Money laundering, Explained

The use of financial systems to disguise the origins of criminally obtained funds — a process known as money laundering — has found a new and contested frontier in cryptocurrency, forcing regulators, exchanges, and blockchain analysts to adapt tactics developed for traditional banking to a borderless, pseudonymous medium.

---

What Money Laundering Actually Means

Money laundering converts "dirty" proceeds from crime into assets that appear legitimate. The classic three-stage model still applies in crypto:

1. Placement — moving illicit funds into the financial system (e.g., depositing cash at an exchange, receiving stolen crypto) 2. Layering — obscuring the trail through complex transactions (mixing services, chain-hopping, swapping between tokens) 3. Integration — reintroducing funds as apparently clean assets (buying real estate, luxury goods, or withdrawing as fiat)

What crypto changes is the speed and scale of the layering stage. Transactions that would take days through correspondent banks can be completed in minutes across dozens of wallets and chains.

---

Benthic

Jun 25, 2026

View article →

KyberSwap exploiter sends another 2,000 ETH to Tornado Cash as laundering total hits $40M

𝕏/@PeckShieldAlert • Jun 25, 2026

Top Comment

Benthic

Jun 25, 2026

PeckShield says the KyberSwap exploiter-labeled address moved another 2,000 ETH to Tornado Cash. The attacker has now laundered 16,100 ETH, roughly $40M, through the mixer over two years, more than 80% of the $48.8M stolen in KyberSwap's November 2023 exploit. This is long-tail exploit cleanup, not a new breach, but it keeps shrinking any realistic recovery window.

How Crypto Became a Laundering Vector

Cryptocurrency was not designed for crime, but several of its properties created exploitable gaps in traditional anti-money laundering (AML) frameworks:

• Pseudonymity: Blockchain addresses are not natively tied to real-world identities, giving launderers a head start over investigators who rely on name-matched bank records.
• Programmability: Smart contracts can automate layering with no human intermediary — the core function of mixing protocols like Tornado Cash.
• Borderlessness: Funds can move across jurisdictions in seconds, complicating the coordination needed between national law enforcement agencies.
• Stablecoins: Dollar-pegged tokens like USDT (Tether) and USDC combine the convenience of fiat with the speed of crypto settlement. A ZachXBT-traced case involving a $120 million USDT laundering attempt — where funds were routed through Monero, spiking XMR's price from $330 to $438 before Tether froze $72 million — illustrates how stablecoin issuers have become a critical (if imperfect) chokepoint.

---

The Mixer Problem: Tornado Cash as a Case Study

Privacy tools designed for legitimate financial confidentiality have repeatedly appeared at the center of major enforcement actions. Tornado Cash, an Ethereum-based smart-contract mixer, was sanctioned by the U.S. Treasury's Office of Foreign Assets Control (OFAC) in August 2022, on the grounds that it had been used to launder more than $7 billion since 2019 — including hundreds of millions linked to the Lazarus Group, North Korea's state-sponsored hacking operation.

The Tornado Cash case raised unresolved legal questions about whether sanctioning immutable code violates free speech, a challenge that has been litigated in U.S. federal courts. What is not in dispute is that mixing services substantially complicate blockchain forensics: by pooling deposits and issuing withdrawal credentials with no on-chain link to the original sender, they break the transaction graph that analytics firms like Chainalysis and TRM Labs rely on.

Law enforcement has responded by targeting the human operators rather than the code. The developers of Tornado Cash faced DOJ prosecution; one pleaded guilty in 2024.

---

Scale and Scope: What the Numbers Show

Blockchain analytics firms produce annual estimates of on-chain illicit flows. Chainalysis's 2024 Crypto Crime Report put illicit transaction volume at roughly $24.2 billion in 2023 — a figure that sounds alarming but represents less than 1% of total on-chain volume. Critics note this methodology undercounts activity that has successfully been laundered (by definition, undetectable after the fact) and may overcount by including disputed cases.

What enforcement actions reveal is diversity of method and perpetrator:

• Organized crime is increasingly crypto-native. An international sting operation recently dismantled a $390 million crypto laundering ring. U.S. authorities sanctioned a Sinaloa Cartel-linked cash-to-crypto network tied to fentanyl trafficking — a case that illustrates how drug proceeds are being converted to crypto for cross-border movement and then cashed out through peer-to-peer markets.
• Nation-state actors represent a distinct and growing threat. North Korea's Lazarus Group has stolen and laundered billions through Web3 exploits; a recent case traced $2.5 million in DPRK-linked laundering through a Vietnamese front firm. The pattern typically involves a DeFi protocol hack, followed by rapid swaps through decentralized exchanges, then conversion to privacy coins or through cross-chain bridges.
• Retail-scale fraud fuels laundering at the lower end. A Canadian teenager pleaded guilty to laundering $13 million from a crypto theft into Miami cars, jewelry, and a private jet trip. A 22-year-old California man received a 70-month sentence for laundering $3.5 million sourced from a $263 million social engineering ring.
• Exchange-level failures have enabled systemic laundering. Binance's 2023 guilty plea and $4.3 billion settlement with the DOJ and FinCEN included findings that the exchange had processed transactions for sanctioned entities and had inadequate KYC controls that allowed billions in illicit flows. The case set a benchmark for how severely regulators will treat compliance failures at scale.

---

Laundering Techniques in Active Use

Chain-Hopping

Funds move from one blockchain to another — Bitcoin to Ethereum, Ethereum to Tron, Tron to Monero — using cross-chain bridges or centralized exchanges with weak KYC. Each hop adds complexity to the investigative trail. The AudiA6 service, recently disrupted with Chainalysis support, specialized in this method.

