When FinCEN designates a foreign financial institution as a "primary money laundering concern," the institution rarely survives. The recent takedown of Swiss merchant bank MBaer — destroyed in days by a single Federal Register notice after its local regulator spent two years trying to shut it down — is a case study in Section 311's extraordinary power, and in the structural gap between domestic due process and U.S. administrative speed.

Government enforcement is only one mechanism for holding companies accountable for financial misconduct. When it weakens, others — sectoral regulators, civil courts, class actions, and informed public scrutiny — become more important, not less. Here's what I plan to do about it, and how you can help.

Madoff, Enron, Wirecard, Theranos, Sino-Forest, Nikola — in each case, the decisive pressure came not from boards, auditors, or regulators, but from a journalist, short seller, or forensic analyst who kept asking the question the institutions had stopped asking. These outsiders did not perform fiduciary duties. They forced fiduciary duty out of abstraction and into action.

In under a year, the U.S. has pardoned convicted money launderers, paused anti-bribery enforcement, and rolled back crypto oversight. The stated goal is to unleash business. As a former financial crime investigator, I believe the long-term consequences will be severe — not just for the U.S., but for every country that follows its lead.

In March 2025, US, German, and Finnish authorities seized Garantex — the Russian crypto exchange sanctioned in 2022 for laundering ransomware proceeds and darknet market revenue. Two weeks later, Grinex launched with the same interface, the same team, and the same user base. Then came MKAN Coin, Exved, and ABCEX. This is the crypto hydra problem: cut off one head, and two more appear.

When a company holds client funds in a non-interest-bearing trust account, it can truthfully say it does not earn interest on your money. But that does not mean it derives no economic benefit. The Earnings Credit Rate mechanism — invisible in published financial statements — creates incentives that few customers understand.

The EU's Markets in Crypto-Assets regulation is now fully applicable. Over 90 firms have been authorised as CASPs. Non-compliant stablecoins are being delisted. The regulatory framework that the crypto industry said was impossible is operational. Here is what it actually changes — where it closes real gaps, where it creates new friction, and where it will be tested first.

On February 21, 2025, North Korea's Lazarus Group stole approximately $1.5 billion in Ethereum from Bybit — the largest cryptocurrency theft in history. The attack did not exploit a smart contract bug or a protocol vulnerability. It began with a compromised developer at Safe{Wallet}, a third-party multi-signature platform. Three years after the Ronin Bridge hack, the same attacker, the same technique, the same structural vulnerability. The industry learned nothing.

AI is being marketed as a revolution in financial crime compliance — better transaction monitoring, smarter KYC, automated SAR filing. Some of that is real. But AI is also giving criminals new tools: deepfake identity documents, synthetic KYC profiles, and AI-generated phishing. An honest assessment from both sides.

Tornado Cash, ChipMixer, Samourai Wallet, Sinbad — the mixer takedowns of 2022–2025 have forced a reckoning with a genuine tension in crypto: the same tools that protect legitimate financial privacy also enable billion-dollar money laundering. There is no easy answer, but there are better and worse ones.