Federal prosecutors are digging into internal practices at Block, the financial technology firm launched by Twitter co-founder Jack Dorsey, discussing with a former employee alleged widespread and yearslong compliance lapses at the company’s two main units, Square and Cash App, two people with direct knowledge of the contacts say.
During the discussions, the former employee provided prosecutors from the Southern District of New York documents that they say show that insufficient information is collected from Square and Cash App customers to assess their risks, that Square processed thousands of transactions involving countries subject to economic sanctions and that Block processed multiple cryptocurrency transactions for terrorist groups.
Most of the transactions discussed with prosecutors, involving credit card transactions, dollar transfers and Bitcoin, were not reported to the government as required, the former employee said. Block did not correct company processes when it was alerted to the breaches, the former employee told prosecutors and NBC News.
Roughly 100 pages of documents the former employee provided to NBC News identify transactions, many in small dollar amounts, involving entities in countries subject to U.S. sanctions restrictions — Cuba, Iran, Russia and Venezuela — as recently as last year.
“From the ground up, everything in the compliance section was flawed,” the former employee told NBC News. “It is led by people who should not be in charge of a regulated compliance program.”
A second person with direct knowledge of Block’s monitoring programs and practices echoed that assessment; NBC News granted the former employee and the second person anonymity to guard against potential reprisals.
The Southern District of New York did not respond to a request for comment about the inquiry.
Edward Siedle, a former Securities and Exchange Commission lawyer who represents the former employee and participated in the discussions with prosecutors, said, “It’s my understanding from the documents that compliance lapses were known to Block leadership and the board in recent years.”
Prosecutors met with the former employee after NBC News reported in mid-February that two other whistleblowers had told financial regulators about compliance failures at Cash App, the hugely popular mobile payment platform owned by Block. Cash App, introduced in 2013, allows users to send and receive money instantaneously among themselves and to buy stocks and Bitcoin. As of December, Cash App had 56 million active transacting accounts and $248 billion in inflows during the previous four quarters, the company said.
Asked about the probe, a Block spokeswoman provided the following statement: “Block has a responsible and extensive compliance program and we regularly adapt our practices to meet emerging threats and an evolving sanctions regulatory environment. Our compliance program includes systems, tools, and processes for sanctions screening, as well as investigating and reporting on sanctions issues in accordance with our regulatory obligations. Continually improving the safety and security of our ecosystem is a top priority for Block. We have been and remain committed to building upon this work, as well as continuing to invest significantly in our compliance program.”
The company said it believed it had voluntarily reported the “thousands of transactions” described by the former employee to the Office of Foreign Assets Control, or OFAC, a department of the U.S. Treasury that enforces economic sanctions. But the former employee disputed that, saying thousands of different transactions were not reported.
Square, the other main business unit at Block, is a financial services platform used by millions of merchants. Documents provided to prosecutors and reviewed by NBC News identify instances at Square when it failed to conduct basic customer due diligence on its international merchant sellers and improperly reimbursed some of the merchants’ funds that had been frozen for sanctions violations. (Merchants are considered customers at Square, while users are considered customers at Cash App.) New customers at both Square and Cash App who triggered sanctions alerts at their initial screenings were permitted to conduct transactions before the alerts were resolved, the documents say. They also show instances of employees’ flagging that customer biography information, such as linked social media accounts, was not screened against sanctions keyword lists.
Cash App’s design increased the risk of compliance lapses, the documents indicate. “Due to the nature of the product,” a document said, “customers do not appear to leave stored balances in Cash App very long so our ability to block a stored balance or reject funds is limited. In virtually all situations, balances have been depleted by the time of review.”
The former employee also told prosecutors about the findings of an outside consultant Block hired to assess its internal systems for monitoring suspicious activities, rating customer risks and screening for sanctions violations. The consultant identified almost 50 deficiencies in those systems last year, the documents show.
In its response to NBC News, the company said the hiring of the consultant showed Block’s commitment to perform and improve compliance, adding that 50 deficiencies were not unusual given the report’s scope. The former employee’s interpretation of the report misconstrues its findings and their significance, the company said.
The company declined to answer questions about the specific deficiencies cited in the documents. It said that when deficiencies are identified, Block works “with our in-house legal team, as well as with outside counsel and consultants, to advise us on the issue and appropriate remediation.” The company conducts recurring sanctions screening on all merchants, it said, and its program includes the essential components expected by OFAC.
