Analysis of the 2024 Blockchain Security and Anti-Money Laundering Annual Report: AML Trends & Data

11 min readJan 10, 2025

This article focuses on the anti-money laundering (AML) landscape and key data within the blockchain ecosystem. With the rapid development of the cryptocurrency industry, the importance of AML regulations and compliance policies has become increasingly prominent. In 2024, significant measures were introduced across various countries and regions to address the challenges of the digital asset market, encompassing stablecoin regulation, enforcement actions, AML sanctions, and global regulatory policies. These initiatives aim not only to curb money laundering and fraudulent activities but also to strike a balance between innovation and risk management. This analysis will delve into the latest developments in stablecoin regulations, enforcement trends of the U.S. Securities and Exchange Commission (SEC), AML sanctions targeting cryptocurrencies, and global regulatory advancements, offering readers a deeper understanding of the core trends and future directions of the AML landscape.

AML and Regulatory Dynamics

In 2024, the regulatory landscape for cryptocurrencies experienced significant developments, highlighted by the European Union’s implementation of the Markets in Crypto-Assets (MiCA) regulation and the United States advancing stablecoin legislation. These efforts were driven by growing concerns about fraud, money laundering, and terrorist financing activities in the rapidly evolving crypto sector. This year saw the introduction of more stringent measures worldwide to combat illicit activities, with notable advancements in stablecoin regulation, cross-border crypto policies, and enforcement actions targeting major players in the crypto space.

Stablecoin Regulation

As global financial authorities increasingly recognize the growing influence and risks of digital assets, stablecoin regulation became a central focus in 2024. The collapse of TerraUSD in 2022 served as a stark reminder of market vulnerabilities, prompting stricter and clearer regulatory frameworks worldwide. This year marked a turning point as regions enacted legislation and policies to address the unique challenges posed by stablecoins while fostering innovation in the digital economy.

China: In its 2024 Financial Stability Report, the People’s Bank of China provided a detailed analysis of global cryptocurrency regulatory trends, with a particular focus on Hong Kong’s progress in crypto compliance. The report emphasized the need for strengthened oversight of crypto assets.
Hong Kong, China: On December 6, 2024, the Hong Kong Monetary Authority (HKMA) and the Financial Services and Treasury Bureau introduced the Stablecoin Bill. This bill aims to establish a regulatory framework for fiat-backed stablecoin issuers and enhance oversight of virtual asset activities.
European Union: The EU approved the Markets in Crypto-Assets (MiCA) regulation, creating the world’s first comprehensive and transparent framework for virtual asset oversight. Set to take effect by the end of 2024, MiCA requires stablecoin issuers to obtain an electronic money license, maintain adequate reserves, and adhere to strict transaction standards. Tether Limited, the issuer of USDT, failed to meet these requirements, leading to USDT’s removal from EU-compliant platforms starting December 30, 2024.
Brazil: The Central Bank of Brazil (BCB) plans to regulate stablecoins and asset tokenization by 2025. In November 2024, the BCB proposed a regulation to prohibit users from withdrawing stablecoins from centralized exchanges to self-custody wallets. However, in December, the BCB suggested it might revoke this restriction if improvements in transaction transparency and other critical issues are achieved.
United States: Stablecoin issuers in the U.S. are now required to maintain a 1:1 reserve ratio, a measure supported by ongoing legislative discussions.
Middle East: The UAE introduced a dedicated stablecoin license under its Virtual Asset Regulatory Authority (VARA), signaling the region’s intent to lead in regulatory transparency. Qatar also included stablecoins in its first digital asset framework, marking a significant step in crypto regulation.

SEC Enforcement Actions

In November, the U.S. Securities and Exchange Commission (SEC) released its enforcement results for fiscal year 2024. The report revealed a total of 583 enforcement actions, representing a 26% decrease compared to 2023. Despite fewer actions, the SEC imposed a record-breaking $8.2 billion in penalties.

