Key insights:

• • • SAR volume is significantly underreported — Continuing and amended filings add approximately 20% to the official count yet remain invisible in trend analyses.

    • Filing activity is highly concentrated — A few large financial institutions dominate SARs volume, meaning trends reflect their practices more than systemic changes.

    • Agentic AI will drive a surge in SARs — Agentic AI risks increased noise over actionable intelligence, without addressing the unresolved question of whether current filings yield meaningful law enforcement outcomes.

The Suspicious Activity Reports (SAR) that financial institutions file with the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) provide valuable insight, although they may not offer a comprehensive picture.

Prior to meaningful discussions regarding the future of SARs, it is essential for the financial crime community to clarify what is being measured. In 2025, for example, SAR filings of more than 4.1 million, representing an almost 8% increase compared to the total number of SARs filed in 2024.

Every figure FinCEN has published reflects original SARs only. Continuing activity SARs, which represent roughly 15% of all filings, are submitted under the original Bank Secrecy Act (BSA) identification number and never appear as new filings. Corrected and amended SARs add another 5% on top of that. This makes the real volume of SARs activity approximately 20% higher than what is reported.

The average community bank files fewer than one SAR a week, while the largest institutions file more than 500 a day.

Recent FinCEN guidance giving financial institutions more flexibility around continuing activity SARs sounds significant on paper, but as former Wells Fargo BSA/AML chief Jim Richards points out: “It won’t change the reported numbers — because those filings were never counted to begin with.” Financial crime professionals need to keep that gap in mind every time a trend line gets cited.

2025 was steady, not spectacular

There were roughly 300,000 SARs filed every single month of 2025, and the most notable thing is that nothing notable happened. That is likely a first on the volume side and worth acknowledging, but beyond that milestone the year did not hand financial crime professionals anything noteworthy. In a space that has dealt with pandemic distortions, crypto chaos, and fraud spikes that seemed to come out of nowhere, steady volume and predictable patterns are a little surprising. A quiet data set, however, is not the same as a quiet landscape, and financial crime professionals who are reading stability as stagnation may find themselves flat-footed when the numbers start moving again.

For example, one of the most underleveraged insights in the SARs space is just how concentrated filing activity really is. The numbers are stark: The top four banks file more SARs in a single day than 80% of the rest of the banks file in 10 years, according to 2019 data from a .

The average community bank files fewer than one SAR a week, while the largest institutions file more than 500 a day. “50 a year versus 500 a day,” notes Wells Fargo’s Richards, adding that such asymmetry has real implications for how the financial industry interprets trends. Meaningful movement in SARs data, up or down, is almost entirely dependent on what a handful of mega-institutions decide to do.

Not surprisingly, money services businesses (MSBs) are the second largest filing category, and virtual currency exchanges are almost certainly driving recent growth there, even if outdated category definitions make that difficult to confirm directly. Credit unions round out the top three.

The filing philosophy hasn’t changed and shouldn’t

Regulatory noise occasionally suggests that institutions should be more selective about what they file. However, compliance and legal reality have not shifted. No institution has ever faced serious consequences for filing too many SARs, and the cases that result in enforcement actions, reputational damage, and regulatory scrutiny are consistently about missed filings or late ones.

“You’re not going to get in trouble from filing too much,” Richards says. “Nobody ever has, and I doubt if anyone ever will.” For financial crime professionals, the calculus remains exactly what it has always been — when in doubt, file. That posture isn’t going to change, and frankly it shouldn’t.

Yet, here is where the SARs space gets genuinely interesting. Agentic AI use in SARs filings — systems in which multiple AI agents work through a case from screening to decision to documentation — is beginning to move from concept to deployment. The impact on filing volume likely will be significant.

The risk is a system flooded with AI-generated SARs of variable quality, creating more noise for law enforcement to sort through rather than sharper intelligence to act upon.

Whereas a small team today might work through a handful of cases a week, AI-assisted workflows could push that into the dozens. Multiply that across institutions already inclined to file rather than miss something, and the result is a coming surge in SARs volume that could play out over the next two to four years.

“Agentic AI has the potential to be a game changer on how we do our work,” Richards explains. “But I believe it’ll guarantee that there will be more SARs filed and not necessarily better and fewer SARs filed.” Indeed, the critical point for the financial crime community to internalize is exactly that.

The risk is a system flooded with AI-generated SARs of variable quality, creating more noise for law enforcement to sort through rather than sharper intelligence to act upon. Once the largest institutions adopt agentic AI as a best practice, others will follow quickly, and regulators will likely be several steps behind.

The value question can’t wait

The has been in place since 2014. Yet after 12 years of filings, the financial crime community still lacks a clear public accounting of whether that data has produced actionable law enforcement outcomes.

So, the question Richards is asking is one the entire industry should be asking: “Has anybody asked law enforcement?”

This question reflects a larger challenge that the industry needs to confront more aggressively, especially as AI technology is set to dramatically increase filing volume across the board. Increasing the volume without improving how the information is used does not represent progress. If SARs are not generating real investigative value, the solution is not to file more of them faster — instead, the pipeline should be fixed before it grows any bigger.

Please add your voice to ��������’ flagship , a global study exploring how the professional landscape continues to change.��

• • • The ceasefire is between the US and Iran and is not a regional peace —��Israel launched its heaviest strikes yet on Lebanon within hours of the announced deal. Iran hit oil infrastructure in Kuwait, the UAE, Bahrain, and Saudi Arabia — including the East-West Pipeline, the primary route for bypassing the Strait of Hormuz. Companies planning around a return to normal should instead plan around the idea that the war has narrowed, not ended.

    • If the disruption stays within one quarter, the economic damage is painful but reversible — The Dallas Fed projects WTI oil at roughly $98 per barrel with a modest GDP hit in a short-closure scenario. The catastrophic scenario — WTI above $132 with sustained negative growth — requires the closure of the war to drag past Q2. Every week the ceasefire holds improves the odds, but Iran’s strike on the Saudi bypass pipeline complicates even the optimistic timeline.

    • Iran may have stumbled into the most lucrative chokepoint tax in modern history — At conservative estimates, transit fees charged for traversing the Strait of Hormuz could generate $40 billion to $50 billion for Iran annually, or roughly 10% to 15% of Iran’s pre-war GDP — all at near-zero operating cost. That revenue stream inverts Tehran’s incentives. Indeed, keeping the toll system in place may now be worth more than restoring free transit.

On April 7, less than two hours before a self-imposed deadline that threatened the destruction of Iran’s civilian infrastructure, President Donald J. Trump announced a two-week ceasefire in the war in Iran that began on the last day of February and continued over 38 days of sustained air strikes by the Unites States and Israel. In turn, Iran carried out retaliatory attacks across over a dozen countries and forced the effective closure of the Strait of Hormuz.

With the ceasefire, all that has paused. Yet, the question every boardroom, general counsel’s office, and procurement team is asking right now is simple: How can I plan around this?

The honest answer is, not yet — and the first 24 hours have already shown why.

A fragile, but functional peace

The ceasefire is remarkably thin, and it’s based on three operative clauses: i) the US and Israel halt strikes on Iran; ii) Iran halts retaliatory attacks on the US and Israel; and iii) Iran allows “safe passage” through the Strait of Hormuz. Everything else — from nuclear terms, sanctions, reconstruction, and the legal status of Hormuz transit — has been punted to negotiations in Islamabad beginning April 10, with Pakistan mediating.

