Share article

Follow-up story to:

Neon-green liquid flows through a dark circuit-tube network, seeping from a cracked matte-black vault on black background.

FATF sounds alarm: Stablecoins emerging as key tool for sanctions evasion and crypto money laundering

FATF warns stablecoins now drive most illicit crypto flows globally, aiding sanctions evasion and laundering tied to Iran and North Korea; urges tighter oversight.

Harriet KingswellMar 3 18:06$BTC
Sanctions evasion is the trade nobody wants on their chart, but it is rapidly becoming the regulatory narrative investors cannot ignore. Chainalysis says onchain sanctions evasion activity jumped 700% in 2025, with Russia, Iran, and North Korea leaning harder on stablecoins, hacked funds, and state-adjacent crypto rails to move money. [1] The key level to watch is not Bitcoin$62,477.67 at $70K, it is stablecoin liquidity and offramps: once regulators tighten redemption and exchange access, the whole playbook gets more expensive.

Chainalysis pegs the scale as more than $100 billion moved onchain tied to sanctions evasion flows, a headline number that frames 2025 as the year state actors industrialized their crypto operations rather than dabbling around the edges. [2]

Russia's Draft Stablecoin Bill Aims to Power Sanctions‑Proof Cross‑Border Trade

Enjoy articles without ads?

Register for free and get unlimited access to all articles.

The 700% surge: what actually changed in 2025

A 700% jump does not happen from retail going rogue. Chainalysis attributes the step-change to state-linked coordination, where sanctioned entities combine three ingredients:

  1. Stablecoins for settlement speed and price stability
  2. Hacked or seized funds as a liquidity source
  3. Exchanges and brokers that are permissive, state-linked, or lightly enforced
That mix matters because it shifts illicit activity from "move a bag and hope nobody notices" to a repeatable pipeline: get value onchain, move it fast, convert through friendly venues, and pay suppliers or intermediaries.

Chainalysis also flags that these flows helped push crypto-related illicit finance to record levels in 2025, with sanctions evasion as a major driver rather than a niche category.

Stablecoins are the main rail, and the numbers are ugly

The report's most important datapoint for market structure is this: stablecoins accounted for roughly 84% of illicit crypto transaction volume. [1]

That statistic is a gut check for anyone still treating stablecoins as "just plumbing." Plumbing is exactly where enforcement pressure goes when authorities want maximum impact with minimum ambiguity. Stablecoins are used because they:

  • Settle globally with low slippage compared with thin altcoin pairs
  • Minimize volatility risk during multi-hop laundering
  • Plug directly into OTC networks and exchange order books
  • Make accounting simpler for large, repeated transactions
This is not only about Tether$0.999021 or USDC$1.0005. The Chainalysis findings highlight how sanctioned actors also push adoption of local or bespoke stablecoin instruments to reduce reliance on issuers that can freeze funds.
SoFi Enlists BitGo for Custody and Issuance Rails Behind Bank-Issued Stablecoin

A7A5: a ruble-pegged stablecoin as a sanctions conduit

Chainalysis points to a ruble-pegged stablecoin called A7A5$0.012892 as a central pipe for sanctioned Russian businesses, saying it processed more than $93 billion in transactions. [3]

That number is doing a lot of work. It suggests two things at once:

  • Sanctions evasion is not limited to one-off hacks or opportunistic transfers, it is being operationalized at scale.
  • Purpose-built stablecoins (especially ones aligned with domestic currency use cases) can concentrate flow in ways that make enforcement both easier to target and harder to shut down completely.
A single asset processing $93 billion also creates a clear map of counterparties, market makers, and exit points. The catch is whether authorities can act fast enough, and whether liquidity simply routes around the damage through new contracts, new issuers, and new venues.

