AML Fines Eclipse SEC Cases as Top Crypto Risk: Report
AML fines now exceed SEC penalties as the primary regulatory risk for crypto firms, with over $1 billion in AML fines issued in H1 2025.Summary
Anti-Money Laundering (AML) enforcement has surpassed securities violations as the leading regulatory threat for cryptocurrency companies, according to a report by blockchain security auditor CertiK. In the first half of 2025, the United States Department of Justice and Financial Crimes Enforcement Network imposed over $1 billion in AML-related fines, a significant shift from previous years dominated by the U.S. Securities and Exchange Commission (SEC). SEC crypto-specific penalties saw a dramatic 97% decrease in value year-over-year, dropping from $4.9 billion in 2024 to $142 million in 2025. Failures in transaction monitoring and licensing are now attracting penalties comparable to or exceeding earlier crypto securities cases, with notable settlements including OKX ($504 million) and KuCoin ($297 million) for operating unlicensed money transmitting businesses and Bank Secrecy Act violations. This surge in AML enforcement reflects a regulatory focus on compliance controls and financial surveillance, influenced by changes in U.S. administration policy and a reassessment of the SEC's jurisdictional approach to digital assets. Globally, sanctions-related crypto volume grew over 400% in 2025, primarily driven by Russia-linked networks, prompting a prioritization of transaction monitoring and cross-border financial crime compliance. European AML fines surged 767%, while Asia-Pacific regulators are increasingly favoring license revocations and business improvement orders. The report also highlights broader regulatory trends, including the implementation of stablecoin regulations, tightening prudential standards for custodians and exchanges, and the Basel Committee's cryptoasset prudential standard, which creates a "structural divide" for institutional adoption based on asset classification. Furthermore, smart contract security assessments are becoming mandatory, moving from best practice to statutory requirements, as regulators grapple with accountability in DeFi and the increasing threat of infrastructure compromises beyond code exploits.
(Source:Cointelegraph)