Among these cases, the SEC initiated 431 “standalone” enforcement actions, a 14% decrease from 2023. It also pursued 93 “follow-on” administrative proceedings, aimed at barring or suspending individuals from holding specific roles in the securities industry based on criminal convictions, civil injunctions, or other orders — down 43% from the previous year. Additionally, there were 59 cases against issuers for failing to file required documents with the SEC, a 51% decline from 2023. The $8.2 billion in financial remedies included $6.1 billion in disgorgement and prejudgment interest, the highest amount ever, and $2.1 billion in civil penalties, the second-highest amount in history. Approximately 56% of the $8.2 billion stemmed from the monetary judgment following the SEC’s victory in its case against Terraform Labs and Do Kwon, one of the largest securities fraud cases in U.S. history. Furthermore, in 2024, the SEC also secured orders prohibiting 124 individuals from serving as officers or directors of public companies, the second-highest number in a decade.

In 2024, the SEC distributed $345 million to harmed investors during the fiscal year, bringing the total amount returned to investors since FY 2021 to over $2.7 billion. The SEC received a record-high 45,130 tips, complaints, and referrals in 2024, including more than 24,000 whistleblower tips. Over 14,000 of these tips were submitted by just two individuals. The Commission awarded $255 million in whistleblower rewards during the year. The SEC highlighted that its 2024 enforcement actions addressed emerging threats such as artificial intelligence-related misrepresentations and fraudsters exploiting social media for romance scams. Simultaneously, the agency maintained a focus on perennial investor risks, including material misstatements, inadequate internal controls, and significant gatekeeper failures.

Examples of SEC Enforcement Actions in the Crypto Ecosystem:

Terraform Labs Settlement: Terraform Labs agreed to a $4.5 billion settlement with the U.S. Securities and Exchange Commission (SEC) over the collapse of their TerraUSD and Luna cryptocurrencies. The settlement includes $3.5 billion in disgorgement, $460 million in interest, $420 million in civil penalties, and a $200 million personal contribution from former CEO Do Kwon.
Jump Trading Penalty: High-speed trading firm Jump Trading Group agreed to pay a $123 million settlement to the SEC for misleading investors about the stability of TerraUSD, a stablecoin that collapsed in 2022. The SEC alleged that Jump’s unit, Tai Mo Shan, falsely assured investors about TerraUSD’s stability, contributing to its downfall.
SEC Lawsuit Against Cumberland DRW: The SEC sued Cumberland DRW, the cryptocurrency unit of high-speed trading firm DRW Holdings, for failing to register as a securities dealer. The lawsuit alleges that Cumberland accrued millions in profits by trading with hedge funds and large market players without proper registration.

Anti-Money Laundering Sanctions

Hong Kong’s Directive to Worldcoin (May 2024): The Hong Kong Office of the Privacy Commissioner for Personal Data issued an enforcement notice to the Worldcoin Foundation, ordering the suspension of all operations in the region due to privacy and personal data concerns. Worldcoin was directed to cease scanning and collecting iris and facial images from the public, reflecting Hong Kong’s commitment to protecting personal data within the crypto space.
Arrest of Two Chinese Nationals (May 2024): The U.S. Department of Justice arrested two Chinese nationals, Daren Li and Yicheng Zhang, for orchestrating a large-scale cryptocurrency scam known as a “pig-butchering” scheme. The scam involved laundering at least $73 million.
U.S. Sanctions on Iranian Crypto Mining Activities (May 2024): The U.S. Treasury Department, through its Office of Foreign Assets Control (OFAC), expanded sanctions on Iranian cryptocurrency mining operations. These sanctions targeted individuals and entities using crypto mining to evade international sanctions.
Seizure of Over $6 Million in Crypto Linked to a Scam (Sept 2024): The U.S. Department of Justice announced the seizure of more than $6 million in cryptocurrency held by Southeast Asian criminals. These individuals orchestrated fraudulent cryptocurrency investment schemes, commonly referred to as “pig-butchering” scams, targeting U.S. residents. The FBI traced victim funds on the blockchain, identifying multiple wallets containing illicit funds.
U.S. Sanctions on Russian Cybercriminals (Sept 2024): The U.S. Treasury sanctioned Sergey Ivanov and Cryptex, accused of laundering money for cybercriminals and darknet vendors. Additionally, the Treasury’s Financial Crimes Enforcement Network designated the Russian cryptocurrency exchange PM2BTC as a significant money laundering threat.
Sanctions Against North Korea’s Crypto Laundering Network (Dec 2024): Under Executive Order 13382, the U.S. imposed sanctions on two individuals and one entity associated with laundering cryptocurrency for North Korea. The network was used to fund the Democratic People’s Republic of Korea’s illicit weapons of mass destruction and ballistic missile programs.
Indictment of LockBit Ransomware Developer (Dec 2024): The U.S. charged Rostislav Panev, a dual citizen of Russia and Israel, with developing and maintaining the LockBit ransomware code. Panev allegedly received over $230,000 in cryptocurrency for his role. He was arrested in Israel and awaits extradition to the U.S.

