Skip to main content
close search
site logo

Block agrees to pay $40M New York penalty

The payments technology company agreed to settle allegations related to lax oversight of its Cash App payments tool.

Published April 16, 2025
Lynne Marek's headshot
Lead Editor
Jack Dorsey, Block CEO
Jack Dorsey, head of Block Joe Raedle / Staff via Getty Images

First published on

Payments Dive

Payments technology company Block agreed to pay a $40 million civil monetary fine last Thursday as part of an agreement to resolve claims brought by the New York State Department of Financial Services over lax oversight of its financial services.

In particular, the state cited Block’s Cash App peer-to-peer payments tool as not satisfying state requirements for anti-money laundering, Bank Secrecy Act and know-your-customer compliance programs, according to the NYDFS

Oakland, California-based Block, led by entrepreneur Jack Dorsey, operates in New York under a money transmitter license and BitLicense it has in that state. The company also owns Square, which enables payments processing for merchants.

In January, Block agreed to pay $255 million to federal and state regulators for deficiencies in its oversight of its peer-to-peer payments tool Cash App and to compensate users who became victims of fraud. 

Specifically, the company agreed at that time to pay the Consumer Financial Protection Bureau a $55 million penalty and to compensate victims with up to $120 million, according to a press release from the federal agency. It also included Block paying $80 million to resolve similar allegations brought against it by 48 states.

As part of examinations performed by New York regulators for the period covering from April 2021 to September 2022, the state found that Block failed compliance program requirements on many fronts. 

As part of its own probe in 2022, Block discovered some 8,359 Cash App accounts “linked to a Russian criminal network,” the order said. The state gave Block credit for quickly closing and “denylisting” the accounts and starting up new controls in response.

Those failures included, among other items, insufficient monitoring of transactions; a backlog of processing suspicious activity reports that created a “high-risk environment vulnerable to exploitation by criminal actors;” and inadequate alerts for notification of digital wallet transactions that might be connected to terrorism. 

“The policies, procedures, and processes at Block did not keep pace with the significant growth the Company experienced immediately prior to and during the period covered by the MT Exam and VC Exam, resulting in Block’s inability to fully comply with its obligation to effectively monitor, and thereafter report, the transactions being conducted on its platforms for suspected money laundering and other illicit criminal activity,” the NYDFS said in the consent order.

Block said in a statement Thursday that it strives “to be a leader in promoting safety across the financial system and upholding responsible business practices.”

“We are committed to continued investment in safety, and full compliance with both the letter and the spirit of the law as our program continually evolves,” it added.

Block had 2023 revenue of about $22 billion, the NYDFS noted, adding that its assets more than doubled between 2021 and 2023, from $15 billion to $34 billion. It also pointed out that Cash App collects nonpublic information on about 54 million active accounts every month. 

“It is critical that Block maintain a robust cybersecurity program to protect its own information systems and the consumer NPI stored in them,” the order said. “Management oversight, as well as ensuring that all cybersecurity policies are sufficient and robust are critical components of the cybersecurity requirements contained in both the Virtual Currency Regulation and the Cybersecurity Regulations.”

Other federal regulators had also been contemplating action against the company last year, according to a lawyer representing whistle-blowers who filed complaints against Block with the Financial Crimes Enforcement Network,  as well as with the Securities and Exchange Commission and the Commodity Futures Trading Commission. The whistle-blowers alleged that Cash App’s user identity verification methods aren’t sufficient to prevent fraudulent activity, NBC News reported last year.

The New York order requires Block to hire an “independent monitor,” selected by the state, to review the company’s compliance programs and “remediate any deficiencies” for at least a year, and perhaps longer. The monitor will report back to the state on its findings, the order said.

Filed Under: Payments, Fintech

Editors' picks

Company Announcements

View all | Post a press release
Vitech To Host Webinar: "The Next Era of Pensions: Key Trends Shaping 2025"
From Vitech
March 31, 2025
76% of Americans worried about AI phishing scams: YouGov report
From YouGov America
March 31, 2025
Castatus Breaks Language Barriers: Crisis Manager Now Supports Message Translation In 130+ Lan…
From Castatus, Inc.
March 31, 2025
Editors' picks
Latest in Payments
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.