It could be that the crypto part is just incidental, the BIS press release doesn't really make much of a fuss about it. They focus on the duration and repeated non-compliant actions.
It sounds almost like they're saying 'if you screw up once or twice up but self-report quickly, we'll send you a sternly worded note but if you tell us you've been violating the regulation for years we're obliged to give you a firm but not too painful slap on the wrist'
It sounds almost like they're saying 'if you screw up once or twice up but self-report quickly, we'll send you a sternly worded note but if you tell us you've been violating the regulation for years we're obliged to give you a firm but not too painful slap on the wrist'