Key insights:

• • • Prediction markets sit in a regulatory gray zone — Prediction markets’ economic function often looks much closer to gambling than traditional finance.

    • That ambiguity creates an AML blind spot — This blind spot allows potentially weaker controls around KYC, source of funds, sanctions screening, and suspicious activity reporting.

    • Banks and payment processors should focus on actual risk, not labels — Reputational, legal, and financial crime risk exposure can arise long before regulators clarify the rules.

Prediction markets have grown into a multi-billion-dollar ecosystem, offering the ability to enter into a contract to predict the outcomes on everything from elections and sports games to economic data and weather events. Yet as these platforms expand, they operate in a regulatory gray zone that raises serious questions for banks, payment processors, and compliance professionals.

Yet, the classification question that regulators and financial institutions continue to debate is not merely academic. It determines whether prediction market platforms will face the same anti-money laundering (AML) and know-your-customer (KYC) obligations as casinos and sportsbook venues, or whether prediction markets can continue to operate with minimal compliance oversight. This distinction has real consequences for the financial system.

“Prediction markets are not just a classification problem, they represent a structural gap in how financial crime risk is currently understood and managed,” says James Lephew, Founder & CEO of , a Charlotte-based consulting firm that serves major gambling operators and financial institutions globally.

Clarification is required in classifying this sector

Prediction markets occupy an ambiguous middle ground. Market operators position their platforms as financial derivatives or forecasting tools rather than gambling venues, emphasizing price discovery and statistical analysis over chance-based wagering. A contract on the outcome of a presidential election or a sports event, they argue, reflects crowd-sourced probability estimates grounded in information aggregation, not gambling luck.

Yet the fundamental mechanics raise legitimate questions. A user who buys a contract predicting that a candidate will lose an election is, in economic terms, wagering money on an uncertain outcome. The distinction between betting on a football game and trading a contract on the outcome of that same game becomes difficult to defend from a regulatory standpoint — and this classification matters enormously.

The distinction between betting on a football game and trading a contract on the outcome of that same game becomes difficult to defend from a regulatory standpoint — and this classification matters enormously.

If prediction markets are treated as gaming operations, they trigger Title 31 obligations under the Bank Secrecy Act, including currency transaction reporting, suspicious activity reporting (SAR) requirements, and comprehensive KYC procedures. If on the other hand, prediction markets are classified more akin to financial markets, these requirements may not apply. Currently, many prediction market platforms claim financial market status, allowing them to operate outside gaming regulations and with potentially weaker AML controls.

There is a compliance gap

Without clear regulatory classification, prediction markets create a significant AML blind spot. Casinos must report cash transactions exceeding $10,000, conduct source-of-funds reviews, and maintain detailed customer profiles. Sportsbooks face licensing requirements, geolocation checks, and responsible-gaming safeguards. Prediction market platforms, by contrast, often operate with minimal reporting obligations.

This gap introduces concrete risks. Digital wallets and cryptocurrency channels can obscure the source of funds. Structuring and layering of sources become easier without robust verification, further clouding who exactly playing in these markets. Collusive trading through multiple accounts allows value transfer that may go undetected. And VPN use and foreign payment channels can enable sanctions evasion.

Further, without mandatory SAR reporting, suspicious patterns tied to money laundering, terrorist financing, or market manipulation may never reach law enforcement.

“What we’re seeing is an AML blind spot,” says Lephew. “Platforms enabling financial flows with characteristics of gambling, but without the controls that regulators would normally expect.” Until classification catches up with the technology, he adds, this blind spot remains open — and exploitable.

Why this matters for banks and processors

Banks and payment processors that support prediction market platforms may carry significant reputational and legal risk if they haven’t conducted thorough due diligence — and they cannot rely on a platform’s self-classification as a financial market or forecasting tool. Nevada and other jurisdictions are actively examining whether these platforms constitute gambling, echoing concerns from the American Gaming Association that products carrying similar economic risks deserve similar regulatory treatment.

If a product allows participants to wager on uncertain outcomes and creates risk that is substantially similar to gambling, it should face AML and customer identification requirements proportionate to that risk.

“Risk must be assessed based on how the product actually behaves, not how it is marketed,” Lephew explains. And that means evaluating whether a platform applies robust KYC procedures, verifies the source of deposits and beneficial ownership, screens against sanctions lists, reports SARs to the government, prohibits contracts on high-risk events such as assassinations or terrorism, and uses geolocation controls to block users in restrictive jurisdictions. Those answers matter far more than whatever label the platform chooses, Lephew says.

The path forward

Regulators have several options. One approach applies gaming regulations uniformly, treating all prediction markets with economic characteristics similar to gambling as gaming operations subject to Title 31. A second approach creates explicit financial market classification with statutory AML obligations and enhanced scrutiny of high-risk contracts. A third option adopts a tiered or risk-based framework, classifying contracts on lower-risk events such as economic data or weather under financial market rules, while sports and election markets could face enhanced scrutiny. Violent outcome markets would be prohibited entirely.

Regardless of which path regulators choose, the principle should be the same: Classification should follow economic function. If a product allows participants to wager on uncertain outcomes and creates risk that is substantially similar to gambling, it should face AML and customer identification requirements proportionate to that risk.

Financial institutions should not wait for regulatory clarity. They should apply rigorous due diligence now, treating prediction markets with a heightened level of scrutiny appropriate to their actual risk profile rather than their claimed legal status.

The goal is not to eliminate prediction markets, but to ensure they operate within a framework that prevents money laundering, terrorist financing, and market abuse. “If it looks like gambling, behaves like gambling, and carries the same financial crime risk, it should be regulated accordingly,” Lephew notes. “Anything less creates systemic exposure.”

You can find out more about the challenges financial institutions face in their anti-money laundering efforts here

Key insights:

• • • AI as a force multiplier — Advanced analytics now reveal financial and behavioral anomalies that traditional monitoring systems routinely miss, giving executives a clearer view of emerging risks.

    • Geospatial and digital intelligence converge — Intelligent networks like OSINT, ADINT, and location-based data expose hidden networks and movement patterns, improving the detection of money laundering, trafficking, and smuggling operations.

    • Enterprise risk strategies must evolve — Organizations that integrate AI-driven intelligence across compliance, security, and operations can respond faster, reduce blind spots, and operate with greater resilience during high-risk events.

Illicit financial activity has always evolved faster than the systems designed to stop it. And today, the speed and sophistication of criminal networks are accelerating in ways that traditional compliance processes can no longer match. Major international events, such as the 2026 FIFA World Cup, bring millions of visitors, heightened commercial activity, and a surge in cross‑border movement, all creating fertile ground for exploitation.

