It’s been a big year for anti-money laundering (AML) and financial crime professionals. In the US, the Trump administration reshaped the AML landscape both at home and abroad. Meanwhile, the continued growth of real-time payments, the renewed impetus for blockchain, and the adoption of artificial intelligence (AI) opened new doors while raising new risks that demand a sharper, faster compliance response. Here, I examine the key developments in 2025 and explore the lessons learned from compliance actions throughout the year.
Trade turbulence and tariff evasion
Trump’s tariffs were one of the standout themes of 2025. Significant increases in US tariffs on imported goods had far-reaching implications for the global trade landscape, including retaliatory tariffs in some markets. It also created a whole area of AML compliance that had never been considered before: tariff evasion. This can take multiple forms, but a typical example is where shipping companies choose circuitous routes to transport goods to the US to disguise the true origin and minimize the tariff impact. Meanwhile, the temporary US export ban on advanced CPU chips to China fueled a black market, adding yet another wrinkle to trade-based financial crime.
The upshot of this trade-related turbulence is clear: the need for comprehensive trade finance and shipping data has never been greater. Financial institutions must understand the entire supply chain and where they may be supplying funds to those evading tariffs, whether they’re countries, entities, or individuals. Beyond the immediate impact on supply chains, the new trade landscape can also affect customers’ credit and risk profiles. Firms suddenly unable to compete in the US, for example, may become greater credit risks, increasing the potential for fraud. Understanding where customers are trading—and how the tariff landscape affects them—is essential.
Shadow fleets and sanctions
The importance of shipping and trade finance data is even more pronounced when tackling the evolving nature of sanctions evasion. Russia’s shadow fleet, its network of uninsured, aging tankers with obscure ownership structures, continues to bypass oil sanctions, and the EU is exploring further sanctions as it looks to draft its 20th sanctions package against Russia.
Financial institutions must be confident they aren’t unwittingly funding illicit oil flows. The challenge? While technology has advanced to provide detailed shipping data such as port visit histories and at-sea routing, bad actors are just as quick to adopt technology that obscures these activities, creating a cat-and-mouse dynamic that raises the bar for due diligence.
KYC: change and divergence
In the realm of Know Your Customer (KYC) requirements, financial institutions are navigating regulatory shifts and increasing divergence across jurisdictions. In the US, the scope of the Corporate Transparency Act (CTA) changed, narrowing new beneficial ownership information (BOI) reporting requirements to foreign entities.
But identifying ultimate beneficial owners (UBOs) remains essential. Under the Customer Due Diligence (CDD) Rule, which has been in effect since 2018, financial institutions are still required to gather BOI information. Yet, this is no easy task when data is siloed or inaccurate and when bad actors hide across borders, below ownership thresholds, and behind multi-layered structures. Firms may also face tension with clients reluctant to provide or verify UBO information following the changes to the CTA.
Meanwhile, President Trump’s Executive Order on fair banking restricts institutions’ ability to “debank” individuals or entities based solely on reputational risk. As a result, many have had to reevaluate their risk models and overhaul their risk programs to evaluate how risk is managed, not just whether it exists.
In the crosshairs: organized crime
2025 also brought increased attention to narco-terrorism and organized crime, which the Global Organized Crime Index 2025 identifies as a growing threat to democratic institutions and state sovereignty. President Trump’s Executive Order 14157 designated several transnational criminal organizations (TCOs) as Foreign Terrorist Organizations (FTOs) or Specially Designated Global Terrorists—a move with significant compliance implications. Following this, multiple cartels were designated as FTOs throughout the year.
FTO designations carry the risk of criminal liability for those who provide material support. TCOs are particularly challenging because they weaponize complexity, using sophisticated tactics to conceal their identities and project legitimacy. Robust screening capabilities, data enrichment, information sharing, and training on risk typologies are all essential to staying ahead.
Payments and blockchain
Globally, real-time payments continue to dominate. The EU’s Instant Payments Regulation requires all banks to send and receive SEPA (Single Euro Payments Area) Instant Credit Transfers beginning in 2025.
Instant payments bring tremendous benefits, but equal challenges. Criminals exploit speed, and financial institutions must ensure their payment screening systems can verify payees, screen sanctions, monitor transactions, and detect and block payments in real time, 24/7.
Blockchain also reemerged as a priority following the GENIUS Act. Major institutions like J.P.Morgan reaffirmed blockchain’s staying power; banks accelerated stablecoin initiatives; and global regulators such as the Bank of England began consulting on new frameworks. The consensus is forming: blockchain may reshape financial services by 2030, and risk mitigation strategies must begin now.
Enforcement lessons
Enforcement actions were impossible to ignore in 2025, particularly as regulators increasingly restrict the growth of non-compliant organizations until remediation plans are proven effective.
A clear theme emerged: all regulated entities, including fintechs, must have financial crime compliance programs that can scale. Noteworthy actions included Hatch Bank in California, crypto firm KuCoin in the US, and the Financial Conduct Authority’s (FCA) fine of Monzo in the UK. The FCA’s fine against Barclays underscored the dangers of weak KYC controls and insufficient ongoing monitoring, reinforcing the need for perpetual KYC rather than a one-and-done approach.
AI: explainability comes to the fore
AI continued to dominate the technological conversation, both as a tool for combatting financial crime and as a conduit for new threats. Agentic AI and digital assistants were among the year’s most influential developments, making explainability a central regulatory expectation.
Some regulators now allow automation to clear low-level alerts, but financial institutions must prove they are using transparent, testable models that deliver consistent outcomes. For global firms, divergent international AI frameworks make standardization impossible, raising operational and governance challenges.
Institutions must also apply rigorous due diligence to third-party vendors, ensuring solutions comply with data laws, embed core principles, and remain aligned throughout the contract lifecycle. Any lapses, even those caused by vendors, ultimately fall on the financial institution.
2025: a year of change
Tariffs, shadow fleets, regulatory revisions, and blockchain’s resurgence have all shaped a year of challenge and a transformative year. At the same time, institutions continue to navigate the real-time payments landscape and rapid advances in AI. As we enter 2026, the pace of change shows no sign of slowing. Success will depend on agility and on continued investment in people, processes, data, and technology to stay one step ahead.