Regulatory Policies

1. Asia-Pacific

China: In December 2024, the People’s Bank of China released the China Financial Stability Report (2024), highlighting global cryptocurrency regulatory developments and Hong Kong’s progress in compliance. The report emphasized that cryptocurrencies pose potential spillover risks to financial stability, prompting regulators worldwide to intensify oversight. It noted that 51 countries and regions have implemented bans on crypto assets, and some economies have amended existing laws or introduced new legislation for regulation. Hong Kong actively explores licensing regimes, categorizing virtual assets into securitized and non-securitized financial assets and enforcing a dual-license system for virtual asset trading platform operators.
Hong Kong, China: In April 2024, Hong Kong approved spot Bitcoin and Ethereum Exchange-Traded Funds (ETFs), offering investors new opportunities. The Securities and Futures Commission (SFC) licensed four additional virtual asset trading platforms, strengthening regulatory oversight. Hong Kong also introduced a stablecoin sandbox and related legislation to establish a clear regulatory framework for stablecoin issuance and use.
Japan: Japan advanced crypto tax reforms, reducing transaction profit taxes to 20%, and emphasized stricter anti-money laundering (AML) and Know Your Customer (KYC) compliance for exchanges and issuers.
South Korea: South Korea enacted the Virtual Asset User Protection Act to enhance investor safety and regulate cross-border crypto transactions.
Vietnam: Vietnam announced its National Blockchain Development Strategy, aiming to become a regional leader by 2030. However, cryptocurrencies remain unclassified and prohibited as legal tender, underscoring efforts to balance innovation and crime prevention.
Singapore: The Monetary Authority of Singapore (MAS) revised the Payment Services Act, expanding the scope of regulated payment activities to include digital payment token services. MAS has issued major payment institution licenses to at least 19 crypto service providers, allowing them to offer digital token services.
Malaysia: The Securities Commission of Malaysia announced a list of six approved cryptocurrency exchanges. Unapproved entities were instructed to cease activities immediately and refund investors.

2. North America

United States: The approval of Bitcoin and Ethereum ETFs marked a milestone in mainstream cryptocurrency adoption. On January 10, 2024, the SEC approved the first spot Bitcoin ETF, followed by Ethereum ETF approval on May 23. Ethereum spot ETFs began trading on July 23. As of this year, spot Bitcoin ETFs have a net asset value of $105.08 billion (5.7% of Bitcoin’s market cap), while Ethereum spot ETFs total $12.05 billion (2.94% of Ethereum’s market cap). The Financial Innovation and Technology for the 21st Century Act (FIT21) clarified cryptocurrency classification and retained existing crypto custody accounting standards by opposing SAB 121. The Trump administration’s pro-innovation policies included appointing crypto advocates like Paul Atkins as SEC Chair, signaling strong industry support.
Canada: Canada continued refining its crypto regulatory framework, emphasizing AML and KYC compliance for crypto exchanges and service providers. The Canadian Securities Administrators (CSA) enhanced oversight of crypto asset investment products to ensure greater transparency and investor protection.

3. Europe

Russia: Russia accelerated cryptocurrency regulations in 2024 to mitigate the impact of Western sanctions, focusing on leveraging digital assets for international trade. President Vladimir Putin legalized crypto mining and permitted cross-border transactions using mined assets. Authorities explored stablecoins (particularly those pegged to the Chinese yuan or BRICS currencies) for cross-border payments and established two state-supervised crypto exchanges to facilitate international trade.
European Union: The Markets in Crypto-Assets (MiCA) regulation took full effect across the EU on December 30, 2024, establishing Europe as the first region with a unified cryptocurrency regulatory framework. MiCA imposed strict requirements on stablecoin issuers, including reserve backing and operational standards, while enhancing consumer protection.
United Kingdom: The Financial Conduct Authority (FCA) plans to introduce a comprehensive crypto regulatory regime by 2026, building on the EU’s MiCA framework.

