TL;DR: Regulatory bodies all around the world are swiftly joining forces to crack down on companies that have weak oversight and implementation of robust AML and KYC processes. From inadequate customer due diligence to failures in internal risk assessments, this guide covers the top 5 AML fines in the first half of the year and explore the main challenges these firms face.
Half of the year has already passed, yet a concerning trend still appears: Companies are still getting big penalties due to weak Anti-Money Laundering (AML) controls. Regulators worldwide have issued over $6 billion in AML fines. It doesn’t stop there. Senior executives have also been penalized due to their lack of oversight on AML compliance. Buckle up as we cover the five record-breaking AML fines of 2025 and explains how businesses can avoid them, fairly easily.
OKX Crypto Exchange and Its $500 Million Guilty Plea
February 24, 2025 — Cryptocurrency Exchange OKX was fined over $500 million by the US Department of Justice (DOJ) due to severe AML violations. Founded in 2017 by Star Xu, a blockchain technology enthusiast, the Seychelles-based platform operated one of the largest crypto exchanges globally.
Authorities in the U.S found that the firm had aided over $5 billion in suspicious transactions due to inadequate Know Your Customer (KYC) and AML frameworks. Despite officially banning U.S. users, authorities uncovered internal documents showing that OKX staff instructed American customers to falsify identification documents and circumvent restrictions. Ultimately, OKX pleaded guilty and was charged $84 million in civil fines and a forfeiture of $420 million in illegal proceeds.
The DOJ also found that OKX had weak transaction monitoring, failed to implement sanctions screening, and did not register with the U.S Treasury as a money service business. This underpins the challenge for rapidly scaling businesses when balancing market growth with stringent regulatory obligations.
UAE Exchange House Hit with $54.5 Million for Risk Mismanagement
May 22, 2025 — The Central Bank of the UAE (CBUAE) fined a UAE-based exchange house almost $55 million, the largest fine of its kind in the UAE, due to significant AML weaknesses. The firm was unnamed due to privacy policies.
Reports by the CBUAE found that the firm had failed to implement robust internal risk triggering, due diligence measures, and transaction monitoring. This was not the first time the firm had found itself in compliance trouble with authorities. According to leading news articles in the UAE, the firm had been given multiple chances to remediate its compliance protocols, which were blatantly ignored. Additionally, its branch manager was fined AED 500,000 (US$130K) and prohibited from holding any future position in a licensed financial institution.
This case highlights the growing resilience of authorities in breaking down AML and KYC gaps in high-risk regions. The trend resumes: all organizations, not just regulated financial services, are under scrutiny.
$40 Million Fine for American Payment Company Block Inc.
April 10, 2025 — American digital payments company Block Inc. was fined US$40 million by the New York Department of Financial Services (NYSDFS) for non-compliance with the U.S Bank Secrecy Act (BSA) and AML programme. The firm, formally known as Square Inc., was founded in 2009 by Jack Dorsey, the co-founder of Twitter Inc., to provide a simple and affordable way for small businesses to accept credit card payments.
Block Inc. had over 8300 Cash App accounts tied to a Russian criminal network. The NYSDFS investigated the case and found that the firm had major gaps in its customer due diligence and risk monitoring systems. This enabled fraudsters to launder money and commit financial crime without being detected.
The company must now undergo remediation through leveraging and an independent monitor in order to implement corrective actions. The case with Block Inc. further highlights the previous challenges encountered by OKX to ensure compliance does not lag behind the company’s scale.
FINRA imposes $29.75 Million Fine on Robinhood
March 7, 2025 — Robinhood, a California-based financial services company, was charged $29.75 million by the Financial Industry Regulatory Authority (FINRA) for its weak AML oversight. Founded back in 2013 by the Bulgarian-American entrepreneur Vladimir Tenev, the company provides a digital way for consumers to trade stocks, funds, and cryptocurrency.
FINRA found many gaps in the businesses’ AML programmes, dating back to 2014. A few of the major issues included the failure to act effectively on triggered red alerts and customer misconduct. Part of the fine included a $3.75 million fee to affected customers. Moreover, Robinhood lacked supervision over social media influencers who had created misleading advertisements about their products.
The restitution paid to customers highlights how regulatory authorities are increasingly prioritizing the protection of customers’ and investors’ financial well-being.
Credit Suisse Penalized with US$4.5 Million for Poor AML Controls
July 4, 2025 — The Monetary Authority of Singapore (MAS) has fined Credit Suisse S$5.8 million (~US$4.5 million) as part of its crackdown on the Singaporean AML scandal in 2013. Credit Suisse was one of nine firms fined by the MAS for weak AML and CFT protocols.
The MAS imposed the highest fine on Credit Suisse, which was found to have an inconsistent AML implementation. Some of its failures included weak risk management, inadequate source-of-wealth checks, and transaction monitoring lapses. The other eight firms included big names such as UOB, Citibank, UBS, and more. For the full story of how MAS cracked down on one of the biggest AML scandals in Singapore, click here.
Key Takeaways
- Money Laundering and Counter-Terrorist Financing penalties now extend responsibility to senior executives, expanding compliance obligations across leadership teams.
- Common penalties for gaps found in AML processes include monetary fines, reimbursement to affected customers, sanctions, and forfeiture from participation in the financial ecosystem.
- The biggest challenge for AML implementation in 2025 remains balancing rapid company growth with maintaining comprehensive compliance
- Some of the major issues that can lead to penalties include a lack of due diligence, insufficient or inaccurate risk assessments, and ignoring risk triggers.
The Importance of Comprehensive AML Infrastructure
There is so much to learn from the top five AML fines in 2025. From the list above, its clear that regulatory authorities are extending the ownership of AML implementation and oversight to companies other than financial institutions and also penalizing the senior executives in risk management and compliance teams.
Compliance leaders must invest in an all-in-one AML software or system that is agile to company growth and changing regulations. Speak to a team member to learn more about prioritizing cost effectiveness and scalability through an AI-driven KYC and AML platform in 2025.
Frequently Asked Questions
Why did OKX receive such a large amount of fines compared to the rest?
The DOJ found that the company had incomplete AML and KYC processes and helped users create fake documentation. Additionally, the firm operated an unlicensed platform, enabling over $5 billion in suspicious transactions made.
What is the common thread in these AML failures?
Despite prior warning and red flag alerts, these firms failed to take the necessary action to prevent further damage. Recurring themes included poor due diligence and insufficient transaction monitoring.
Can regulators fine crypto and fintech platforms the same way as banks?
As seen from the cases above, regulators are extending enforcement actions to companies other than financial institutions. Moreover, authorities in high-risk regions are holding the same global AML/CFT standards to local businesses.
What role does ComplyCube play in preventing money laundering?
ComplyCube provides AML and KYC tools including liveness detection, ongoing monitoring, and AI-driven risk detection. Its platform supports fast scaling businesses of all types in automating compliance workflows and identifying suspicious behaviour proactively.