OFAC administers and enforces economic sanctions to protect the nation against “targeted foreign countries and regimes, terrorists and terrorist organizations, weapons of mass destruction proliferators, narcotic traffickers, and others,” according to its website. It “strongly encourages” companies to develop, implement and routinely update sanctions compliance programs. “Senior management’s commitment to, and support of, an organization’s risk-based sanctions compliance program is one of the most important factors in determining its success,” OFAC says, and it is essential to fostering “a culture of compliance throughout the organization.”
Along with senior management, the Block board of directors was informed of extensive lapses at the company, the former employee told prosecutors. In recent months, Block has announced the unexpected departures of two directors: Lawrence Summers, the former U.S. treasury secretary and a Block director since 2011, resigned in February, and in April it said Sharon Rothstein, a director since 2022, will not stand for re-election at the company’s annual meeting in June.
Block said that Summers and Rothstein were leaving the board to devote more time to other professional and personal activities and that their departures were not “a result of any disagreements with the company on any matter relating to the company’s operations, policies or practices.”
During his time on the board, Summers served on the audit committee, which is charged with reviewing and discussing with management the company’s program and policies on risk assessment and risk management. The committee is overseen by Lord Paul Deighton, a former Goldman Sachs executive who was commercial secretary to the treasury in the U.K. government from 2013 to 2015. NBC News requested interviews with Deighton and Summers, but they declined, forwarding the requests to Block’s corporate communications unit.
Block has encountered difficulties with regulators before. In late 2021, the Financial Market Supervisory Committee of the Bank of Lithuania ordered Verse Payments Lithuania UAB, the company’s European version of Cash App, to determine the identity of its existing clients whose identities had not been established or had been established out of compliance with the law on Prevention of Money Laundering and Terrorist Financing.
Verse and its former head were fined last year when the Bank of Lithuania inspected Verse and “found serious and systematic violations of the prevention of money laundering and terrorism financing.” The top Verse executive “did not ensure the safe and reliable operation of the institution, did not take effective measures to eliminate violations and did not ensure the compliance of the institution’s activities with the established requirements, although information about the violations committed by the institution was known to him for a long time,” the Bank of Lithuania said at the time.
Block shut down Verse last year. On an earnings call in August, Dorsey said that Verse required significant investment and that its market had “not seen the growth and profitability we had expected.”
Mobile payment apps like Cash App, PayPal and Venmo are popular, with over three-quarters of U.S. adults using them, according to a study last year by the Consumer Finance Protection Bureau. Known as person-to-person payment platforms, the services pose risks to their users and to the financial system, regulators say. In recent years, for example, law enforcement officials have cited criminals’ use of payment apps to evade laws, such as laundering stolen Covid relief funds in 2020.
Cash App is not a bank, but it usesexternal banking partners toconduct various services. One is Sutton Bank, the small Ohio institution that issues Cash App’s prepaid Visa debit cards, allowing users to spend or withdraw their funds. Banks are required to know every one of their customers, but the Cash App program “had no effective procedure to establish the identity of its customers,” the previous whistleblowers said in their complaints to federal financial regulators.
On March 29, Sutton Bank settled a consent order with the Federal Deposit Insurance Corp. that echoed the whistleblowers’ allegations. In the order, the FDIC alleged “unsafe or unsound banking practices and violations of law or regulation” at Sutton, including those relating to the Bank Secrecy Act.
Under the order, Sutton agreed to revise its internal programs to “improve its supervision and direction” of its anti-money laundering and terrorism financing program and “to assure and maintain the Bank’s full compliance with the Bank Secrecy Act.” Sutton also agreed to look back to July 2020 “to ensure that all required customer identification program information has been obtained and the bank has formed a reasonable belief that it knows the true identity” of its customers.
The FDIC order cited Sutton Bank’s work with “third parties” or outside entities and required it to provide details about anti-money-laundering compliance and customer identification programs at the outside companies it works with. The FDIC did not name Cash App in the order, but it is the largest third party that Sutton Bank works with, according to its chief compliance officer. The FDIC order also required Sutton to provide quarterly reporting of “third-party compliance with legal, contractual, and service level responsibilities, and management actions to address anti-money laundering and countering the financing of terrorism deficiencies.”
