AML Fines Hit $1B in 2025, Surpassing SEC Crackdowns
Zach Anderson Apr 28, 2026 14:20
AML fines surged to $1.06B in H1 2025, overtaking SEC actions as the dominant regulatory risk for crypto firms, per CertiK's report.
Anti-Money Laundering (AML) enforcement has emerged as the top regulatory threat for the crypto industry, with U.S. authorities imposing $1.06 billion in AML-related fines during the first half of 2025, according to a report by blockchain security firm CertiK. This marks a dramatic pivot from the U.S. Securities and Exchange Commission's (SEC) dominance in crypto enforcement in prior years.
In 2025, the SEC's crypto-specific penalties plummeted by 97%, dropping from $4.9 billion in 2024 to $142 million. Meanwhile, the Department of Justice (DOJ) and the Financial Crimes Enforcement Network (FinCEN) led the AML charge, targeting operational lapses such as unlicensed money transmission and Bank Secrecy Act violations. Notable cases include a $504 million settlement with OKX in February 2025 and a $297 million penalty for KuCoin in January 2025, both for failures in licensing and compliance controls.
"The shift reflects a significant change in policy focus, with regulators prioritizing compliance frameworks and financial surveillance over securities classification disputes," CertiK noted. This shift is further underscored by a broader reassessment of the SEC's jurisdiction over digital assets, as highlighted in the DOJ's 2025 policy to reduce "regulation by prosecution."
Global AML Trends Amplify Pressure
The surge in AML enforcement isn't confined to U.S. borders. European AML fines rose an astonishing 767% year-on-year in 2025, while Asia-Pacific regulators leaned towards license revocations and operational mandates rather than monetary penalties. The rise in sanctions-related crypto activity, particularly from Russia-linked networks, also pushed cross-border financial crime compliance to the forefront.
The Basel Committee's cryptoasset prudential standard, set to take effect on January 1, 2026, adds another layer of complexity. The framework imposes near-100% capital requirements on Group 2 assets like Bitcoin (BTC) and Ether (ETH), making them economically challenging for banks to hold. In contrast, tokenized traditional assets and qualifying stablecoins enjoy more favorable treatment, reflecting regulators’ intent to differentiate between asset types.
Smart Contract Audits Become a Compliance Mandate
As the decentralized finance (DeFi) ecosystem continues to grow, regulators are pushing for mandatory smart contract audits. CertiK’s report highlights that 80% of exploited protocols in 2025 had never undergone a formal audit, accounting for 89.2% of total value lost to breaches. Beyond code vulnerabilities, infrastructure compromises—such as private key thefts—drove 76% of losses by value last year.
Jurisdictions like the EU and Singapore are already folding security assessments into compliance requirements, moving audits from a voluntary best practice to a statutory obligation. This aligns with broader prudential standards aimed at bolstering operational resilience in digital asset firms.
What’s Next?
For crypto companies, the message is clear: compliance with AML regulations is no longer optional. With the GENIUS Act in the U.S. and MiCA in Europe establishing binding frameworks for stablecoins and digital assets, firms must invest heavily in transaction monitoring, Know Your Customer (KYC) protocols, and licensing to avoid hefty penalties.
The 2025 enforcement wave underscores how regulators are shifting from reactive fines to proactive measures like mandatory audits and stricter capital requirements. As the Basel standards loom and global AML trends intensify, crypto firms that fail to adapt risk being priced out—or fined out—of the industry.
Image source: Shutterstock.jpg)