With the ceasefire, the question every boardroom, general counsel’s office, and procurement team is asking right now is simple: “How can I plan around this?”

However, what the ceasefire covers matters less than what it doesn’t. Within hours of the announcement, Israel launched its heaviest strikes yet on Lebanon, and Iran warned it would withdraw from the ceasefire if attacks on Lebanon continue. Meanwhile, Kuwait, the UAE, and Bahrain all reported fresh Iranian missile and drone strikes targeting oil, power, and desalination infrastructure after the ceasefire was in place. Most critically, Iran struck Saudi Arabia’s East-West Pipeline, the main route by which Gulf producers have been rerouting oil to bypass the blockaded strait.

That pipeline strike should command attention in every supply chain and energy risk briefing this week because it signals how shaky the agreement is, and that Iran remains a long-term threat to vital infrastructure across the region.

For companies operating in or sourcing from the Gulf, the practical implications are immediate. This is not a ceasefire that restores pre-war operating conditions; rather it is a bilateral pause between two belligerents while the regional war continues around them. Insurance premiums, shipping risk assessments, and supply chain contingency plans should reflect that distinction until there is a meaningful shift.

What does this mean for the next two weeks?

Both sides are claiming victory — and increasingly, claiming different deals. Trump called Iran’s 10-point proposal “a workable basis on which to negotiate”; and Iran’s Supreme National Security Council called the ceasefire a “crushing defeat” for Washington. The White House now says the 10-point plan Iran is publicly circulating differs from the terms that were actually negotiated for the ceasefire. Tehran, meanwhile, says there is no deal at all if Lebanon isn’t included — a condition the US has not acknowledged. And of course, the Strait of Hormuz remains closed.

These are not the hallmarks of a stable agreement; but they may be the hallmarks of a durable one. The deal is thin enough so that each side can brief its domestic audience on a different story, and as long as neither is forced to reconcile those stories publicly, the pause holds.

And the incentives to keep talking are asymmetric but real. The US has watched gas prices surge past $4 nationally as domestic support for the war — which started at levels best described as in a hole — continued to drop even further. Goldman Sachs raised its recession probability to 30% and JPMorgan to 35%, and every day the strait stays closed pushes those numbers higher. The administration needs the global economy to exhale and needs distance itself from a war so it can focus on other priorities, including an already difficult midterm election cycle.

With the ceasefire, all that has paused. Yet, the question every boardroom, general counsel’s office, and procurement team is asking right now is simple: How can I plan around this?

Iran, for its part, wants the bombing to stop. Its conventional navy has been functionally destroyed, its air defenses are highly degraded, its nuclear facilities have sustained severe damage, and its cities, bridges, and transportation networks have been hit repeatedly. The regime survived and arguably emerged with greater domestic legitimacy than it had before the war, but the physical toll is mounting. Tehran wants the strikes to stop so it can claim victory by survival without incurring any more costs.

This mutual exhaustion is the load-bearing structure of the ceasefire. If the ceasefire holds for 72 hours (as I think it might), and if the strait begins opening to escorted traffic by Friday as Iranian officials have signaled, and if neither side finds a reason to walk away before the Islamabad talks convene, then the ceasefire will likely be extended. Not because the underlying disputes get resolved, but because the cost of resuming hostilities exceeds the cost of continuing to talk. Expect a rolling series of extensions, probably 30 to 45 days at a time, that resolve nothing while letting global markets gradually stabilize.

As we wrote earlier this month, if the disruption remains limited to roughly one quarter, the oil price shock is painful but reversible, ugly, but manageable. And every week the ceasefire holds pushes the trajectory toward the manageable scenario.

What happens after the ceasefire?

Again, if the ceasefire holds, we then have to start thinking about how this conflict resolves. Not surprisingly, this is where it gets uncomfortable.

The conventional assumption in Washington and in global markets is that the Strait of Hormuz will return to normal once the fighting stops. That assumption underestimates what Iran has built.

Iran’s parliament is working to pass a Strait of Hormuz Management Plan, codifying its claimed sovereignty over strait transit and establishing a legal framework for collecting toll fees. Media reports indicate Iran has been charging vessels between $1 million and $2 million per transit and is planning to keep charging those tolls for all ships as the strait reopens. So, at $1 million per ship, and with up to 135 transits per day, 365 days a year, that’s about $40 billion to $50 billion in annual revenue for Iran, or up to 15% of Iran’s pre-war GDP. All at an operating cost that approaches zero.

Iran didn’t enter this war planning to build the most lucrative chokepoint tax in modern history, but it may have stumbled into exactly that.

Compare that to Iran’s oil sector, which generated approximately $53 billion annually in 2022 and 2023, required massive capital investment and maintenance, and was subject to constant disruption. The toll revenue is comparable in scale, dramatically cheaper to operate, and immune to sanctions. If the final number is even a fraction of this, it’s still a massive financial shot in the arm for Iran that could become a far greater advantage than the damage to capital that the war has inflicted upon the state.

Iran didn’t enter this war planning to build the most lucrative chokepoint tax in modern history, but it may have stumbled into exactly that.

Of course, this changes the structural incentives around the Strait of Hormuz in ways most analysts haven’t fully absorbed. A permanent toll system gives Iran a revenue base to rebuild the military assets it lost, reduce its dependence on oil exports, and fund domestic investment that could blunt future protest movements. The regime’s cost-benefit calculus has inverted: Keeping the toll operational in place may now be worth more than restoring the pre-war status quo.

For the US and Israel, the only way to dismantle this arrangement is by force and the last 38 days demonstrated the limits of that approach. The US achieved air and naval superiority, destroyed Iran’s conventional military, and killed the supreme leader. None of it was enough to compel capitulation, and in fact, may not have even come close. A second campaign faces the same likely result, against a population now unified by the experience of surviving the first one.

The war didn’t just disrupt global trade. It may have permanently repriced the most important shipping lane on Earth — and left every piece of energy infrastructure in the Gulf more vulnerable than it was before the first air strike landed.

Please add your voice to ��������’ flagship , a global study exploring how the professional landscape continues to change.��

Key insights:

• • • Non-compliance is significantly more expensive than compliance — Data consistently shows the cost of non-compliance can be greater than proactive compliance investments.

    • Reputational damage and hidden costs often outweigh direct fines — Beyond financial penalties, the damage from legal fees, loss of customer trust, and operational disruptions from non-compliance can inflict long-term harm.

    • Strategic investment in compliance yields a competitive advantage — A robust compliance program builds trust, attracts investors, and demonstrates greater operational resilience in a complex regulatory landscape.

There’s a persistent myth in the business world that compliance programs are a necessary burden, a line item to be minimized and managed rather than invested in strategically. The data tells a very different story, however, and it has for quite some time. For organizations still treating compliance as an overhead expense, it’s time to reconsider the math and view the broader strategic picture.

The numbers don’t lie: Non-compliance costs more

Non-compliance costs are 2.65-times the cost of compliance itself, a finding that dates back to the of multinational organizations. While the average cost of compliance for the organizations in that study was $3.5 million, the cost of non-compliance was much greater. That means simply by investing in compliance activities, organizations can help avoid problems such as business disruption, reduced productivity, fees, penalties, and other legal and non-legal settlement costs.

