Key compliance trends for 2025: why AML policy is tightening

In 2025, the system for combating financial crime has changed dramatically. Laws are becoming stricter, new regulatory bodies are emerging, and fraudsters are also becoming more inventive — they are using new technologies and exploiting loopholes in the laws of different countries. GetBlock AML Research publishes a global overview of changes in AML policy.

Compliance (i.e., adherence to financial regulations) is now not just about meeting requirements, but also about testing flexibility, resilience, and the ability to respond quickly.

To help companies understand what is happening, below are the main trends that will define the fight against financial crime at the end of 2025 and beyond: from new supervisory authorities and sanctions to cryptocurrencies and AI systems that track fraud in real time.

Real-time payments are changing the rules

Instant transfers in the EU

Now, all banks and payment companies in the European Union are required not only to accept but also to send transfers in euros within 10 seconds. This has become a huge challenge for banks because now customer verification, sanctions, and suspicious transactions must be checked instantly. Old systems that checked data in batches (once every few hours) are no longer suitable.

ISO 20022 — a new data format for transfers

Almost all international transfers must now be made in the new ISO 20022 standard. It allows more information to be transmitted (e.g., who the sender is, who the money is going to, the purpose of the transfer, etc.), which helps to better identify suspicious transactions.

But if the data is filled in incorrectly or incompletely, the transfer simply will not go through. Therefore, banks are now forced to monitor not only the transfer itself, but also the quality of the data in each field.

Example

A bank sends a payment but does not specify the sender’s company code. The transfer is blocked, and the regulator demands an explanation — is the bank even capable of working with the new format?

Instant transfers = instant scams

While customers enjoy the speed, scammers are not wasting any time either. They use networks of fake accounts and quickly transfer money between them.

Banks are now responsible for customer losses and are required to implement systems that catch fraud at the moment the transfer is made.

European Anti-Money Laundering Agency (AMLA)

Establishment and first steps

In July 2025, a new agency, AMLA, officially began operating in Europe to monitor how banks and companies combat financial crime. For now, the agency is only developing policies and conducting data checks, but by 2028, it will begin to directly supervise about 40 large financial organizations.

Who is behind the companies

One of the AMLA’s areas of work is checking who actually owns the business. In Europe, they have begun to consolidate ownership registries to identify shell companies and straw directors.

Example

A bank operates in several countries. In one of them, the state registry indicates that the owner of the client is Ivan Ivanov, while in another, it is a completely different person. The AMLA requires explanations and additional checks.

Centralization of control

Europe is not the only region moving towards unified supervision. The UK and other countries are also tightening regulations and consolidating control services. In the future, financial supervision will become more coordinated around the world.

Regulators use AI

Now, not only banks, but also the regulatory authorities themselves use artificial intelligence to analyze suspicious transactions between organizations. This means that the regulator may notice suspicious connections before the bank itself.

Payment transparency and data quality

FATF tightens requirements

In June, the FATF, an international organization that monitors anti-money laundering efforts, updated Rule No. 16 (the “Travel Rule”). Now, when transferring funds, full details about the sender and recipient must be provided. Even if the transfer goes through a crypto network, the information must “travel” with it.

But not all countries are ready

Although most countries have passed the law, less than half actually comply with it. Because of this, companies are forced to verify data even when their partner organization in another country has not yet implemented this rule.

Example

A bank in Europe sends a cryptocurrency transfer to an Asian exchange. Due to different data exchange standards, the transaction freezes and is canceled, causing customer complaints and questions from regulators.

Why it matters

Bad data is not just a technical error. It is a violation of the law and grounds for investigation. Therefore, companies must now ensure complete data transparency in every payment.

Cryptocurrencies and DeFi under special scrutiny

Volumes of illegal transactions

It is estimated that in 2024, wallets linked to criminal activity conducted transactions worth more than $50 billion, and the trend continues.

The main risks are stablecoins and DeFi

Regulators are concerned about “smart” decentralized platforms, where there is no centralized owner, as well as bridges between different blockchains, through which it is easy to hide the origin of funds.

Money laundering through multiple blockchains

Criminals are no longer limited to a single cryptocurrency — they “jump” from chain to chain to cover their tracks. In 2025, more than $20 billion had already been laundered in this way.

Example

Money from a ransomware attack moves through five blockchains in an hour. Without systems that track multiple chains at once, the bank would not even notice this activity.

The analytics race

Financial companies are now implementing complex systems to track the movement of crypto assets across multiple blockchains, using artificial intelligence and graph databases. This is no longer just a regulatory requirement — it is a matter of survival.

New types of fraud

Mobile scammers

The number of crimes committed using mobile phones is growing. Criminals open fake accounts and make lots of small instant transfers. That’s why banks are now required to analyze customer behavior in mobile apps and link this data to anti-money laundering systems.

Abuse of refunds

Many buyers return goods or demand refunds not according to the rules, but to cash out illegal funds. Previously, this was considered simply fraud against stores, but now it is a possible way to launder money.

Telemetry from telecom operators

To identify fake accounts more quickly, banks have begun collaborating with mobile operators, analyzing data on SIM cards, devices, and location.

Example

A fraudster duplicates a customer’s SIM card and immediately attempts to transfer money. The bank’s system receives a signal from the operator and instantly blocks the transaction.

Sanctions, geopolitics, and hybrid threats

State hackers, criminal groups, and sanctions circumvention are now all interconnected. Criminal money, cyberattacks, and sanctions evasion are combined into single schemes.

New rules in the US

The US Department of Commerce has expanded its blacklist of companies: now, subsidiaries are automatically added to the list if more than 50% of their capital belongs to an organization that has already been blocked. This particularly affects Chinese companies.

Fines are increasing

In 2025, the Office of Foreign Assets Control (OFAC) had already issued several huge fines for weak sanctions control systems. Banks are now expected to have a real response system in place, rather than just formal reports.

Artificial intelligence and shared databases

AI agents in compliance

Banks have begun using AI that independently collects customer data, analyzes it, and prepares reports. This reduces verification time from weeks to hours.

Fake identities and deepfakes

The number of frauds using artificial intelligence has grown by more than 1000%. People receive calls from “relatives” generated by AI or encounter fake documents. Banks are now required to verify biometrics and document authenticity at a new level.

Real-time data exchange

A law has come into force in the UK that allows banks and the police to exchange data on suspicious customers and transactions in real time. This is already yielding results, with fraudulent schemes being detected at the launch stage.

Conclusion

2025 was a turning point in the history of the fight against financial crime. The world is moving towards a unified control system where data, technology, and regulators work together.

Compliance is no longer a “paper obligation” but has become a strategic function. The winners are those who build flexible systems that can adapt quickly, manage AI with the same rigor as people, and combine fraud, sanctions, and cryptocurrency risk analysis into a single protection system.