4. Middle East and Africa

United Arab Emirates: The UAE, through its Virtual Assets Regulatory Authority (VARA), solidified its global leadership in crypto regulation by issuing 13 new licenses in 2024. It also introduced stablecoin-specific licensing to address evolving market demands.
Saudi Arabia: Saudi Arabia emerged as the region’s fastest-growing crypto economy, leveraging blockchain innovation and piloting a central bank digital currency (CBDC) initiative.
United Arab Emirates: The UAE, through its Virtual Assets Regulatory Authority (VARA), solidified its global leadership in crypto regulation by issuing 13 new licenses in 2024. It also introduced stablecoin-specific licensing to address evolving market demands.

5. Latin America

Argentina: Argentina adopted a compliance framework for Virtual Asset Service Providers (VASPs) and planned the free circulation of currencies, including Bitcoin.
Brazil: Brazil advanced its CBDC (DREX) pilot, focusing on real-world asset (RWA) development to enhance financial inclusion.
El Salvador: El Salvador expanded its Bitcoin legal tender policy and collaborated with Argentina to develop cross-border crypto solutions.

In summary, due to the complexity of cryptocurrencies, regulatory discussions encompass financial stability, consumer protection, and anti-money laundering efforts. As blockchain and cryptocurrency technologies gain wider adoption, more governments and institutions are stepping in, and regulatory frameworks are evolving toward greater specificity and global alignment.

Anti-Money Laundering Data

Frozen Funds Data

1. SlowMist Assist Freezing

With significant support from partners in the InMist intelligence network, SlowMist assisted clients, partners, and public hacking incident victims in freezing over $112 million in 2024.

2. USDT and USDC Freezing

In 2024, Tether froze $540,195,442 worth of USDT, while Circle froze $13,359,597 worth of USDC.

Fund Recovery Data

In 2024, there were 410 reported security incidents, with 24 cases successfully recovering all or part of the stolen funds. According to disclosed data, approximately $166 million was recovered, representing 8.25% of the total losses, which amounted to $2.013 billion.

Summary

As the cryptocurrency sector continues to evolve, nations and regions have demonstrated a strong commitment to enhancing compliance management in areas such as stablecoin regulation, enforcement actions, and anti-money laundering (AML) sanctions. At the same time, they are driving policy innovation to meet the needs of the digital economy. While differences exist in policy specifics and implementation approaches, the shared goal is to establish a more robust regulatory framework to enhance market transparency and protect investors.

The advancement of global regulatory policies reflects a dual focus on innovation and risk control. From the compliance-driven management of stablecoins to the continuous upgrading of AML measures, these efforts lay a more solid foundation for the growth of the digital economy. Looking ahead, the healthy development of the cryptocurrency industry will rely on close collaboration between regulators and market participants, ensuring technological progress while safeguarding the transparency and security of the financial system. In this process, global cooperation and information sharing will be crucial to addressing cross-border risks, supporting the creation of a more resilient and equitable digital financial ecosystem.

Here’s the link to the full report. Happy reading and feel free to share!

https://www.slowmist.com/report/2024-Blockchain-Security-and-AML-Annual-Report(EN).pdf

About SlowMist

SlowMist is a blockchain security firm established in January 2018. The firm was started by a team with over ten years of network security experience to become a global force. Our goal is to make the blockchain ecosystem as secure as possible for everyone. We are now a renowned international blockchain security firm that has worked on various well-known projects such as HashKey Exchange, OSL, MEEX, BGE, BTCBOX, Bitget, BHEX.SG, OKX, Binance, HTX, Amber Group, Crypto.com, etc.

SlowMist offers a variety of services that include but are not limited to security audits, threat information, defense deployment, security consultants, and other security-related services. We also offer AML (Anti-money laundering) software, MistEye (Security Monitoring) , SlowMist Hacked (Crypto hack archives), FireWall.x (Smart contract firewall) and other SaaS products. We have partnerships with domestic and international firms such as Akamai, BitDefender, RC², TianJi Partners, IPIP, etc. Our extensive work in cryptocurrency crime investigations has been cited by international organizations and government bodies, including the United Nations Security Council and the United Nations Office on Drugs and Crime.

By delivering a comprehensive security solution customized to individual projects, we can identify risks and prevent them from occurring. Our team was able to find and publish several high-risk blockchain security flaws. By doing so, we could spread awareness and raise the security standards in the blockchain ecosystem.