AI as an intelligence multiplier

In this environment, financial institutions are on the front lines of detection and mitigation, and corporations must strengthen their ability to detect hidden risks. AI — particularly when combined with digital intelligence sources, behavioral analytics, and geo-referenced data — has emerged as the most powerful accelerator of that transformation.

Among all of this high-volume activity, AI is redefining how institutions detect early-stage indicators of illicit activity. Instead of relying solely on manual reviews or rule-based monitoring, organizations are increasingly deploying systems capable of analyzing vast volumes of structured and unstructured data at once. Three capabilities are shaping this new frontier:

Open-source intelligence (OSINT) — Criminal activity, even when intentionally concealed, tends to leave trace signals online. OSINT tools can examine social platforms, online marketplaces, media sources, forums, and digital discussion channels to uncover suspicious behavioral patterns, potential recruitment or exploitation signals, inconsistencies between official identification and online presence, or clusters of accounts linked by shared attributes. For many executives, OSINT has become an indispensable layer of enhanced due diligence, risk scoring, and early threat detection long before suspicious activity appears in financial records.

Advertising intelligence (ADINT) — ADINT focuses on metadata produced by mobile applications and digital advertising ecosystems. While it does not expose personal identifiers, it reveals mobility patterns, device behavior, and clustering anomalies. This type of intelligence becomes particularly powerful during large-scale events because of the ability to monitor the movement of devices across high-risk corridors, identify unusual concentrations of activity near event venues or border regions, or detect digital behavior consistent with organized criminal logistics. ADINT introduces a geographic and behavioral dimension to risk that enables institutions to understand not only who a customer appears to be, but where they go, how they behave, and whether those patterns align with legitimate economic activity.

AI-enhanced investigations — Modern platforms now merge financial data with OSINT and ADINT inputs and then apply descriptive and generative AI (GenAI) to draw connections that would be impossible to detect manually. These systems can classify digital communications by sentiment or intent, identify unusual financial behavior within seconds, convert large datasets into actionable intelligence summaries, translate and interpret foreign-language content, and map networks through recurring metadata or visual similarity. For decision-makers and organizational stakeholders, this shift represents a dramatic reduction in blind spots and a faster escalation pathway when emerging threats surface.

Why financial institutions and corporations must lead

Human trafficking, migrant smuggling, and money laundering cannot function at scale without the financial system. Even when exploitation occurs offline, profits eventually make their way into the formal economy through remittances, structured cash movements, shell companies, digital wallets, recruitment payments, or short-term rental arrangements.

AI enhanced investigations can help institutions identify subtle but meaningful indicators, such as coached or inconsistent customer responses, accounts linked through shared devices or addresses, rapid deposits followed by immediate withdrawals, purchases that do not correspond to a customer’s risk profile, payments directed to unverifiable recruiters, unusual patterns of short-term housing across multiple individuals, or transaction flows that follow established exploitation routes.

Illicit financial activity has always evolved faster than the systems designed to stop it. And today, the speed and sophistication of criminal networks are accelerating in ways that traditional compliance processes can no longer match.

All this information already exists inside institutional data today; AI simply makes it visible and usable much more easily and quickly.

While financial institutions are central in detecting illicit finance, companies across multiple sectors face heightened exposure during large events. Hospitality, logistics, transportation, construction, real estate, and digital services all see risk intensifying as demand surges and oversight becomes more complex.

Those senior leaders who responsible for operational continuity should integrate AI-powered monitoring into their internal controls. This can help detect unusual workforce recruitment patterns, unexpected badge or access activity, subcontractor behavior that conflicts with declared operations, repeated presence in high-risk zones, or digital communications that hint at coercive or exploitative conduct.

In the fight against illicit finance, technology is no longer optional. Indeed, it is our most powerful ally.

You can find out more about the fight against illicit finance and money laundering here

Key insights:

• • • Big sporting events create perfect cover for sex trafficking — The World Cup’s massive crowds, temporary workers, and stretched local infrastructure make it easier for traffickers to blend in and exploit vulnerable people while staying largely out of sight.

    • Money trails and online ads are where traffickers slip up — Trafficking often leaves patterns, such as payments tied to commercial sex ads, round‑dollar peer‑to‑peer transactions, and repeat phone numbers or language across online ads. Banks and investigators can spot these red flags, if they know what to look for.

    • Early, cross‑sector collaboration is what actually makes a difference — The strongest prevention efforts happen before kickoff, when law enforcement, financial institutions, and nonprofits share intelligence, use formal information‑sharing tools, and build trusted local networks to respond quickly and protect victims.

As millions of soccer fans descend upon stadiums across North America for the 2026 FIFA World Cup in June and July, perpetrators of human rights crimes also are getting ready to operate in the shadows of host cities. Criminal networks are preparing to exploit the crowds, traffic, and chaos during the event by trafficking vulnerable individuals for commercial sex.

Human traffickers and organized crime groups often exploit major sporting events as opportunities to make quick money because the massive influx of visitors, temporary workers, and strained infrastructure creates perfect conditions for traffickers to operate while being largely undetected. At the same time, the stakeholders involved in countering this illegal activity — including law enforcement, civil society organizations, and financial institutions — stand ready to detect it, disrupt it, and protect vulnerable individuals who are exploited by criminal actors.

Indeed, close coordination and collaboration among these entities in advance of the games is key. To that end, the Association of Certified Anti-Money Laundering Specialists (ACAMS) and �������� are collaborating on a virtual and live event series to support these planning counter-trafficking efforts among stakeholders in several local cities this Spring.

Why major sporting events attract human trafficking activity

Not surprisingly, large crowds draw business opportunities whether they are legitimate or illicit. Collaboration between public and private entities underscore spikes in human trafficking activity. For example, during a recent large sporting event in 2025, �������� Special Services partnered with federal law enforcement and other partners to identify nine adult encounters & services offered, which led to the recovery of two juveniles from sex trafficking and three state arrests

Common industries that involve the exploitation of vulnerable individuals include hospitality, construction, illicit massage businesses, escort services, and adult content production. The chaos of events and large influx of people mask the reality that exploitation is happening and makes detection significantly more challenging during these high-traffic periods.

Human traffickers and organized crime groups often exploit major sporting events as opportunities to make quick money because the massive influx of visitors, temporary workers, and strained infrastructure creates perfect conditions for traffickers to operate while being largely undetected.

Critically, understanding human trafficking as a business model depends on the recruitment of vulnerable people and access to money flows. These aspects of the business are also where detection can occur. Financial institutions and money service businesses can identify suspicious transactions related to human trafficking by understanding and recognizing specific transactional patterns, including payments to commercial sex advertisement websites, round-dollar peer-to-peer transactions, and merchant services linked to illicit massage businesses.

