FINTRAC Imposes Record Fine Against Vancouver-Based Cryptomus

Canada’s financial intelligence agency has fined Vancouver-based cryptocurrency exchange Cryptomus nearly C$177 million, saying the firm failed to report thousands of transactions that may have involved sanctions evasion and money laundering tied to fraud, ransomware and child sexual abuse material.

The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) said Cryptomus, incorporated in B.C. as Xeltox Enterprises Ltd., failed on more than 1,000 occasions in a single month to file suspicious transaction reports with possible links to money laundering or terrorist financing. 

In a statement, FINTRAC Director Sarah Paquet called the penalty “unprecedented,” saying its size reflected the severity of the violations. 

“Given that numerous violations in this case were connected to trafficking in child sexual abuse material, fraud, ransomware payments and sanctions evasion, FINTRAC was compelled to take this unprecedented enforcement action,” she said. 

According to the agency, the company failed to report 1,068 suspicious transactions in July 2024 alone, and in the same month did not report 1,518 instances of receiving more than $10,000 worth of cryptocurrency as required by law. FINTRAC also accused Cryptomus of defying Canadian sanctions against Iran and other “high-risk” jurisdictions, saying the firm failed to report 7,557 transactions with Iran between July and December 2024, in breach of Canada’s sanctions regime.

FINTRAC said Cryptomus also failed to report suspicious activity tied to darknet marketplaces and to virtual currency services located in Russia or other high-risk jurisdictions with weak anti-money laundering regulations, resulting in “the loss of critical financial information that could have been used by FINTRAC to produce actionable financial intelligence for the investigation and prosecution of money laundering and terrorist financing offences.”

The penalty—significantly larger than any previously issued by FINTRAC—follows reporting by the Investigative Journalism Foundation (IJF) that Cryptomus traded large volumes of cryptocurrency with Garantex, a now-defunct Russian exchange described as a favored tool of cybercriminals, and that it also traded with Nobitex, an Iranian exchange accused of facilitating sanctions evasion. 

TRM Labs told the IJF that Cryptomus transacted about USD$250 million with Garantex between January 2024 and March 2025, and TRM Labs executive Ari Redbord said the firm observed “direct transactional relationships” between numerous cybercriminal groups and Cryptomus, including four groups “suspected of operating from the Russian Federation.”

Though legally based in Vancouver, Cryptomus has no apparent physical presence there. Its former address was a downtown co-working space that, according to prior IJF reporting, is used on paper by dozens of financial businesses, some linked to money-laundering hotspots such as Cyprus, Panama and Russia. 

Read more by the Investigative Journalism Foundation

Read more from FINTRAC