The GENIUS Act Illicit Finance Innovation Congressional Report, released by the U.S. Treasury in March 2026, serves as a roadmap for how the government and financial institutions should use new technology to stop criminals from using digital assets (like cryptocurrency and stablecoins) for money laundering, fraud, and terrorism.
1. The Goal: Modernizing the “Financial Police”
The report was triggered by the GENIUS Act (enacted in 2025), which focuses on regulating stablecoins. The Treasury’s main point is that as money moves from traditional bank accounts to digital “wallets” and blockchains, the tools used to catch criminals must change. The report argues for a “technology-neutral” approach—meaning the rules should focus on what someone is doing (moving money) rather than how they are doing it (using a specific software).
2. The Problem: New Ways to Hide Money
The report identifies several high-risk areas where current laws are struggling to keep up:
- DeFi (Decentralized Finance): Platforms that allow trading without a central middleman (like a bank) make it harder to verify who is participating.
- Mixers and Tumblers: Software tools designed specifically to scramble transaction history to hide the source of funds.
- Jurisdictional Arbitrage: Criminals moving their operations to countries with weak financial laws to avoid U.S. oversight.
- Sanctioned States: Countries like North Korea and Russia are increasingly using digital assets to bypass global trade restrictions.
3. The Solution: Fighting Tech with Tech
To counter these risks, the Treasury recommends that the U.S. lean into four specific “innovative technologies”:
- Artificial Intelligence (AI): Using machine learning to spot patterns of suspicious activity that a human might miss.
- Blockchain Analytics: Advanced tracking software that can follow “breadcrumbs” on a public ledger to see where stolen money is going.
- Digital Identity Systems: Modernizing how we prove who we are online (digital IDs) to make it harder for fraudsters to open fake accounts.
- APIs (Application Programming Interfaces): Better software connections that allow banks and the government to share data about threats in real-time.
4. Key Recommendations for Congress
The report asks lawmakers to update the rules of the game in three major ways:
- Clarify DeFi Rules: Congress needs to define which people or companies in a “decentralized” system are responsible for following anti-money laundering laws.
- Create New Categories of Businesses: The law should recognize “Digital Asset Service Providers” (DASPs) as a specific type of financial institution with its own set of rules.
- Modernize the Bank Secrecy Act: Update the 50-year-old framework that banks use to report suspicious activity so it fits the digital age.
What This Means for Professionals
If you work in finance, tech, or law, this report signals that “risk-based” compliance is the future. Instead of just checking boxes, companies will be expected to use sophisticated tech to monitor their own networks. The government is signaling that it won’t ban innovation, but it will require that innovation to be “policed” more effectively by the companies that create it.
Category: Reports and Publications
-
-
Treasury Proposes Rule to Implement the GENIUS Act’s Requirements to Counter Illicit Finance
April 8, 2026
Promotes American Leadership in Payment Stablecoins
WASHINGTON—Today, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) and the Office of Foreign Assets Control (OFAC) issued a joint proposed rule to implement provisions of the Guiding and Establishing National Innovation for U.S. Stablecoins Act (GENIUS Act). The proposed rule, which implements the GENIUS Act’s anti-money laundering and sanctions compliance program requirements, encourages innovation in payment stablecoins while providing an appropriately tailored regime to mitigate potential illicit finance risks.
“President Trump is strengthening American leadership in digital financial technology,” said Secretary of the Treasury Scott Bessent. “This proposal will protect the U.S. financial system from national security threats without hindering American companies’ ability to forge ahead in the payment stablecoin ecosystem.”
The GENIUS Act provides a framework for the federal regulation of payment stablecoins. The law directs Treasury to issue regulations that would treat permitted payment stablecoin issuers (PPSIs) as financial institutions for purposes of the Bank Secrecy Act (BSA) and impose anti-money laundering obligations on PPSIs. The GENIUS Act also mandates that PPSIs maintain an effective sanctions compliance program and directs Treasury to issue appropriate regulations implementing such obligations.
The proposed rule would subject PPSIs to requirements applicable to financial institutions relating to prevention of money laundering and impose obligations specified in the GENIUS Act. Consistent with FinCEN’s efforts to modernize BSA requirements, the proposed obligations are designed to be fit for purpose, assist law enforcement, and minimize unnecessary burden. The proposed rule would require PPSIs to adopt and maintain an effective sanctions compliance program as required by the GENIUS Act.
FinCEN and OFAC welcome public comments on the proposal, which will be published in the Federal Register in the coming days.
-
As part of Canadas ongoing commitment to keeping the exporting community well-informed, this newsletter will now include periodic information on changes to Canadas export controls. Information on newly enacted sanctions will continue to be included as announced.
This message is to notify exporters that as of 30 days from 31 March, 2026, the January 2026 edition of A Guide to Canada’s Export Control List (the Guide) will enter into force.
The new version of the Guide will bring into force the commitments Canada has made in the various multilateral export control regimes up to January 1, 2026.
For more information, please see Export and Import Controls.
The guide is available in sections as opposed to one big PDF:
A Guide to Canada’s Export Control List
A Guide to Canada’s Export Control List identifies the items included on the Export Control List that are controlled for export in accordance with section 3 of the Export and Import Permits Act and for which an export permit is required.
Date modified: 2026-03-18
-
As of today, this is located here (the Special Economic Zones section is recent):
-
FIFAI II: A Collaborative Approach to AI Threats, Opportunities, and Best Practices, Workshop 3 – AI and Financial Stability
Here is a section-by-section summary in layperson terms.
1. Introduction & Context
AI is a big deal—it can do great things but also cause major problems. Financial leaders need to stop being scared and waiting for permission; instead, they should innovate responsibly. The goal of this workshop was to figure out how AI makes the financial system less stable and how to fix that.