This online footprint left by traffickers proves invaluable for detection. Investigators track advertisements across adult services websites, identifying criminal networks through repeated phone numbers, distinctive emojis, and similar wording that may appear across multiple cities. However, smaller-scale operations present significant challenges as well. When the trafficker is an intimate partner or family member with limited transaction volumes, detection becomes exponentially more difficult without external intelligence.

Collaboration is key for prevention and detection

The most critical element for combating human trafficking at major sporting events is collaboration among anti-trafficking experts and employers of these professionals. Effective prevention requires building strong partnerships before these major events occur. Specific actions that can be taken include:

Establishing multi-sector task forces — The most successful anti-trafficking efforts involve joint task forces that combine federal, state, and local law enforcement with trusted private sector partners and supportive nonprofits or non-government organizations (NGOs) that offer victim services. This toolkit for large scale public events and other anti-trafficking toolkits are excellent resources for local host cities to use to execute these partnerships. These collaborative mechanisms allow different entities to share information in a timely manner.

Leveraging information sharing mechanisms — Financial institutions can use Section 314(b) authority for peer-to-peer information sharing between banks. This allows financial institutions to piece together fragments of suspicious activity that individually might seem insignificant but collectively reveal trafficking networks. Large federal agencies are consumed by multiple priorities and benefit from information sharing through Section 314(a) and assistance from financial sector partners during special operations to act as a force multiplier. Law enforcement also can benefit from detailed Suspicious Activity Reports (SARs) that contain specific dollar amounts, clear timelines, behavioral observations, and explicit keywords like human trafficking.

Preparing host cities by building networks and outreach in advance — Some World Cup host cities have already established human rights plans with robust collaborative systems within local task forces, government awareness campaigns, QR codes that link to support services, and multidisciplinary safety plans.

In addition, anti-trafficking professionals across all sectors are accessible and willing to help. Resources include national hotlines, such as the , referral directories on website, and the for cases involving minors. The most important step is simply reaching out to establish connections before crises occur.

Preparing for a safer event

The 2026 World Cup presents a pivotal moment to strengthen collaborative efforts against human trafficking across North America’s host cities. By establishing robust information-sharing networks between financial institutions, law enforcement, NGOs, and host communities before the tournament begins, stakeholders can transform heightened awareness into meaningful action that protects vulnerable individuals.

While traffickers will undoubtedly attempt to exploit the inevitable chaos surrounding a major event like the World Cup, a coordinated, multi-sector response grounded in shared intelligence, victim-centered approaches, and proactive preparation can disrupt their operations and ensure that the world’s celebration of soccer doesn’t come at the cost of human dignity and freedom.

You can find out more about��how organizations are trying to fight against human rights crimes here

Key takeaways:

• • • Human trafficking is a financial crime — Without the financial system, human trafficking networks cannot operate at scale. Banks, compliance officers, money transmitters, and casinos are uniquely positioned to detect suspicious patterns.

    • The 2026 World Cup amplifies existing risks — With 5.5 million additional visitors expected in Mexico City alone, criminal networks will exploit the surge in cash flows, new customers, and cross-border movement.

    • Red flags are observable in financial behavior — Human trafficking networks often leave detectable financial footprints, which is why financial institutions must update monitoring systems and stay alert to unusual transaction spikes during the tournament.

MEXICO CITY — As the 2026 FIFA World Cup get ready to hold its tournament in June and July across three North American countries, anti-human trafficking experts are meeting as well and attempting to address the challenges facing the three host countries of the largest World Cup in history.

To that end, the Association of Certified Anti-Money Laundering Specialists (ACAMS), in partnership with ��������, organized one such event, focused on the scourge of human trafficking that often surrounds large sporting events like the World Cup.

One speaker at the event noted an important clarification in the difference between human trafficking and human smuggling — two terms that are frequently confused yet carry vastly different legal and humanitarian implications. The key distinction lies in consent and the nature of the crime. In human smuggling, the individual being transported across borders consents to the movement, typically driven by socioeconomic necessity, and the offense is considered a crime against the state. Human trafficking, by contrast, is a crime committed directly against the victim, often involving exploitation through force, coercion, threats, or deception, and does not require the crossing of any international border.

The ACAMS event challenged the common belief is that human trafficking is exclusively sexual in nature. In fact, there are 10 additional forms of exploitation beyond sexual abuse, including slavery, forced labor or services, use of minors in criminal activities, forced marriage, servitude, labor exploitation, forced begging, illegal adoption of minors, organ trafficking, and illicit biomedical experimentation on human beings.

As the World Cup approaches, financial institutions’ compliance teams must recognize that the same operational conditions that make major sporting events exciting are precisely the conditions that money launderers and traffickers seek to exploit.

Still, sexual exploitation remains the dominant form of human trafficking. Indeed, it is the second most lucrative illicit business in the world after drug trafficking, with every 15 minutes of sexual abuse of a trafficking victim generating approximately $30.

Of course, without clients, there is no demand, said one speaker from the ÁGAPE Foundation, an organization that works to raise awareness against gender-based violence and human trafficking.

Financial sector as a key line of defense

When identifying human trafficking, it’s wisest to examine it from a financial perspective to find important indicators, according to several speakers. Indeed, the financial sector plays a critical role given its capacity to detect suspicious accounts and payments, shell companies, cash movements, digital platforms, and commercial operations.

For example, when a customer opens an account or conducts a transaction, certain red flags can be visible, including whether the customer needs to consult notes to answer basic questions such as their address or occupation, or that their responses are not spontaneous or natural. Also, another indicator is if the customer’s profile is inconsistent with the type or volume of transactions being conducted.

For financial institutions, there are other patterns that have triggered alerts in illicit activity in the past, including near-immediate deposits and withdrawals with no clear justification for the cash flow, or multiple individuals registered at the same address or linked to the same account.

Similarly, another red flag would be if there’s a high number of accounts opened from the same state or municipality with similar patterns, particularly in areas identified as origin points for trafficking networks; or, payment of multiple short-term rentals or payments abroad to unverifiable recruiters or employment agencies.

Financial institutions should be on the lookout for companies that file no tax returns or invoice simulated transactions, or that use of front men to open accounts or conduct operations.

Also, new businesses whose declared activity does not correspond to their financial operations should be flagged, as well as any frequent, large-volume purchases of condoms, lingerie, or women’s clothing inconsistent with the declared business activity.

Indicators at the 2026 World Cup

In the context of major sporting events such as the World Cup, existing risks are significantly amplified, several speakers pointed out. Sexual tourism, including the commercial sexual exploitation of children and adolescents, is a known and serious threat. Indicators that are relevant not only for the financial and banking sectors, but also for the real estate, tourism, transportation, hospitality, and restaurant industries including unusual accommodation requests, such as deactivating security cameras, delivering keys through third parties, or inquiring about the presence of neighboring guests.