According to a later report from from 2017 (the most recent set of analytical data on the subject), the numbers have only grown more striking. The study showed that average cost of compliance increased 43% from 2011 to 2017, totaling $5.47 million annually. However, the average cost of non-compliance increased 45% during the same time frame, adding up to $14.82 million annually. The costs associated with business disruption, productivity losses, lost revenue, fines, penalties, and settlement costs add up to 2.71-times the cost of compliance.

And these non-compliance costs from business disruption, productivity losses, fines, penalties, and settlement costs, among others aren’t simply abstract risks. They’re real, recurring, and measurable, and they don’t stop with the fine itself.

Beyond the fines themselves, legal costs are a significant and often underestimated component of non-compliance.

This gap between compliance and non-compliance provides evidence that organizations do not spend enough of their resources on core compliance activities. If companies spent more on compliance in areas such as audits, enabling technologies, training, expert staffing, and more, they would recoup those expenditures and possibly more through a reduction in non-compliance cost.

While the math here is straightforward, the strategic case is even clearer. Compliance isn’t overhead; rather, it’s an investment with a measurable, proven return.

The hidden costs: Legal fees, fines & reputational fallout

Regulatory fines get the headlines, but they represent only part of what non-compliance actually costs an organization — a cost that has only risen over time. As of February, a total of 2,394 fines of around €5.65 billion have been recorded in the database, which lists the fines and penalties levied by European Union authorities in connection with its General Data Protection Regulation (GDPR).

Beyond the fines themselves, legal costs are a significant and often underestimated component of non-compliance. Regulatory norms are shifting constantly and navigating them requires specialized expertise. As quickly as the rules change, outside counsel and compliance specialists must keep pace, and that knowledge comes at a price. Every alleged compliance violation triggers an immediate need to engage qualified counsel, adding to a cost burden that compounds quickly and unpredictably.

Then there is reputational damage, perhaps the most enduring consequence of all. The cost of business disruption, including lost productivity, lost revenue, lost customer trust, and operational expenses related to cleanup efforts, can far exceed regulatory fines and penalties. Consider , whose compliance failures around its anti-money laundering (AML) efforts became a cautionary tale for the industry. TD Bank’s massive $3 billion in fines from US authorities wasn’t just the result of a few missteps; rather, it was caused by years of deep-rooted failures in its AML program, pointing to a culture that prioritized profit over compliance.

The findings from both the 2011 and 2017 studies provide strong evidence that it pays to invest in compliance.

TD Bank’s failure to make compliance a priority not only led to a huge fine but also seriously damaged its reputation, with revising TD’s outlook to negative in May 2024, where it remains. This is the kind of a reputational stigma that can take years to repair.

Leveraging compliance as a competitive advantage

There is also a positive side of the ledger that often goes unacknowledged. A robust compliance program signals to investors, partners, and clients that an organization is well-governed and trustworthy. That reputation doesn’t just retain market value; it actively attracts it.

Organizations that cut corners in compliance risk engaging in a short-sighted, high-risk strategy that will ultimately result in a negative outcome for the organization. Businesses that take compliance seriously tend to operate with greater predictability, fewer surprises, and stronger stakeholder confidence.

The 2017 Ponemon and Globalscape and study found that, on average, only 14.3% of total IT budgets were spent on compliance then, not much of an increase from the 11.8% reported in 2011. This clearly indicates that organizations are underspending on core compliance activities in the short term and aren’t prepared to allot further resources as the years go on. That gap represents not just risk, but a clear missed opportunity.

“The findings from both the 2011 and 2017 studies provide strong evidence that it pays to invest in compliance,” explains Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute. “With the passage of more data protection regulations that can result in costly penalties and fines, it makes good business sense to allocate resources to such activities as audits and assessments, enabling technologies, training, and in-house expertise.”

The organizations that recognize compliance as a strategic function, not a reactive one, are the ones that will earn the trust of clients, the confidence of investors, and the operational resilience to weather an increasingly complex regulatory environment. The data is clear, and the choice is a critical one.

Please add your voice to ��������’ flagship , a global study exploring how the professional landscape continues to change.��

Key takeaways:

• • • Human trafficking is a financial crime — Without the financial system, human trafficking networks cannot operate at scale. Banks, compliance officers, money transmitters, and casinos are uniquely positioned to detect suspicious patterns.

    • The 2026 World Cup amplifies existing risks — With 5.5 million additional visitors expected in Mexico City alone, criminal networks will exploit the surge in cash flows, new customers, and cross-border movement.

    • Red flags are observable in financial behavior — Human trafficking networks often leave detectable financial footprints, which is why financial institutions must update monitoring systems and stay alert to unusual transaction spikes during the tournament.

MEXICO CITY — As the 2026 FIFA World Cup get ready to hold its tournament in June and July across three North American countries, anti-human trafficking experts are meeting as well and attempting to address the challenges facing the three host countries of the largest World Cup in history.

To that end, the Association of Certified Anti-Money Laundering Specialists (ACAMS), in partnership with ��������, organized one such event, focused on the scourge of human trafficking that often surrounds large sporting events like the World Cup.

One speaker at the event noted an important clarification in the difference between human trafficking and human smuggling — two terms that are frequently confused yet carry vastly different legal and humanitarian implications. The key distinction lies in consent and the nature of the crime. In human smuggling, the individual being transported across borders consents to the movement, typically driven by socioeconomic necessity, and the offense is considered a crime against the state. Human trafficking, by contrast, is a crime committed directly against the victim, often involving exploitation through force, coercion, threats, or deception, and does not require the crossing of any international border.

The ACAMS event challenged the common belief is that human trafficking is exclusively sexual in nature. In fact, there are 10 additional forms of exploitation beyond sexual abuse, including slavery, forced labor or services, use of minors in criminal activities, forced marriage, servitude, labor exploitation, forced begging, illegal adoption of minors, organ trafficking, and illicit biomedical experimentation on human beings.

As the World Cup approaches, financial institutions’ compliance teams must recognize that the same operational conditions that make major sporting events exciting are precisely the conditions that money launderers and traffickers seek to exploit.

Still, sexual exploitation remains the dominant form of human trafficking. Indeed, it is the second most lucrative illicit business in the world after drug trafficking, with every 15 minutes of sexual abuse of a trafficking victim generating approximately $30.

Of course, without clients, there is no demand, said one speaker from the ÁGAPE Foundation, an organization that works to raise awareness against gender-based violence and human trafficking.

Financial sector as a key line of defense

When identifying human trafficking, it’s wisest to examine it from a financial perspective to find important indicators, according to several speakers. Indeed, the financial sector plays a critical role given its capacity to detect suspicious accounts and payments, shell companies, cash movements, digital platforms, and commercial operations.

For example, when a customer opens an account or conducts a transaction, certain red flags can be visible, including whether the customer needs to consult notes to answer basic questions such as their address or occupation, or that their responses are not spontaneous or natural. Also, another indicator is if the customer’s profile is inconsistent with the type or volume of transactions being conducted.

For financial institutions, there are other patterns that have triggered alerts in illicit activity in the past, including near-immediate deposits and withdrawals with no clear justification for the cash flow, or multiple individuals registered at the same address or linked to the same account.

Similarly, another red flag would be if there’s a high number of accounts opened from the same state or municipality with similar patterns, particularly in areas identified as origin points for trafficking networks; or, payment of multiple short-term rentals or payments abroad to unverifiable recruiters or employment agencies.

