US AML penalties fall despite firm regulatory expectations, Fenergo study shows

By Puja Sharma

Today

AML, Fenergo, the leading provider of AI-powered solutions for Know Your Customer (KYC), Anti-money Laundering (AML), Transaction Monitoring and Client Lifecycle Management (CLM), has released its annual report analysing global financial institution enforcement actions related specifically to AML compliance breaches from January 1, 2025, to December 31, 2025.

The report shows that fines issued by US regulators fell by 61% year-on-year, driven largely by workforce shifts and constrained enforcement capacity.

Despite the sharp decline, the US remains the most significant AML enforcement jurisdiction globally. The reduction in fines reflects operational and capacity challenges rather than any easing of regulatory expectations. Commenting on the findings, Rory Doyle, Head of Financial Crime Policy at Fenergo, said: “Staffing cuts across regulators and the prolonged US government shutdown slowed things down, but this is temporary. Once capacity returns, enforcement will follow. The research indicates that regulatory agendas remain firm on ensuring a secure financial ecosystem. As enforcement capacity in the US is improved, financial institutions should continue to anticipate a more active regulatory landscape, making it paramount for institutions to ensure they have the proper processes and systems in place.”

Globally, penalties for breaches related to AML, KYC, sanctions and customer due diligence (CDD) totalled $3.8 billion in 2025, down from $4.6 billion in 2024 and $6.6 billion in 2023. The decline continues a multi-year trend of reduced enforcement values, largely attributed to regulatory capacity constraints rather than reduced scrutiny.

Across 40 countries in APAC, EMEA and North America, US regulators led in total monetary penalties, issuing $1.67 billion in fines during 2025. This was followed by France with $1.11 billion and Switzerland with $342 million. US regulators issued 31 fines during the year, down 34% from 47 in 2024. The single largest US penalty was a $511 million fine issued by the Department of Justice to a former Swiss bank and financial services firm for tax evasion.

Sanctions-related breaches represented a substantial portion of US enforcement value, totalling approximately $243 million. The largest sanctions-related penalty—$216 million—was imposed on GVA Capital, a San Francisco-based venture capital firm, for violations of Ukraine- and Russia-related sanctions. Failures linked to suspicious activity reports (SARs) accounted for roughly $45 million, while transaction monitoring and CDD breaches contributed around $3.66 million in fines.

By institution type, digital asset firms accounted for the largest share of US penalties, totalling $728 million and representing 43% of fines issued. Banks were penalised $511 million, accounting for 30% of the total, followed by buy-side firms with $239 million. Money services businesses incurred $146 million in penalties, representing 9% of total US fines.

While enforcement activity slowed in 2025, the findings suggest that regulatory expectations remain unchanged, with financial institutions likely to face renewed enforcement momentum as regulatory capacity stabilises.

Key Highlights:

Global penalties declined: Global penalties for failing to comply with AML, KYC, sanctions and customer due diligence (CDD) regulations totaled $3.8 billion in 2025, down from $4.6 billion in 2024 and $6.6 billion in 2023.
The US remained the largest source of fines: Across 40 countries in APAC, EMEA, and North America, the United States led enforcement by value, issuing $1.67 billion in penalties, followed by France ($1.11 billion) and Switzerland ($342 million).
Digital assets drew the greatest enforcement scrutiny: Digital asset firms accounted for the largest share of US enforcement penalties, totaling $728 million, or 43% of all US fines levied.