When identifying human trafficking, it’s wisest to examine it from a financial perspective to find important indicators, and the financial sector plays a critical role given its capacity to detect suspicious accounts.

These industries should also be on the lookout for any adult or group of adults traveling with an unusually large number of minors, or individuals who travel in silence and are accompanied by someone who appears to exercise visible control over them.

As the World Cup approaches, financial institutions’ compliance teams must recognize that the same operational conditions that make major sporting events exciting — high transaction volumes, new customers, cross-border flows, and institutional attention diverted toward the event itself — are precisely the conditions that money launderers and traffickers seek to exploit.

For these compliance teams, monitoring systems must be updated, know-your-customer processes must go beyond documentation and reflect a genuine understanding of the client’s activity and context, and on-site verification visits must be conducted by personnel who know exactly what they are looking for.

The financial sector does not need to become an investigative body; however, it does need to remain alert, informed, and willing to report. Indeed, this is exactly what the compliance function exists for, and in the context of human trafficking, the cost of silence is measured not in fines or reputational damage, but in human lives.

You can find out more about the��challenges of hosting the 2026 FIFA World Cup here

Key insights:

• • • Convenience has outpaced consumer understanding —��Many users treat apps, prepaid accounts, and rewards programs as simple payment tools, remaining unaware they are entrusting their money to entities with few safeguards.

    • Risk is no longer confined to traditional banks — Some of the most significant financial activities now occur within platforms and brands that do not resemble banks at all.

    • Opacity enables systemic vulnerability — The less transparent an institution’s obligations, leverage, and oversight, the easier it is for financial fragility, misconduct, and systemic risk to grow unchecked.

When you think of where money is held, you generally think of a bank. However, as we look at the financial landscape today, money is being held at a wide range of institutions that often have varying levels of safety and oversight. Entities from Starbucks to Visa to Coinbase hold money for individuals, effectively serving as a bank, but often without the regulatory framework that comes with it.

Behind the scenes, it can seem like . In its daily operation, it collects prepaid funds that resemble deposits, holds them as liabilities, and uses them internally — all without offering interest, cash withdrawals, or FDIC insurance. Starbucks’ rewards program holds $1.8 billion in customer cash, and if it were a bank, that would make it bigger, , than 85% of chartered banks, making the coffee chain one of the .

This dynamic extends well beyond coffee shops. “Popular digital payment apps are increasingly used as substitutes for a traditional bank or credit union account but lack the same protections to ensure that funds are safe,” warns the . If a nonbank payment app’s business fails, your money is likely lost or tied up in a long bankruptcy process.

Shadow banking

Think of a Starbucks gift card as a financial instrument. Technically it is one, but no one seriously worries about it being weaponized for any large-scale financial crimes. Most people’s concerns about a gift card is either losing it. The real concern lies not in lost gift cards, however, but in the broader trend: Nonbank institutions managing vast sums without commensurate oversight — and scale matters. A lost gift card is a personal inconvenience; but an unregulated institution managing billions of consumer dollars in leveraged capital is a systemic one.

Shadow banking encompasses credit and lending activities by institutions that are not traditional banks, and crucially, they do not have access to central bank funding or public sector credit guarantees. And because they are not subject to the same prudential regulations as depository banks, they do not need to hold as high financial reserves relative to their market exposure, allowing for very high levels of leverage which in turn can magnify profits during boom periods and compound losses during downturns.

The shadow banking ecosystem is diverse, and each segment of it presents distinct risks:

• • Hedge funds and private equity firms��— Firms like Blackstone, KKR, and Apollo manage vast capital pools using leveraged strategies under limited oversight. Their size and borrowing levels may mean that market reversals can trigger rapid deleveraging, spilling risk into broader markets.
  • Family offices��— A private company or advisory firm that manages the wealth of high-net-worth families, these can operate with even less transparency and often outside direct regulatory scrutiny, enabling them to engage in extreme leveraging and posing risks of sudden collapse.
  • Nonbank mortgage lenders and FinTechs��— This group faces lower capital requirements than traditional banks, leaving thinner buffers to absorb losses during downturns, which can be especially concerning considering this sector’s rapid growth.
  • Crypto exchanges��— Like much of the cryptocurrency ecosystem, these exchanges operate in jurisdictional gray zones, complicating enforcement and enabling illicit financial flows.
  • Money market funds — While these are generally perceived as safe, they can suffer runs if confidence in underlying assets erodes, which can force fire sales that destabilize related markets.
  • Special Purpose Vehicles (SPVs) and Structured Investment Vehicles (SIVs)��— These investment instruments allow large institutions to move risk off their balance sheets, rendering such activity invisible to regulators.

Shadow banking may be the single greatest challenge facing financial regulation. These non-traditional institutions act like banks, but without the safeguards that make banks accountable. And where accountability is absent, opportunity often fills the void.

The same opacity that makes shadow banking difficult to regulate also makes it attractive to those with less legitimate intentions. Without mandatory reporting requirements, standardized oversight, or the threat of deposit insurance revocation, these institutions can become conduits for money laundering, fraud, terrorist financing, and sanctions evasion in ways that traditional banks simply cannot. The question is no longer whether these vulnerabilities exist, but how they continue to be exploited.

The challenge of regulation

The global financial system has always evolved faster than the rules designed to govern it. What began as a coffee loyalty program and a few alternative lending platforms has quietly morphed into a parallel financial universe, one that moves trillions of dollars with a fraction of the transparency that traditional banking requires. That gap between innovation and oversight is not just a regulatory inconvenience, it’s an open door for illicit actors.

Closing that door will require more than periodic enforcement actions or piecemeal legislation. It will require regulators, lawmakers, and institutions to reckon honestly with how broadly the definition of a financial institution has expanded, and who bears the risk when things go wrong. Because historically, it has not been the institutions themselves; rather it has been the customers, the investors, and ultimately the public.

The first step, of course, is awareness. Recognizing that your money does not need to be in a bank to be at risk and that the custodians of that money need not be offshore shell companies to operate in shadows, can transform how we think about financial safety.

The line between a convenient app and an unaccountable financial intermediary is thinner than most realize. And in the world of financial crime, thin lines have a way of vanishing entirely.

You can learn more about the��many challenges facing financial institutions today��������

Key insights:

• • • Geopolitical crises fuel financial volatility and illicit activity — Conflicts have traditionally accelerated capital shifts and flows, creating cover for bad actors.

    • Predictable patterns emerge — Financial institutions should watch for sudden cross-border activity, unusual cash deposits, and transactions from border areas.

