In April 2025, a timely memo titled “Ending Regulation Through Lawsuits” was released by the U.S. Department of Justice (DOJ). This quickly caught my attention, and I’m sure it caught everyone’s attention, because it was not only a new opinion, but also a significant change in direction. The DOJ has made it clear that it will not target crypto platforms for regulatory violations, but rather individuals committing serious crimes.
Their new priorities? Fraud, money laundering and terrorist financing.
Why these? The report says it all: these crimes are linked to organized crime and transnational criminal organizations.
How will this impact crypto security practices?
It seems that even the DOJ prioritizes crimes as well. The most pressing threats have been identified, allowing businesses and agencies to allocate resources accordingly.
That said, for European SMEs, understanding these priorities becomes essential. They navigate their regulatory frameworks and security measures while keeping an eye on the evolving landscape.
How can European SMEs prepare to avoid fines?
The DOJ’s recent actions and resulting prioritization may actually provide some guidance for European SMEs. Complying with existing regulations, such as the Anti-Money Laundering Directive (AMLD) and the Markets in Crypto-Assets (MiCA) Regulation, becomes even more essential.
This new memorandum suggests that companies that have robust systems in place will be well placed to avoid heavy fines.
What internal controls should be implemented?
What would these robust systems look like? They would include:
- Risk-based Know Your Customer (KYC) processes
- Anti-Money Laundering (AML) Policies
- An ability to submit Suspicious Activity Reports (SAR).
Implementing these controls is crucial. Not only is this a regulatory requirement, but it also directly addresses the threats outlined by the DOJ.
How to monitor crypto-related crimes?
Monitoring specific crime indicators will be essential. And again, the DOJ tells us which categories it will focus on: ransomware, ICO fraud, and terrorist financing.
Businesses need to improve their ability to recognize transaction patterns related to these activities.
How can businesses work with law enforcement?
Additionally, DOJ’s Computer Crime and Intellectual Property Section regularly works with industry stakeholders to provide guidance and training.
European SMEs can benefit from this model. Close collaboration with their national Financial Intelligence Units (FIUs) and other relevant authorities is essential to strengthen compliance efforts.
What are the implications of the DOJ’s actions for global crypto markets?
Finally, the implications of the DOJ’s actions against North Korean hackers cannot be overstated. The confiscation of $15.1 million in USDT is expected to send shock waves through the markets.
Illicit finance is not a sideshow here. It’s the main event now; and the DOJ is making it known.
I feel that as they continue their asset recovery and compliance efforts, companies better be prepared to improve their security measures and practices. This is becoming more and more a necessity.
