Regulatory Roundup - June 2026: AML Vigilance, Expanding Sanctions, and New Rules for AI & Crypto

Regulators worldwide continue to raise expectations around financial crime compliance, sanctions screening, and emerging technologies. This month’s developments include new FinCEN advisories on human trafficking, unauthorized employment schemes, and Iranian sanctions evasion, along with significant sanctions actions targeting Russian, Cuban, and Brazilian networks. 

At the same time, organizations are preparing for major regulatory changes affecting AI governance, stablecoin compliance, and digital asset oversight. 

From risk-based monitoring requirements in the EU and Australia to new scrutiny of AI-driven compliance tools and crypto ecosystems, the common theme emerges: regulators increasingly expect firms to demonstrate proactive, effective controls that can adapt to evolving threats and technologies. 

ANTI-MONEY LAUNDERING

SANCTIONS

AI & CRYPTO

ANTI-MONEY LAUNDERING

FinCEN Warns Financial Institutions of Human Trafficking Risks During 2026 FIFA World Cup 

FinCEN has issued a notice urging financial institutions to heighten vigilance for human trafficking activity during the 2026 FIFA World Cup, citing a well-documented increase in trafficking risks associated with major international sporting events. The notice encourages institutions to monitor for suspicious transactions and behavioral indicators linked to labor and sex trafficking, particularly in host cities and surrounding regions. For compliance teams, the advisory serves as a reminder to review trafficking-related typologies, enhance monitoring where appropriate, and ensure investigators are prepared to identify and escalate potential red flags. 

FinCEN Issues Alert on Iranian Revolutionary Guard Corps Evasion Tactics 

FinCEN has published a new alert highlighting money laundering and sanctions evasion techniques used by the Islamic Revolutionary Guard Corps (IRGC) and its affiliated networks. The alert details how the IRGC leverages front companies, intermediaries, complex ownership structures, and international trade networks to conceal its involvement in commercial activity and access the global financial system. FinCEN is encouraging financial institutions to apply enhanced due diligence and monitor for specific red flags that may indicate direct or indirect exposure to IRGC-linked entities, reinforcing the importance of robust sanctions screening, beneficial ownership analysis, and transaction monitoring controls. 

AMLA Consultation Signals Major Shift Toward Risk-Based Ongoing Monitoring 

The European Union’s new Anti-Money Laundering Authority (AMLA) has launched a consultation on draft guidelines that would significantly reshape how financial and non-financial institutions conduct ongoing customer and transaction monitoring. The proposals place the Business-Wide Risk Assessment (BWRA) at the center of compliance programs, requiring institutions to directly link customer review frequency, transaction monitoring thresholds, suspicious activity indicators, and ongoing due diligence activities to identified risks. The guidelines also call for more dynamic monitoring, mandatory periodic and event-driven customer reviews, linked transaction detection, and greater supervisory consistency across EU member states. For compliance teams, the message is clear: ongoing monitoring must become a living, risk-based process rather than a periodic compliance exercise. 

Australia’s AML Reforms Take Effect July 1: Newly Regulated Sectors Face Compliance Deadline 

Australia’s long-awaited AML/CTF reforms officially take effect on July 1, 2026, bringing thousands of new businesses under the supervision of the Australian Transaction Reports and Analysis Centre (AUSTRAC). The expanded regime extends AML obligations to legal professionals, accountants, conveyancers, real estate professionals, and dealers in precious metals and stones, requiring them to implement AML/CTF programs, appoint compliance officers, train staff, conduct customer due diligence, and report suspicious activity. The reforms are designed to close longstanding gaps exploited by criminal networks and align Australia with international AML standards. Organizations that have not yet prepared should act quickly, as AUSTRAC has signaled that businesses must be enrolled and ready to meet their obligations from day one. 

FinCEN and IRS Warn of Financial Crime Risks Linked to Unauthorized Employment Schemes 

FinCEN and the IRS have issued a joint advisory highlighting how the employment of non-work-authorized individuals can facilitate a range of financial crimes, including tax evasion, identity theft, labor exploitation, human trafficking, and the financing of transnational criminal organizations. The advisory outlines typologies and red flags associated with payroll fraud, shell companies, labor contracting schemes, and the misuse of stolen or synthetic identities, while providing specific guidance on Suspicious Activity Report (SAR) filings. Financial institutions are encouraged to enhance monitoring for indicators of unlawful employment-related activity and associated financial flows, particularly where transactions may conceal tax or labor violations or support broader criminal networks. 