    • Conflict zones enable black market expansion — They also should adapt their compliance systems to detect more sophisticated methods used by criminals, tightening screening and enhancing staff training.

While business and international politics may appear cold and calculating, these things are often driven by emotion, especially fear — and fear of instability often drives market volatility.

So it goes as the United States attacks one of the world’s largest militaries and supporters of regional terror groups, causing deepening instability in a Middle East already beset by violence. It is certain that there is already a surge of money flowing in and out of the region for different reasons. Legitimate and illegitimate actors alike will seek to both run away from the crisis and profit from it. However, there are some anti-money laundering specific thoughts that financial institutions need to consider during a time of global uncertainty.

The bottom line — lots of money is on the move. Funding will send aid groups towards the crisis; it will also send logistical supplies, war material, and other necessities. All of these cost money, and defense sectors in multiple countries will be pumping out munitions to refill stockpiles in any country that is related to or in the neighborhood of the conflict.

Not every large transaction is an unusual, reportable event, but financial institutions now need to look one or two layers below the surface. What does not seem related on the surface is always a red flag. Look at beneficial ownership of companies and vessels, look at relations of the owners, not just the ��(OFAC) results of those people themselves. The financial system will, and should, allow the legitimate funds to flow. However, financial investigators must remain diligent to catch bad actors that take advantage of the surge in non-profit activity or the urgency with which legitimate businesses operate in a conflict zone.

Risk Factor 1: Capital flight from regime change

Just as the fall of the Al-Assad regime in Syria caused family funds to flow to as regime members fled the country, you will see the same with politically exposed persons (PEPs) who are inevitably fleeing regime change in Iran. A political crackdown will come. Whether the victors are on the side of the West or not remains to be seen, but some factions are going to flee the country and take family wealth with them.

Banks and other financial services should watch for anyone connected to people moving money through neighboring countries in which they may have literally hiked or driven before depositing cash into a financial institution. There are stories of refugees leaving places with gold bands on their arms, cash and false bottom purses, and diamonds in the lining of sweaters. These things will be converted to cash in neighboring countries and put into financial systems less affected by the conflict. An influx of cash throughout the region, therefore, could indicate this type of capital flight.

Risk Factor 2: Illicit finance and black markets

Since the fall of Syria, we have also become aware of that helps fuel addiction and armed conflict. There are certainly other substances and drug trafficking networks about which we know very little on this side of the secrecy veil.

Therefore, this instability will be seen as a time of opportunity for criminal groups. Indeed, with Assad’s security forces no longer controlling middle eastern captagon and other narcotics trade and various armed groups looking for funding sources, this is an illicit business opportunity.

Financial institutions can expect rapid movement of money between unrelated shell corporations, new corporations, and shadow vessels. They also should expect the black market to boom with drugs, contraband Iranian oil, and funds tied to narcotics that they have only yet to discover. Illegal arms will also generate funding, so all of the methods, both formal and informal, used to transfer value will become active.

In fact, large portions of such funding will flow through financial institutions; and peer to peer payment providers, FinTechs, and money transmitters should be especially wary of funds moving rapidly through their platforms. A burst in conflict means a burst in activity from illicit sources; therefore, enhanced, targeted monitoring is a must.

How financial institutions’ risk & compliance teams should respond

First, all financial institutions’ risk & compliance departments need to assess their institutions’ OFAC and sanctions screening search parameters. This is a good time to dial up fuzzy logic capability and reduce match percentage thresholds. In other words, risk tolerance should go down while the metaphorical dragnet gets wider. Surge the department’s personnel capability to compensate if you have to, because that is better than a strict-liability OFAC fine. Remember, OFAC sanctions are closely tied to national security, especially when it comes to Iran. This is not an arena in which leniency can be expected. Compliance teams should look at monitoring systems and thresholds immediately, create geographical targeting models to cover the conflict zone, and consider a command center approach to deal with the fluidity of the situation until things settle.

If your institution has not already taken the hint from regulators, this also is an opportunity to double down on Customer Due Diligence and identity verification. Front line staff and embedded business compliance personnel should receive updated training and job aids to increase awareness and hone internal reporting. Indeed, it is an advanced business skill to understand complex corporate beneficial ownership, much less to detect when it may be tied to illicit activity or corrupt regimes. Now is the time to increase that level of knowledge and thereby make the culture of compliance more robust.

In every crisis there is opportunity as well as risk: Managing the risk allows every company to take advantage of the opportunity, shore up its mission, and strengthen the institution.

You can find out more about��the geopolitical and economic outlook for 2026��here

3 key takeaways:

• • • The connection is detectable but required massive data analysis — IJM analyzed more than 1 million CyberTipline reports and matched them with mobile device data, ultimately linking sextortion reports to forced scamming sites in Cambodia, Myanmar, and Laos.
    • Forced scamming compounds exploit trafficking victims to commit crimes — Human trafficking victims are lured by fake job ads, then confined in guarded compounds where they’re coerced into running various online scams.
    • Coordinated multi-stakeholder action is urgently needed — Electronic service providers must improve account creation safeguards and detection methods, while law enforcement needs to better coordinate cross-border investigations.

New research by links hundreds of financially-motivated child sextortion reports to scam compounds in Cambodia, Myanmar, and Laos. Indeed, the research shows that significant effort was required to detect these linkages as IJM analyzed more than 1 million CyberTipline reports in the “Online Enticement” category from the National Center for Missing and Exploited Children (NCMEC).

“Our research provides the first clear evidence of this likely link, but to understand the true scale of the problem, there needs to be further urgent investigation into this troubling nexus by law enforcement, tech companies, and global governments,” says Eric Heintz, Senior Criminal Analyst at IJM.

Because forced scamming compounds now blend labor trafficking, high-volume online fraud, and financially-motivated child sextortion, it becomes critical that electronic service providers (ESPs) must harden account creation and improve detection of signals indicative of online fraud and sextortion. In addition, law enforcement must better coordinate their efforts at cross-border investigations and distinguish trafficked workers from criminal organizers.

Links between compound scamming and child sextortion

To illustrate the details of how these two fast-moving crime waves are converging online, forced scamming occurs when victims are trafficked into guarded compounds across Cambodia, Myanmar, and Laos, after responding to fake job-ads. These trafficked victims then are coerced into defrauding targets online as part of forced scams. These schemes employ deceit or trickery to defraud the online targets, often using scripted approaches, fake personas, or impersonation to elicit money or sensitive information.

You can read the IJM report here

The types of scams include romance, investment, crypto, fake loans, and impersonation scams, all of which are carried out from inside guarded compounds. Many times, trafficking victims endure confinement and abuse as part of being forced to perpetrate these scams on others.