Financial institutions should be on the lookout for companies that file no tax returns or invoice simulated transactions, or that use of front men to open accounts or conduct operations.

Also, new businesses whose declared activity does not correspond to their financial operations should be flagged, as well as any frequent, large-volume purchases of condoms, lingerie, or women’s clothing inconsistent with the declared business activity.

Indicators at the 2026 World Cup

In the context of major sporting events such as the World Cup, existing risks are significantly amplified, several speakers pointed out. Sexual tourism, including the commercial sexual exploitation of children and adolescents, is a known and serious threat. Indicators that are relevant not only for the financial and banking sectors, but also for the real estate, tourism, transportation, hospitality, and restaurant industries including unusual accommodation requests, such as deactivating security cameras, delivering keys through third parties, or inquiring about the presence of neighboring guests.

When identifying human trafficking, it’s wisest to examine it from a financial perspective to find important indicators, and the financial sector plays a critical role given its capacity to detect suspicious accounts.

These industries should also be on the lookout for any adult or group of adults traveling with an unusually large number of minors, or individuals who travel in silence and are accompanied by someone who appears to exercise visible control over them.

As the World Cup approaches, financial institutions’ compliance teams must recognize that the same operational conditions that make major sporting events exciting — high transaction volumes, new customers, cross-border flows, and institutional attention diverted toward the event itself — are precisely the conditions that money launderers and traffickers seek to exploit.

For these compliance teams, monitoring systems must be updated, know-your-customer processes must go beyond documentation and reflect a genuine understanding of the client’s activity and context, and on-site verification visits must be conducted by personnel who know exactly what they are looking for.

The financial sector does not need to become an investigative body; however, it does need to remain alert, informed, and willing to report. Indeed, this is exactly what the compliance function exists for, and in the context of human trafficking, the cost of silence is measured not in fines or reputational damage, but in human lives.

Please add your voice to ��������’ flagship , a global study exploring how the professional landscape continues to change.��

Key takeaways:

• • • Q2 is a wound that heals if the war stops — Oil spikes, inflation revisions, and supply disruptions are painful but mostly reversible in a short-war scenario. The exception is insurance and risk premiums for Gulf maritime transit, which are permanently repriced.

    • Q3 is a wound that scars — Sustained oil at $130 per barrel changes household and business behavior in ways that don’t snap back. Recession probability crosses the coin-flip threshold and supply chain disruptions cascade into industries far from the Gulf.

    • Q4 is a different body — Even if the war ends, the global economy has rebuilt itself around the disruption. Trade routes, supplier relationships, and risk models have been permanently rewired, especially if there is nothing structural to prevent the Strait from closing again.

This is the second of a two-part series on the impact of the war with Iran as the conflict continues. In this part, we’ll walk through what a quarter-by-quarter economic scenario would look like if the war continues.

Previously, we made the case that the US-Iran war is unlikely to end quickly. The regime hasn’t collapsed, the asymmetric force controlling the Strait of Hormuz is nowhere near neutralized, and diplomacy seems dead on arrival. Most significantly, the United States military is escalating, not winding down.

While the first part of this series was about the military and diplomatic picture, this piece is about your balance sheet.

What follows is a quarter-by-quarter map of what a prolonged conflict means for the global economy, charted from now through Christmas 2026. We’ll cover how oil, supply chains, GDP forecasts will be revised in real time, and how disruptions that look temporary in Q2 could trigger a permanent rewiring of how the global economy moves goods, prices risk, and sources critical inputs.

Even if your company doesn’t import a single barrel of Gulf crude, you could still get hit by this. Indeed, if you’re plugged into the global economy like the rest of us, you’re going on this ride.

Q2 2026 (April–June): The wound that heals

If the war ends by the close of the second quarter on June 30, most of the damage is reversible — painful, but reversible.

Brent crude is up about 60% since before the start of the war when it was roughly $70 per barrel; and Capital Economics , prices could fall back toward $65 by year-end. The interim outlook from the Organisation for Economic Co-operation and Development (OECD) now to be 4.2% for 2026, up sharply from 2.8%, assuming energy disruptions ease by mid-year. If that assumption holds true, it’s likely we’ll be able to muddle through the pain.

Even in the most optimistic scenario, however, Q2 introduces disruptions beyond oil that most people aren’t tracking. The Gulf supplies roughly 45% of global sulfur, and Qatar produces around one-third of the world’s helium, which is essential for semiconductor manufacturing. Further, Qatar’s liquified natural gas (LNG) production was significantly damaged by Iranian strikes.

Even in the most optimistic scenario, however, Q2 introduces disruptions beyond oil that most people aren’t tracking.

Further disruptions in fertilizer supply chains could delay spring planting, which could ripple into agricultural yields well into 2027. These effects don’t snap back the moment oil flow normalizes; they have their own timelines.

And here’s the one thing that doesn’t reverse even in the best case — risk premiums. The Strait of Hormuz was priced as a chokepoint that would never actually close. So when it did, that repricing is permanent and will be felt across the world as risk around other too important to fail chokepoints is itself reevaluated and priced higher.

Q3 2026 (July–September): The wound that scars

If a Q2 end to the war represents a recoverable spike, a Q3 end is where the word structural starts showing up in the discussion.

Capital Economics models Brent at roughly $130 per barrel — or roughly 14% higher than where it is now — in a prolonged scenario. At those prices, the damage stops being abstract. And Moody’s Analytics chief economist Mark Zandi estimates that every sustained $10-per-barrel increase . At $130 (nearly double pre-war levels) that’s approaching $2,700 per family. That is the kind of money that changes behavior.

In this case, Zandi says, especially if the cost of oil stays elevated for months — and by Q3, it would have. Moody’s recession probability model was pushing 50% in late-March when oil was $108 per barrel. At $130, the math speaks for itself.

Again, in this scenario, the damage fans out beyond energy. Fertilizer shortages hit crop yields, and helium disruptions cascade into semiconductors, automotive, and medical devices. The potential impact on AI-related manufacturing alone could spook investors already primed to see AI as a bubble. Capital Economics projects Eurozone growth at 0.5% and Chinese growth below 3%. Emerging markets could face forced rate hikes that deepen their own recessions.

This is the quarter in which contingency plans become operating assumptions. The question is no longer When does this go back to normal? —��rather the question is whether normal is coming back at all.

Q4 2026 and beyond: The different body

Here’s what most forecasts don’t capture about a war that continues passed Q4: It almost doesn’t matter whether the war is still active or not. The damage has changed shape, and it’s no longer about what the conflict is doing to the global economy. Instead, it’s about what the global economy has done to itself in response.

Companies that spent Q2 and Q3 diversifying away from Gulf suppliers have now spent real money building alternatives. They are not going back to their pervious pathways even if there is a ceasefire. The sunk costs make the reversal unthinkable, and the memory of this conflict makes it irrational. No supply chain director is walking into a boardroom to recommend re-concentrating risk in a chokepoint that closed once and might close again.

The prudent approach for companies remains clear. They should plan for the war to last into at least Q2, probably Q3, with structural effects persisting beyond.

Because, of course, it could close again. If Iran emerges weakened but intact, which is the most likely outcome per multiple intelligence assessments, the result is a hostile state with every incentive to reconstitute its asymmetric capabilities the moment the pressure lifts.

