In light of the recent accusations by the CFTC and DOJ alleging that BitMex was involved in violations of the Bank Secrecy Act, it seemed like an opportune time to dig into to take a look at when Ripple (the company) faced a steep penalty from FinCEN as a result of their violation of the 'Bank Secrecy Act'...specifically as it pertains to their issuance of the cryptocurrency, $XRP.
Context of the FinCEN Order
The actual text of the FinCEN order can be found here.
The text of the report on FinCEN states:
"The Financial Crimes Enforcement Network (FinCEN), working in coordination with the U.S. Attorney's Office for the Northern District of California (USAO-NDCA), assessed a $700,00 civil money penalty today against Ripple Labs Inc. and its wholly-owned subsidiary, XRP II, LLC (formerly known as XRP Fund II, LLC). Ripple Labs willfully violated several requirements of the Bank Secrecy Act (BSA) by acting as a money services business (MSB) and selling its virtual currency, known as XRP, without registering with FinCEN, and by failing to implement and maintain an adequate anti-money laundering (AML) programmed designed to protect its products from use by money launderers or terrorist financiers. XRP II later assumed Ripple Labs' functions of selling virtual currency and acting as an MSB; however, like its parent company, XRP II willfully violated the BSA by failing to implement in effective AML program, and by failing to report suspicious activity related to several financial transactions."
This was also covered on CoinDesk as well. 
The article links us to a set of 'Ripple Facts' that was published by FinCEN at the time (2015), but that is no longer available on their website.
Fortunately, the Internet Archive Machine still has the relevant text to the document .
Since the document is a pdf, it has been downloaded and hosted at a viewable link for convenience. 
The facts listed by FinCEN (summarized) are as follows
Ripple Labs Inc., is registered in Delaware & is headquartered in San Francisco, California. NewCoin Inc. and OpenCoin Inc.
Ripple Labs facilitated transfers of virtual currency and provided virtual currency exchange transaction services.
XRP was fully "pre-mined" (a phrase that FinCEN dubs as synonymous to minting an entire supply of a cryptocurrency at inception)
XRP Fund II was incorporated in South Carolina in 2013. In 2014, the name was changed to XRP II, LLC.
According to FinCEN's previous guidance on entities in the cryptocurrencies in the blockchain industry, Ripple's functionality falls under that of a 'exchanger' and/or 'administrator'. Speciifcally, "Guidance states that exchangers and administrators of virutal currencies are money transmitters (a type of MSB) under FinCEN's regulations, and therefore are required to register with FinCEN as money service businesses."
FinCEN believes that Ripple qualifies for certain exemptions under their regulatory guidelines, however, it is stated that this does not apply to MSB guidelines. It is stated that, "FinCEN registration requirement and other requirements of the Bank Secrecy Act are independent obligations."
The reasons for the establishment of the MSB guidelines as well as its accompanying regulations are outlined
Other characteristics of transactions that qualify under FinCEN (as well as mandates for the KYC / AML) are listed [implying that Ripple had failed to adhere to MSB reporting requirements for one or more transactions that possessed these characteristics]
FinCEN reporting states that, "From at least March 6, 2013, through April 29, 2013, Ripple Labs sold convertible virtual currency known as 'XRP'."
The violation in specific was for Ripple's selling of XRP for fiat currency, directly. Specifically, it stated, "Throughout the month of April 2013, Ripple Labs effectuated multiple sales of XRP currency totaling over approximately $1.3 million U.S. dollars."
XRP II replaced Ripple Labs as a seller of $XRP (this is stated explicitly)
Other Interesting Details
In one section of the report, FinCEN details how Ripple was approached by a potential buyer seeking $250,000 in the currency.
Upon receiving said offer (via e-mail), Ripple attempted to administer KYC proceedings to the prospective buyer. However, when the buyer threatened to take their business somewhere else where KYC stipulations were not as stiff, Ripple acquiesced and agreed to proceed forward in lieu of the necessary KYC paperwork.
Curiously, it appears that the individual in question responsible for making such demands was none other than Roger Ver.
In specific, the report states:
"Open source information indicates that this individual, an investor in Ripple Labs, has a prior three-count federal felony conviction for dealing in, mailing, and storing explosive devices and had been sentenced to prison, see United States v. Roger Ver, CR-120127-JF (N.D. Cal. 2002)."
Reasons For Why Ripple Did Not Suffer the Same Fate as BitMex
Despite the grievances listed by FinCEN (and the subsequent penalties levied on Ripple, the company), there are several major differences between the behavior of Ripple and BitMex that more than likely led to the vastly different outcomes.