James Booker, senior counsel at Sutton Bank, said in an email that the bank is working closely with regulators and that the recent consent order “settled some longstanding issues concerning anti-money laundering controls” that had arisen “prior to the bank’s 2023 restructuring of its anti-money laundering program.”
As for Block, it said the Sutton consent order was not likely to affect Cash App’s ongoing business relationship with the bank.
Check out the companies making the biggest moves midday: Petco Health — The retailer slumped 22% after losing 4 cents per share in the fiscal first quarter, twice the 2-cent loss that analysts had estimated, based on FactSet data. Revenue of $1.49 billion missed the Street’s $1.50 billion consensus, while same-store sales dropped 1.3%, worse than the 0.6% decline forecast by analysts. Tesla — The EV maker added more than 6%, a day after plunging 14% as CEO Elon Musk and President Donald Trump publicly feuded . Broadcom — Shares of the chipmaker dipped 2.7% on lackluster free cash flow for the second quarter. Broadcom reported free cash flow of $6.41 billion. Analysts surveyed by FactSet were looking for $6.98 billion. Still, several analysts covering the stock raised their price targets. ABM Industries — Shares fell 11% after the facilities management company reported mixed results for its second quarter. Its adjusted earnings of 86 per share was in line with expectations, while its revenue of $2.11 billion topped the FactSet consensus estimate of $2.06 billion. ABM Industries also reiterated its earnings guidance for the year. Circle Internet Group — The stablecoin company popped 38%, following its Thursday debut on the New York Stock Exchange. Circle soared 168% in its first day of trading . Lululemon — The athleisure company pulled back 20% after its second-quarter outlook missed analyst estimates. CFO Meghan Frank also said on a call that Lululemon plans on taking “strategic price increases, looking item by item across our assortment” to mitigate the impact of higher tariffs. G-III Apparel Group — The apparel company tumbled 15% on much weaker-than-expected earnings guidance for the second quarter. The company sees earnings per share in a range of 2 cents to 12 cents. Analysts had estimated earnings of around 48 cents per share, according to FactSet. DocuSign — The electronic signature stock plunged 19% after the company cut its full-year billings forecast. Billings for the fiscal first quarter also came in lower than expected. Braze — Shares of the customer engagement platforms provider fell 13% on disappointing guidance. Braze guided for second-quarter adjusted earnings of 2 to 3 cents per share. Analysts polled by FactSet called for 9 cents per share. Its first-quarter results beat estimates. Quanex Building Products — The maker of windows and doors and other construction materials soared 18%, the most since September, after earning an adjusted 60 cents per share in its fiscal second quarter versus analysts’ consensus estimate of 47 cents, on revenue of $452 million against the Street’s $439 million, FactSet data showed. Adjusted EBITDA also topped forecasts. Samsara — Shares shed 5% after the software company projected revenue growth to slow. Samsara guided for second-quarter revenue to increase between $371 million and $373 million, up from the $367 million in the first quarter. That would be a slowdown on both a sequential and year-over-year basis. Solaris Energy Infrastructure — The oil and natural gas equipment and service provider rallied 10% after Barclays initiated research coverage with an overweight rating and $42 price target. “Solaris is the leader in distributed power with almost 2 GW of capacity to be added by 2027 with 67% allocated towards data centers on long term contracts,” the bank said.
A sign in German that reads “part of the UBS group” in Basel on May 5, 2025.
Fabrice Coffrini | AFP | Getty Images
The Swiss government on Friday proposed strict new capital rules that would require banking giant UBS to hold an additional $26 billion in core capital, following its 2023 takeover of stricken rival Credit Suisse.
The measures would also mean that UBS will need to fully capitalize its foreign units and carry out fewer share buybacks.
“The rise in the going-concern requirement needs to be met with up to USD 26 billion of CET1 capital, to allow the AT1 bond holdings to be reduced by around USD 8 billion,” the government said in a Friday statement, referring to UBS’ holding of Additional Tier 1 (AT1) bonds.
The Swiss National Bank said it supported the measures from the government as they will “significantly strengthen” UBS’ resilience.
“As well as reducing the likelihood of a large systemically important bank such as UBS getting into financial distress, this measure also increases a bank’s room for manoeuvre to stabilise itself in a crisis through its own efforts. This makes it less likely that UBS has to be bailed out by the government in the event of a crisis,” SNB said in a Friday statement.
