On June 25, the California Department of Financial Protection and Innovation (DFPI) entered a consent order with Coinme, Inc., a cryptocurrency “ATM” operator, for noncompliance with the California’s Consumer Financial Protection Law (CCFPL) and Digital Financial Assets Law (DFAL). The consent order marks a significant milestone in California’s regulatory efforts because it represents the conclusion of the agency’s first enforcement action under the DFAL.

What Happened

The California Legislature passed the DFAL in 2023 to mitigate risks associated with the use of digital asset ATMs, which are alleged to be instantaneous and irreversible and involving minimal compliance screening or identity verification. Two provisions of the DFAL that went into effect on January 1, 2024, include the requirements that kiosk operators: (1) disclose the “spread” (i.e., the difference between the market price of a digital asset and the price quoted and used by the kiosk operator in the transaction) on the customer’s receipt; and (2) limit transactions per customer to no more than $1,000 a day. (Cal. Fin. Code §§ 3905, 3902).

Following an investigation of Coinme, which primarily operates kiosks located in grocery and convenience stores, DFPI alleged that Coinme violated DFAL by exceeding the $1,000 transaction limit and failing to include essential disclosures on customer receipts.

To resolve these allegations, Coinme and DFPI have entered into a consent order. Under the terms of the order, Coinme will pay a $300,000 penalty, including $51,700 in restitution to California residents to be specified by DFPI. Additionally, Coinme is required to implement measures to address and prevent future violations and must submit periodic reporting on these measures to DFPI.

Why It Matters

In the absence of comprehensive federal regulation for digital assets, states have taken the lead as the primary regulators in this segment of technology. In recent years, state authorities have increasingly concentrated enforcement efforts on acute consumer harms linked to digital assets, particularly their perceived role in facilitating scams and fraudulent activities. Given the concerns raised by state enforcers about the frequent and increasing use of digital asset ATMs in scams, kiosk operators and managers should anticipate heightened regulatory scrutiny. It is imperative that these businesses develop and implement robust compliance plans if they have not already done so, to ensure adherence to state regulations.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Stefanie Jackman Stefanie Jackman

Stefanie takes a holistic approach to working with clients both through compliance counseling and assessment relating to consumer products and services, as well as serving as a zealous advocate in government inquiries, investigations, and consumer litigation.

Read more about Stefanie JackmanStefanie's Linkedin Profile
Photo of Stephen C. Piepgrass Stephen C. Piepgrass

Stephen leads the firm’s Regulatory Investigations, Strategy + Enforcement (RISE) Practice Group. He focuses his practice on enforcement actions, investigations, and litigation. Stephen primarily represents clients engaging with, or being investigated by, state attorneys general and other state or local governmental enforcement bodies,

Stephen leads the firm’s Regulatory Investigations, Strategy + Enforcement (RISE) Practice Group. He focuses his practice on enforcement actions, investigations, and litigation. Stephen primarily represents clients engaging with, or being investigated by, state attorneys general and other state or local governmental enforcement bodies, including the CFPB and FTC, as well as clients involved with litigation, with a particular focus on heavily regulated industries. He also has experience advising clients on data and privacy issues, including handling complex investigations into data incidents by state attorneys general other state and federal regulators. Additionally, Stephen provides strategic counsel to Troutman Pepper’s Strategies clients who need assistance with public policy, advocacy, and government relations strategies.

Read more about Stephen C. PiepgrassStephen C.'s Linkedin Profile
Show more Show less
Photo of Chris Willis Chris Willis

Chris is the co-leader of the Consumer Financial Services Regulatory practice at the firm. He advises financial services institutions facing state and federal government investigations and examinations, counseling them on compliance issues including UDAP/UDAAP, credit reporting, debt collection, and fair lending, and defending…

Chris is the co-leader of the Consumer Financial Services Regulatory practice at the firm. He advises financial services institutions facing state and federal government investigations and examinations, counseling them on compliance issues including UDAP/UDAAP, credit reporting, debt collection, and fair lending, and defending them in individual and class action lawsuits brought by consumers and enforcement actions brought by government agencies.

Read more about Chris WillisChris's Linkedin Profile
Show more Show less
Photo of Trey Smith Trey Smith

Trey is an associate in the firm’s Regulatory Investigations, Strategy + Enforcement Practice. He focuses his practice on helping financial institutions and consumer facing companies navigate regulatory investigations and resulting litigation. He has experience litigating the Consumer Financial Protection Act, the FTC Act…

Trey is an associate in the firm’s Regulatory Investigations, Strategy + Enforcement Practice. He focuses his practice on helping financial institutions and consumer facing companies navigate regulatory investigations and resulting litigation. He has experience litigating the Consumer Financial Protection Act, the FTC Act, the Truth in Lending Act, state UDAAP statutes, and other consumer protection laws.

Read more about Trey Smith
Show more Show less
Related Posts
 South Dakota AG Proposes Legislation to Authorize Seizure of Digital Currency
January 16, 2026
 FTC Announces Settlement With Crypto Firm Over Exploited Security Vulnerability
January 9, 2026
 CFTC Approval Allows Polymarket to Reenter the U.S. Market
December 4, 2025