
Anti-money laundering enforcement is now the biggest regulatory threat facing crypto firms. It’s eclipsed the securities cases that defined the industry’s legal battles in recent years.
U.S. AML fines hit $1.06 billion in the first half of 2025. That’s according to a CertiK report.
SEC crypto penalties? They collapsed 97%. From $4.9 billion in 2024 to just $142 million in 2025.
The shift reflects a fundamental change in regulatory priorities under the current administration. Agencies aren’t focusing on token classification and securities law anymore. They’re emphasizing financial crime controls. Sanctions compliance. Operational robustness.
The Department of Justice and FinCEN have led the charge. The settlements are massive.
OKX paid $504 million and KuCoin $297 million for Bank Secrecy Act violations. They operated as unlicensed money transmitters. That’s according to official government announcements.
Failures in transaction monitoring draw huge penalties now. Same with know-your-customer protocols. Same with licensing. These penalties rival or exceed past securities enforcement actions.
The regulatory squeeze extends beyond U.S. borders. European AML fines jumped 767% in 2025. Asia-Pacific regulators increasingly turned to license revocations and business improvement orders. The CertiK report confirmed it.
Geopolitical factors are driving much of the enforcement intensity. Sanctions-linked crypto volume surged more than 400% in 2025. It’s largely tied to Russia-related networks and state-aligned stablecoins. That’s according to the report.
Regulators view financial crime prevention as a national security issue. Not merely a compliance matter.
New prudential standards will further reshape the landscape. The Basel Committee’s crypto capital requirements start in 2026. They’ll impose near-100% capital charges on Group 2 assets like Bitcoin and Ether.
This creates what the CertiK report describes as a “structural divide.” Banks face heavy disincentives to hold major cryptocurrencies on their balance sheets. Tokenized securities and qualifying stablecoins receive standard risk weights.
Security audits are transitioning from voluntary best practice to regulatory expectation. CertiK found that 80% of the top 100 exploited protocols had never been audited. These unaudited platforms accounted for 89.2% of value lost to exploits.
Infrastructure vulnerabilities like private key theft drove 76% of 2025 losses. That highlights operational risks. Regulators increasingly demand firms address them.
The enforcement trend arrives as stablecoin frameworks move from design to implementation. The U.S. GENIUS Act. The EU’s MiCA regulations. Both are happening now.
Add in tightening AML requirements. Add prudential rules on capital, asset segregation, and liquidity. The regulatory environment is forcing crypto firms to invest heavily in compliance infrastructure.
Or face penalties that now routinely reach nine figures.