These human trafficking victims are also trained on psychological manipulation tactics to lure in potential victims, including children in some instances, although it is not evident that children are being intentionally targeted.

Within some of the scam operations, if trafficking victims fail to elicit the desired outcome, such as an investment in a cryptocurrency fraud scheme, they are forced to pivot to sexualized chat and a request for images or a video call. The forced labor victims then use the collected sexual images to blackmail the scam target for money under threat of exposure. Since 2022, reports of such financially-motivated sextortion have surged globally and have disproportionately affected boys and young men, with devastating psychological harm including documented suicides.

Forced scamming is not just a fraud trend; rather, it is a human rights crisis that collides with child protection, cybercrime, and organized criminal groups across Southeast Asia and beyond.

Researchers from IJM combined large-scale ESP platform reports with mobile ad-tech telemetry to trace overlap between child sextortion and forced scamming. They analyzed nearly 1.2 million reports from NCMEC that covered 3.17 million IP addresses and paired them with more than 300 million advertiser ID rows, which included mobile devices used in these locations, the device’s latitude and longitude, and the IP address and date and timestamp (UTC) of an internet connection by the device. These were collected from 44 confirmed scam sites in Cambodia, Myanmar, and Laos, resulting in 493 reports tied to devices at 40 sites in these countries.

The strongest links centered in hotspots in Cambodia and Myanmar, and some IP addresses traced back to internet service providers in Thailand. This reflected cross-border routing and service reliance and occurred when activity originated in neighboring countries or special economic zones.

Required actions to protect children

Coordinated action by platforms and law enforcement is essential to expose, disrupt, and prosecute the intertwined machinery of forced scamming and financially-motivated child sextortion. ESPs, such as social media networks, messaging apps, email providers, cloud services, and dating platforms, submit CyberTipline Reports to NCMEC when they detect suspected child sexual exploitation. While this is helpful, more efforts are required, which include:

• • • Cross-referencing account creation and activity with known scam hotspots and scripted patterns
    • Including precise timestamps, IP addresses, and geolocation context in CyberTipline submissions
    • Flagging and disrupting account creation that originates from suspicious infrastructure, beyond simple VPN indicators

At the same time, further law enforcement action is needed to improve disruption and prosecution of these networks, including:

• • • Examining sextortion cases for signs of forced scamming, which may include scripts, crypto addresses, or investment lures
    • Studying evidence for indicators of sextortion as a tactic, such as the use of sexually explicit scripts or imagery
    • Considering that some suspects are themselves trafficked victims who have been coerced into scam operations
    • Using advertiser ID data and timestamp matching to pinpoint devices and compounds
    • Devising ways to coordinate cross-border law enforcement actions in hotspot countries, known scam regions, and local jurisdictions.

Forced scamming is not just a fraud trend; rather, it is a human rights crisis that collides with child protection, cybercrime, and organized criminal groups across Southeast Asia and beyond.

The nexus between forced scamming and financially-motivated sextortion of children is detectable — as demonstrated by IJM’s new research. Now is the time for action among ESP platforms, law enforcement, and NGOs to align data and coordinate cross-border responses to better identify devices, compounds, and networks in real time.

You can learn more about how organizations can reduce and mitigate child exploitation in the TR Institute’s human rights crime resource center

Key insights:

• • • Debanking can have harsh consequences — Losing a bank relationship can abruptly cut off finances and damage reputations, often excluding people and firms from basic economic life, often without a clear explanation.

    • The core tension for banks — Financial institutions need to balance the risk between AML/KYC and fraud versus preserving fair access to financial services. As reputational and ideological factors enter into decision-making, concerns about discretion and due process grow.

    • Policy is moving toward guardrails — Already many policymakers are pushing for clearer documentation, transparent notices, a common-sense path to appeal, and a bright line between financial‑crime risk and other risks.

Financial institutions serve as the foundation of the modern economy. Nearly every transaction — from paying for services to buying a cup of coffee — depends on an institution that facilitates or underwrites these exchanges. In this interconnected system, access to banking relationships has become essential for meaningful economic participation for individuals and organizations.

This dependence creates significant consequences for society. Without access to banking services, both businesses and individuals face significant barriers to participating in the economy. Businesses cannot easily pay their employees, fulfill tax obligations, or conduct basic commercial activities. Similarly, individuals struggle to receive payments and manage their personal finances. When institutions terminate these relationships, they effectively exclude people and businesses from the broader economic system. This reality applies to both traditional banks and modern FinTech companies.

Given banking relationships’ critical role in economic participation, the circumstances under which these relationships end deserve careful examination. Financial institutions face ongoing challenges in determining which customers they can serve while meeting regulatory obligations and business objectives. This decision-making process has evolved and can ultimately lead to what experts call debanking — a practice that involves closing accounts and terminating interactions between debanked individuals or organizations and the financial institutions doing the debanking.

What debanking is — and isn’t

The impact of debanking extends far beyond the inconvenience of closing an account. Affected individuals may face extended periods without access to essential funds needed for survival, and they often suffer lasting reputational damage that may cause other financial institutions to reject them as well. Most concerning, however, is that banks rarely provide clear explanations for debanking decisions, leaving individuals unable to address potential misunderstandings or prevent future occurrences.

Without access to banking services, both businesses and individuals face significant barriers to participating in the economy.

This lack of transparency and the cascading effects of banking exclusion demonstrate the profound power that financial institutions hold in determining who can fully participate in the modern economy. This also causes concern about who holds this power and how it can ultimately be kept in check.

Not surprisingly, the concept of debanking has become a contentious issue in the financial sector, with proponents and critics presenting varying perspectives on its implications. At its core, debanking most often occurs when financial institutions terminate or refuse to establish customer relationships, often due to concerns about risk management or regulatory compliance.

Financial institutions argue that debanking is a necessary measure to mitigate potential risks, such as money laundering, terrorist financing, and other fraudulent activities by certain individuals or businesses. By terminating these illicit customer relationships, banks aim to protect themselves from reputational damage, financial losses, and regulatory penalties while maintaining financial system integrity and adhering to anti-money laundering (AML) and know-your-customer (KYC) regulations.

Critics, on the other hand, argue that debanking can have unintended consequences, particularly for marginalized communities and individuals who may not have access to alternative financial services. This can lead to financial exclusion, making it difficult for people to access basic banking services, such as deposit accounts, credit, and payment processing services.

However, the scope and application of debanking practices have expanded beyond traditional risk-based criteria. Questions have emerged regarding the appropriateness of account closures based on reputational concerns, political associations, or ideological considerations. This broader application has intensified public discourse about the boundaries of institutional discretion and the potential implications for financial inclusion.

