Regulatory Roundup - September 2025: Balancing Neutrality, Innovation, and Enforcement
- Steve Marshall
- Sep 10
- 5 min read
This month’s regulatory updates underscore the challenges of navigating compliance amid shifting expectations. US Executive Order 14331 puts banks under scrutiny for “fair banking,” while the Tornado Cash case tests liability in digital assets. Regulators issued bans, fines, and new AML/PEP rules, even as the US Treasury and White House pushed for innovation in digital assets and AI. The message is clear: firms must adapt quickly, anchoring compliance in risk-based rigor while staying alert to reputational and technological risks.
SPECIAL ANALYSES
Debanking and reputation risk
The issuance of US Executive Order 14331, Guaranteeing Fair Banking for All Americans, has placed financial institutions in a difficult position. What regulators once encouraged (careful scrutiny of high-risk customers) now carries the potential for enforcement action if deemed “politicized or unlawful debanking.” The order broadly defines such debanking as restricting or altering access to financial services based on political or religious beliefs, or on lawful business activities disfavored by a provider. This has created a new tension between compliance obligations, risk management practices, and the growing expectation of neutrality in banking services.
For banks, credit unions, and payment providers, the reputational risks are significant. Institutions must now consider not just who they serve, but also who they declined to serve, and whether those decisions could be perceived as politically motivated. Yet reputation is highly contextual: a move that satisfies one constituency may inflame another. This places institutions “between a rock and a hard place” where both action and inaction may carry risks. To manage this complexity, risk-based decisions, particularly those tied to financial crime prevention, must be anchored in clear, demonstrable links to predicate offenses. Anything less could leave firms exposed to regulatory scrutiny on one side and reputational backlash on the other.
Mixed liability in digital assets
The Tornado Cash trial highlights the increasingly complex landscape of mixed liability in digital assets. While the co-founder was convicted of conspiring to operate an unlicensed money transmitting business, the jury deadlocked on more serious allegations of money laundering and sanctions evasion. Importantly, both sides agreed the co-founder did not launder funds himself but acknowledged his awareness that the platform was being used by criminals. This distinction, between building or maintaining infrastructure and directly facilitating crime, underscores the unsettled boundaries of liability in digital finance.
The Department of Justice’s recent position adds further nuance. By signaling it will not pursue unlicensed money transmission charges under §1960 unless a defendant knew of and willfully violated specific licensing requirements, the DOJ appears to be carving out space for innovation while reserving prosecution for cases with clear criminal intent. Yet the Tornado Cash outcome shows that knowledge of illicit use, even absent direct participation, may still carry exposure. For developers, exchanges, and intermediaries, this presents a “better safe than sorry” moment: robust compliance frameworks, ongoing KYC/AML controls, and proactive monitoring are no longer optional. As regulators balance innovation against enforcement, firms must assume that awareness without action could still translate into liability.
ANTI-MONEY LAUNDERING (AML)
Ethiopia bans four US money transfer firms
The National Bank of Ethiopia has barred four US-based remittance companies, accusing them of undermining financial integrity and market stability. Diaspora funds sent through these firms risk confiscation, raising concerns over access for Ethiopian communities abroad and heightening AML risk for banks still connected to them.
New US 1% excise tax on remittances starting 2026
The US government has introduced a 1% excise tax on remittance transfers funded by cash, money orders, or similar instruments beginning January 2026. Expected to raise $10 billion over 10 years, the measure will impact money transfer operators, digital providers, and nonbank institutions. Financial institutions must also watch for attempts to mask sender/recipient relationships through intermediaries, which can trigger anti-conduit rules, recharacterize transactions, and potentially drive activity toward unregulated channels outside the AML and sanctions framework.
Banks face liability in pig butchering fraud wave
A new study warns banks are increasingly held liable for customer losses in tech-enabled romance scams, with deepfakes fueling a surge in fraud. Financial institutions could face an estimated $75 billion in exposure, according to recent studies. Experts stress that advanced KYC and fraud-detection tools must be added to compliance checklists to combat this growing threat.
FinCEN delays orders on Mexican institutions
Treasury has postponed until October 20, 2025, the effective date of certain fund transfer prohibitions targeting Mexican financial institutions. Officials cite progress in Mexico’s regulatory reforms, giving banks time to strengthen compliance programs and implement effective anti–illicit finance controls.
HM Treasury refines UK AML rules
Planned updates to UK money laundering regulations will narrow Enhanced Due Diligence (EDD) triggers to “unusually complex” transactions and limit mandatory EDD to customers from FATF “Call to Action” jurisdictions. The changes aim to make CDD and EDD more proportionate, practical, and risk-based for firms.
FCA issues new PEP guidelines
The FCA has updated its approach to Politically Exposed Persons (PEPs), urging case-by-case risk assessment and easing requirements for lower-level officials in low-risk countries. PEP status will lapse for relatives once an official leaves office. While the rules streamline compliance, global inconsistencies may pose challenges for firms.
SANCTIONS
NJ resident sentenced for sanctions evasion scheme
A New Jersey man was sentenced to 30 months in prison and fined $75,000 for participating in a global procurement and money laundering network supporting Russia’s military. Prosecutors said he lied to banks and facilitated the illegal export of sensitive ammunition and electronics in violation of US sanctions.
Treasury seeks input on digital asset compliance innovations
The US Treasury is requesting public comment on innovative methods to detect illicit finance involving digital assets, fulfilling requirements of the GENIUS Act. Areas of focus include APIs, AI, blockchain monitoring, and digital identity verification, with evaluation criteria spanning effectiveness, costs, privacy, and cybersecurity risks.
OFSI issues 2025 crypto threat assessment
The UK’s Office of Financial Sanctions Implementation (OFSI) released a sector-specific threat assessment on crypto assets, warning of evolving risks. Firms are urged to strengthen compliance by confirming FCA registration, enhancing detection, monitoring counterparties, conducting lookbacks, and reporting suspicious transactions promptly to regulators.
AI & DIGITAL ASSETS
NYDFS fines Paxos $48.5M over compliance failures
Paxos Trust Company agreed to a $48.5 million settlement with New York’s Department of Financial Services for AML and monitoring deficiencies tied to Binance. Regulators cited failures in due diligence and transaction monitoring. Paxos has since expanded its compliance team, hired third-party consultants, and undertaken a multi-year remediation effort.
White House unveils AI action plan
The US administration launched a national AI strategy built on three pillars: accelerating innovation, building infrastructure, and leading globally. The plan pledges to revise regulations seen as hindering AI, tie federal funding to state regulatory stances, and set procurement rules requiring developers to uphold free speech and neutrality safeguards.
Expert guidance for a complex compliance landscape
As regulatory requirements grow more complex, FinScan’s Advisory Services provides trusted support at every step. From strengthening model governance and enhancing data quality to navigating sanctions and emerging technologies, we help you build confidence in your compliance program. Partner with us to establish a resilient, future-ready foundation. Schedule a discovery call today.