On August 4, 2025, FinCEN issued a Notice urging financial institutions to be vigilant in identifying and reporting suspicious activity involving convertible virtual currency (CVC) kiosks. The Notice provides an overview of typologies associated with illicit activity involving CVC kiosks.

CVC kiosks are ATM-like devices or electronic terminals that allow customers to exchange real (or fiat) currency for virtual currency and vice versa. According to FinCEN, CVC kiosks are exploited by illicit actors, including scammers, by directing victims to use a CVC kiosk to send payments under false pretenses. FinCEN added that the risk of illicit activity is exacerbated if CVC kiosk operators fail to meet their obligations under the BSA.

FinCEN has identified the following red flag indicators to help detect, prevent, and report potential suspicious activity related to illicit activity involving CVC kiosks:

Red Flags for Operators of CVC Kiosks Regarding Scam Payments  

• A customer sends multiple payments just below the suspicious activity reporting (SAR) threshold, or other applicable threshold set by state law, from multiple kiosk locations.

• A customer structures cash deposits just beneath the Currency Transaction Report (CTR) threshold, or CVC kiosk daily limit, either by using multiple machines or multiple accounts (i.e., smurfing). 

• A customer with limited or no transaction history makes a substantial deposit that is rapidly transferred through multiple addresses, commingled with multiple other deposits, or swapped into a different CVC. 

• Multiple customers use CVC kiosks in geographically disparate locations to make deposits to the same CVC address over a short period of time while certifying that they are the owners of the deposit address.  

• Multiple customer accounts or transactions are linked to the same phone number or CVC wallet address. 

• Blockchain analysis indicates that a customer’s transaction is received by a CVC wallet that is identified as associated with fraud or other illicit activity. 

• Blockchain analysis indicates that a customer’s transaction is received by a CVC wallet associated with a financial institution that has been identified as associated with TCOs perpetrating CVC investment scams. 

Red Flags for Other Financial Institutions Regarding Use of CVC Kiosks for Scam Payments 

• A customer conducting an in-person banking transaction withdraws substantial amounts of cash from their bank account or retirement account and indicates that they have been directed by a person on the phone or internet to deposit the funds into a CVC kiosk. 

• An older customer with no history of CVC-related activity conducts a high-value transaction or series of transactions with a CVC kiosk operator. 

• A customer uses a debit card to make multiple payments below the CTR limit to a CVC kiosk operator. 

Red Flags for Financial Institutions Identifying Potential Non-Compliant CVC Kiosk Owner-Operators 

• A customer operates a CVC kiosk business that is not registered with FinCEN as an MSB or does not maintain applicable state licenses. 

• A customer operates a CVC kiosk business that fails to collect required customer and transaction information. 

• A customer operates a CVC kiosk business that advertises the ability for customers to conduct transactions without identification, or with only a phone number or email address. 

• A customer operates a CVC kiosk business that charges unusually high transaction fees relative to similarly situated operators, has opaque rates and fees, or has other business practices that diverge significantly from those of legitimate CVC kiosk operators. 

• A customer that operates a CVC kiosk business structures cash transactions below the SAR or CTR threshold. 

Read FinCEN’s press release here.

The Notice can be found here.