SANCTIONS

FTI Consulting OFAC Settlement Highlights Risks of Indirect Dealings with Sanctioned Parties 

OFAC has fined FTI Consulting $1.05 million for indirectly extending prohibited debt to Russia’s VTB Bank through an intermediary law firm arrangement. The enforcement action underscores that sanctions obligations are determined by the underlying economic reality of a transaction, not its contractual structure, and serves as a reminder that organizations must carefully assess indirect exposures, payment flows, and aging receivables involving sanctioned or restricted parties, particularly under sectoral sanctions programs. 

US Expands Cuba Sanctions with Focus on Foreign Companies and Financial Institutions 

The US Department of State has significantly expanded its Cuba sanctions program through a new executive order targeting individuals, entities, and foreign organizations that support the Cuban government, military, or key sectors of the Cuban economy. The measures introduce broader secondary sanctions risks, allowing US authorities to target non-US companies and financial institutions that conduct significant business with designated Cuban entities, including those operating in sectors such as energy, financial services, mining, defense, and security. For compliance teams, the development reinforces the need for enhanced customer, counterparty, and payment screening controls to identify direct and indirect exposure to newly designated Cuban persons and entities. 

US Designates Brazil’s CV and PCC as Foreign Terrorist Organizations 

The US government has designated Comando Vermelho (CV) and Primeiro Comando da Capital (PCC) as Foreign Terrorist Organizations (FTOs) and Specially Designated Global Terrorists (SDGTs), marking the first time Brazilian organizations have been added to the US terrorist sanctions list. The designations subject both groups to full blocking sanctions, requiring US persons to freeze any property or interests in property under U.S. jurisdiction and prohibiting transactions involving the organizations. For financial institutions, the move elevates CV and PCC from criminal and adverse media concerns to sanctions-screening priorities, requiring updates to watchlists, customer screening processes, transaction monitoring programs, and beneficial ownership reviews. 

AI & CRYPTO

EU AI Act Deadline Approaches for AML and Fraud Detection Systems 

The European Union’s AI Act reaches a major milestone on 2 August 2026, when most provisions become fully enforceable. While some high-risk AI systems have a longer implementation timeline, financial institutions using AI for AML, transaction monitoring, fraud detection, and customer risk assessment should already be evaluating governance, documentation, transparency, and oversight requirements. The approaching deadline signals growing regulatory scrutiny of AI-driven compliance tools and reinforces the need for institutions to establish clear AI risk management and accountability frameworks. 

GENIUS Act Rulemaking Signals New AML Obligations for Stablecoin Issuers 

The comment period on FinCEN and OFAC’s proposed rules implementing the AML/CFT and sanctions provisions of the GENIUS Act ended on June 9th. The proposal would classify Permitted Payment Stablecoin Issuers (PPSIs) as financial institutions under the Bank Secrecy Act (BSA) and establish new regulatory requirements for AML, sanctions screening, suspicious activity reporting, and compliance program governance. If finalized, the rule would create the first dedicated AML and sanctions compliance framework for US stablecoin issuers, bringing digital asset payment providers closer to the regulatory expectations applied to banks and other traditional financial institutions. 

UK Sanctions Target Russian Crypto Networks and Stablecoin Ecosystem 

The UK has expanded its Russia sanctions program by targeting 18 individuals and entities linked to cryptocurrency networks believed to support sanctions evasion and illicit finance. The measures include actions against entities associated with the A7A5 stablecoin ecosystem as well as major crypto platforms with significant Russian market exposure. The move highlights increasing regulatory focus on the use of digital assets, exchanges, and stablecoins to facilitate cross-border financial activity outside traditional banking channels, reinforcing the need for enhanced crypto-related sanctions screening and transaction monitoring controls. 

China Launches Crackdown on AI-Enabled Fraud and Deepfakes 

Chinese regulators have launched a nationwide enforcement campaign targeting the misuse of artificial intelligence, with a particular focus on AI-generated fraud, deepfakes, disinformation, and applications that violate privacy and intellectual property rights. Led by the Cyberspace Administration of China in coordination with law enforcement and other agencies, the initiative reflects a broader global trend toward tighter oversight of AI technologies. For organizations deploying AI solutions, the campaign serves as another reminder that regulators are increasingly focused not only on AI innovation, but also on governance, transparency, and the prevention of misuse.