchains) was the victim of an August 1st “incident” where a slew of hackers stole nearly $200 million in funds. As Paradigm researcher Samczsun explained, the intruders took advantage of a misconfiguration that let any reasonably knowledgeable user authorize their own withdrawals. The result was a “chaotic” hack where people could swap their crypto address into a known-good transaction to steal digital money.

In an update, Nomad said it’s “working around the clock” to resolve the problem with help from law enforcement and blockchain intelligence firms. It hopes to both pinpoint involved accounts and recover funds. A16z’s security team suggested that well-intentioned white hat hackers would return crypto they took “preemptively,” but there’s no word on identifying thieves.

Bridges like these are major targets for hackers thanks to both their high asset volume and the potential for exploits in their sophisticated code. An attacker swiped roughly $625 million from the Ronin blockchain underpinning Axie Infinity in March, and an exploit in the Wormhole bridge led to a $325 million hack in February. While the Nomad breach isn’t quite as financially damaging, it illustrates just how vulnerable bridges can be.

Interactive musical series ‘We are OFK’ hits PlayStation, Switch and PC on August 18th

Back at the 2020 edition of The Game Awards, we learned about We Are OFK, a new project from Hyper Light Drifter co-designer Teddy Dief and their collaborators at Team OFK. It was supposed to debut in spring 2021 but, as has been the way of things for the last few years, it was delayed. Now, We Are OFK finally has a release date. Or, more accurately, release dates, since it’s an episodic series. The first two episodes will hit Nintendo Switch, PlayStation 4, PS5, Steam and Epic Games Store on August 18th. The remaining three episodes will arrive on a weekly basis.

We Are OFK follows a virtual four-piece indie band called, strangely enough, OFK. It’s billed as an interactive musical biopic that OFK is making about its own origins. As Dief wrote on the PlayStation Blog, “What would it look like to create virtual musicians who watch performances of [pop stars] on their laptops in bed, and know they’re probably never going to play a stadium concert? We wanted to tell that story — how hard it is to make music, to write even one song, to record another video to post online and hope someone leaves a nice comment.”

The game costs $20. Along with each episode, OFK and Sony Music Masterworks will release a new single. A vinyl package of the singles will be available from iam8bit for $32. A limited-edition physical version of We Are OFK is available to pre-order for PS5 and Switch too. You can also pre-save the group’s first EP.

Here’s what embedded tweets could look like after they’re edited

One of Twitter’s most anticipated features — the edit button — is still in development. But thanks to app researcher Jane Manchun Wong, we have an idea of how edits to embedded tweets on a website will carry over. If a tweet gets edited after it is emb…

Chevy Bolt owners must choose between rebates and battery defect lawsuits

Chevy offered rebates to Bolt EV owners who bought their cars just before a 2023 model price drop, but that discount comes with a large catch. Jalopnik and Autoblog note the rebate application requires that drivers “forever waive and release” their right to sue GM or LG over the Bolt’s reported battery defect. You’d have to be content with the savings even if the car did serious damage, in other words. GM confirmed the agreement language with Engadget.

GM first recalled the Bolt in November 2020 after reports of battery fires between 2017 and 2019. The automaker tried addressing the issue with a software update in April 2021, but two subsequent fires and a second recall led the NHTSA to warn against parking indoors. That prompted a July 2021 recall where GM replaced the battery packs. The brand eventually recalled all manufactured Bolts, pledged an additional $1 billion for battery replacements and offered an eight-year, 100,000-mile warranty on substitute batteries.

The company has since used financial incentives to regain trust. It slashed the price of the Bolt EV and Bolt EUV between $5,900 and $6,300, and offered comparable rebates to people who bought 2020, 2021 and 2022 models this year. The exact rebate amounts depend on the model year and trim level.

As Jalopnik explained, this isn’t the first time GM has used legal agreements to protect its reputation. Cadillac Lyriq buyers were offered a $5,500 discount if they agreed not to talk about problems with the electric SUV, and purchasers of high-end cars like the Hummer EV void their warranties if they flip their vehicles within a year. However, this latest move could easily be the most concerning — the rebate amounts to a legal settlement rather than a kind offer.

Outlook Lite for Android brings Microsoft’s email app to budget phones

Microsoft quietly announced the launch of Outlook Lite for Android, a streamlined version of the company’s email service designed to use less battery and storage space than the default Outlook app without sacrificing features or performance.

Specifically, Microsoft says that Outlook Lite has all the main features of the Outlook experience neatly packed into a 5MB app that’s optimized for speed, even on lower-end Android devices. The company says the app was designed to run fast on devices with as little as 1GB of RAM, use less battery impact than the full app and offer good performance on older 2G and 3G networks.

That lower data, storage and battery impact is, of course, the point. And Microsoft isn’t alone: pared down, lightweight apps serve a huge market of users with budget devices on older networks. That’s why Google offers Android Go, a pared down version of the mobile OS designed specifically for lower-end phones, and why Meta has put so much effort into building small, but feature-rich versions of its Instagram and Facebook apps. You can find lightweight apps for Twitter, Tiktok and even Tinder

Like most lightweight apps, this one has its caveats. Microsoft’s new mail app doesn’t cut any major features to earn its ‘lite’ moniker, but it won’t work with as many email providers as the primary Outlook app. At present, Outlook Lite is only compatible with Outlook.com, Hotmail, Live, MSN, Microsoft 365 and Microsoft Exchange Online accounts. Likewise, the app is also only available in select countries, including Argentina, Brazil, Chile, Columbia, Ecuador, India, Mexico, Peru, Saudi Arabia, South Africa, Taiwan, Thailand, Turkey and Venezuela — though Microsoft says it may add support for more locations in the future.

SEC charges 11 people over ‘textbook’ $300 million crypto Ponzi scheme

It’s a day of the week ending in the letter “y,” which inevitably means there’s news of anothermessysaga in the cryptocurrency world. The Securities and Exchange Commission has charged 11 people who allegedly set up and promoted Forsage, which it said was a crypto Ponzi scheme that pulled in over $300 million from retail investors.

The agency asserts that Forsage enabled millions of people to engage in transactions through smart contracts on the Ethereum, Tron, and Binance blockchains. It alleged that Forsage had essentially been operating as a pyramid scheme for over two years, wherein the main way for investors to make money was by luring other people into the scheme. “Fraudsters cannot circumvent the federal securities laws by focusing their schemes on smart contracts and blockchains,” Carolyn Welshhans, acting chief of the SEC’s Crypto Assets and Cyber Unit, said in a statement.

“Forsage is a textbook pyramid and Ponzi scheme,” the SEC’s complaint reads. “It did not sell or purport to sell any actual, consumable product to bona fide retail customers during the relevant time period and had no apparent source of revenue other than funds received from investors.”

Four of those charged are Forsage’s founders, who were last known to be living in Russia, the Republic of Georgia and Indonesia. The SEC also charged three promoters based in the US, who the founders allegedly recruited to endorse Forsage on its website and social media. Several members of a group called Crypto Crusaders, a group that promoted the scheme, were charged with violating the registration and anti-fraud provisions of federal securities laws as well. Two defendants have agreed to settle the charges without admitting or denying the allegations.

As CNBC notes, Forsage’s founders launched the platform in January 2020. Regulators in the Philippines and Montana tried to shut it down with cease-and-desist actions. The SEC alleged that the defendants continued to promote Forsage while denying claims made against the platform in YouTube videos.