Ripple Made an Effort to be Compliant
Even though there are instances where Ripple failed to adhere to every aspect of the MSB license requirement imposed by various U.S. federal agencies, their failure to do so was not absolute.
In other words, we can see from available documentation that Ripple:
A) Had successfully registered their subsidiary fund with FinCEN
B) They did have a KYC / AML process of some sort that they were adhering to (with the exception of the Roger Ver anecdote)
In addition, it appears that Ripple was also vetting risky transactions as well.
The report details an instance in which a customer had relayed that they were seeking to engage with the company in order to acquire the currency as part of some scheme they had crafted with questionable legality.
Below is the report's detailing of the situation:
"In November 2013, XRP II rejected an approximately $32,000.00 transaction because it doubted the legitimacy of the overseas customer's source of funds."
However, FinCEN still dinged Ripple in this instance, stating:
"XRP II failed to file a suspicious activity report for this transaction."
For these types of reports, I try to avoid inserting my opinion on things in order to maintain the maximum amount of objectivity possible. But in stances where I feel inclined to insert my opinion, I choose to do so under a prefaced / carved out section of the paper so that readers are at least given the choice of whether they wish to get my personal take on things or skip over and continue reading.
To me, Ripple failing to report the $32,000 transaction is understandable. I am certainly not qualified to assess the situation from the standpoint of an attorney that specializes in this specific field of finance / business law, but on an intuitive level - I can see why Ripple did not report the overseas customer's attempted purchase.
Point #1: The customer was overseas and not in the United States. While this does not make Ripple immune to U.S. regulatory requirements, it does provide substantial protections for the overseas investor. Intuitively, one would assume that the U.S. doesn't even have jurisdiction over that individual since they are outside of the United States. So, Ripple (the company) may have genuinely believed that this interaction, in specific, was one that did not fall under the stipulated guidelines for what mandates a report to FinCEN.
Point #2: The terminology here is a bit confusing as well (on behalf of FinCEN and other entities responsible for crafting the relevant regulations re: MSB activity). Specifically, I'm referring to the term 'transaction'. In my opinion, this word 'transaction' refers to an actual exchange of some sort between two or more parties. Thus, given the fact that there as no actual transaction that took place between these two entities (Ripple and the prospective offshore buyer), it does not appear wholly unreasonable that Ripple assumed that the interaction did not need to be reported to FinCEN or any other major U.S. governing body. Honestly, even looking at this report in hindsight (as this all occurred between 2013-2015), I still find myself having a hard time comprehending why a mere inquiry needs to be reported to FinCEN
Conclusion of Author's Opinion
With all of that being said, it is incumbent upon Ripple, as a major financial entity, to ensure that they are in compliance with any and all regulation since they made the conscious to register with FinCEN and operate in the United States. So even though the violations (in my personal opinion) seem a bit ticky tack in the grand scheme of things, this is ultimately what Ripple signed up for.
In terms of weighing these violations against Ripple, as a company or entity, I do not think that this case suggests nefarious intent. And I'm inclined to believe that the U.S. gov't agrees with that assessment because a violation of the 'Bank Secrecy Act' is something that can (and usually is) federally prosecuted. So given the fact that Ripple received a fine (in an amount below $1 million) shows that their offenses were nowhere near as egregious as many others that have committed these same violations in the eyes of the U.S. law.
Conclusion of Author's Opinion
BitMex Was Excessive in Their Violation of MSB Requirements
According to the DOJ's press release, BitMex made virtually no attempt to process any KYC / AML information for its customers, despite running a derivatives exchange for well over 6 years. 
In specific, the press release from the DOJ states:
"One defendant went as far s to brag the company incorporated in a jurisdiction outside the U.S. because bribing regulators in that jurisdiction cost just 'a coconut'. Thanks to the diligent work of our agents, analysts, and partners with the CFTC, they will soon learn the price of their alleged crimes will not be paid with tropical fruit, but rather could result in fines, restitution, and federal prison time."
Of note here is the brazen disregard that these individuals had for the law as well as the arrogance with which they proceeded, according to the press release.
The press release goes on to name Arthur Hayes as the individual whom bragged about the ease with which he (and co-conspirators) were able to 'bribe' politicians in other jurisdictions, which speaks to the scale of criminality in their actions.
Light Potential Sentences
Surprisingly, the maximum sentences for these individuals is not as much as one would think (for some reason).
According to the DOJ press release, "The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendants will be determined by the judge."