Policymakers now are working to ensure that banks can address genuine risks without discriminating against customers based on their lawful views.

To navigate this issue, financial institutions need to follow a balanced approach. This involves enhancing transparency, providing channels for appeal or alternative services, and refining regulations to define acceptable grounds for debanking. The goal is to maintain a secure and inclusive financial system that effectively manages risk while protecting the interests of ordinary citizens and legitimate businesses.

Policymakers get involved

In response to concerns that non-financial factors may influence these decisions, an Executive Order was issued by the Trump administration in August to establish clearer guidelines for banking institutions, requiring that account management decisions be based primarily on financial and risk-related criteria. The order seeks to standardize practices across the industry and provide greater transparency in the decision-making process for account closures and financial service terminations.

In September, at the Association of Certified Anti-Money Laundering Specialists (ACAMS) Assembly held in Las Vegas, Mike Greenman, Senior Vice President and Chief Counsel of Financial Crimes Legal at US Bank, emphasized the critical importance that financial institutions present clear documentation for when and how debanking decisions were made about specific industries. Greenman strongly advised institutions to “always separate financial crime risk from other risks.”

Looking ahead at debanking

The issue of debanking has garnered attention due to high-profile cases and concerns about potential misuse. Investigations in several countries have found no evidence of widespread politically motivated debanking, but the perception of potential abuse has led many critics to re-examine this practice. Policymakers now are working to ensure that banks can address genuine risks without discriminating against customers based on their lawful views.

To navigate this issue, a balanced approach is necessary, one that involves enhancing transparency, providing channels for appeal or alternative services, and refining regulations to define acceptable grounds for debanking. The goal for financial institutions should be to maintain a secure and inclusive financial system that effectively manages risk while protecting the interests of ordinary citizens and legitimate businesses.

You can find out more about the regulatory challenges that financial institutions face here

Key takeaways:

• • • Navigating regulatory change — The Trump administration is introducing many regulatory changes that will affect how financial institutions meet their reporting obligations under the BSA.

    • AI helps and harms both sides — Advances in AI offer the promise of more accurate, efficient BSA compliance processes, but they also give criminals an ever-expanding toolkit for committing fraud and other types of financial crime.

    • Compliance pros are optimistic about AI — Corporate compliance personnel are cautiously optimistic about using AI, but insist that better guardrails, usage standards, and agreed-upon best practices still need to be developed.

LAS VEGAS — Those who assess and manage risk at financial institutions are caught in a whirlwind of change, and the health of the global financial system may very well depend upon how they manage the fallout.

At of the Association of Certified Anti-Money Laundering Specialists (ACAMS), the word disruption was used frequently to describe the kind of systemic change that experts in Bank Secrecy Act (BSA) and anti-money laundering (AML) compliance are up against. And this change is coming at them in many forms: regulatory, technological, geopolitical, digital, ethical, and criminal, just to name a few.

Dissatisfaction with the status quo

In his opening keynote address, John K. Hurley, the U.S. Undersecretary of the Treasury for Terrorism and Financial Intelligence, expressed the Trump administration’s dissatisfaction with the current state of financial crime enforcement. Hurley also outlined several reforms the administration is pursuing, all of which are aimed at delivering targeted, actionable intelligence to law enforcement much faster than the current system allows.

Hurley decried the proliferation of burdensome regulations and “not-so-useful” Suspicious Activity Reports (SARs), the main method that financial institutions use to report suspicious financial activity to the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN).

To address these problems, Hurley said the administration intends to simplify the SARs filing process and overhaul the government’s regulatory oversight of financial institutions to focus on “outcomes”, such as how effectively financial institutions identify criminal activity, rather than examiner evaluations (and criticisms) of an institution’s BSA and AML compliance processes.

One of the motivations behind these moves, Hurley said, is to encourage BSA compliance personnel to apply their “experience and creative talent” to devise better crime-detection methods using new technologies.

“I believe fully that well-governed technology is a force multiplier,” Hurley explained. “When a financial institution invests the time and money to experiment with AI and successfully drops its false-positive ratio [of SARs] and escalates vital information to law enforcement more rapidly, their team should be celebrated, not written up because this new approach reveals gaps in their previous manual method.”

AI in BSA/AML compliance: A double-edge sword

Indeed, the use of AI-enhanced technologies to improve know-your-customer (KYC) protocols and other risk-management practices was another main theme of the conference. During several sessions dedicated to AI, panelists and conference attendees expressed both optimism and wariness about the use of AI in BSA/AML compliance activities.

For example, the use of agentic AI — a form of AI that essentially thinks for itself and can proceed without constant human prompting — could be extremely useful for first-level KYC risk screening, but it remains to be seen whether the technology can be adequately controlled for BSA/AML compliance purposes.

The double-edged nature of new technologies was also discussed in-depth. Carole House, an ACAMS Distinguished Senior Fellow, pointed out that while new technologies may improve our ability to detect and deter financial crime, they also give criminals a robust set of high-tech tools to use to help subvert the financial system.

“When you democratize access to these systems, it opens to the door to illicit uses,” House said, adding that new and better forms of digital malfeasance — such as fake IDs, bogus credentials, deep fakes, identity scams, crypto-based money-laundering, ransomware, and more — are all on the rise, and ever-improving forms of generative AI (GenAI) will empower criminals even more.

Despite these caveats, there was almost unanimous agreement that AI will play an increasingly important role in BSA compliance and risk management, because there is no other way to keep up with criminals in the digital economy. And because AI adoption is inevitable (and is, in fact, already happening), efforts now need to be focused on building adequate regulatory guardrails, improving digital skillsets, and establishing AI best practices to ensure responsible use of advanced technology.

New rules, old problems

On the regulatory front, several recent changes that likely will impact how AML compliance personnel do their jobs were also discussed at length during the conference.

In March, for example, FinCEN issued a new rule exempting certain United States-based companies and citizens from their previous obligation under the Corporate Transparency Act (CTA) to report beneficial ownership information to FinCEN. (Foreign entities doing business in the US still have to file beneficial ownership information.)

FinCEN claims the rule change is intended to reduce the reporting burden on small companies, but AML experts are concerned because it gives financial institutions less information to assess the legitimacy of their customers, potentially re-opening a window to fraud that had previously been closed and hindering attempts to assist law enforcement.

Support for crypto-regulation

On another matter, AML experts are generally supportive of recent efforts to regulate cryptocurrency assets. For example, creates new regulatory framework for stablecoins, which are a type of cryptocurrency whose value is backed a fiat currency such as the US dollar.