Companies are thus going to reroute their future supplies around the Strait rather than through it. High oil prices and the potential for global shortage will also further accelerate green energy initiatives or alternate fuel sources across the globe as oil security reenters geopolitical calculations. Most importantly, every organization’s supply chain will need a reevaluation in light of an increasingly dangerous world, with expensive secondary supply chains becoming more a necessity than a luxury.

That’s the real legacy of a war continuing past the end of this year. Not oil prices on any given day or even insurance premiums, but the permanent repricing of an assumption. The war didn’t just disrupt the flow of goods through the Strait of Hormuz, it broke the premise that some geographies were too big to fail and would be protected and kept open. Once that premise is now broken so thoroughly companies will need to reevaluate whether the concentration of risk in individual areas is a luxury they can afford. Many will find the answer to be no, resulting in an increased push to diversify risk away from single points of failure.

The planning imperative

Fortunately, the best-case scenario remains possible. However, it requires Iran accepting terms it has publicly rejected as existential, its navy being neutralized despite retaining significant asymmetric combat capability, a coalition materializing from countries that have refused to send warships, and mine-clearance operations succeeding with the deck stacked against them. Only then, we’ll see if civilian traffic is willing to risk billions of dollars that the clean-up job was done right. Each is possible, but the odds remain slim.

The prudent approach for companies remains clear. They should plan for the war to last into at least Q2, probably Q3, with structural effects persisting beyond. They should model energy prices at between $120 and $150 per barrel, not $70. The smart companies are the ones building optionality now because the cost of flexibility is far lower than the cost of being caught flat-footed in September.

Four weeks ago, the assumption was that the Strait of Hormuz was too important to close. However, it did, and the assumption that it will reopen quickly deserves the same scrutiny.

You can find out more about the��geopolitical and economic situation in 2026��here

Key insights:

• • • Convenience has outpaced consumer understanding —��Many users treat apps, prepaid accounts, and rewards programs as simple payment tools, remaining unaware they are entrusting their money to entities with few safeguards.

    • Risk is no longer confined to traditional banks — Some of the most significant financial activities now occur within platforms and brands that do not resemble banks at all.

    • Opacity enables systemic vulnerability — The less transparent an institution’s obligations, leverage, and oversight, the easier it is for financial fragility, misconduct, and systemic risk to grow unchecked.

When you think of where money is held, you generally think of a bank. However, as we look at the financial landscape today, money is being held at a wide range of institutions that often have varying levels of safety and oversight. Entities from Starbucks to Visa to Coinbase hold money for individuals, effectively serving as a bank, but often without the regulatory framework that comes with it.

Behind the scenes, it can seem like . In its daily operation, it collects prepaid funds that resemble deposits, holds them as liabilities, and uses them internally — all without offering interest, cash withdrawals, or FDIC insurance. Starbucks’ rewards program holds $1.8 billion in customer cash, and if it were a bank, that would make it bigger, , than 85% of chartered banks, making the coffee chain one of the .

This dynamic extends well beyond coffee shops. “Popular digital payment apps are increasingly used as substitutes for a traditional bank or credit union account but lack the same protections to ensure that funds are safe,” warns the . If a nonbank payment app’s business fails, your money is likely lost or tied up in a long bankruptcy process.

Shadow banking

Think of a Starbucks gift card as a financial instrument. Technically it is one, but no one seriously worries about it being weaponized for any large-scale financial crimes. Most people’s concerns about a gift card is either losing it. The real concern lies not in lost gift cards, however, but in the broader trend: Nonbank institutions managing vast sums without commensurate oversight — and scale matters. A lost gift card is a personal inconvenience; but an unregulated institution managing billions of consumer dollars in leveraged capital is a systemic one.

Shadow banking encompasses credit and lending activities by institutions that are not traditional banks, and crucially, they do not have access to central bank funding or public sector credit guarantees. And because they are not subject to the same prudential regulations as depository banks, they do not need to hold as high financial reserves relative to their market exposure, allowing for very high levels of leverage which in turn can magnify profits during boom periods and compound losses during downturns.

The shadow banking ecosystem is diverse, and each segment of it presents distinct risks:

• • Hedge funds and private equity firms��— Firms like Blackstone, KKR, and Apollo manage vast capital pools using leveraged strategies under limited oversight. Their size and borrowing levels may mean that market reversals can trigger rapid deleveraging, spilling risk into broader markets.
  • Family offices��— A private company or advisory firm that manages the wealth of high-net-worth families, these can operate with even less transparency and often outside direct regulatory scrutiny, enabling them to engage in extreme leveraging and posing risks of sudden collapse.
  • Nonbank mortgage lenders and FinTechs��— This group faces lower capital requirements than traditional banks, leaving thinner buffers to absorb losses during downturns, which can be especially concerning considering this sector’s rapid growth.
  • Crypto exchanges��— Like much of the cryptocurrency ecosystem, these exchanges operate in jurisdictional gray zones, complicating enforcement and enabling illicit financial flows.
  • Money market funds — While these are generally perceived as safe, they can suffer runs if confidence in underlying assets erodes, which can force fire sales that destabilize related markets.
  • Special Purpose Vehicles (SPVs) and Structured Investment Vehicles (SIVs)��— These investment instruments allow large institutions to move risk off their balance sheets, rendering such activity invisible to regulators.

Shadow banking may be the single greatest challenge facing financial regulation. These non-traditional institutions act like banks, but without the safeguards that make banks accountable. And where accountability is absent, opportunity often fills the void.

The same opacity that makes shadow banking difficult to regulate also makes it attractive to those with less legitimate intentions. Without mandatory reporting requirements, standardized oversight, or the threat of deposit insurance revocation, these institutions can become conduits for money laundering, fraud, terrorist financing, and sanctions evasion in ways that traditional banks simply cannot. The question is no longer whether these vulnerabilities exist, but how they continue to be exploited.

The challenge of regulation

The global financial system has always evolved faster than the rules designed to govern it. What began as a coffee loyalty program and a few alternative lending platforms has quietly morphed into a parallel financial universe, one that moves trillions of dollars with a fraction of the transparency that traditional banking requires. That gap between innovation and oversight is not just a regulatory inconvenience, it’s an open door for illicit actors.

Closing that door will require more than periodic enforcement actions or piecemeal legislation. It will require regulators, lawmakers, and institutions to reckon honestly with how broadly the definition of a financial institution has expanded, and who bears the risk when things go wrong. Because historically, it has not been the institutions themselves; rather it has been the customers, the investors, and ultimately the public.

The first step, of course, is awareness. Recognizing that your money does not need to be in a bank to be at risk and that the custodians of that money need not be offshore shell companies to operate in shadows, can transform how we think about financial safety.

The line between a convenient app and an unaccountable financial intermediary is thinner than most realize. And in the world of financial crime, thin lines have a way of vanishing entirely.

You can learn more about the��many challenges facing financial institutions today��here

Key takeaways:

• • • The US achieved conventional military dominance, but it hasn’t solved the core problem — The navy that was destroyed was never the one controlling the Strait of Hormuz. The asymmetric force that is, the IRGCN, retained 80% of its small-boat fleet and may be able to replenish losses from civilian infrastructure faster than the US can eliminate them.

    • All three pathways to a quick resolution are blocked — The regime has hardened rather than collapsed, the diplomatic positions are nowhere near overlapping, and the US military posture is escalating, including possible ground operations, while allied support remains symbolic.

