- The earlier fines include €4 million for Kraken and €2.85 million for Crypto.com.
- OKX was also fined €1.1 million in Malta in April 2025.
- The $504 million settlement in the U.S. keeps OKX under supervision through 2027.
The Dutch central bank’s decision to fine OKX €2.25 million is more than a regulatory warning — it illustrates how European authorities are taking a retrospective approach to enforcement and compliance.
The penalty covers services offered without registration between July 2023 and August 2024, a period that predates the full implementation of the Markets in Crypto-Assets Regulation (MiCA).
By targeting past activity, regulators are signaling that crypto exchanges will be held accountable for legacy practices, even if those operations would now fall under authorization within the new European framework.
Past actions remain under scrutiny
Since 2020, the Netherlands has required crypto-asset service providers to register under its anti-money laundering rules.
OKX, which operated without approval during the covered period, was found to be noncompliant. The Dutch central bank stated that such violations “will not be tolerated.”
The Netherlands has taken similar action against other major exchanges.
Kraken paid €4 million and Crypto.com paid €2.85 million, both for offering unregistered services.
These penalties, including the latest fine against OKX, demonstrate that enforcement can be applied retroactively and that regulators are not overlooking past breaches as the industry adapts to new regulatory regimes.
Global fines highlight compliance gaps
OKX has faced penalties in multiple jurisdictions. In April 2025, its European unit was fined €1.1 million in Malta for anti-money laundering deficiencies identified two years earlier.
The company later secured MiCA authorization after overhauling its compliance processes.
Earlier in 2025, OKX reached a $504 million settlement in the United States.
As part of that agreement, the exchange admitted operating as an unlicensed money transmitter and processing illicit transactions.
The U.S. settlement requires OKX to operate under enhanced supervision until 2027, including the appointment of an independent compliance monitor.
These fines reveal a consistent pattern: regulators are examining historical operations while insisting on present-day compliance.
For exchanges, that means sanctions can be imposed years after the original violations, creating prolonged legal and operational uncertainty.
The Dutch case framed as a “legacy matter”
OKX, legally registered as Aux Cayes Fintech Co., described the Dutch case as a “legacy matter” and said it has already addressed the issue.
Dutch customers were migrated to its MiCA-authorized European entity, and the company emphasized there was no impact on clients.
The DNB’s fine was smaller than penalties levied against some other exchanges, and the regulator noted OKX’s cooperation.
Nonetheless, the action reinforces a broader point: exchanges cannot simply bring their compliance up to date now and disregard past operations.
Enforcement in Europe enters a new era under MiCA
The timing of the Dutch case is notable. MiCA is now in force across Europe, requiring exchanges to register, meet reporting obligations, and comply with stricter anti-money laundering controls.
Although OKX and other platforms have obtained licenses, regulators continue to pursue earlier breaches.
That signals the end of the “operate first, register later” era: exchanges are learning that legacy operations carry risk long after new regulatory frameworks take effect.
The Netherlands’ approach suggests other European regulators may follow suit, reviewing historical activity even as they enforce current rules.