Iran and North Korea: different playbooks, same settlement asset

Chainalysis connects Iran's Islamic Revolutionary Guard Corps (IRGC) activity and North Korean hacking operations to increased reliance on stablecoins. [2] The strategic logic differs by country, but the transactional goal converges: move value without touching the traditional correspondent banking system.

Iran: stablecoins as a workaround for restricted rails

Iran-linked networks have strong incentives to use stablecoins for cross-border procurement and payments where banking access is constrained. Stablecoins also make it easier to intermediate through third countries or OTC desks, keeping counterparties one step removed from the sanctioned origin.

North Korea: hacked funds become working capital

North Korea's crypto footprint is often tied to hacks, but the important evolution is what happens after the hack: assets get swapped, bridged, and converted into stablecoins because that is where execution risk is lowest. Once funds are in stablecoins, they can be parceled out in smaller clips, routed through multiple venues, and used for real-world purchases with less exposure to market swings.

From a market perspective, this is why enforcement headlines around mixers, bridges, and "high-risk" exchanges can move sentiment fast. The first-order effect is compliance. The second-order effect is liquidity fragmentation, wider spreads, and higher friction for everyone.
Binance Doubles Down on APAC, Pursues Five New Crypto Licenses by End‑2026

State-linked exchanges and the compliance choke point

Chainalysis also calls out state-linked exchanges as part of the machinery. This is where sanctions evasion stops being a purely onchain tracing problem and becomes a jurisdiction problem.

Onchain activity leaves footprints. Offchain conversion is where pressure is applied. The chokepoints that matter most are:

  • Stablecoin issuers and their freeze controls
  • Centralized exchanges with fiat onramps
  • OTC brokers and payment processors
  • Cross-border "high-risk" jurisdictions that can delay or ignore enforcement requests
The market implication is straightforward: the more value that moves through stablecoins for illicit use, the more likely policymakers are to treat stablecoin regulation as a national security issue, not just a consumer protection issue.

What would invalidate the "stablecoins will be targeted next" thesis?

Two things could cool the heat.

First, if enforcement proves that freezing and seizures are consistently effective at scale, regulators may lean into targeted actions rather than broad restrictions. That is the best outcome for legitimate stablecoin markets: punish bad actors without torching liquidity.

Second, if sanctioned flows migrate away from mainstream stablecoins into harder-to-police instruments and networks, the political appetite to regulate large compliant issuers might ease. The downside is that it pushes illicit activity into darker pools, which can still trigger heavy-handed responses if headlines get bad enough.

Market takeaway: risk is not price, it is access

Traders love clean narratives. This one is messy, but tradable in a different way: it is about access risk. If stablecoins are now the dominant rail for illicit volume, then every stablecoin dependent strategy carries a new variable, policy shock.

Crypto-Friendly Revolut Files for U.S. Bank Charter to Tap Fedwire and ACH

Watchlist: what to monitor next

  • Stablecoin enforcement actions: freezes, seizures, or blacklists tied to sanctions evasion clusters.
  • Exchange delistings and jurisdictional bans: especially for region-specific stablecoins or venues named in investigative reporting.
  • Onchain concentration: whether volumes keep clustering into a small set of stablecoins like A7A5$0.012892 (a centralization risk), or disperse across many instruments (a whack-a-mole risk).
  • Bridges and swap routes: sudden shifts in preferred chains or liquidity pools can signal pressure campaigns or adaptation by bad actors.
  • Regulatory language drift: when policymakers start framing stablecoins explicitly through sanctions and national security, expect faster rulemaking and tougher compliance expectations.

Bottom line: Chainalysis is signaling that 2025 was not just another year of crypto crime. It was a scale-up year for nation-state sanctions evasion, and stablecoins are the settlement layer. If you are positioned anywhere near that liquidity, keep one eye on the chart and the other on the compliance headlines.

Tags

#stablecoins#Crypto Regulation#Chainalysis#Illicit finance#Russia#Sanctions evasion#Iran#North Korea#Onchain analysis#Exchange offramps