Treasury Reports on Illicit Finance Risk in Digital Asset Sector

The Treasury Department informed Congress and the financial industry that integrating innovative technologies is essential to combat illicit finance, establish regulatory clarity, and mitigate digital asset vulnerabilities.

In its report to Congress, the Secretary of the Treasury outlined how the responsible use of novel tools and techniques will increase the security of the U.S. financial system and deter bad actors.

In its assessment of risk, Treasury reported that Americans suffered over $9 billion in digital asset fraud losses in 2024, with $5.8 billion attributed to investment scams. The report detailed how illicit actors combine mixers, cross-chain bridges, and stablecoins to launder funds and evade detection. Treasury stated that since May 2020, more than $1.6 billion has flowed from mixing services into cross-chain bridges, often converting stolen assets into stablecoins to obscure their origin. Treasury stated that North Korea's cybercriminals represent the gravest state-level threat, stealing at least $2.8 billion in digital assets between January 2024 and September 2025 — including a record $1.5 billion heist from a single exchange in February 2025. Ransomware payments, nearly all made in digital assets, also hit an all-time high of $1.1 billion in 2023.

The report recommended four ways technology can support combatting illicit finance. Treasury stated that:

Artificial intelligence — including generative AI and large language models — is already being deployed for transaction monitoring, suspicious activity report drafting, and deepfake detection. Treasury committed to issuing guidance and partnering with NIST to apply its AI Risk Management Framework to AML compliance, while acknowledging that the same AI tools are being used by criminals to fabricate "synthetic identities."

Digital identity tools — from mobile driver's licenses to zero-knowledge proofs — can streamline customer verification while reducing fraud. Treasury said it will issue guidance clarifying how these credentials satisfy existing customer identification requirements and explore legislation to fund adoption, particularly for smaller institutions.

Blockchain analytics tools, which are now standard at major exchanges, allow institutions to trace transactions and flag suspicious patterns, though the report noted a need for better examiner training, technical standards, and information-sharing frameworks. The report noted that a current legislative proposal calls for a "hold law" giving institutions a "safe harbor" to temporarily freeze assets suspected of being linked to crime.

Application programming interfaces ("API") are identified as the "connective tissue" linking all other compliance tools. Treasury said it will work with NIST to develop standardized, open-source API guidelines.

The report recommended that Congress define which decentralized finance actors should face AML obligations and consider new authorities to address money laundering threats from foreign DeFi platforms. Treasury framed innovation as a "force multiplier" against financial crime. Treasury identified the challenge as to whether regulatory and private sector coordination can keep pace with adversaries already exploiting the same technologies.

The report was required by the GENIUS Act. The analysis was based on information compiled from 220 public comments and extensive engagement with financial institutions, law enforcement, and technology firms.