Crypto crimes: Terrorist financing, sanctions evasion and the regulatory response

By Rezaul Karim, 15 September 2025

Cryptocurrency has been a much-discussed topic of innovation for years now, particularly around the new technologies adopted and fears about its potential risks. Recent news has again drawn attention to its associated dangers. While addressing the UN Security Council on 20 August 2025, President of the Financial Action Task Force (FATF), Elisa de Anda Madrazo, said: 

In 2024 ISIL-K has increasingly used virtual assets for organisational transfers and to collect donations internationally. To address this, the updated FATF Standards support countries and the private sector to monitor the development of virtual assets and provide tools to identify potential underlying terrorist activities. [1] 

A week earlier, the US Department of the Treasury sanctioned a Russian crypto exchange named Garantex, and its associated entity Grinex – another crypto exchange using the ruble-backed stablecoin A7A5 – for laundering illegal funds linked to sanctions evasion and ransomware. Garantex was in fact sanctioned by the Office of Foreign Assets Control (OFAC) in April 2022 for facilitating over $100 million in illegal transactions. Garantex then rebranded into Grinex and funnelled billions through A7A5, which shows how fast bad actors can adapt. [2]

The largest cryptocurrency heist in history took place in February 2025, when a group of hackers from North Korea stole $1.5 billion in Ethereum tokens from Dubai-based cryptocurrency exchange ByBit [3]. The hackers reportedly cashed out hundreds of millions from this $1.5 billion. [4] 

According to a July 2025 report by Elliptic: 

Criminals moved over $21 billion through decentralised exchanges (DEX), cross-chain bridges, and swap services –  a threefold increase from 2023. 12% (around $2.5 billion) worth of these funds can be attributed to North Korean hacks, and $300 million originated from Iranian crypto services under US sectoral sanctions. [5]

These are not new issues. However, the magnitude is growing alarmingly. The virtual asset ecosystem has experienced unprecedented growth in illegal activities, with criminal establishments, terrorist groups and sanctioned parties exploiting virtual assets to dodge traditional financial controls. 

Criminal groups are using blockchain tools to collect funds from around the world and hide where the money goes, creating cracks in the financial system that are harder to fix. Privacy coins and hidden payment systems make it easier to hide illegal transactions. This shows crypto’s double-edged nature.

Current virtual asset controls and measures

FATF’s Recommendation 15 necessitates countries to ascertain and manage the money laundering and terrorist financing risks related to the new technologies and practices in virtual assets. It is mandated that Virtual Asset Service Providers (VASPs) are licensed and should be brought under regulatory oversight and reviews, including customer due diligence and transaction monitoring. It states the need for countries to implement the Travel Rule and ensure VASPs hold accurate information on beneficial ownership. [6]

Setting the rules in the EU, the Markets in Crypto-Assets Regulation (MiCAR) covers transparency, disclosure, authorisation and supervision of transactions for those issuing and trading crypto-assets, including those assets previously unregulated by existing financial services legislation. It supports market integrity and financial stability by regulating public offers of crypto-assets and by ensuring consumers are better informed about the associated risks. [7] 

In the UK, cryptocurrency activities are regulated by the Financial Conduct Authority (FCA), which requires firms using crypto to meet registration requirements and undergo ongoing supervision.

Clamping down on crypto crime

Through international co-operation, there have been noteworthy successes in disrupting crypto-enabled crimes. As per the 2025 Crypto Crime Report by Chainalysis, 2024 saw a drop in value received by illicit cryptocurrency addresses to a total of $40.9 billion. The report however noted that 2024 was likely a record year for inflows to illicit actors, as they were lower-bound estimates based on identified illicit addresses. [8]

The report also states that a series of law enforcement takedowns in the last few years have had an impact, and that although 2024 was likely a record year for crypto crime revenue overall, darknet market (DNM) and fraud shop inflows fell, with DNMs receiving just over $2 billion in Bitcoin on-chain, and fraud shops $225 million.

According to the US Department of Justice, they disrupted a complex web of cryptocurrency addresses being used to funnel funds to Hamas. Within an encrypted group chat supporters were encouraged to donate to the terrorist organisation via at least 17 crypto addresses, and also invited to email to receive a cryptocurrency address to fundraise for the Al-Qassam Brigades. The donated funds were sent into an operational wallet, which received a total of roughly $1.5 million, before being laundered through a series of digital currency exchanges. [9]

Best practices and regulatory guidance

In order to tackle the risks related to crypto-enabled crimes, companies and professionals should prioritise implementation of comprehensive anti money laundering (AML), know your customer (KYC) and know your transaction (KYT) programmes tailored to the cryptocurrency sector. [10] 

The control measures should include continuous KYC reviews, wallet and transaction monitoring using advanced blockchain analytics, and frequent review of customer risk profiles. Companies are encouraged to implement dynamic transaction monitoring systems that identify suspicious behaviours in real time, including frequent large transfers, activity from high-risk jurisdictions, and typologies consistent with money laundering or sanctions evasion. The majority of leading financial institutions have integrated AI or machine learning-driven transaction monitoring to detect sophisticated layering or structuring operations with greater accuracy and efficiency than legacy systems. 

Regulatory expectations now demand routine sanctions screening and robust customer due diligence pipelines. Regulators worldwide are intensifying their guidance and oversight on crypto asset risk mitigation. Banking regulators advise that institutions must independently assess both legal and operational risks prior to offering crypto services. Significant regulatory focus is placed on licensing, registration, oversight of offshore VASPs, and full implementation of the Travel Rule for cross-border payment transparency.

The FATF continues to call for the full global adoption of AML/CFT standards for virtual assets and service providers. In its latest guidance, FATF highlights critical gaps in licensing, VASP identification, and oversight, stating that any weakness in one jurisdiction creates systemic global vulnerabilities. FATF’s updated Recommendation 15 and the Travel Rule require VASPs to implement risk-based controls, cooperate with asset-freezing requests, and maintain transparent, shareable records on crypto transactions. [11]

Emerging threats and future challenges

The adoption of AI in crypto-enabled crimes is further complicating detection and prevention. Criminals are exploiting generative AI to expand and intensify traditional forms of fraud, such as committing identity theft using deepfakes and synthetic identities with alarming sophistication.

Another significant challenge for law enforcement and regulatory authorities is the growing adoption of privacy cryptocurrencies. For example, Monero has gained popularity among criminal organisations due to its enhanced anonymity features. Unlike other cryptocurrencies, Monero generates ring signatures and stealth addresses that make transaction tracing extremely difficult.[12]

The misuse of cross chain bridges and Decentralised Finance (DeFi) protocols is another evolving threat. Bad actors are increasingly using these technologies to move funds between different blockchain networks, thereby complicating the tracking efforts. This decentralised nature makes them attractive for these illicit actors seeking to avoid traditional compliance requirements. [13]

Wake-up call

The evolution of crypto-enabled crimes represents one of the most significant challenges faced by the global financial system today. Terrorist organisations, sanctioned entities, and criminal groups are exploiting digital assets exponentially. This demands an equally sophisticated regulatory and law enforcement response. 

The FATF's warning about ISIS's cryptocurrency use is a critical wake-up call for enhanced international cooperation and technological advancement in crypto-enabled crime detection capabilities. Significant regulatory actions, like MiCAR and FATF standards, provide stronger foundations for compliance and its implementation. However, the evolving nature of these threats requires continuous adaptation and innovation in technological solutions, as well as in the regulatory approaches.