FATF warns criminals exploiting gaps in virtual asset regulation
Jul 16, 2026
Paris [France], July 16 : In a new report published on Thursday, the Financial Action Task Force (FATF) highlighted that while more countries have introduced legislation to regulate virtual assets, many are still working on implementing the rules in practice, with organised crime groups taking advantage of these gaps to move billions in illicit proceeds through the sector.
Its report found out that 83% of surveyed jurisdictions have now passed legislation implementing the Travel Rule, up from 73% in 2025, while a further 11 jurisdictions report that implementation is underway.
The details come as a part of FATF's recently released seventh targeted update on the global implementation of anti-money laundering and counter-terrorist financing (AML/CFT) measures to virtual assets (VA) and virtual asset service providers (VASPs).
It found that overall, jurisdictions, including those with materially important VASP activity, have made progress since 2025 towards developing or implementing anti-money laundering and counter-terrorist financing (AML/CFT) regulation and taking supervisory and enforcement actions.
However, the FATF highlighted the need for further work on regulation, licensing and registration despite continued progress, and that jurisdictions continue to face difficulties in identifying individuals and entities that conduct VASP activities, with many jurisdictions yet to translate legal frameworks into effective supervision and enforcement in practice.
It reported that jurisdictions continue to report challenges with mitigating the risk of offshore VASPs, as highlighted in the FATF's report on offshore VASPs published earlier this year, and in assessing and mitigating risks associated with decentralised finance (DeFi) platforms, which may represent an increasingly significant gap as regulated entities, including financial institutions and VASPs, expand their engagement with DeFi platforms.
Giles Thomson, President of the FATF underlined that this year's targeted update makes clear that criminal networks continue to abuse virtual assets for illicit purposes and exploit their borderless nature to commit fraud and scams, evade sanctions and launder the proceeds of crime - taking advantage of gaps in countries' frameworks and uneven implementation of FATF Standards across jurisdictions.
He added, "Effective implementation of the FATF Standards can no longer be delayed."
Thomson urged Governments and the private sector to work together to strengthen preventive measures and close regulatory gaps, bolster cross-border co-operation and deny criminals the opportunity to exploit weak links in the global system.
"As criminal methods become more sophisticated, safeguards must keep pace with technological change and ever-evolving criminal tactics," he added.
The report also highlighted the emerging risks arising from the criminal exploitation of virtual assets and mentioned key examples such as "Organised Crime Groups-linked scam centre operations, "pig-butchering" scams, Democratic People's Republic of Korea (DPRK)-related cyber theft, terrorist and proliferation financing, sanctions evasion and cross-border money laundering."
The FATF report underlined the misuse of artificial intelligence in virtual asset-related crime across fraud, hacking and money laundering schemes, is growing at scale, with the report highlighting the use of deepfakes, synthetic identities and AI-enabled recruitment scams.
"The misuse of stablecoins by various illicit actors, including DPRK actors and terrorist financiers, has continued to increase since the 2025 Targeted Update, and most identified on-chain illicit activity now involves stablecoins. Building on the FATF's report on stablecoins earlier this year, the report highlights an emerging risk in which criminal networks have begun developing proprietary stablecoins designed to resist freezing and asset seizure, illustrating how illicit actors continue to adapt in response to regulatory action," it said.