    • The conflict is likely measured in quarters, not weeks, and the economic difference is not linear — Businesses should be stress-testing against sustained disruption rather than planning for a return to normal, because the conditions required for a rapid resolution would each need to break favorably — and right now, none of them are.

---

This is the first of a two-part series on the impact of the war with Iran as the conflict continues. In this part, we look at different ways the war could wind down quickly, and why none of them offer an immediate pathway.

The war with Iran is not going to be over by the end of this week.

That sentence shouldn’t be controversial four weeks into the ongoing war with Iran being waged by the United States and Israel, but it runs against the grain of how markets, policymakers, and many business leaders have been processing this conflict. The dominant assumption, visible in equity markets that have wobbled but not cratered, is that this is an acute shock with a definable end date.

However, very little about the military, political, or strategic picture supports that assumption.

While I make no claim to predict the war’s exact duration, I can lay out why the most likely scenarios point to a conflict measured in quarters, not weeks — and why that difference matters. In the next part of this series, we’ll sketch the economic consequences on a quarter-by-quarter basis, drawing on the latest projections from top economic thinkers. First, however, here is why this war probably drags on.

The wins aren’t winning…

By a surface level scorecard, Operation Epic Fury has been exactly the kind of lopsided success one would expect of a global superpower that’s going up against a regional player. Iran’s Supreme Leader was killed in the opening strikes, Iran’s conventional navy was sunk at anchor before they could sortie, and full air supremacy by the US appears established. If you were grading this on the metrics that won wars in the 20th century, you’d be forgiven for thinking it was nearly over.

Yet it is not nearly over. The Strait of Hormuz remains effectively closed. Daily transits have collapsed from 138 ships to fewer than five. Approximately 2,000 vessels and 20,000 seafarers are stranded in the region with nowhere to go. Brent crude is at $108 per barrel as of March 26, up roughly 50% since the war began. The International Energy Agency has called the current situation the largest disruption to global energy supplies in history.

The disconnect between the military scorecard and the strategic reality comes down to a single, underappreciated fact that the US destroyed the wrong navy. To be fair, it’s not like they had much of a choice. Iran’s conventional fleet had to go, and it went; however, that was playing on easy mode. Iran’s conventional fleet, its frigates, corvettes, and submarines, was a prestige force built for Indian Ocean power projection.

You can find out more about the here

The force actually designed to fight America, however, is the Islamic Revolutionary Guard Corps Navy (IRGCN), and it is something else entirely: a dispersed network of hundreds of armed speedboats, coastal missile batteries, thousands of sea mines, drone systems, and midget submarines spread across dozens of small bases along hundreds of miles of Persian Gulf coastline. The IRGCN’s entire doctrine, training, and equipment procurement were optimized for exactly one scenario, that of denying the Strait of Hormuz to a technologically superior adversary. That is the war Iran is now fighting.

Even though the IRGCN lost its most advanced platforms, those were not the workhorses of their fleet. The IRGCN retains an estimated 80% of its small-boat fleet, the fast boats that hide among fishing dhows, the crews that can scatter onshore and remount on surviving craft. The US is tasked with the mission of hunting small boats hiding among civilian vessels, in a fight in which Iran is willing to lose dozens of them a day to keep the Strait closed. This is not a mopping-up operation; rather, it is a war of attrition that the US is not structured to win quickly, and one in which Iran can replace its losses in ways a conventional navy cannot. For the US, it’s like trying to empty a bathtub while the spigot is still running.

Further, the math of the Strait itself is unforgiving. Iran had an estimated 5,000 sea mines before the war and has begun laying them. The US Navy decommissioned its last Gulf-based minesweepers in 2025 — timing that, in hindsight, looks catastrophic.

Indeed, the US can sink every major Iranian warship afloat and still not reopen the waterway. That, in fact, is roughly what has happened.

…And the off-ramps are blocked

If conventional military victory hasn’t solved the problem, there are three other ways this war ends quickly. As of late March, however, all three are jammed.

1. The regime isn’t collapsing

A US intelligence assessment completed before the war concluded that military action was unlikely to produce regime change even if Iran’s leadership was killed. That assessment has proven accurate. Iran’s constitutional succession mechanism activated as designed, and a new Supreme Leader, the previous one’s more hardline son, was installed within days. Also, protests are not sweeping the streets. Ideological regimes under external threat tend to harden, not fracture. Indeed, both the Taliban and Hamas have survived worse. The Iranian Islamic Republic, whatever else you want to say about it, appears to be surviving this conflict as well.

2. Diplomacy has nowhere to go

Iran rejected the 15-point plan offered by the US and published five counterdemands, including recognition of Iranian sovereignty over the Strait of Hormuz, which is a nonstarter for the US. Iran’s foreign minister says Tehran has no intention of negotiating, even as President Donald J. Trump insists talks are continuing. These positions aren’t close to overlapping, and both sides are staking their credibility on not budging first.

And Iran has good reason to believe time is on its side. The war is deeply unpopular in the US and the same affordability anxiety that swept Republicans into power is now threatening to sweep them out in the midterms. Tehran knows for every day the war goes on, they get to roll the dice that Trump will back out, giving them a strong incentive to get as many rolls as they can.

3. The military posture is escalating, not resolving

Ground troops, including paratroopers from the 82nd Airborne, are en route to the Gulf or have received deployment orders. Reports indicate the White House is weighing a seizure of Kharg Island, Iran’s primary oil terminal, an operation that would put American boots on Iranian soil for the first time. Seven allied nations signed a statement supporting Strait security, but it’s a paperwork alliance, lacking the kind of committed hardware needed to force a solution to the Strait’s closure.

What does this mean for business?

The Iranian regime isn’t folding, diplomacy doesn’t seem to be catching on, and the US military posture is expanding. None of the conditions point to a rapid resolution, and in fact, several of them point to a prolonged conflict.

If this war is measured in quarters rather than weeks, the economic consequences stop being a temporary, albeit painful price spike and start being a structural disruptive event, one that reshapes supply chains, reprices risk, and forces companies to make hard choices about where and how they operate. The difference between a three-week war and a three-quarter war is not a difference of magnitude, it is a difference in kind.

In the concluding part of this series, we’ll walk through what a quarter-by-quarter economic scenario would look like if the war continues.

Key takeaways:

• • • The supply hit is real, not just priced-in fear — Tanker insurance has collapsed, infrastructure is damaged, and volumes are physically offline. Some of this isn’t coming back quickly.

    • Tax policy is moving in five directions at once — Energy security incentives, BEPS 2.0 rollout, windfall tax rumblings — governments are improvising, and your effective tax rate is caught in the middle.

    • Your Evidence to Recommendations (EtR) guidance is probably already stale — If you haven’t stress-tested your EtR guidance against $100-plus per barrel oil and a multi-quarter disruption, you’re behind.

Let’s be direct: This isn’t a risky premium situation. When military strikes take out Middle Eastern infrastructure in the Persian Gulf and tanker insurers pull out of a corridor carrying 15% to 20% of global crude and liquefied natural gas (LNG), supply goes offline. That’s what’s happened.

At the time of writing, the price of oil continues to fluctuate. The recent release of the , which forecasts and analyze the global oil market, shows that more global markets are starting to say the word recession. And whether or not a recession actually materializes, the energy price environment has shifted in ways that will take multiple quarters, and maybe years, to unwind. For corporate tax departments, the question isn’t whether this changes their planning, it’s whether they’ve caught up yet.

