The Financial Conduct Authority (‘FCA’) has brought its first charges (and secured a successful conviction, following a guilty plea) against 45-year-old Mr. Olumide Osunkoya, a London resident, for illegally operating several crypto ATMs. These machines enabled customers to purchase or exchange fiat currency for crypto assets.
Our Financial Services & Business Crime & Investigations teams discuss the case and implications below.
Background
Since 10 January 2021, businesses offering certain crypto asset services in the UK, are required to register with the FCA under the Money Laundering, Terrorist Financing, and Transfer of Funds (Information on the Payer) Regulations 2017 (‘MLRs’). Operating an un-registered crypto asset business is a criminal offence. The FCA has confirmed that, at present, no crypto ATM operators are legally authorised to operate in the UK.
Mr. Osunkoya was accused of facilitating £2.6 million in crypto transactions across various locations between 29 December 2021 and 8 September 2023, via unregistered crypto ATMs. He pleaded guilty to five offences.
Mr. Osunkoya initially served as a director of Gidiplus Ltd and later operated as a sole practitioner. Gidiplus Ltd had applied for registration as a crypto asset exchange provider under the MLRs, but its application was rejected in November 2021. The company was required to immediately cease operating crypto ATMs and was formally notified of this on 30 December 2021. In rejecting the application, the FCA found that Gidiplus Ltd had inadequate anti-money laundering systems and controls, including deficiencies in business-wide and customer risk assessments, customer due diligence, enhanced due diligence, and transaction monitoring. Additionally, Mr. Osunkoya was deemed to lack financial probity, as he had misled three banks regarding the nature of Gidiplus Ltd’s business activities.
Of particular importance in this case, Regulation 92 of the MLRs specifies that when a corporate entity, such as Gidiplus Ltd, commits an offence, any officer of that entity—such as a director—can also be held liable for the offence if it was committed with their consent, collusion, or due to their negligence. This substantially widens the remit of the offence and ensures that officers, like Mr. Osunkoya, can be held personally accountable for the company’s actions.
Mr. Osunkoya was charged with two offences under Regulations 86 and 92 of the MLRs for operating crypto ATMs without FCA registration. Additionally, he was charged with two offences under the Forgery and Counterfeiting Act 1981 for creating and using false documents during these activities, as well as an offence under the Proceeds of Crime Act 2002, for possession of criminal property, connected to the suspected proceeds of his crypto ATM business.
This conviction represents the FCA’s first steps in criminal enforcement under the MLRs and provides a clear message that this type of activity is firmly on its radar.
FCA comments and sentencing
Therese Chambers, joint executive director of enforcement and market oversight at the FCA, stated:
“Our message today is clear. If you’re illegally operating a crypto ATM, we will stop you…. If you’re using a crypto ATM, you are handing your money directly to criminals. Criminals can exploit crypto ATMs to launder money globally.”
On 28th February 2025, Mr. Osunkoya was sentenced to 4 years in prison. At the hearing, the FCA asked the court to begin confiscation proceedings under the Proceeds of Crime Act 2002 to recover any financial gain Mr. Osunkoya had made from his criminal actions
In sentencing, His Honour Judge Perrins remarked:
“Your decision to continue to operate illegally was an act of deliberate and calculated defiance to the regulator… You knew full well that you were acting unlawfully… Your actions were deliberate and carefully planned… It cannot be said that it is a mere regulatory breach.”
Capital Comments
This case is notable when considered against growing calls for more regulation of crypto assets in the UK. The FCA appears keen to move the discussion forward with the publication of its “crypto roadmap” and is demonstrating a strong position in the use of its current powers.
We expect to see increases in enforcement activity, as crypto assets edge closer to full regulation in the UK, with all policy statements under the roadmap to be published by 2026.
Arguably, this case may be viewed as exception given the judge’s findings that Mr Osunkoya deliberately defied the regulator. It is, however, clear recognition that the scope of regulation around crypto assets is widening, and in support of that, the FCA is making its presence felt.
How can we help?
If you have questions around the provision of crypto asset services in the UK or want to understand how your business can ensure its compliance under the MLRs, please contact our expert Cryptoassets team.