‘Too big to fail’
UBS has been battling the specter of tighter capital rules since acquiring the country’s second-largest bank at a cut-price following years of strategic errors, mismanagement and scandals at Credit Suisse.
The shock demise of the banking giant also brought Swiss financial regulator FINMA under fire for its perceived scarce supervision of the bank and the ultimate timing of its intervention.
Swiss regulators argue that UBS must have stronger capital requirements to safeguard the national economy and financial system, given the bank’s balance topped $1.7 trillion in 2023, roughly double the projected Swiss economic output of last year. UBS insists it is not “too big to fail” and that the additional capital requirements — set to drain its cash liquidity — will impact the bank’s competitiveness.
At the heart of the standoff are pressing concerns over UBS’ ability to buffer any prospective losses at its foreign units, where it has, until now, had the duty to back 60% of capital with capital at the parent bank.
Higher capital requirements can whittle down a bank’s balance sheet and credit supply by bolstering a lender’s funding costs and choking off their willingness to lend — as well as waning their appetite for risk. For shareholders, of note will be the potential impact on discretionary funds available for distribution, including dividends, share buybacks and bonus payments.
“While winding down Credit Suisse’s legacy businesses should free up capital and reduce costs for UBS, much of these gains could be absorbed by stricter regulatory demands,” Johann Scholtz, senior equity analyst at Morningstar, said in a note preceding the FINMA announcement.
“Such measures may place UBS’s capital requirements well above those faced by rivals in the United States, putting pressure on returns and reducing prospects for narrowing its long-term valuation gap. Even its long-standing premium rating relative to the European banking sector has recently evaporated.”
The prospect of stringent Swiss capital rules and UBS’ extensive U.S. presence through its core global wealth management division comes as White House trade tariffs already weigh on the bank’s fortunes. In a dramatic twist, the bank lost its crown as continental Europe’s most valuable lender by market capitalization to Spanish giant Santander in mid-April.
Check out the companies making the biggest moves in premarket trading: Tesla —The EV maker added nearly 5%, a day after plunging 14% as CEO Elon Musk and President Donald Trump publicly feuded . Broadcom — Shares of the chipmaker slipped about 2% before the opening bell, on the heels of lackluster free cash flow in the second quarter. Broadcom reported free cash flow of $6.41 billion, while analysts surveyed by FactSet were looking for $6.98 billion. Broadcom stock has risen more than 12% year to date. Circle Internet Group — The stablecoin company popped nearly 14%, following its debut on the New York Stock Exchange Thursday. Circle soared 168% in its first day of trading . Lululemon — Stock in the athleisure company pulled back nearly 20% after its second-quarter outlook missed analyst estimates. Lululemon forecast earnings per share in the current quarter in the range of $2.85 to $2.90 per share, while analysts polled by LSEG were looking for $3.29. The firm also slashed its earnings outlook for the full year. DocuSign — The electronic signature stock plunged 19%. Despite beating Wall Street expectations on both lines for the first quarter, billings came in lower than anticipated, per FactSet. DocuSign also set current-quarter guidance for billings that was below analysts’ consensus forecast. Braze — Shares of the customer engagement platforms provider fell 6% following the company’s disappointing guidance. Braze guided for second-quarter adjusted earnings between 2 cents and 3 cents per share, while analysts polled by FactSet called for 9 cents per share. Its first-quarter results beat estimates. Samsara — Shares shed 12% after the software company projected revenue growth to slow. Samsara guided for second-quarter revenue to increase between $371 million and $373 million, up from the $367 million in the first quarter. That would be a slowdown on both a sequential and year-over-year basis. Rubrik — The stock gained about 4% following the cloud data management company’s top and bottom line beats for its first quarter. Rubrik lost an adjusted 15 cents per share, narrower than the 32 cent loss expected from analysts polled by FactSet. Revenue was $278.5 million, versus the $260.4 million consensus estimate. —CNBC’s Alex Harring and Brian Evans contributed reporting.
Blog Post6 days ago
Economics1 week ago
Personal Finance1 week ago
Economics1 week ago
Personal Finance1 week ago
Accounting1 week ago
Finance1 week ago
Finance1 week ago