Privacy Coins

Monero (XMR) uses ring signatures and stealth addresses to make transaction tracing cryptographically difficult rather than merely operationally difficult. The $120 million USDT-to-XMR case noted above demonstrates how sudden large inflows into Monero can affect its price even as they complicate forensics.

Peer-to-Peer and OTC Desks

Over-the-counter brokers and P2P platforms can match buyers and sellers without requiring the documentation that licensed exchanges must collect. South Korean police recently arrested 23 individuals in an $11 million USDT laundering case that routed funds through P2P channels.

Smurfing

Breaking large sums into many smaller transactions below reporting thresholds — a technique borrowed directly from traditional financial crime — remains effective in crypto when spread across many wallets.

Real-World Asset Integration

The Canadian teenager's conversion of crypto to luxury goods represents a broader pattern: at some point, laundered funds re-enter the physical economy through real estate, vehicles, or commodities. Brazil has seen this acutely, with organized crime networks — including those linked to popular music figures like MC Ryan SP and Poze do Rodo, arrested in a $300 million laundering operation — using crypto as an intermediate layer before purchasing physical assets.

---

Benthic

Jun 23, 2026

View article →

Thai DSI widens $300M laundering probe tied to illegal crypto mining and Chinese crime network

dsi.go.th • Jun 23, 2026

Top Comment

Benthic

Jun 23, 2026

Thailand’s DSI says an illegal crypto mining network was part of a Chinese-linked laundering operation moving more than 10 billion baht, about $300 million, a year. Investigators say 2025 raids seized more than 6,390 mining rigs and tied the scheme to 953 million baht in stolen electricity, with Myanmar cash mules allegedly withdrawing 30 million to 50 million baht a day. The probe has eight arrest warrants out already, and one named figure, Wang Yicheng, is linked by DSI to a U.S. Secret Service seizure of more than $17.8 million in crypto.

The Regulatory Response

United States

The Bank Secrecy Act already requires cryptocurrency exchanges to register as money services businesses and file suspicious activity reports. The DOJ has prosecuted individual launderers under 18 U.S.C. § 1956, which does not distinguish between fiat and crypto. OFAC sanctions have been applied to individuals, entities, and — controversially — smart contracts. Ongoing legislative debate around the GENIUS Act and related proposals has seen industry participants including Hyperliquid and Paradigm urge revision of proposed AML provisions they argue would impose unworkable obligations on DeFi protocols.

European Union

The EU's Regulation (EU) 2024/1624 represents the most comprehensive crypto-specific AML rulemaking to date. Coming into effect in July 2027, it introduces:

• A €10,000 bloc-wide cap on cash payments for goods and services
• Tighter KYC requirements for crypto-asset service providers, bringing them fully under the AML framework that applies to banks
• A new EU AML Authority (AMLA) that will directly supervise the highest-risk crypto firms

The regulation also strengthens the Travel Rule — requiring exchanges to pass sender and receiver information along with transfers above €1,000.

Global Coordination

The Financial Action Task Force (FATF), the intergovernmental standards body, has rated most jurisdictions as non-compliant or partially compliant with its Recommendation 16 (the Travel Rule for crypto). Countries that fail FATF evaluation risk being placed on its "grey list," which affects their access to correspondent banking — a significant incentive for compliance.

---

The Compliance Industry

Enforcement depends on private-sector intelligence. Chainalysis, TRM Labs, Elliptic, and others sell blockchain analytics to exchanges, regulators, and law enforcement. Their core product is clustering algorithms that attribute multiple addresses to single entities, and risk-scoring that flags high-risk counterparties in real time.

Tether, the issuer of USDT — the world's most-used stablecoin — has increasingly positioned itself as an enforcement partner, freezing addresses on law enforcement request. The $72 million freeze in the ZachXBT-traced case shows this can be effective even after layering has begun, but critics note that the ability to freeze user funds also raises questions about the censorship-resistance that underpins crypto's value proposition.

Binance, OKX, and Tether cooperated with authorities in freezing $41 million in crypto tied to a $150 million Ponzi scheme (BG Wealth Sharing), illustrating that exchanges' compliance infrastructure can be mobilized quickly when criminal activity is clearly identified.

---

Structural Tensions

The conflict between financial privacy and AML compliance has no clean resolution. Legitimate use cases for privacy — protecting dissidents, preventing corporate espionage, preserving financial confidentiality — overlap with the tools launderers exploit. A 17-year-old British student, Alexander Browder, was placed on Russia's sanctions list after exposing alleged cryptocurrency laundering; Russia's designation of him as a disinformation spreader illustrates how AML investigations can themselves become politically contested terrain.

DeFi protocols present the hardest compliance problem: when there is no identifiable operator, traditional AML obligations cannot be assigned. The proposed regulatory responses — holding front-end operators liable, requiring protocol-level address screening — remain legally untested and technically contested.

---

Outlook

The trajectory is toward tighter controls, more sophisticated detection, and continued enforcement pressure — but not toward elimination of the problem. Regulatory regimes like the EU's 2027 framework will raise the floor for compliance across licensed intermediaries, making exchange-based laundering harder. At the same time, the growth of DeFi, cross-chain bridges, and privacy-preserving protocols ensures that technically sophisticated actors will retain meaningful evasion options. The enforcement pattern of the past three years — large fines for compliant-but-negligent exchanges, criminal prosecution for intentional facilitators, sanctions for state-linked actors — is likely to intensify rather than shift in character. For legitimate participants in crypto markets, the practical implication is a compliance environment that increasingly resembles traditional finance: more documentation, more screening, and less anonymity at the points where digital and fiat economies intersect.

---