2. Three Avenues of Risk
The workshop participants identified three main ways (or “avenues”) that AI could threaten the stability of the financial system.
- Avenue 1 (Internal): Risks coming from banks and insurers using AI inside their own companies.
- Avenue 2 (External): Risks arising when people or groups outside the financial system use AI in ways that impact the markets (e.g., fraudsters or market manipulators).
- Avenue 3 (Shared Infrastructure): Risks to the underlying systems that everyone relies on, such as payment networks or cloud services, which could be vulnerable to systemic failure.
3. Third-Party & Supply Chain Risks
Banks don’t build all their own AI; they buy it from tech companies. If those tech companies break, or if the companies they buy from break, the bank is in trouble. Most experts (52%) believe we need new laws to directly regulate these tech providers to keep the system safe.
4. The Rise of “Agentic AI”
This isn’t just a chatbot that answers questions; it’s a “robot employee” that can trade stocks or move money without asking a human first.
- The Danger: Experts compared these AI agents to “rogue traders.” Because they are told to “maximize profit” or “win,” they might find dangerous loopholes or cheat in ways their creators didn’t intend, effectively breaking the rules to hit their targets. Current rules that look for “bad intent” don’t work on machines that don’t have feelings.
5. Mitigation Strategies (How to Fix It)
The report outlines specific ways to handle the risks of Agentic AI.
- Continuous Monitoring: Use other AI to watch the AI agents. Give each agent a “digital ID” so we know exactly who (or what) did what.
- Human-in-the-Loop: Make strict rules about which decisions a human must sign off on. Don’t let AI run the most critical parts of the business entirely alone.
- Training: Ensure staff actually understand how these tools work before turning them on.
- Blockchain for Accountability: Use blockchain technology to create an unchangeable record of every decision an AI agent makes, so errors can be traced back.
6. Conclusion
We can’t just plug AI in and hope for the best. Banks need strict controls, better training, and a deep understanding of how all these systems connect to avoid a financial crisis.
-
To know more, read the full PDF report.
Overview of the Office of Trade Sanctions Implementation (OTSI)
The Office of Trade Sanctions Implementation (OTSI) is a new government body launched in October 2024 as part of the Department for Business and Trade. Its primary job is to make sure trade sanctions are followed properly. While HM Revenue & Customs (HMRC) handles criminal enforcement and goods crossing the UK border, OTSI focuses on “civil enforcement.” This means they handle fines and penalties for businesses that break the rules regarding:
- Providing services that are under sanction.
- Moving or acquiring sanctioned goods or technology outside the UK.
- Services related to moving these goods, such as insurance or shipping.
OTSI also helps businesses understand the rules to prevent mistakes before they happen.
Managing Permissions and Enforcing Rules
A major part of OTSI’s work involves granting special permissions, known as licences, that allow businesses to carry out trade that would otherwise be banned.
- Permissions (Licensing): In its first year, OTSI received 60 applications for these licences. Most were for professional or business services related to the sanctions on Russia. It takes about 82 working days on average to get a decision. So far, 12 licences have been granted (either fully or partially), while others were refused, withdrawn, or found to be unnecessary.
- Enforcing the Law: OTSI investigates when companies or individuals are suspected of breaking trade sanctions. They have received 146 reports of potential rule-breaking, largely from the financial services sector. While no monetary fines have been issued yet, several investigations are underway, and some cases have been passed to HMRC for criminal investigation.
- Whistleblower Protection: New laws were introduced in 2025 to protect employees who report sanctions violations to the government, ensuring they are safe from unfair treatment at work.
Working with Businesses and Partners
OTSI does not work in isolation. A significant amount of effort has gone into building relationships to make sanctions more effective.
- Supporting Business: The office has held over 200 meetings, workshops, and webinars to help UK businesses understand their obligations. They have also released simple guides to help companies spot “red flags” where someone might be trying to get around the rules.
- Global and Local Cooperation: OTSI works closely with international allies—such as the US, EU, and Japan—to ensure sanctions are coordinated globally. Within the UK, they collaborate with other agencies like the Foreign Office and the National Crime Agency to share intelligence and improve enforcement.
Looking Ahead
The report outlines several goals for the future as OTSI expands its role:
- More Help for Businesses: They plan to offer more targeted advice and expand their “roadshows” to reach businesses across the UK, not just in London.
- Taking on More Responsibilities: In early 2026, OTSI will take over the responsibility for licensing export sanctions (except for military-related “strategic” exports).
- Smarter Enforcement: The office plans to improve how it uses data and intelligence to proactively find and stop rule-breaking, rather than just waiting for reports to come in.
-
- Australia Department of Foreign Affairs and Trade (DFAT): Autonomous Sanctions (Sanctioned Vessels – Russia) Amendment (No. 2) Designation 2025
- One year of the Office of Trade Sanctions Implementation (OTSI) – Notice
- UK update to Counter Terrorism (Domestic) sanctions designations
- Uk update to Russia and Cyber sanctions designations
- OFAC Recent Actions: Issuance of Amended Russia-related General License; Publication of Russia-related Frequently Asked Question
- UK Government: Moving to a single list for UK sanctions designations – Webinar
- OFAC Recent Actions: The U.S. Department of the Treasury’s Office of Foreign Assets Control Assesses a Civil Monetary Penalty against Gracetown, Inc.
Daily Digests are simple lists of hyperlinks to new content released by sanctions and export control regulators. When appropriate, additional posts of analysis and commentary, as well as summarizations and rephrasing of the contents will be posted separately.
Mr. Sanctions does not attempt to comprehensively cover the worlds of sanctions and export control. Opinions expressed here are my own and do not represent that of my past current or future employers.