The first half of 2025 saw a surge in financial crime enforcement, with regulators worldwide issuing fines worth $1.23 billion. According to publicly available data analyzed by Fenergo, this increased a staggering 417% compared to the same period last year.
North American regulators doled out the largest proportion of fines, with 86% of the global total. North American penalties amounted to $1.06 billion, for a year-on-year increase of 565%. This spree of first-half enforcement included hefty fines to the fast-growing digital assets sector, which received 57% of all fines from the U.S.
For traditional financial institutions, fines related to sanctions failures also saw marked increases year-over-year.
These figures offer a stark warning to financial institutions. Anti-money laundering failures are subject to significant penalties, while regulatory oversight is also ramping up in non-traditional business areas like cryptocurrency exchanges. To ensure regulatory obligations are met, risk leaders can streamline backlogs and act upon real risks by introducing proactive, audit-ready AI.
For financial institutions, the implications are clear: fine amounts are rising, and oversight is expanding because the regulators are requiring real-world evidence of effective compliance systems. The first-half enforcement activity is more than a snapshot; with investigations that result in penalties usually taking multiple years to complete, the figures represent long-standing regulatory failings, rather than immediate reactions to new rules and regulations.
Tracy Moore of Fenergo: Persistent scrutiny.
The enforcement pattern also represents the end of ambiguity for digital finance. This was underscored when the cryptocurrency exchange OKX paid out more than $504 million for AML shortcomings.
Virtual asset service providers and fintechs are no longer seen as outliers operating at the margins of regulatory frameworks. They are being held to the same rigorous AML and know your customer (KYC) standards as global banks, and enforcement actions suggest that any institution lagging in due diligence or transaction monitoring will be met with the same level of severity.
Sanctions-related fines reflect a global geopolitical climate in which governments are using sanctions as a foreign policy and national security tool. This puts financial institutions under heightened regulatory scrutiny. Those that fail to update their sanctions controls with speed and precision are exposed to heightened penalties and reputational risk.
Perhaps most importantly, the rise in enforcement penalties reflects widening expectations around technology and governance. Regulators are no longer satisfied with the proof of systems and policies; they demand evidence of effectiveness. Manual processes, disjointed data, and reactive compliance models are increasingly being judged as unacceptable. This is where embedding AI can impact outcomes by eliminating labor-intensive processes to enhance accuracy and strengthen due diligence.
Financial institutions can rise to the challenge by rethinking their operating models to proactively seek out compliance risks.
Rather than relying on standardized, one-size-fits-all frameworks, institutions must conduct enterprise-wide risk assessments that consider specific business lines, customer segments, and geographic exposures through the lens of today’s regulatory environment. Enhanced due diligence should be applied proportionally to higher-risk relationships, avoiding blanket derisking that can push away legitimate clients.
Equally critical is the modernization of sanctions compliance. Institutions need dynamic systems that incorporate real-time updates, escalation frameworks, and strong governance structures.
Beneficial ownership transparency is also rising on the agenda. Regulators expect firms to capture, validate, and regularly update ownership data, supported by clear audit trails and board-level oversight.
Regulators are increasingly looking for firms to leverage modern compliance solutions to stay ahead of financial crime. AI-powered tools can enable real-time transaction monitoring that reduces false positives and can even surface hidden risks. Agentic AI also offers promising results for perpetual KYC (pKYC).
Today’s AI tools can deliver continuous reviews and can trigger new checks when risks change. By adopting agentic AI, institutions can transform compliance from a labor-intensive, reactive process into a proactive, scalable, and regulator-ready capability. Crucially, when paired with strong governance and human oversight, agentic AI offers not only efficiency but also a greater level of resilience and responsiveness compared to traditional systems.
Finally, institutions must cultivate a strong compliance culture. Compliance cannot be viewed as the responsibility of a single function. Boards, executives and business units must all take ownership, supported by clear accountability, adequate resources, and visible leadership commitment.
For digital finance institutions that are new to regulatory oversight, the importance of good communication and transparency with regulators cannot be overstated. To master this roadmap, the industry can partner with technology firms who have experience working with regulators and traditional financial institutions. This can help to safeguard against the kind of gaps in oversight that have led to fines for digital finance businesses.
From this year’s first half, one thing is undeniable: U.S. regulators are turning guidance into action, and enforcement is reaching record highs. For risk leaders, the choice is to respond defensively and risk falling behind, or to embrace innovation, data integrity and agentic AI to stay ahead.
Tracy Moore is Director of Strategic Thought Leadership & Regulatory Affairs at Fenergo. a leading provider of AI-powered solutions for know your customer (KYC), transaction monitoring, and client lifecycle management (CLM). She has over 25 years of experience in investment banking, covering the areas of client onboarding, legal documentation and compliance in both capital markets and corporate lending. She served in senior compliance roles at Rabobank and SunTrust Bank (now Truist), and worked for Man Investments and Goldman Sachs in Switzerland.