Which scenario-modeling is most worth it?

Most ominously, nobody knows how this all ends, and that’s exactly why your tax team may need more than one base case.

The optimistic read is a short, sharp shock — prices spike, some flows resume, upstream books a windfall quarter, and consuming-country governments start muttering about excess profits taxes. Messy, but manageable.

The harder scenario is prolonged disruption: Hormuz remains constrained for months, along with repeated infrastructure hits with resulting rerouting that permanently shifts where profits land and which entities suddenly have a taxable presence for which they didn’t plan. Not surprisingly, transfer pricing and permanent��establishment��(PE) exposure get complicated fast.

Add to the mix, by the Organisation for Economic Co-operation and Development (OECD) that multinational corporate tax departments are still required to adhere to and now plan for how it may interact and intersect with the other two scenarios.

The policy environment is a mess, but in a very specific way

Here’s what makes this cycle different from 2008 or 2014: Governments are pulling in opposite directions simultaneously. The United States has pivoted hard toward energy dominance — domestic fossils, nuclear, extraction incentives. Meanwhile, BEPS 2.0 is still rolling out unevenly across jurisdictions, which means your organization’s effective tax rate in any given country depends heavily on where it sits in the implementation timeline.

Throw in — which historically shows up about six months after prices stay high and voters get angry — and you have an environment in which the gap between your statutory tax rate and your actual sustainable rate could widen fast if you’re not actively managing it.

5 actions tax team leaders can take now

Of course, none of these are new concepts; but in a fast-moving situation, the basics that get done quickly will beat the sophisticated that gets done late.

First, rebuild your EtR guidance around at least three commodity paths. Not as a theoretical exercise — as something your CFO can actually present to the board with a straight face.

Second, map out which legal entities are genuinely exposed to Hormuz-dependent flow volumes. Companies’ operations and trading teams often know this; but the tax team too often doesn’t until there’s a problem. Close that knowledge gap now.

Third, re-rank your project pipeline on a real after-tax basis. Updated incentive assumptions, global minimum tax, domestic versus cross-border production — run all the numbers again. Some projects that looked marginal six months ago may look very different now, and vice versa.

Fourth, build a windfall tax playbook before you need one. The data you’d need to defend your profit levels and capital allocation decisions takes time to pull together. Don’t leave that work until the week the legislation drops.

Fifth — and this is the one that gets skipped most often — make sure the company’s tax, treasury, and trading groups are talking to each other in real time. Hedging decisions, financing structures, physical flow changes — all of these have tax consequences, and they’re happening fast right now.

One final thought

Corporate tax departments that come out of this looking good won’t be the ones that predicted the conflict. They’ll be the ones who translated what’s happened into specific, actionable data and numbers for their leadership — presented quickly, clearly, and with their own company’s footprint in mind.

That’s the brief. Now go build it.

You can find more of our coverage of the impact of the ongoing War in Iran here

Key insights:

• • • Crypto crime is likely much bigger than it appears — Blockchain forensics firms only report what they can prove with 99%-plus accuracy, meaning the true scale of crypto crime is likely far larger than official reports suggest.

    • False negatives are still a problem — While achieving incredibly low false positive rates, these strict standards result in significant false negatives, with firms missing up to 75% of known criminal addresses in tested datasets.

    • This reporting gap reveals hidden losses — FBI data shows higher losses than do forensic reports and when accounting for the 85% of fraud victims who never report crimes, actual losses could exceed $110 billion annually.

Law enforcement has known about crypto-related crime for more than 14 years now. Five years ago, I felt these industry reports left a lot to be desired. A lot has happened in since then, however, and I have learned that clarity is becoming more important than caveats, because even my own are being taken out of context by the cryptocurrency ATM industry.

The myth of “crypto crime”

Nick Furneaux points out — spoiler: it’s all just financial crime. Yet, the blockchain forensics industry still has the annual tradition of issuing crypto crime reports that end up getting reviewed . However, my previous post showed how the prevailing reports appeared to prove Nick’s point, stating that crypto crime represented just — effectively, a rounding error.

I wrote that these reports needed to be heavily caveated, as the figures identified were clearly smaller than the figures that may have been reasonably expected. In fairness to the industry, reports have since incorporated caveats on nearly all stated figures. However, this has still not stopped the industry from cherry picking figures that support the argument that there is no such thing as crypto crime.

The ironically good news in this year’s reports has been that the official figures for illicit activity across the industry has increased to of all crypto activity for the . This increase is an indicator that the industry has gotten better at identifying criminal activity; and while there is still room for improvement, we are moving in the right direction.

Art vs. science

The companies producing these reports continue to hold some of the largest datasets on crypto-crime and blockchain metadata in the world. They are ideally placed to speak to these trends in illicit activity in the crypto ecosystem. However, one of the early arguments in blockchain forensics was that it is not as effective as some people were claiming.

In the landmark case, (colloquially known as the Bitcoin Fog case), blockchain intelligence platform CipherTrace claimed that blockchain forensics was more of an art than a science. Based on evidence from Chainalysis, the case’s acknowledged blockchain forensic evidence was admissible in criminal court to based on the methods used.

Understanding the limits of these reports requires an understanding of the core audience for these forensic firms: Law enforcement, which has a high burden of proof to achieve before going to court with any evidence.

Chainalysis has been doing this for 12 years at this stage and has been one of the only services to undergo a of its data, albeit a tiny sample size of its overall dataset. In the last five years, competitor TRM Labs has become an industry leader based on its focus on blockchain intelligence and law enforcement support.

The accuracy trap

Understanding the limits of these reports requires an understanding of the core audience for Chainalysis and TRM Labs: Law enforcement, which has a high burden of proof to achieve before going to court with any evidence. As such, the standard held by industry leading companies is that a data model should achieve an accuracy level of 99%-plus. However, as with any machine learning algorithm, it is incredibly difficult to guarantee 100% accuracy. Still, 99% accuracy is higher than human-based systems are expected to have.

Despite this commitment to high standards, the blockchain forensics industry has come under fire for false negatives. In the academic research of Chainalysis’ data, researchers found its false positive rate to be 0.01%, 0.15%, and 0.11%, respectively across the three datasets, or at least 99.85% accuracy for what was in their tool. Obviously, this is much more scalable and accurate in the modern world in which criminals are using AI than having humans unravelling these datasets manually. However, this level of certainty does paradoxically result in a surprising level of false negatives.

Indeed, Alison Jimenez, of Dynamic Securities Analytics, pointed out that Chainalysis missed a significant percentage of all addresses in the three sample datasets. The study looked at coverage of three known illicit services: BestMixer, Hansa Market, and Wall Street Market.

Chainalysis was found to have been able to identify 25%, 79%, and 95% of the sampled addresses, respectively. While this may seem like the company is negligent to suggest they can identify crime when it missed 75% of Best Mixer addresses, a service designed to obfuscate the flow of funds, the reality is that identifying any of these services is pretty difficult in the first place — especially in a world in which criminals are actively trying to escape surveillance. And remember, this is just the data that made it to production; Forensics firms are still able to assist law enforcement to make informed decisions on their investigations based on a range of additional data that never gets surfaced in the tool or in reports.

