2025 has gone down in history as a landmark year for anti-money laundering and counter-terrorism financing (AML/CFT) enforcement. This year brought not only an increase in the total volume of fines, but also a marked evolution in the scope, sophistication, and strategic intent of regulatory sanctions. This article provides an overview of the largest AML/CFT fines imposed in 2025 by sector, analyses the regulatory failures that led to them, identifies key areas companies should focus on, and highlights upcoming regulatory changes for next year.
Table of contents
- AML Fines in 2025 by Sector
- Cryptocurrencies – More Than $1 Billion in Fines
- Banking and Building Societies – More Than $200 Million
- Payment Services and FinTech – More Than $160 Million
- Trading and Brokerage – More Than $50 Million
- Gambling – More Than $22 Million
- AML Violations With the Highest Sanctions
- Key AML Regulatory Changes in 2025
- Upcoming AML Regulations to Watch
- How to Avoid AML Fines in 2026
- Conclusion
AML Fines in 2025 by Sector
Although fines are often imposed several years after the regulatory failures occurred, these sectors faced the highest sanctions in 2025:
- Cryptocurrencies – more than $1 billion
- Banking – more than $200 million
- Payment services and FinTech – more than $160 million
- Trading and brokerage – more than $50 million
- Gambling – more than $22 million
Cryptocurrencies – More Than $1 Billion in Fines
The cryptocurrency sector, which received the second-highest AML fines in 2024, became the primary target of global regulators in 2025. Total fines exceeded $927 million in the first half of the year alone. In addition to a massive $504 million sanction imposed on one of the world's largest exchanges, other major platforms in the US and Europe faced fines ranging from €20 million to nearly $300 million.
In the most high-profile case of the year, one of the major exchanges admitted to operating an unlicensed money transmission service and failing to maintain an effective AML program. Regulators identified serious failures, including:
- A 'growth at all costs' mentality, where the platform accepted millions of users without adequate identity verification (KYC) or sanctions screening
- Allowing users from sanctioned jurisdictions to trade due to insufficient geo-blocking
- Failure to file suspicious activity reports (SARs) on billions of dollars in transactions
Banking and Building Societies – More Than $200 Million
Banks in the UK and Europe faced significant sanctions in 2025, with estimated total fines exceeding $200 million. A major building society was fined £44 million in December for systemic gaps in financial crime controls. On the continent, a digital bank was fined €2.6 million for serious deficiencies in customer risk profiling and transaction monitoring.
Key failures identified by regulators included:
- Reliance on outdated systems that failed to flag clearly suspicious patterns, such as personal accounts receiving millions from third parties
- Use of siloed data preventing a unified view across different banking products
- Insufficient staff to process backlogs of transaction alerts, leading to long delays in reporting potential money laundering
Is your business subject to AML?
Find out immediately whether your business is subject to AML and which measures and requirements apply to you.
Payment Services and FinTech – More Than $160 Million
FinTech companies and payment processors in the UK and US were hit with fines exceeding $160 million in 2025 for enabling account misuse for fraud and money laundering. A UK firm was fined £21 million for inadequate due diligence on high-risk customers, with regulators noting it allowed customers to register with implausible addresses.
A FinTech giant paid over $120 million in combined sanctions and settlements to federal and state regulators for similar failings, including inadequate oversight of cryptocurrency transactions. Specific failures included:
- Rapid customer acquisition outpacing compliance infrastructure, leading to supposedly frictionless onboarding at the expense of security
- Over-reliance on automated onboarding tools without sufficient human oversight for high-risk cases
- Inability to prevent account misuse by criminal networks for fraud and illicit money movement
Trading and Brokerage – More Than $50 Million
The securities trading sector faced increased scrutiny in 2025, with fines reaching nearly $50 million globally. A popular trading app agreed to pay approximately $30 million to settle charges related to inadequate AML systems and cybersecurity failures. Regulators found that the firm failed to report suspicious transactions in a timely manner, especially during periods of high market volatility.
