Last month, federal investigators opened a probe into Tether, the firm that runs the world’s most-traded cryptocurrency. Though as much as $190 billion of tether is traded every day, the firm attracted the ire of regulators for its lax safeguards, amounting to possible sanctions violations and violations of money laundering rules, including apparently by Russian weapons dealers.

The illicit finance risks presented by Tether’s allegedly lax safeguards are just a taste of what’s to come without new anti-money laundering rules to accompany the meteoric rise of crypto platforms. Despite investigators’ success in identifying apparent breakdowns in Tether’s programs, the U.S. anti-money laundering framework still has massive gaps that exacerbate illicit finance risks within the virtual asset ecosystem. If Congress advances new rules on cryptocurrency this year, it must also advance tighter anti-money laundering requirements for the industry, as a means to support law enforcement and protect U.S. national security interests.

Cryptocurrency is becoming attractive to hostile actors who seek ways to sidestep sanctions and exploit gaps in our financial protections. Over half of North Korea’s ballistic missiles program is reportedly funded through cryptocurrency, and cyber-attacks worldwide are almost always paid for with digital currencies. Hamas has moved large sums through crypto-based transactions, largely unmonitored due to gaps in anti-money laundering (AML) protections. Russia has increasingly turned to cryptocurrency to circumvent U.S.-imposed sanctions, using exchanges like Cryptex, registered in St. Vincent and the Grenadines, which operate freely in Russia. The U.S. Treasury recently sanctioned Cryptex and other entities linked to Russian cybercriminals who laundered hundreds of millions of dollars through cryptocurrency to support Russian interests. These countries, part of an authoritarian coalition, increasingly leverage digital currencies to evade international oversight and challenge American national security interests. 

Despite the growing threat, current regulations don’t fully cover the unique risks presented by the virtual asset ecosystem, leaving gaps that pose serious risks to U.S. national security interests. High-ranking Treasury officials in both the Trump and Biden administrations have expressed concerns with Treasury’s ability to tackle illicit finance threats presented by digital currencies, yet they have not outlined any additional regulatory tools..

Digital asset service providers face considerable challenges in implementing effective AML practices, which can leave openings for misuse. However, the risks are even more severe with decentralized finance (DeFi) platforms and un-hosted wallets, which operate more frequently and arguably entirely outside traditional regulatory oversight. By facilitating large-scale transactions where the real identities behind the transactions remain obscured, these gaps weaken established financial protections and make it easier for hostile actors to fund activities that will ultimately threaten U.S. security if remained unaddressed.

Some digital asset service providers operate with limited AML practices, leaving gaps that can be exploited by illicit actors. Decentralized finance (DeFi) platforms, with their decentralized and often anonymous structures, frequently fall outside the bounds of traditional regulatory oversight. Similarly, un-hosted wallets provide additional pathways for actors to move assets without accountability, bypassing the oversight that regulated financial channels would typically require.

The Treasury has expressed concerns regarding the role of cryptocurrency in illicit finance, urging Congress to grant it broader authority to pursue bad actors and establish consistent compliance standards across all crypto platforms. Addressing these gaps is essential, particularly as anonymous transactions on decentralized finance (DeFi) platforms continue to grow, heightening the need for regulations that can adapt to the unique challenges of decentralized networks.

Moreover, FinCEN, the agency responsible for enforcing AML laws, is under-resourced for monitoring such a rapidly growing industry. Without adequate funding, FinCEN’s capacity to track and prevent misuse remains constrained, limiting the U.S. response to this evolving threat.

As raised in a recent letter to Congress, ensuring the integrity of the financial system requires applying the “same activity, same risk, same regulation” principle to cryptocurrency. This would expand AML requirements to additional cryptocurrency actors named in Treasury’s November 2023 term sheet. Enforcing such requirements is not feasible if it is not paired with adequate authority and resources. Therefore, the Treasury must be empowered to hold digital asset providers accountable when they facilitate illicit finance and sanctions evasion. The effort must be supported with adequate funding for enforcement agencies like FinCEN that would allow them to keep pace with the rapidly evolving crypto landscape.

As cryptocurrency use expands, so too does the risk that foreign and illicit actors will exploit its anonymity to evade sanctions and launder funds. By closing regulatory gaps, lawmakers can reinforce the financial frontlines of national security and advance a forward-looking, proactive posture against illicit actors.