The reporting gap

These forensic companies are unable to publish informed estimates of the level of crime, but they are saying that they have identified at least $154 billion dollars in illicit activity in 2025. These tools also assist law enforcement with investigations which they may not always have permission to include in their datasets. Yet, investigators can still use the technology to carry out their investigations safe in the knowledge that their evidence will be admissible in court. That means, the $154 billion figure is effectively a floor, not a ceiling for the potential effectiveness of blockchain forensics.

The FBI counts what victims report, whereas forensic firms count what they can prove on-chain. When you consider that academic research suggests 85% of fraud victims never report their crimes to anyone, the scale of the problem becomes staggering.

The discrepancy between forensic reports and law enforcement data is where the caveats become most visible. The for 2024 (released in late 2025) pegged crypto-related scam losses at $16.6 billion. This figure is 67% higher than Chainalysis’s estimate, and 55% higher than TRM Lab’s for the same category.

Why the gap? Because the FBI counts what victims report, whereas forensic firms count what they can prove on-chain. When you consider that academic research suggests 85% of fraud victims never report their crimes to anyone, the scale of the problem becomes staggering. If we extrapolate the FBI’s reported figures to account for this silent 85%, the potential loss to crypto scams could be as high as $110 billion. While not an academically rigorous calculation, this figure would not surprise many industry analysts.

What will these reports look like in another 5 years?

The critique I have of these reports is that they underestimate the size of the problem in order to be able to accurately stand by their data. This isn’t a bad thing, it just results in unfortunate outcomes. There may be a day when these reports are combined with academic research to make a more informed estimation of how big the crypto crime problem really is.

Thankfully, those in the blockchain forensics industry can’t speak in theories or artistic interpretation. They have to be able to prove their statements and back them up with verifiable data. Right now, these reports are effectively looking at the tip of the iceberg and showing what they know about what they can see — the caveat now is that this is just the known knowns. The challenge continues to be identifying the known unknowns. Fortunately, we are getting better at identifying criminal activity every year.

You can find more of our coverage of the cryptocurrency industry here

Key insights:

• • • AI scales deception — Fraudsters automate convincing scams, create synthetic identities, and overwhelm legacy controls, making AI an essential part of financial institutions’ anti-fraud solution.

    • “All-green” fraud is rising — The biggest losses often happen in correctly authenticated sessions, making them much harder to detect.

    • Behavior plus collaboration wins — Financial institutions need to shift from point-in-time checks to real-time, cross-channel behavioral signals and tighter inter-institution cooperation to spot coordinated campaigns and reduce friction without stalling growth.

How financial institutions are facing fraud in 2026 isn’t what it was like even two years ago. AI has industrialized deception, synthetic identities bypass traditional checks, and scams manipulate legitimate customers into moving their own money even as every security control shows green.

Today, financial institutions face a perfect storm, according to Michal Tresner, CEO of ThreatMark, and Sara��Seguin the Director��of��Enterprise Banking at Alloy. Indeed, they’re trying to manage attacks that scale automatically, identities that look real but aren’t, and victims who authenticate correctly before being convinced to hand over funds.

5 trends financial institutions need to understand in 2026

Looking at each of these five key challenges individually can offer both perspective and possible solutions.

1. The AI threat multiplier

Generative AI (GenAI) and large language models (LLMs) have fundamentally changed the fraud landscape. “AI is now the biggest threat facing financial institutions in 2026,” Tresner notes, adding that fraudsters are leveraging these technologies to create highly convincing content while automating attacks at unprecedented scale — a combination that overwhelms traditional security systems.

Seguin agrees and confirms this trend is . “Financial institutions are seeing a measurable increase in AI-enabled financial crimes, while consumers increasingly expect banks to deploy AI-based security in response,” she explains. The reality is stark: AI has become an essential tool for both fraudsters and those fighting against them.

2. The onboarding dilemma

In another area, the account opening process represents a critical vulnerability. Seguin points to rising first-party fraud and scams as particularly challenging because perpetrators often appear indistinguishable from legitimate customers going through the onboarding process. “A person may open an account with seemingly normal intentions — direct deposit or everyday banking — only to later engage in fraudulent activity,” she explains.

Onboarding is where institutions have the least certainty about either the authenticity of the identity or the legitimacy of the intent.

Tresner identifies a related threat: Synthetic identities. “Rather than stealing real identities, fraudsters now generate convincing fake ones, complete with realistic identity documents and even AI-generated images or video,” he says, noting that these synthetic identity accounts are exploding and frequently serve as infrastructure for moving stolen funds.

The common thread is that onboarding is where institutions have the least certainty about either the authenticity of the identity or the legitimacy of the intent.

3. Authentication under siege

Similarly, and even as financial institutions work to strengthen onboarding controls, account takeover remains a persistent threat. Fraudsters are now using AI to bypass authentication mechanisms at scale, making previously reliable security gates less trustworthy, Tresner explains. “Successful authentication can no longer serve as a definitive indicator of safety.”

Indeed, a properly authenticated session may still be the entry point for fraud, whether committed by an intruder or through a legitimate customer who is being manipulated.

4. The “all green” problem

Which brings us to another fraud scenario faced increasingly by financial institutions, and one that Tresner says may be 2026’s most operationally challenging issue — the fact that many scams don’t trigger traditional fraud controls. When the legitimate account holder initiates a transaction from their usual device and location using correct credentials, every standard check appears normal. The difference is the persuasion happening on the other side as fraudsters convince victims they’re interacting with trusted entities like banks, law enforcement, or romantic partners, and then direct them to transfer money.

Seguin notes that detecting these scenarios requires new approaches, such as identifying subtle behavioral signals like hesitation immediately before a money transfer. “Traditional device and credential checks won’t help when the customer is genuinely authenticated but acting under manipulation,” she explains.

5. Fraud as an industrial operation

Tresner emphasizes that modern fraud is not a series of isolated events but a coordinated, multi-step operation. Campaigns typically begin with establishing or compromising mule accounts, then deploying automated phishing kits to harvest personal data.

Younger users represent a growing target due to their online activity and platform usage, and the emergence of human trafficking-linked fraud operations has worsened this problem.

Not surprisingly, younger users represent a growing target due to their online activity and platform usage, Seguin says, adding that the emergence of human trafficking-linked fraud operations, including sextortion and overseas scam compounds, has worsened this problem.

What works in 2026

Tresner’s core recommendation for fraud investigators in financial institutions is for them to shift their focus from static, point-in-time checks to behavior-based detection. “Behavior profiling and analytics across channels can identify sophisticated actors and manipulation patterns invisible in single transactions or logins,” he explains, stressing that real-time cooperation among financial institutions is critical because fraudsters collaborate, and isolated defenses are insufficient.

Further, Seguin reframes fraud prevention as a growth enabler. “Effective risk controls allow institutions to launch products faster, set higher transaction limits with confidence, and avoid overly restrictive policies driven by fraud concerns,” she notes. Indeed, modern fraud defense isn’t just about reducing losses but about enabling safe expansion.

The 2026 fraud landscape presents compounding challenges: AI-driven scale and realism, onboarding uncertainty from synthetic identities and hidden intent, weakening authentication boundaries, scams that produce legitimate-looking transactions, and industrialized fraud operations that can span channels and institutions. Success in this area requires financial institutions to treat fraud as a behavioral, multi-channel, collaborative challenge because that’s exactly how their adversaries are operating.

You can learn more about the many challenges facing financial institutions today here