Investigations revealed:
- Compliance systems were overwhelmed by the surge in 'meme stock' trading, causing critical reporting delays
- Compliance teams were understaffed during market peaks, leading to backlogs of alerts
- Failure to transition from manual transaction monitoring to automated systems appropriate for the firm's size
Gambling – More Than $22 Million
The gambling industry was also hit hard by regulatory sanctions this year. Firms failed in the following areas:
- Inadequate assessment of financial crime risks related to customers, products, and geography
- Conducting effective customer due diligence
- Identifying sources of funds in business relationships
The total number of fines could have been even higher had one firm not chosen to exit the UK market rather than pay a multi-million pound fine for serious AML breaches. Several high-profile disputes between regulators and gambling firms are due to be resolved in 2026, meaning the sector could rank even higher next year.
AML Violations With the Highest Sanctions
Regulatory fines imposed on financial institutions globally surged by 417% in the first half of 2025 compared to the same period in 2024, totalling approximately $1.23 billion. This increase was primarily driven by renewed crackdowns on the digital assets sector.
A cross-sector view of 2025 reveals that specific failures consistently led to the most severe sanctions:
- Ineffective transaction monitoring – monitoring deficiencies were among the most common causes of high fines, with firms failing to configure scenarios capable of detecting complex money laundering typologies
- Governance and oversight – regulators penalised firms where management could not demonstrate oversight of AML programs
- Customer due diligence (CDD) gaps – specifically failures in identifying ultimate beneficial owners (UBOs) and sources of funds for high-risk clients
- Sanctions screening failures – with rising geopolitical tensions, failure to screen against dynamic sanctions lists led to immediate and severe penalties
Key AML Regulatory Changes in 2025
European Union: The new Anti-Money Laundering Authority (AMLA) officially commenced operations in Frankfurt in July 2025, marking the beginning of direct pan-European supervision of high-risk entities. Stricter rules on traceability of crypto-asset transfers came into force, ending anonymous transactions for regulated exchanges.
United States: Following regulatory disputes over the Corporate Transparency Act (CTA), only foreign entities are now required to report beneficial ownership information, with domestic companies exempt from these requirements.
United Kingdom: New amendments to the Money Laundering Regulations (MLR) focused on crypto-assets, lowering the threshold for 'change of control' notifications to 10% to align with FSMA regimes.
Australia: Legislation was finalised to bring 'Tranche 2' entities (including real estate agents, lawyers, and accountants) within Australia's AML/CTF regime, with regulatory oversight commencing in 2026.
Upcoming AML Regulations to Watch
- Expansion of regulated sectors – from mid-2026, lawyers, accountants, and real estate professionals in Australia will face mandatory AML reporting obligations
- Non-financial misconduct – in the UK, new FCA guidance effective September 2026 will explicitly link non-financial misconduct (such as bullying and harassment) to fitness and propriety assessments
- AI and algorithmic transparency – new frameworks are expected in the EU and US requiring explainability of AI-based AML decisions, requiring firms to demonstrate why an algorithm flagged (or did not flag) a transaction
How to Avoid AML Fines in 2026
In 2026, avoiding regulatory sanctions will require a proactive, technology-driven approach. As part of your compliance strategy, you should:
- Conduct dynamic risk assessments: Move beyond static annual spreadsheets. Your risk assessment should be dynamic and current, continuously updating in real time as your business expands into new markets or introduces new products.
- Invest in explainable AI: Automation is essential, but you must be able to explain the rationale behind every decision your AML system makes to regulators, meaning 'black box' AI is a compliance risk.
- Unify your data: Ensure your KYC, transaction monitoring, and sanctions screening systems communicate effectively with each other. Siloed data is the primary cause of missed red flags.
- Strengthen your compliance function: Ensure your Money Laundering Reporting Officer (MLRO) has direct access to senior management and adequate resources to support their role – governance failures are often penalised as severely as technical shortcomings.
- Prepare for regulatory deadlines: If the regulatory changes mentioned above affect you, you should start adapting your compliance framework now – waiting until 2026 will be too late.
Conclusion
2025 clearly demonstrated that regulators around the world are raising the bar for AML/CFT compliance. Firms that underestimated the importance of robust control mechanisms paid not only high fines but often suffered reputational damage as well.
For 2026, it is crucial to invest in modern technology, ensure quality governance, and proactively prepare for new regulatory requirements.