Congress is also considering passage of the Digital Asset Market Clarity Act, which would create guidelines for the classification, sale, and oversight of digital assets. And a series of new policy directives collectively known as The Blanche Memo (because they were issued by Deputy U.S. Attorney General Todd Blanche) aims to end so-called “regulation by prosecution” of crypto exchanges and shift the emphasis of law enforcement to individuals who use digital assets to support “terrorism, narcotics and human trafficking, organized crime, hacking, and cartel and gang financing.”

In addition to these changes and concerns, BSA/AML compliance professionals are also contending with Chinese money laundering, ever-shifting sanctions, tariff evasion, global regulatory volatility, worldwide financial threats, lack of institutional trust, and pervasive economic uncertainty — so by any measure, they have very full plates.

As Dan Stipano, a partner at Davis Polk & Wardwell, remarked during one panel discussion: “The big problem with the BSA is that if everything is a priority, nothing is a priority,” — and that too must change.

You can find more of our coverage of ACAMS events here

Key insights:

• • • 4 pillars of surveillance — Casinos operate under a comprehensive BSA and Title 31 anti-money laundering framework, anchored by four pillars that together create a surveillance network to detect and deter illicit activity.

    • Significant gap in enforcement — Despite a massive surge in SAR filings, enforcement actions were virtually nonexistent, revealing a significant enforcement gap that undermines deterrence.

    • Balancing regulatory rules and risk — Effective CTR and SAR practices are both a regulatory obligation and a risk signal: Strong, timely, accurate reporting and a compliance-first culture help avoid penalties and protect reputation, while weak programs invite costly, rigorous enforcement.

Casino operators face increasingly rigorous anti-money laundering (AML) obligations under federal banking secrecy laws that require extensive reporting, customer monitoring, and record maintenance systems. These regulatory mandates, enforced by the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), establish four core pillars of compliance: i) currency transaction reporting for cash activities exceeding $10,000; ii) suspicious activity reporting for potentially illicit behavior; iii) customer identification protocols; and iv) comprehensive recordkeeping standards.

While recent enforcement data reveals significant gaps between the volume of filed reports and actual regulatory actions, casinos must prioritize robust AML programs to avoid substantial penalties and reputational damage.

Under United States federal law, casinos operate within a stringent AML framework governed by Title 31 of the U.S. Code, commonly known as the Bank Secrecy Act (BSA). FinCEN serves as the primary regulator, enforcing comprehensive requirements designed to prevent casinos from becoming conduits for financial crimes.

The 4 pillars of casino AML compliance

1. Currency Transaction Reports (CTRs)— These reports form the foundation of casino reporting obligations. When a customer’s combined cash transactions exceed $10,000 in a single day, casinos must electronically file a detailed report within 15 calendar days. These reports capture essential customer information, such as name, address, Social Security number (SSN), and other identification details.

2. Suspicious Activity Reports (SARs)— These reports, filed with FinCEN, target potentially illicit behavior. For transactions of $5,000 or more that raise red flags, casinos must file comprehensive SARs within 30 days. Crucially, customers are never informed of these confidential reports.

3. Customer identification and due diligence— These requirements ensure casinos know who they’re serving during critical transactions. While not as extensive as traditional banking’s know-your-customer protocols, casinos must collect and verify customer information — name, birth date, address, and SSN — whenever filing CTRs or SARs or establishing certain accounts. This extends to monitoring gambling patterns for suspicious patterns.

4. Recordkeeping requirements— Rules around keeping records create the documentation foundation for compliance. Casinos must maintain all CTRs, SARs, supporting documentation, account records, negotiable instrument logs, and gaming activity records for five years in organized, accessible formats. Without robust recordkeeping systems, casinos risk missing reportable transactions or a failure to document suspicious activity.

Together, these four interconnected requirements create a comprehensive surveillance network, ensuring casinos serve as vigilant gatekeepers against money laundering while maintaining the integrity of their operations and supporting law enforcement investigations.

Public enforcement

SARs and CTRs are the backbone of Title 31 enforcement. Regulators use them to assess casino activity and compliance — and when reporting lapses, enforcement follows. Casinos that neglect filings or run weak AML programs face fines and mandated overhauls, while those with strong reporting and internal controls can largely avoid penalties.

The stark disparity between SAR filings and enforcement actions reveals a troubling enforcement gap.��, financial institutions filed tens of thousands of SARs annually, yet only were completed during this entire period. This represents an enforcement rate that is virtually non-existant.

This enforcement deficit becomes even more striking when viewed historically.��As recently as 2000, fewer than 20 SARs were filed annually. Despite this dramatic 1,000-fold increase in reporting over two decades, enforcement actions have remained stagnant.

Indeed, the numbers tell a clear story: The current system generates massive volumes of reports but delivers minimal accountability. This, in turn, undermines the entire purpose of the SARs system and calls into question whether these reporting requirements are achieving their intended deterrent effect.

Enforcement revived in 2024, and the AML Act of 2020 also has raised expectations and risks. All casinos — large or small — must treat BSA compliance as core duty. That means casinos need to file accurate, timely CTRs; investigate and report suspicious activity via SARs; and then act on those insights to mitigate risk. Recent cases — from suppressed SARs to absent AML programs — show that failures are costly and reputationally damaging.

SARs and CTRs are the backbone of Title 31 enforcement. Regulators use them to assess casino activity and compliance — and when reporting lapses, enforcement follows.

Casinos have incurred multi-million-dollar fines for serious compliance violations, including deliberately failing to maintain AML programs, ignoring BSA requirements, and neglecting to report suspicious transactions. Additional penalties have been imposed for persistent AML deficiencies and the use of misleading compliance policies. Many of these violations occurred within some casinos over multiple years, demonstrating systemic, long-term compliance failures rather than isolated incidents.

These patterns reveal that the problems extend far beyond simple administrative mistakes. Instead, they represent fundamental breakdowns in comprehensive compliance programs — failures that can only be detected and addressed through extensive data analysis using information that must come directly from the casinos themselves.

Effective filings of SARs and CTRs serve as a double-edged sword: They not only fulfill a critical regulatory obligation but also act as a barometer of a casino’s commitment to compliance. When done well, these filings protect the institution from potential sanctions and reputational damage. Conversely, poor execution can lead to severe penalties and, more alarmingly, enable illicit activities.

The requirements are straightforward. Casino operators need to prioritize compliance investments, thoroughly know their customers, submit accurate reports, and cultivate a culture that encourages the identification of suspicious transactions. The consequences of non-compliance are steep, both financially and in terms of facilitating crime.

As FinCEN underscores, a robust compliance framework is essential to maintaining the integrity of the financial system. By embracing this responsibility, casinos can establish a strong foundation for regulatory adherence — and those that fail to do so can expect rigorous enforcement action.

You can find out more about how businesses, like casinos, are managing the threat of fraud here